diff options
author | Eric Hameleers <alien@slackware.com> | 2017-07-01 08:57:49 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2017-07-01 08:57:49 +0000 |
commit | ca9e4fed7c2dd53abc55398b083c58876d5648dd (patch) | |
tree | 48ba2b37730ccba58044a1a9c6729f196c46cb61 /source/current | |
parent | db817e568414ff90e27aac552009516f3803fde9 (diff) | |
download | multilib-ca9e4fed7c2dd53abc55398b083c58876d5648dd.tar.gz multilib-ca9e4fed7c2dd53abc55398b083c58876d5648dd.tar.xz |
Applied upstream security hardening patches from git.
Diffstat (limited to 'source/current')
-rwxr-xr-x | source/current/glibc/glibc-multilib.SlackBuild | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/source/current/glibc/glibc-multilib.SlackBuild b/source/current/glibc/glibc-multilib.SlackBuild index 9538358..f670782 100755 --- a/source/current/glibc/glibc-multilib.SlackBuild +++ b/source/current/glibc/glibc-multilib.SlackBuild @@ -30,7 +30,7 @@ VERSION=${VERSION:-2.25} CHECKOUT=${CHECKOUT:-""} -BUILD=${BUILD:-2alien} +BUILD=${BUILD:-3alien} # I was considering disabling NSCD, but MoZes talked me out of it. :) #DISABLE_NSCD=" --disable-nscd " @@ -167,6 +167,12 @@ apply_patches() { # Revert patches that cause spurious warnings about IFUNC symbols: zcat $CWD/glibc.IFUNC.i386.revert.diff.gz | patch -p1 --verbose || exit 1 zcat $CWD/glibc.IFUNC.x86_64.revert.diff.gz | patch -p1 --verbose || exit 1 + # Upstream git patches for security hardening (CVE-2017-1000366): + zcat $CWD/glibc.3776f38f.diff.gz | patch -p1 --verbose || exit 1 + zcat $CWD/glibc.46703a39.diff.gz | patch -p1 --verbose || exit 1 + zcat $CWD/glibc.CVE-2017-1000366.3c7cd212.diff.gz | patch -p1 --verbose || exit 1 + zcat $CWD/glibc.adc7e06f.diff.gz | patch -p1 --verbose || exit 1 + zcat $CWD/glibc.c69d4a0f.diff.gz | patch -p1 --verbose || exit 1 if [ $BOOTSTRP -eq 1 ] ; then # Multilib - Disable check for forced unwind (Patch from eglibc) since we # do not have a multilib glibc yet to link to; |