From: Yann E. MORIN <yann.morin.1998@free.fr>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH 5/5] package/glibc: bump to 2.27
Date: Mon, 5 Feb 2018 22:41:57 +0100 [thread overview]
Message-ID: <20180205214157.GC2806@scaer> (raw)
In-Reply-To: <20180205210150.ok3hhfucmxu3uz3l@tarshish>
Baruch, All,
On 2018-02-05 23:01 +0200, Baruch Siach spake thusly:
> On Mon, Feb 05, 2018 at 09:57:16PM +0100, Romain Naour wrote:
> > See: https://sourceware.org/ml/libc-announce/2018/msg00000.html
> > https://sourceware.org/glibc/wiki/Release/2.27
> Note that this is a security bump fixing CVE-2017-1000408, CVE-2017-1000409,
> CVE-2017-16997, CVE-2018-1000001, and CVE-2018-6485.
There are 10 CVE listed in the release annoucement mail, but you list
only five here. Why only those?
Do we want to list all the CVEs fixed in a release? And if we don't list
all, why do we even list only a subset?
I don't think we should, especially since the release mail is linked to
the commit log and has all the details.
Regards,
Yann E. MORIN.
> > Add hash files
>
> You mean license files hash, right?
>
> baruch
>
> > Signed-off-by: Romain Naour <romain.naour@gmail.com>
> > ---
> > package/glibc/glibc.hash | 6 +++++-
> > package/glibc/glibc.mk | 2 +-
> > 2 files changed, 6 insertions(+), 2 deletions(-)
> >
> > diff --git a/package/glibc/glibc.hash b/package/glibc/glibc.hash
> > index f3a6577d2a..86d3bb56dd 100644
> > --- a/package/glibc/glibc.hash
> > +++ b/package/glibc/glibc.hash
> > @@ -1,4 +1,8 @@
> > # Locally calculated (fetched from Github)
> > -sha256 0766875391224153502c5542a71b6e46db53b44691078b3130e1a0df41586430 glibc-glibc-2.26-107-g73a92363619e52c458146e903dfb9b1ba823aa40.tar.gz
> > +sha256 a74489d14f4017bee6a6c6fe76f1de0dbf7d66c8695116de5aadd141c4757892 glibc-glibc-2.27.tar.gz
> > # Locally calculated (fetched from Github)
> > sha256 5aa9adeac09727db0b8a52794186563771e74d70410e9fd86431e339953fd4bb glibc-arc-2017.09-release.tar.gz
> > +
> > +sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
> > +sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING.LIB
> > +sha256 61abdd6930c9c599062d89e916b3e7968783879b6be0ee1c6229dd6169def431 LICENSES
> > diff --git a/package/glibc/glibc.mk b/package/glibc/glibc.mk
> > index cf4bdec065..b674191b22 100644
> > --- a/package/glibc/glibc.mk
> > +++ b/package/glibc/glibc.mk
> > @@ -10,7 +10,7 @@ GLIBC_SITE = $(call github,foss-for-synopsys-dwc-arc-processors,glibc,$(GLIBC_VE
> > else
> > # Generate version string using:
> > # git describe --match 'glibc-*' --abbrev=40 origin/release/MAJOR.MINOR/master
> > -GLIBC_VERSION = glibc-2.26-107-g73a92363619e52c458146e903dfb9b1ba823aa40
> > +GLIBC_VERSION = glibc-2.27
> > # Upstream doesn't officially provide an https download link.
> > # There is one (https://sourceware.org/git/glibc.git) but it's not reliable,
> > # sometimes the connection times out. So use an unofficial github mirror.
>
> --
> http://baruch.siach.name/blog/ ~. .~ Tk Open Systems
> =}------------------------------------------------ooO--U--Ooo------------{=
> - baruch at tkos.co.il - tel: +972.52.368.4656, http://www.tkos.co.il -
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 223 225 172 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
next prev parent reply other threads:[~2018-02-05 21:41 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-05 20:57 [Buildroot] [PATCH 1/5] package/x11r7/xlib_libxshmfence: fix build with glibc 2.27 Romain Naour
2018-02-05 20:57 ` [Buildroot] [PATCH 2/5] package/pulseaudio: only define memfd_create() if not already defined Romain Naour
2018-02-05 20:57 ` [Buildroot] [PATCH 3/5] package/libraw: rename internal powf64 Romain Naour
2018-02-05 20:57 ` [Buildroot] [PATCH 4/5] package/glibc: remove GLIBC_SRC_SUBDIR Romain Naour
2018-02-05 21:27 ` Yann E. MORIN
2018-02-05 20:57 ` [Buildroot] [PATCH 5/5] package/glibc: bump to 2.27 Romain Naour
2018-02-05 21:01 ` Baruch Siach
2018-02-05 21:16 ` Romain Naour
2018-02-05 21:41 ` Yann E. MORIN [this message]
2018-02-05 23:32 ` Peter Korsgaard
2018-02-06 4:15 ` Baruch Siach
2018-02-06 8:18 ` Arnout Vandecappelle
2018-02-06 10:50 ` Baruch Siach
2018-02-06 12:38 ` Arnout Vandecappelle
2018-02-06 13:44 ` Peter Korsgaard
2018-02-06 13:46 ` Baruch Siach
2018-02-06 14:41 ` Peter Korsgaard
2018-02-06 16:40 ` Baruch Siach
2018-02-05 21:08 ` [Buildroot] [PATCH 1/5] package/x11r7/xlib_libxshmfence: fix build with glibc 2.27 Yann E. MORIN
2018-02-06 12:43 ` Thomas Petazzoni
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180205214157.GC2806@scaer \
--to=yann.morin.1998@free.fr \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.