From: akuster808 <akuster808@gmail.com>
To: openembedded-devel@lists.openembedded.org,
Patches and discussions about the oe-core layer
<openembedded-core@lists.openembedded.org>,
Yocto Project <yocto@yoctoproject.org>
Subject: Re: [RFT] Glibc 2.23 and binutils 2.26
Date: Thu, 21 Jan 2016 17:28:54 -0800 [thread overview]
Message-ID: <56A185D6.8030502@gmail.com> (raw)
In-Reply-To: <2747032A-1F56-4CA6-860C-484B9292A0B5@gmail.com>
On 01/17/2016 03:54 AM, Khem Raj wrote:
> Hi all
>
> upstream glibc and binutils release branches have been cut out and are being made ready for next release
> I have put together update patchset for both of them
>
> here are the branches
>
> https://github.com/kraj/openembedded-core/tree/kraj/binutils-2.26
> https://github.com/kraj/openembedded-core/tree/kraj/glibc-2.23
Several Security fixes will be included in glibc-2.23 update.
https://bugzilla.yoctoproject.org/show_bug.cgi?id=8980
CVE-2015-8776 - Passing out of range data to strftime() causes a segfault
https://sourceware.org/bugzilla/show_bug.cgi?id=18985
CVE-2015-8777 - LD_POINTER_GUARD is not ignored for privileged binaries
https://sourceware.org/bugzilla/show_bug.cgi?id=18928
CVE-2015-8778 - hcreate((size_t)-1) should fail with ENOMEM
https://sourceware.org/bugzilla/show_bug.cgi?id=18240
CVE-2014-9761 - nan function unbounded stack allocation
https://sourceware.org/bugzilla/show_bug.cgi?id=16962
CVE-2015-8779 - catopen() Multiple unbounded stack allocations
https://sourceware.org/bugzilla/show_bug.cgi?id=17905
>
> FYI These are still using autorev to ensure that we test tip of release branches
>
> Please give them a shot in your environments and report any issues you encounter.
BTW, Mips64 Octeon3 works fine. Aarch64 qemu boot tested.
- Armin
>
> Thanks for help
>
> -Khem
>
>
>
>
>
WARNING: multiple messages have this Message-ID (diff)
From: akuster808 <akuster808@gmail.com>
To: openembedded-devel@lists.openembedded.org,
Patches and discussions about the oe-core layer
<openembedded-core@lists.openembedded.org>,
Yocto Project <yocto@yoctoproject.org>
Subject: Re: [oe] [RFT] Glibc 2.23 and binutils 2.26
Date: Thu, 21 Jan 2016 17:28:54 -0800 [thread overview]
Message-ID: <56A185D6.8030502@gmail.com> (raw)
In-Reply-To: <2747032A-1F56-4CA6-860C-484B9292A0B5@gmail.com>
On 01/17/2016 03:54 AM, Khem Raj wrote:
> Hi all
>
> upstream glibc and binutils release branches have been cut out and are being made ready for next release
> I have put together update patchset for both of them
>
> here are the branches
>
> https://github.com/kraj/openembedded-core/tree/kraj/binutils-2.26
> https://github.com/kraj/openembedded-core/tree/kraj/glibc-2.23
Several Security fixes will be included in glibc-2.23 update.
https://bugzilla.yoctoproject.org/show_bug.cgi?id=8980
CVE-2015-8776 - Passing out of range data to strftime() causes a segfault
https://sourceware.org/bugzilla/show_bug.cgi?id=18985
CVE-2015-8777 - LD_POINTER_GUARD is not ignored for privileged binaries
https://sourceware.org/bugzilla/show_bug.cgi?id=18928
CVE-2015-8778 - hcreate((size_t)-1) should fail with ENOMEM
https://sourceware.org/bugzilla/show_bug.cgi?id=18240
CVE-2014-9761 - nan function unbounded stack allocation
https://sourceware.org/bugzilla/show_bug.cgi?id=16962
CVE-2015-8779 - catopen() Multiple unbounded stack allocations
https://sourceware.org/bugzilla/show_bug.cgi?id=17905
>
> FYI These are still using autorev to ensure that we test tip of release branches
>
> Please give them a shot in your environments and report any issues you encounter.
BTW, Mips64 Octeon3 works fine. Aarch64 qemu boot tested.
- Armin
>
> Thanks for help
>
> -Khem
>
>
>
>
>
next prev parent reply other threads:[~2016-01-22 1:28 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-17 11:54 [RFT] Glibc 2.23 and binutils 2.26 Khem Raj
2016-01-22 1:28 ` akuster808 [this message]
2016-01-22 1:28 ` [oe] " akuster808
2016-01-27 2:11 ` ChenQi
2016-01-27 2:11 ` [oe] " ChenQi
2016-01-27 5:30 ` Khem Raj
2016-01-27 5:30 ` [oe] " Khem Raj
2016-01-29 14:14 ` Alexander Kanavin
2016-01-29 14:44 ` Khem Raj
2016-01-31 8:32 ` Richard Purdie
2016-01-31 8:53 ` Khem Raj
2016-02-01 9:12 ` Richard Purdie
2016-02-01 17:02 ` Khem Raj
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56A185D6.8030502@gmail.com \
--to=akuster808@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
--cc=openembedded-devel@lists.openembedded.org \
--cc=yocto@yoctoproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.