diff options
Diffstat (limited to 'meta/recipes-core/glibc/glibc_2.35.bb')
-rw-r--r-- | meta/recipes-core/glibc/glibc_2.35.bb | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc_2.35.bb b/meta/recipes-core/glibc/glibc_2.35.bb index 96fe39c548..74d7f753d8 100644 --- a/meta/recipes-core/glibc/glibc_2.35.bb +++ b/meta/recipes-core/glibc/glibc_2.35.bb @@ -16,6 +16,16 @@ CVE_CHECK_IGNORE += "CVE-2019-1010022 CVE-2019-1010023 CVE-2019-1010024" # Potential patch at https://sourceware.org/bugzilla/show_bug.cgi?id=22853 CVE_CHECK_IGNORE += "CVE-2019-1010025" +# glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4527 +# This vulnerability was introduced in 2.36 by commit +# f282cdbe7f436c75864e5640a409a10485e9abb2 resolv: Implement no-aaaa stub resolver option +# so our version is not yet vulnerable +# See https://sourceware.org/bugzilla/show_bug.cgi?id=30842 +CVE_CHECK_IGNORE += "CVE-2023-4527" + +# To avoid these in cve-check reports since the recipe version did not change +CVE_CHECK_IGNORE += "CVE-2023-0687 CVE-2023-4813 CVE-2023-4806 CVE-2023-4911 CVE-2023-5156 CVE-2024-2961" + DEPENDS += "gperf-native bison-native" NATIVESDKFIXES ?= "" @@ -48,6 +58,9 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \ file://0022-sysdeps-gnu-configure.ac-Set-libc_cv_rootsbindir-onl.patch \ file://0023-timezone-Make-shell-interpreter-overridable-in-tzsel.patch \ file://0024-fix-create-thread-failed-in-unprivileged-process-BZ-.patch \ + \ + file://0001-Revert-Linux-Implement-a-useful-version-of-_startup_.patch \ + file://0002-get_nscd_addresses-Fix-subscript-typos-BZ-29605.patch \ " S = "${WORKDIR}/git" B = "${WORKDIR}/build-${TARGET_SYS}" |