glibc: CVE-2015-8777.patch

The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable. (From OE-Core rev: bc51411d2edda908cbef733066d78a986dfec0c0) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Armin Kuster <akuster@mvista.com> 2016-01-22 20:13:00 -0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2016-02-18 07:37:49 +0000
commit: aefe1fadfa041673360ad31901655ead70c32d75 (patch)
tree: c6534b47422af14cc477b1292a6e3579e3b69b5f /meta/recipes-core/glibc/glibc_2.22.bb
parent: 152914f2983c5d69001de1d46ce99547fa1e75fe (diff)
download: openembedded-core-contrib-aefe1fadfa041673360ad31901655ead70c32d75.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc_2.22.bb b/meta/recipes-core/glibc/glibc_2.22.bb
index eeb97422f0..c828310586 100644
--- a/meta/recipes-core/glibc/glibc_2.22.bb
+++ b/meta/recipes-core/glibc/glibc_2.22.bb
@@ -43,6 +43,7 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
            file://0028-Clear-ELF_RTYPE_CLASS_EXTERN_PROTECTED_DATA-for-prel.patch \
            file://strcoll-Remove-incorrect-STRDIFF-based-optimization-.patch \
            file://0029-fix-getmntent-empty-lines.patch \
+           file://CVE-2015-8777.patch \
 "
 
 SRC_URI += "\
author	Armin Kuster <akuster@mvista.com>	2016-01-22 20:13:00 -0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2016-02-18 07:37:49 +0000
commit	aefe1fadfa041673360ad31901655ead70c32d75 (patch)
tree	c6534b47422af14cc477b1292a6e3579e3b69b5f /meta/recipes-core/glibc/glibc_2.22.bb
parent	152914f2983c5d69001de1d46ce99547fa1e75fe (diff)
download	openembedded-core-contrib-aefe1fadfa041673360ad31901655ead70c32d75.tar.gz