ref:
- https://github.com/bminor/glibc/commits/release/2.38/master
- https://github.com/bminor/glibc/blob/release/2.38/master/NEWS
Security related changes:
CVE-2023-4527: If the system is configured in no-aaaa mode via
/etc/resolv.conf, getaddrinfo is called for the AF_UNSPEC address
family, and a DNS response is received over TCP that is larger than
2048 bytes, getaddrinfo may potentially disclose stack contents via
the returned address data, or crash.
CVE-2023-4806: When an NSS plugin only implements the
_gethostbyname2_r and _getcanonname_r callbacks, getaddrinfo could use
memory that was freed during buffer resizing, potentially causing a
crash or read or write to arbitrary memory.
CVE-2023-5156: The fix for CVE-2023-4806 introduced a memory leak when
an application calls getaddrinfo for AF_INET6 with AI_CANONNAME,
AI_ALL and AI_V4MAPPED flags set.
CVE-2023-4911: If a tunable of the form NAME=NAME=VAL is passed in the
environment of a setuid program and NAME is valid, it may result in a
buffer overflow, which could be exploited to achieve escalated
privileges. This flaw was introduced in glibc 2.34.
The following bugs are resolved with this release:
[30723] posix_memalign repeatedly scans long bin lists
[30789] sem_open will fail on multithreaded scenarios when semaphore
file doesn't exist (O_CREAT)
[30804] F_GETLK, F_SETLK, and F_SETLKW value change for powerpc64 with
-D_FILE_OFFSET_BITS=64
[30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527)
glibc has minimal dependencies so only bfd and gold linkers from
binutils are available.
As glibc doesn't link with gold set bfd as the preferred linker
to prevent linking with gold or any other linker.
Signed-off-by: Matthias Reichl <hias@horus.com>
Support for DT_RELR relative relocation format has been added to
glibc. This is a new ELF dynamic tag that improves the size of
relative relocations in shared object files and position independent
executables (PIE). DT_RELR generation requires linker support for
-z pack-relative-relocs option, which is supported for some targets
in recent binutils versions. Lazy binding doesn't apply to DT_RELR.
further information:
- https://maskray.me/blog/2021-10-31-relative-relocations-and-relr#glibc
These are relics of an ancient past and are no longer needed
nowadays - thus no one noticed the ld.so symlink was broken,
pointing to 'ld-*.so'.
So let's just get rid of it.
Signed-off-by: Matthias Reichl <hias@horus.com>
Drop --enable-lock-elision. Always enabled since 2017.
Disable building with Werror. Building currently generates
warnings that instead halt the build.
Signed-off-by: Ian Leonard <antonlacon@gmail.com>
required to address following error:
aclocal.m4:6: error: Exactly version 2.69 of Autoconf is required but you have 2.71
aclocal.m4:6: the top level
autom4te: error: toolchain/bin/m4 failed with exit status: 63
Normally locale addon must be installed but users don't know that. Simplify this with adding default C.UTF-8 locale in image. Users can still install addon to use some other locale.
fixes Python3 error
UnicodeEncodeError: 'ascii' codec can't encode characters in position 40-41: ordinal not in range(128)
like
https://github.com/croneter/PlexKodiConnect/issues/1447https://forum.libreelec.tv/thread/23116-pvr-recorder-unsuppored-locale/?postID=147453
from Kodi Python
before
sys.getdefaultencoding(): utf-8
sys.getfilesystemencoding(): ascii
after
sys.getdefaultencoding(): utf-8
sys.getfilesystemencoding(): utf-8
from SSH console
before
# locale
LANG=
LC_CTYPE="POSIX"
LC_NUMERIC="POSIX"
LC_TIME="POSIX"
LC_COLLATE="POSIX"
LC_MONETARY="POSIX"
LC_MESSAGES="POSIX"
LC_PAPER="POSIX"
LC_NAME="POSIX"
LC_ADDRESS="POSIX"
LC_TELEPHONE="POSIX"
LC_MEASUREMENT="POSIX"
LC_IDENTIFICATION="POSIX"
LC_ALL=
after
# locale
LANG=C.UTF-8
LC_CTYPE="C.UTF-8"
LC_NUMERIC="C.UTF-8"
LC_TIME="C.UTF-8"
LC_COLLATE="C.UTF-8"
LC_MONETARY="C.UTF-8"
LC_MESSAGES="C.UTF-8"
LC_PAPER="C.UTF-8"
LC_NAME="C.UTF-8"
LC_ADDRESS="C.UTF-8"
LC_TELEPHONE="C.UTF-8"
LC_MEASUREMENT="C.UTF-8"
LC_IDENTIFICATION="C.UTF-8"
LC_ALL=
Move variable assignments into configure_package() if the assignments
depend on variables initialised after the package is sourced, ie.
$PKG_BUILD, $PKG_SOURCE_NAME etc.
