Compare commits
27 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
ad1a353378 | ||
|
55304e7036 | ||
|
676ad9ab98 | ||
|
cfa5cfd56f | ||
|
a2bbe283f4 | ||
|
ad163810f2 | ||
|
07eee66da3 | ||
|
646364078f | ||
|
a899894f5e | ||
|
085d92e0c5 | ||
|
4a55c418ef | ||
|
139db7fbe4 | ||
|
3fb675bb3f | ||
|
7ef14d54fb | ||
|
f60aa2d629 | ||
|
f4db47775a | ||
|
9cf951ff99 | ||
|
f02067f353 | ||
|
d61fdfcf3b | ||
|
56389beda5 | ||
|
1d9b8cb932 | ||
|
0f87ab5452 | ||
|
2960472177 | ||
|
5cf10b5a9a | ||
|
4b8ee3b95b | ||
|
b9d3cdc0e8 | ||
|
00779c7114 |
97
STAGE1-glibc
Normal file
97
STAGE1-glibc
Normal file
@ -0,0 +1,97 @@
|
||||
srpm glibc
|
||||
|
||||
# setup glibc
|
||||
# This path MUST be relative, not absolute
|
||||
GV=$(cd $SRC; echo glibc-2*)
|
||||
|
||||
if [ "$TARGET_ARCH" == "armv7hl" ]; then
|
||||
# rtkaio not supported on ARM
|
||||
rm -rf $SRC/$GV/rtkaio
|
||||
fi
|
||||
|
||||
GLIBCARGS="--prefix=/usr
|
||||
--with-headers=$ROOTFS/usr/include
|
||||
--enable-kernel=2.6.32
|
||||
--enable-bind-now
|
||||
--build $BUILD
|
||||
--host $TARGET
|
||||
--disable-profile
|
||||
--cache-file=config.cache
|
||||
--without-cvs
|
||||
--with-elf
|
||||
--without-gd
|
||||
--disable-sanity-checks
|
||||
--with-tls
|
||||
--with-__thread
|
||||
--enable-obsolete-rpc
|
||||
"
|
||||
|
||||
mcd $BUILDDIR/glibc
|
||||
|
||||
# prefill glibc cache
|
||||
echo libc_cv_forced_unwind=yes > config.cache
|
||||
echo libc_cv_c_cleanup=yes >> config.cache
|
||||
#echo libc_cv_ctors_header=yes >> config.cache
|
||||
echo ac_cv_header_cpuid_h=yes >> config.cache
|
||||
echo libc_cv_gcc_builtin_expect=yes >> config.cache
|
||||
|
||||
$SRC/$GV/configure $GLIBCARGS
|
||||
notparallel
|
||||
make $J ARCH=${KARCH} BUILD_CC=gcc cross-compiling=yes
|
||||
make DESTDIR=$ROOTFS $J ARCH=${KARCH} BUILD_CC=gcc cross-compiling=yes install
|
||||
|
||||
( cd $ROOTFS/usr/include/bits
|
||||
sed '/ifndef.*NO_LONG_DOUBLE/,/#endif/d' < mathdef.h > mathdef.h.new
|
||||
mv mathdef.h.new mathdef.h
|
||||
)
|
||||
|
||||
# 32-bit multilib libgcc needs 32-bit headers
|
||||
if [ ! "$TARGET32" = "" ]; then
|
||||
|
||||
old_CC=$CC
|
||||
old_CXX=$CC
|
||||
export CC="$TARGET-gcc -m32"
|
||||
export CXX="$TARGET-g++ -m32"
|
||||
|
||||
GLIBCARGS="--prefix=/usr
|
||||
--with-headers=$ROOTFS/usr/include
|
||||
--enable-kernel=2.6.32
|
||||
--enable-bind-now
|
||||
--build $BUILD
|
||||
--host $TARGET32
|
||||
--disable-profile
|
||||
--cache-file=config.cache
|
||||
--without-cvs
|
||||
--with-elf
|
||||
--without-gd
|
||||
--disable-sanity-checks
|
||||
--with-tls
|
||||
--with-__thread
|
||||
--enable-obsolete-rpc
|
||||
"
|
||||
|
||||
mcd $BUILDDIR/glibc32
|
||||
|
||||
# prefill glibc cache
|
||||
echo libc_cv_forced_unwind=yes > config.cache
|
||||
echo libc_cv_c_cleanup=yes >> config.cache
|
||||
echo libc_cv_ctors_header=yes >> config.cache
|
||||
echo ac_cv_header_cpuid_h=yes >> config.cache
|
||||
echo libc_cv_gcc_builtin_expect=yes >> config.cache
|
||||
|
||||
$SRC/$GV/configure $GLIBCARGS
|
||||
notparallel
|
||||
make $J ARCH=${KARCH} BUILD_CC=gcc cross-compiling=yes
|
||||
make DESTDIR=$ROOTFS $J ARCH=${KARCH} BUILD_CC=gcc cross-compiling=yes install
|
||||
|
||||
( cd $ROOTFS/usr/include/bits
|
||||
sed '/ifndef.*NO_LONG_DOUBLE/,/#endif/d' < mathdef.h > mathdef.h.new
|
||||
mv mathdef.h.new mathdef.h
|
||||
)
|
||||
|
||||
CC=$old_CC
|
||||
CXX=$old_CXX
|
||||
export $CC
|
||||
export $CXX
|
||||
|
||||
fi
|
117
STAGE1-glibc-headers
Normal file
117
STAGE1-glibc-headers
Normal file
@ -0,0 +1,117 @@
|
||||
set -vx
|
||||
srpm glibc
|
||||
|
||||
# setup glibc
|
||||
# This path MUST be relative, not absolute
|
||||
GV=$(cd $SRC; echo glibc-2*)
|
||||
GLIBCARGS="--prefix=/usr
|
||||
--with-headers=$ROOTFS/usr/include
|
||||
--enable-kernel=2.6.32
|
||||
--enable-bind-now
|
||||
--build $BUILD
|
||||
--host $TARGET
|
||||
--disable-profile
|
||||
--cache-file=config.cache
|
||||
--without-cvs
|
||||
--with-elf
|
||||
--without-gd
|
||||
--disable-sanity-checks
|
||||
--with-tls
|
||||
--with-__thread
|
||||
--enable-obsolete-rpc
|
||||
"
|
||||
|
||||
mcd $BUILDDIR/glibc-stage1
|
||||
|
||||
# prefill glibc cache
|
||||
echo libc_cv_forced_unwind=yes > config.cache
|
||||
echo libc_cv_c_cleanup=yes >> config.cache
|
||||
#echo libc_cv_ctors_header=yes >> config.cache
|
||||
echo ac_cv_header_cpuid_h=yes >> config.cache
|
||||
echo libc_cv_gcc_builtin_expect=yes >> config.cache
|
||||
|
||||
$SRC/$GV/configure $GLIBCARGS
|
||||
notparallel
|
||||
make DESTDIR=$ROOTFS $J ARCH=${KARCH} BUILD_CC=gcc cross-compiling=yes install-headers
|
||||
touch $ROOTFS/usr/include/gnu/stubs.h
|
||||
touch $ROOTFS/usr/include/bits/stdio_lim.h
|
||||
|
||||
( cd $ROOTFS/usr/include/bits
|
||||
sed '/ifndef.*NO_LONG_DOUBLE/,/#endif/d' < mathdef.h > mathdef.h.new
|
||||
mv mathdef.h.new mathdef.h
|
||||
)
|
||||
|
||||
# We also build just enough files to link libgcc.so. The fake
|
||||
# libc.so will never actually get used, but simplifies the boostrap.
|
||||
make $J ARCH=${KARCH} BUILD_CC=gcc cross-compiling=yes csu/subdir_lib
|
||||
|
||||
mkdirp $ROOTFS/usr/lib${SUFFIX}
|
||||
for file in `cd csu; echo crt*.o`; do
|
||||
echo "" | $TARGET-as -o $ROOTFS/usr/lib${SUFFIX}/$file
|
||||
done
|
||||
$TARGET-gcc -nostdlib -nostartfiles -shared -x c /dev/null\
|
||||
-o $ROOTFS/usr/lib${SUFFIX}/libc.so
|
||||
|
||||
|
||||
# 32-bit multilib libgcc needs stub 32-bit libraries
|
||||
if [ ! "$TARGET32" = "" ]; then
|
||||
|
||||
old_CC=$CC
|
||||
old_CXX=$CC
|
||||
export CC="$TARGET-gcc -m32"
|
||||
export CXX="$TARGET-g++ -m32"
|
||||
|
||||
# setup 32-bit glibc headers
|
||||
GLIBCARGS="--prefix=/usr
|
||||
--with-headers=$ROOTFS/usr/include
|
||||
--enable-kernel=2.6.32
|
||||
--enable-bind-now
|
||||
--build $BUILD
|
||||
--host $TARGET32
|
||||
--disable-profile
|
||||
--cache-file=config.cache
|
||||
--without-cvs
|
||||
--with-elf
|
||||
--without-gd
|
||||
--disable-sanity-checks
|
||||
--with-tls
|
||||
--with-__thread
|
||||
--enable-obsolete-rpc
|
||||
"
|
||||
|
||||
mcd $BUILDDIR/glibc32-stage1
|
||||
|
||||
# prefill glibc cache
|
||||
echo libc_cv_forced_unwind=yes > config.cache
|
||||
echo libc_cv_c_cleanup=yes >> config.cache
|
||||
#echo libc_cv_ctors_header=yes >> config.cache
|
||||
echo ac_cv_header_cpuid_h=yes >> config.cache
|
||||
echo libc_cv_gcc_builtin_expect=yes >> config.cache
|
||||
|
||||
$SRC/$GV/configure $GLIBCARGS
|
||||
notparallel
|
||||
make DESTDIR=$ROOTFS $J ARCH=${KARCH} BUILD_CC=gcc cross-compiling=yes install-headers
|
||||
touch $ROOTFS/usr/include/gnu/stubs.h
|
||||
touch $ROOTFS/usr/include/bits/stdio_lim.h
|
||||
|
||||
( cd $ROOTFS/usr/include/bits
|
||||
sed '/ifndef.*NO_LONG_DOUBLE/,/#endif/d' < mathdef.h > mathdef.h.new
|
||||
mv mathdef.h.new mathdef.h
|
||||
)
|
||||
|
||||
# We also build just enough files to link libgcc.so. The fake
|
||||
# libc.so will never actually get used, but simplifies the boostrap.
|
||||
make $J ARCH=${KARCH} BUILD_CC=gcc cross-compiling=yes csu/subdir_lib
|
||||
|
||||
mkdirp $ROOTFS/usr/lib
|
||||
for file in `cd csu; echo crt*.o`; do
|
||||
echo "" | $TARGET-as --32 -o $ROOTFS/usr/lib/$file
|
||||
done
|
||||
$CC -m32 -nostdlib -nostartfiles -shared -x c /dev/null\
|
||||
-o $ROOTFS/usr/lib/libc.so
|
||||
|
||||
CC=$old_CC
|
||||
CXX=$old_CXX
|
||||
export $CC
|
||||
export $CXX
|
||||
fi
|
22
glibc-disable-rwlock-elision.patch
Normal file
22
glibc-disable-rwlock-elision.patch
Normal file
@ -0,0 +1,22 @@
|
||||
diff -urN glibc-2.20.mod/sysdeps/unix/sysv/linux/x86/elision-conf.c glibc-2.20/sysdeps/unix/sysv/linux/x86/elision-conf.c
|
||||
--- glibc-2.20.mod/sysdeps/unix/sysv/linux/x86/elision-conf.c 2014-09-27 00:25:46.443462345 -0400
|
||||
+++ glibc-2.20/sysdeps/unix/sysv/linux/x86/elision-conf.c 2014-09-27 00:29:53.586615813 -0400
|
||||
@@ -62,12 +62,16 @@
|
||||
char **argv __attribute__ ((unused)),
|
||||
char **environ)
|
||||
{
|
||||
- __elision_available = HAS_RTM;
|
||||
#ifdef ENABLE_LOCK_ELISION
|
||||
+ __elision_available = HAS_RTM;
|
||||
__pthread_force_elision = __libc_enable_secure ? 0 : __elision_available;
|
||||
-#endif
|
||||
if (!HAS_RTM)
|
||||
__elision_aconf.retry_try_xbegin = 0; /* Disable elision on rwlocks */
|
||||
+#else
|
||||
+ __elision_available = 0;
|
||||
+ __pthread_force_elision = 0;
|
||||
+ __elision_aconf.retry_try_xbegin = 0;
|
||||
+#endif
|
||||
}
|
||||
|
||||
#ifdef SHARED
|
@ -1,36 +1,48 @@
|
||||
From 0998aff9be4f0a25b7a822c4f28e832d367977c6 Mon Sep 17 00:00:00 2001
|
||||
From: Siddhesh Poyarekar <siddhesh@redhat.com>
|
||||
Date: Wed, 13 Aug 2014 23:28:18 +0530
|
||||
Subject: [PATCH] Revert to defining __extern_inline only for gcc-4.3+
|
||||
commit 884ddc5081278f488ef8cd49951f41cfdbb480ce
|
||||
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
|
||||
Date: Tue Sep 16 14:08:48 2014 +0530
|
||||
|
||||
The check for only __GNUC_STDC_INLINE__ and __GNUC_GNU_INLINE__ may
|
||||
not be sufficient since those flags were added during initial support
|
||||
for C99 inlining semantics. There is also a problem with always
|
||||
defining __extern_inline and __extern_always_inline, since it enables
|
||||
inline wrapper functions even when GNU inlining semantics are not
|
||||
guaranteed. This, along with the possibility of such wrappers using
|
||||
redirection (btowc for example) could result in compiler generating an
|
||||
infinitely recusrive call to the function.
|
||||
Revert to defining __extern_inline only for gcc-4.3+ (BZ #17266)
|
||||
|
||||
In fact it was such a recursion that led to this code being written
|
||||
the way it was; see:
|
||||
The check for only __GNUC_STDC_INLINE__ and __GNUC_GNU_INLINE__ may
|
||||
not be sufficient since those flags were added during initial support
|
||||
for C99 inlining semantics. There is also a problem with always
|
||||
defining __extern_inline and __extern_always_inline, since it enables
|
||||
inline wrapper functions even when GNU inlining semantics are not
|
||||
guaranteed. This, along with the possibility of such wrappers using
|
||||
redirection (btowc for example) could result in compiler generating an
|
||||
infinitely recusrive call to the function.
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=186410
|
||||
In fact it was such a recursion that led to this code being written
|
||||
the way it was; see:
|
||||
|
||||
The initial change was to fix bugs 14530 and 13741, but they can be
|
||||
resolved by checking if __fortify_function and/or
|
||||
__extern_always_inline are defined, as it has been done in this patch.
|
||||
In addition, I have audited uses of __extern_always_inline to make
|
||||
sure that none of the uses result in compilation errors.
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=186410
|
||||
|
||||
There is however a regression in this patch for llvm, since it reverts
|
||||
the llvm expectation that __GNUC_STDC_INLINE__ or __GNUC_GNU_INLINE__
|
||||
definition imply proper extern inline semantics.
|
||||
---
|
||||
libio/stdio.h | 2 +-
|
||||
math/bits/math-finite.h | 8 +++++---
|
||||
misc/sys/cdefs.h | 18 ++++++++----------
|
||||
3 files changed, 14 insertions(+), 14 deletions(-)
|
||||
The initial change was to fix bugs 14530 and 13741, but they can be
|
||||
resolved by checking if __fortify_function and/or
|
||||
__extern_always_inline are defined, as it has been done in this patch.
|
||||
In addition, I have audited uses of __extern_always_inline to make
|
||||
sure that none of the uses result in compilation errors.
|
||||
|
||||
There is however a regression in this patch for llvm, since it reverts
|
||||
the llvm expectation that __GNUC_STDC_INLINE__ or __GNUC_GNU_INLINE__
|
||||
definition imply proper extern inline semantics.
|
||||
|
||||
2014-09-16 Siddhesh Poyarekar <siddhesh@redhat.com>
|
||||
Jakub Jelinek <jakub@redhat.com>
|
||||
|
||||
[BZ #17266]
|
||||
* libio/stdio.h: Check definition of __fortify_function
|
||||
instead of __extern_always_inline to include bits/stdio2.h.
|
||||
* math/bits/math-finite.h [__USE_XOPEN || __USE_ISOC99]: Also
|
||||
check if __extern_always_inline is defined.
|
||||
[__USE_MISC || __USE_XOPEN]: Likewise.
|
||||
[__USE_ISOC99] Likewise.
|
||||
* misc/sys/cdefs.h (__fortify_function): Define only if
|
||||
__extern_always_inline is defined.
|
||||
[!__cplusplus || __GNUC_PREREQ (4,3)]: Revert to defining
|
||||
__extern_always_inline and __extern_inline only for g++-4.3
|
||||
and newer or a compatible gcc.
|
||||
|
||||
diff --git a/libio/stdio.h b/libio/stdio.h
|
||||
index d8c0bdb..1f4f837 100644
|
||||
@ -79,7 +91,7 @@ index aa755de..0656645 100644
|
||||
extern double __gamma_r_finite (double, int *);
|
||||
__extern_always_inline double __NTH (tgamma (double __d))
|
||||
diff --git a/misc/sys/cdefs.h b/misc/sys/cdefs.h
|
||||
index 04db956..d8ee73c 100644
|
||||
index 04db956..01e81ba 100644
|
||||
--- a/misc/sys/cdefs.h
|
||||
+++ b/misc/sys/cdefs.h
|
||||
@@ -131,7 +131,6 @@
|
||||
@ -90,7 +102,7 @@ index 04db956..d8ee73c 100644
|
||||
|
||||
#if __GNUC_PREREQ (4,3)
|
||||
# define __warndecl(name, msg) \
|
||||
@@ -318,12 +317,10 @@
|
||||
@@ -318,12 +317,13 @@
|
||||
# define __attribute_artificial__ /* Ignore */
|
||||
#endif
|
||||
|
||||
@ -101,13 +113,16 @@ index 04db956..d8ee73c 100644
|
||||
- defined, this version of GCC only supports GNU inline semantics. */
|
||||
-# if defined __GNUC_STDC_INLINE__ || defined __GNUC_GNU_INLINE__
|
||||
+/* GCC 4.3 and above with -std=c99 or -std=gnu99 implements ISO C99
|
||||
+ inline semantics, unless -fgnu89-inline is used. */
|
||||
+ inline semantics, unless -fgnu89-inline is used. Using __GNUC_STDC_INLINE__
|
||||
+ or __GNUC_GNU_INLINE is not a good enough check for gcc because gcc versions
|
||||
+ older than 4.3 may define these macros and still not guarantee GNU inlining
|
||||
+ semantics. */
|
||||
+#if !defined __cplusplus || __GNUC_PREREQ (4,3)
|
||||
+# if defined __GNUC_STDC_INLINE__ || defined __cplusplus
|
||||
# define __extern_inline extern __inline __attribute__ ((__gnu_inline__))
|
||||
# define __extern_always_inline \
|
||||
extern __always_inline __attribute__ ((__gnu_inline__))
|
||||
@@ -331,9 +328,10 @@
|
||||
@@ -331,9 +331,10 @@
|
||||
# define __extern_inline extern __inline
|
||||
# define __extern_always_inline extern __always_inline
|
||||
# endif
|
||||
@ -121,6 +136,3 @@ index 04db956..d8ee73c 100644
|
||||
#endif
|
||||
|
||||
/* GCC 4.3 and above allow passing all anonymous arguments of an
|
||||
--
|
||||
1.9.3
|
||||
|
||||
|
69
glibc-rh1133508.patch
Normal file
69
glibc-rh1133508.patch
Normal file
@ -0,0 +1,69 @@
|
||||
commit 602f80ec8b966cfad3b61914cbe14ee606cedf6e
|
||||
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
|
||||
Date: Tue Sep 16 22:16:01 2014 +0530
|
||||
|
||||
Make __extern_always_inline usable on clang++ again
|
||||
|
||||
The fix for BZ #17266 (884ddc5081278f488ef8cd49951f41cfdbb480ce)
|
||||
removed changes that had gone into cdefs.h to make
|
||||
__extern_always_inline usable with clang++. This patch adds back
|
||||
support for clang to detect if GNU inlining semantics are available,
|
||||
this time without breaking the gcc use case. The check put here is
|
||||
based on the earlier patch and assertion[1] that checking if
|
||||
__GNUC_STDC_INLINE__ or __GNUC_GNU_INLINE__ is defined is sufficient
|
||||
to determine that clang++ suports GNU inlining semantics.
|
||||
|
||||
Tested with a simple program that builds with __extern_always_inline
|
||||
with the patch and fails compilation without it.
|
||||
|
||||
#include <stdio.h>
|
||||
#include <sys/cdefs.h>
|
||||
|
||||
extern void foo_alias (void) __asm ("foo");
|
||||
|
||||
__extern_always_inline void
|
||||
foo (void)
|
||||
{
|
||||
puts ("hi oh world!");
|
||||
return foo_alias ();
|
||||
}
|
||||
|
||||
void
|
||||
foo_alias (void)
|
||||
{
|
||||
puts ("hell oh world");
|
||||
}
|
||||
|
||||
int
|
||||
main ()
|
||||
{
|
||||
foo ();
|
||||
}
|
||||
|
||||
[1] https://sourceware.org/ml/libc-alpha/2012-12/msg00306.html
|
||||
|
||||
[BZ #17266]
|
||||
* misc/sys/cdefs.h: Define __extern_always_inline for clang
|
||||
4.2 and newer.
|
||||
|
||||
diff --git a/misc/sys/cdefs.h b/misc/sys/cdefs.h
|
||||
index 01e81ba..711ac1d 100644
|
||||
--- a/misc/sys/cdefs.h
|
||||
+++ b/misc/sys/cdefs.h
|
||||
@@ -321,8 +321,14 @@
|
||||
inline semantics, unless -fgnu89-inline is used. Using __GNUC_STDC_INLINE__
|
||||
or __GNUC_GNU_INLINE is not a good enough check for gcc because gcc versions
|
||||
older than 4.3 may define these macros and still not guarantee GNU inlining
|
||||
- semantics. */
|
||||
-#if !defined __cplusplus || __GNUC_PREREQ (4,3)
|
||||
+ semantics.
|
||||
+
|
||||
+ clang++ identifies itself as gcc-4.2, but has support for GNU inlining
|
||||
+ semantics, that can be checked fot by using the __GNUC_STDC_INLINE_ and
|
||||
+ __GNUC_GNU_INLINE__ macro definitions. */
|
||||
+#if (!defined __cplusplus || __GNUC_PREREQ (4,3) \
|
||||
+ || (defined __clang__ && (defined __GNUC_STDC_INLINE__ \
|
||||
+ || defined __GNUC_GNU_INLINE__)))
|
||||
# if defined __GNUC_STDC_INLINE__ || defined __cplusplus
|
||||
# define __extern_inline extern __inline __attribute__ ((__gnu_inline__))
|
||||
# define __extern_always_inline \
|
164
glibc-rh1167569.patch
Normal file
164
glibc-rh1167569.patch
Normal file
@ -0,0 +1,164 @@
|
||||
commit 33ceaf6187b31ea15284ac65131749e1cb68d2ae
|
||||
Author: Carlos O'Donell <carlos@redhat.com>
|
||||
Date: Wed Nov 19 11:44:12 2014 -0500
|
||||
|
||||
CVE-2014-7817: wordexp fails to honour WRDE_NOCMD.
|
||||
|
||||
The function wordexp() fails to properly handle the WRDE_NOCMD
|
||||
flag when processing arithmetic inputs in the form of "$((... ``))"
|
||||
where "..." can be anything valid. The backticks in the arithmetic
|
||||
epxression are evaluated by in a shell even if WRDE_NOCMD forbade
|
||||
command substitution. This allows an attacker to attempt to pass
|
||||
dangerous commands via constructs of the above form, and bypass
|
||||
the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD
|
||||
in exec_comm(), the only place that can execute a shell. All other
|
||||
checks for WRDE_NOCMD are superfluous and removed.
|
||||
|
||||
We expand the testsuite and add 3 new regression tests of roughly
|
||||
the same form but with a couple of nested levels.
|
||||
|
||||
On top of the 3 new tests we add fork validation to the WRDE_NOCMD
|
||||
testing. If any forks are detected during the execution of a wordexp()
|
||||
call with WRDE_NOCMD, the test is marked as failed. This is slightly
|
||||
heuristic since vfork might be used in the future, but it provides a
|
||||
higher level of assurance that no shells were executed as part of
|
||||
command substitution with WRDE_NOCMD in effect. In addition it doesn't
|
||||
require libpthread or libdl, instead we use the public implementation
|
||||
namespace function __register_atfork (already part of the public ABI
|
||||
for libpthread).
|
||||
|
||||
Tested on x86_64 with no regressions.
|
||||
|
||||
(cherry picked from commit a39208bd7fb76c1b01c127b4c61f9bfd915bfe7c)
|
||||
|
||||
diff --git a/posix/wordexp-test.c b/posix/wordexp-test.c
|
||||
index 4957006..bdd65e4 100644
|
||||
--- a/posix/wordexp-test.c
|
||||
+++ b/posix/wordexp-test.c
|
||||
@@ -27,6 +27,25 @@
|
||||
|
||||
#define IFS " \n\t"
|
||||
|
||||
+extern void *__dso_handle __attribute__ ((__weak__, __visibility__ ("hidden")));
|
||||
+extern int __register_atfork (void (*) (void), void (*) (void), void (*) (void), void *);
|
||||
+
|
||||
+static int __app_register_atfork (void (*prepare) (void), void (*parent) (void), void (*child) (void))
|
||||
+{
|
||||
+ return __register_atfork (prepare, parent, child,
|
||||
+ &__dso_handle == NULL ? NULL : __dso_handle);
|
||||
+}
|
||||
+
|
||||
+/* Number of forks seen. */
|
||||
+static int registered_forks;
|
||||
+
|
||||
+/* For each fork increment the fork count. */
|
||||
+static void
|
||||
+register_fork (void)
|
||||
+{
|
||||
+ registered_forks++;
|
||||
+}
|
||||
+
|
||||
struct test_case_struct
|
||||
{
|
||||
int retval;
|
||||
@@ -206,6 +225,12 @@ struct test_case_struct
|
||||
{ WRDE_SYNTAX, NULL, "$((2+))", 0, 0, { NULL, }, IFS },
|
||||
{ WRDE_SYNTAX, NULL, "`", 0, 0, { NULL, }, IFS },
|
||||
{ WRDE_SYNTAX, NULL, "$((010+4+))", 0, 0, { NULL }, IFS },
|
||||
+ /* Test for CVE-2014-7817. We test 3 combinations of command
|
||||
+ substitution inside an arithmetic expression to make sure that
|
||||
+ no commands are executed and error is returned. */
|
||||
+ { WRDE_CMDSUB, NULL, "$((`echo 1`))", WRDE_NOCMD, 0, { NULL, }, IFS },
|
||||
+ { WRDE_CMDSUB, NULL, "$((1+`echo 1`))", WRDE_NOCMD, 0, { NULL, }, IFS },
|
||||
+ { WRDE_CMDSUB, NULL, "$((1+$((`echo 1`))))", WRDE_NOCMD, 0, { NULL, }, IFS },
|
||||
|
||||
{ -1, NULL, NULL, 0, 0, { NULL, }, IFS },
|
||||
};
|
||||
@@ -258,6 +283,15 @@ main (int argc, char *argv[])
|
||||
return -1;
|
||||
}
|
||||
|
||||
+ /* If we are not allowed to do command substitution, we install
|
||||
+ fork handlers to verify that no forks happened. No forks should
|
||||
+ happen at all if command substitution is disabled. */
|
||||
+ if (__app_register_atfork (register_fork, NULL, NULL) != 0)
|
||||
+ {
|
||||
+ printf ("Failed to register fork handler.\n");
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
for (test = 0; test_case[test].retval != -1; test++)
|
||||
if (testit (&test_case[test]))
|
||||
++fail;
|
||||
@@ -367,6 +401,9 @@ testit (struct test_case_struct *tc)
|
||||
|
||||
printf ("Test %d (%s): ", ++tests, tc->words);
|
||||
|
||||
+ if (tc->flags & WRDE_NOCMD)
|
||||
+ registered_forks = 0;
|
||||
+
|
||||
if (tc->flags & WRDE_APPEND)
|
||||
{
|
||||
/* initial wordexp() call, to be appended to */
|
||||
@@ -378,6 +415,13 @@ testit (struct test_case_struct *tc)
|
||||
}
|
||||
retval = wordexp (tc->words, &we, tc->flags);
|
||||
|
||||
+ if ((tc->flags & WRDE_NOCMD)
|
||||
+ && (registered_forks > 0))
|
||||
+ {
|
||||
+ printf ("FAILED fork called for WRDE_NOCMD\n");
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
if (tc->flags & WRDE_DOOFFS)
|
||||
start_offs = sav_we.we_offs;
|
||||
|
||||
diff --git a/posix/wordexp.c b/posix/wordexp.c
|
||||
index b6b65dd..26f3a26 100644
|
||||
--- a/posix/wordexp.c
|
||||
+++ b/posix/wordexp.c
|
||||
@@ -893,6 +893,10 @@ exec_comm (char *comm, char **word, size_t *word_length, size_t *max_length,
|
||||
pid_t pid;
|
||||
int noexec = 0;
|
||||
|
||||
+ /* Do nothing if command substitution should not succeed. */
|
||||
+ if (flags & WRDE_NOCMD)
|
||||
+ return WRDE_CMDSUB;
|
||||
+
|
||||
/* Don't fork() unless necessary */
|
||||
if (!comm || !*comm)
|
||||
return 0;
|
||||
@@ -2082,9 +2086,6 @@ parse_dollars (char **word, size_t *word_length, size_t *max_length,
|
||||
}
|
||||
}
|
||||
|
||||
- if (flags & WRDE_NOCMD)
|
||||
- return WRDE_CMDSUB;
|
||||
-
|
||||
(*offset) += 2;
|
||||
return parse_comm (word, word_length, max_length, words, offset, flags,
|
||||
quoted? NULL : pwordexp, ifs, ifs_white);
|
||||
@@ -2196,9 +2197,6 @@ parse_dquote (char **word, size_t *word_length, size_t *max_length,
|
||||
break;
|
||||
|
||||
case '`':
|
||||
- if (flags & WRDE_NOCMD)
|
||||
- return WRDE_CMDSUB;
|
||||
-
|
||||
++(*offset);
|
||||
error = parse_backtick (word, word_length, max_length, words,
|
||||
offset, flags, NULL, NULL, NULL);
|
||||
@@ -2357,12 +2355,6 @@ wordexp (const char *words, wordexp_t *pwordexp, int flags)
|
||||
break;
|
||||
|
||||
case '`':
|
||||
- if (flags & WRDE_NOCMD)
|
||||
- {
|
||||
- error = WRDE_CMDSUB;
|
||||
- goto do_error;
|
||||
- }
|
||||
-
|
||||
++words_offset;
|
||||
error = parse_backtick (&word, &word_length, &max_length, words,
|
||||
&words_offset, flags, pwordexp, ifs,
|
21
glibc-rh1175370.patch
Normal file
21
glibc-rh1175370.patch
Normal file
@ -0,0 +1,21 @@
|
||||
commit 11e3417af6e354f1942c68a271ae51e892b2814d
|
||||
Author: Florian Weimer <fweimer@redhat.com>
|
||||
Date: Mon Dec 15 17:41:13 2014 +0100
|
||||
|
||||
Avoid infinite loop in nss_dns getnetbyname [BZ #17630]
|
||||
|
||||
diff --git a/resolv/nss_dns/dns-network.c b/resolv/nss_dns/dns-network.c
|
||||
index 0a77c8b..08cf0a6 100644
|
||||
--- a/resolv/nss_dns/dns-network.c
|
||||
+++ b/resolv/nss_dns/dns-network.c
|
||||
@@ -398,8 +398,8 @@ getanswer_r (const querybuf *answer, int anslen, struct netent *result,
|
||||
|
||||
case BYNAME:
|
||||
{
|
||||
- char **ap = result->n_aliases++;
|
||||
- while (*ap != NULL)
|
||||
+ char **ap;
|
||||
+ for (ap = result->n_aliases; *ap != NULL; ++ap)
|
||||
{
|
||||
/* Check each alias name for being of the forms:
|
||||
4.3.2.1.in-addr.arpa = net 1.2.3.4
|
23
glibc-rh1184234.patch
Normal file
23
glibc-rh1184234.patch
Normal file
@ -0,0 +1,23 @@
|
||||
commit 9317ea653afc26402387cac67042f9890af6add2
|
||||
Author: Bram <bug_rh@spam.wizbit.be>
|
||||
Date: Thu Apr 18 16:50:49 2013 +0200
|
||||
|
||||
Fix segmentation fault when LD_LIBRARY_PATH contains only non-existings paths
|
||||
|
||||
diff --git a/elf/dl-load.c b/elf/dl-load.c
|
||||
index 73174aa..41b91fc 100644
|
||||
--- a/elf/dl-load.c
|
||||
+++ b/elf/dl-load.c
|
||||
@@ -1889,9 +1889,9 @@ open_path (const char *name, size_t namelen, int mode,
|
||||
if (sps->malloced)
|
||||
free (sps->dirs);
|
||||
|
||||
- /* rtld_search_dirs is attribute_relro, therefore avoid writing
|
||||
- into it. */
|
||||
- if (sps != &rtld_search_dirs)
|
||||
+ /* rtld_search_dirs and env_path_list are attribute_relro, therefore
|
||||
+ avoid writing into it. */
|
||||
+ if (sps != &rtld_search_dirs && sps != &env_path_list)
|
||||
sps->dirs = (void *) -1;
|
||||
}
|
||||
|
93
glibc-rh1188237.patch
Normal file
93
glibc-rh1188237.patch
Normal file
@ -0,0 +1,93 @@
|
||||
commit 5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06
|
||||
Author: Paul Pluzhnikov <ppluzhnikov@google.com>
|
||||
Date: Fri Feb 6 00:30:42 2015 -0500
|
||||
|
||||
CVE-2015-1472: wscanf allocates too little memory
|
||||
|
||||
BZ #16618
|
||||
|
||||
Under certain conditions wscanf can allocate too little memory for the
|
||||
to-be-scanned arguments and overflow the allocated buffer. The
|
||||
implementation now correctly computes the required buffer size when
|
||||
using malloc.
|
||||
|
||||
A regression test was added to tst-sscanf.
|
||||
|
||||
diff --git a/stdio-common/tst-sscanf.c b/stdio-common/tst-sscanf.c
|
||||
index aece3f2..8a2eb9e 100644
|
||||
--- a/stdio-common/tst-sscanf.c
|
||||
+++ b/stdio-common/tst-sscanf.c
|
||||
@@ -233,5 +233,38 @@ main (void)
|
||||
}
|
||||
}
|
||||
|
||||
+ /* BZ #16618
|
||||
+ The test will segfault during SSCANF if the buffer overflow
|
||||
+ is not fixed. The size of `s` is such that it forces the use
|
||||
+ of malloc internally and this triggers the incorrect computation.
|
||||
+ Thus the value for SIZE is arbitrariy high enough that malloc
|
||||
+ is used. */
|
||||
+ {
|
||||
+#define SIZE 131072
|
||||
+ CHAR *s = malloc ((SIZE + 1) * sizeof (*s));
|
||||
+ if (s == NULL)
|
||||
+ abort ();
|
||||
+ for (size_t i = 0; i < SIZE; i++)
|
||||
+ s[i] = L('0');
|
||||
+ s[SIZE] = L('\0');
|
||||
+ int i = 42;
|
||||
+ /* Scan multi-digit zero into `i`. */
|
||||
+ if (SSCANF (s, L("%d"), &i) != 1)
|
||||
+ {
|
||||
+ printf ("FAIL: bug16618: SSCANF did not read one input item.\n");
|
||||
+ result = 1;
|
||||
+ }
|
||||
+ if (i != 0)
|
||||
+ {
|
||||
+ printf ("FAIL: bug16618: Value of `i` was not zero as expected.\n");
|
||||
+ result = 1;
|
||||
+ }
|
||||
+ free (s);
|
||||
+ if (result != 1)
|
||||
+ printf ("PASS: bug16618: Did not crash.\n");
|
||||
+#undef SIZE
|
||||
+ }
|
||||
+
|
||||
+
|
||||
return result;
|
||||
}
|
||||
diff --git a/stdio-common/vfscanf.c b/stdio-common/vfscanf.c
|
||||
index cd129a8..0e204e7 100644
|
||||
--- a/stdio-common/vfscanf.c
|
||||
+++ b/stdio-common/vfscanf.c
|
||||
@@ -272,9 +272,10 @@ _IO_vfscanf_internal (_IO_FILE *s, const char *format, _IO_va_list argptr,
|
||||
if (__glibc_unlikely (wpsize == wpmax)) \
|
||||
{ \
|
||||
CHAR_T *old = wp; \
|
||||
- size_t newsize = (UCHAR_MAX + 1 > 2 * wpmax \
|
||||
- ? UCHAR_MAX + 1 : 2 * wpmax); \
|
||||
- if (use_malloc || !__libc_use_alloca (newsize)) \
|
||||
+ bool fits = __glibc_likely (wpmax <= SIZE_MAX / sizeof (CHAR_T) / 2); \
|
||||
+ size_t wpneed = MAX (UCHAR_MAX + 1, 2 * wpmax); \
|
||||
+ size_t newsize = fits ? wpneed * sizeof (CHAR_T) : SIZE_MAX; \
|
||||
+ if (!__libc_use_alloca (newsize)) \
|
||||
{ \
|
||||
wp = realloc (use_malloc ? wp : NULL, newsize); \
|
||||
if (wp == NULL) \
|
||||
@@ -286,14 +287,13 @@ _IO_vfscanf_internal (_IO_FILE *s, const char *format, _IO_va_list argptr,
|
||||
} \
|
||||
if (! use_malloc) \
|
||||
MEMCPY (wp, old, wpsize); \
|
||||
- wpmax = newsize; \
|
||||
+ wpmax = wpneed; \
|
||||
use_malloc = true; \
|
||||
} \
|
||||
else \
|
||||
{ \
|
||||
size_t s = wpmax * sizeof (CHAR_T); \
|
||||
- wp = (CHAR_T *) extend_alloca (wp, s, \
|
||||
- newsize * sizeof (CHAR_T)); \
|
||||
+ wp = (CHAR_T *) extend_alloca (wp, s, newsize); \
|
||||
wpmax = s / sizeof (CHAR_T); \
|
||||
if (old != NULL) \
|
||||
MEMCPY (wp, old, wpsize); \
|
111
glibc.spec
111
glibc.spec
@ -1,6 +1,6 @@
|
||||
%define glibcsrcdir glibc-2.19-886-gdd763fd
|
||||
%define glibcversion 2.19.90
|
||||
%define glibcrelease 36%{?dist}
|
||||
%define glibcsrcdir glibc-2.20
|
||||
%define glibcversion 2.20
|
||||
%define glibcrelease 8%{?dist}
|
||||
# Pre-release tarballs are pulled in from git using a command that is
|
||||
# effectively:
|
||||
#
|
||||
@ -9,7 +9,7 @@
|
||||
# gzip -9 $(git describe --match 'glibc-*').tar
|
||||
#
|
||||
# glibc_release_url is only defined when we have a release tarball.
|
||||
# % define glibc_release_url http://ftp.gnu.org/gnu/glibc/
|
||||
%define glibc_release_url http://ftp.gnu.org/gnu/glibc/
|
||||
##############################################################################
|
||||
# If run_glibc_tests is zero then tests are not run for the build.
|
||||
# You must always set run_glibc_tests to one for production builds.
|
||||
@ -21,6 +21,15 @@
|
||||
# to provide a more optimized version of the package for your arch.
|
||||
%define auxarches athlon alphaev6
|
||||
##############################################################################
|
||||
# Enable lock elision support for these architectures
|
||||
#
|
||||
# At the moment lock elision is disabled on x86_64 until there's a CPU that
|
||||
# would actually benefit from enabling it. Intel released a microcode update
|
||||
# to disable HLE and RTM at boot and the Fedora kernel now applies it early
|
||||
# enough that keeping lock elision enabled should be harmless, but we have
|
||||
# disabled it anyway as a conservative measure.
|
||||
%define lock_elision_arches s390 s390x
|
||||
##############################################################################
|
||||
# We build a special package for Xen that includes TLS support with
|
||||
# no negative segment offsets for use with Xen guests. This is
|
||||
# purely an optimization for increased performance on those arches.
|
||||
@ -185,19 +194,23 @@ Patch0046: %{name}-rh1013801.patch
|
||||
|
||||
Patch0047: %{name}-nscd-sysconfig.patch
|
||||
|
||||
Patch0048: %{name}-rh1133134-i386-tlsinit.patch
|
||||
|
||||
Patch0049: %{name}-rh1119128.patch
|
||||
|
||||
# Allow up to 32 libraries to use static TLS. Should go upstream after
|
||||
# more testing.
|
||||
Patch0050: %{name}-rh1124987.patch
|
||||
|
||||
# Disable rwlock elision if --enable-lock-elision is not used.
|
||||
Patch0051: %{name}-disable-rwlock-elision.patch
|
||||
|
||||
##############################################################################
|
||||
#
|
||||
# Patches from upstream
|
||||
#
|
||||
##############################################################################
|
||||
Patch1001: %{name}-rh1133508.patch
|
||||
Patch1002: %{name}-rh1167569.patch
|
||||
Patch1003: %{name}-rh1175370.patch
|
||||
Patch1004: %{name}-rh1188237.patch
|
||||
Patch1005: %{name}-rh1184234.patch
|
||||
|
||||
##############################################################################
|
||||
#
|
||||
@ -563,9 +576,13 @@ package or when debugging this package.
|
||||
%patch2033 -p1
|
||||
%patch2034 -p1
|
||||
%patch2035 -p1
|
||||
%patch0048 -p1
|
||||
%patch0049 -p1
|
||||
%patch0050 -p1
|
||||
%patch1001 -p1
|
||||
%patch0051 -p1
|
||||
%patch1002 -p1
|
||||
%patch1003 -p1
|
||||
%patch1004 -p1
|
||||
%patch1005 -p1
|
||||
|
||||
##############################################################################
|
||||
# %%prep - Additional prep required...
|
||||
@ -711,7 +728,9 @@ build()
|
||||
%ifarch ppc64p7
|
||||
--with-cpu=power7 \
|
||||
%endif
|
||||
%ifarch %{lock_elision_arches}
|
||||
--enable-lock-elision \
|
||||
%endif
|
||||
--disable-profile --enable-nss-crypt ||
|
||||
{ cat config.log; false; }
|
||||
|
||||
@ -1074,24 +1093,32 @@ rm -f $RPM_BUILD_ROOT%{_prefix}/lib/debug%{_libdir}/*_p.a
|
||||
-printf "%%%%verify(not md5 size mtime) " \
|
||||
, \
|
||||
! -path "*/lib/debug/*" -printf "/%%P\n" \)
|
||||
# Print all directories with a %%dir prefix. We omit the info directory and
|
||||
# all directories in (and including) /usr/share/locale.
|
||||
find $RPM_BUILD_ROOT -type d \
|
||||
\( -path '*%{_prefix}/share/locale' -prune -o \
|
||||
\( -path '*%{_prefix}/share/*' ! -path '*%{_infodir}' -o \
|
||||
-path "*%{_prefix}/include/*" \
|
||||
\) -printf "%%%%dir /%%P\n"
|
||||
\) -printf "%%%%dir /%%P\n" \)
|
||||
} | {
|
||||
|
||||
# primary filelist
|
||||
SHARE_LANG='s|.*/share/locale/\([^/_]\+\).*/LC_MESSAGES/.*\.mo|%lang(\1) &|'
|
||||
LIB_LANG='s|.*/lib/locale/\([^/_]\+\)|%lang(\1) &|'
|
||||
# rpm does not handle %lang() tagged files hardlinked together accross
|
||||
# languages very well, temporarily disable
|
||||
LIB_LANG=''
|
||||
sed -e "$LIB_LANG" -e "$SHARE_LANG" \
|
||||
|
||||
# Add %%lang entries for language-specific locale files. This allows users
|
||||
# to set %%_install_lang and not install the unnecessary locale files.
|
||||
I18N_LANG='s|.*/share/i18n/locales/\([a-z]\{2\}[a-z]\?\)_[A-Z]\{2\}.*|%lang(\1) &|'
|
||||
# Remove the *.mo entries. We will add that using %%find_lang
|
||||
sed -e '\,.*/share/locale/\([^/_]\+\).*/LC_MESSAGES/.*\.mo,d' \
|
||||
-e "$I18N_LANG" \
|
||||
-e '\,/etc/\(localtime\|nsswitch.conf\|ld\.so\.conf\|ld\.so\.cache\|default\|rpc\|gai\.conf\),d' \
|
||||
-e '\,/%{_lib}/lib\(pcprofile\|memusage\)\.so,d' \
|
||||
-e '\,bin/\(memusage\|mtrace\|xtrace\|pcprofiledump\),d'
|
||||
} | sort > rpm.filelist
|
||||
|
||||
# Our *.mo files. Put them in glibc-common.
|
||||
%find_lang libc
|
||||
mv libc.lang common.filelist
|
||||
|
||||
mkdir -p $RPM_BUILD_ROOT%{_libdir}
|
||||
mv -f $RPM_BUILD_ROOT/%{_lib}/lib{pcprofile,memusage}.so $RPM_BUILD_ROOT%{_libdir}
|
||||
|
||||
@ -1371,6 +1398,24 @@ mv debuginfocommon2.filelist debuginfocommon.filelist
|
||||
sort -u debuginfo.filelist > debuginfo2.filelist
|
||||
mv debuginfo2.filelist debuginfo.filelist
|
||||
|
||||
# Remove some common directories from the common package debuginfo so that we
|
||||
# don't end up owning them.
|
||||
exclude_common_dirs()
|
||||
{
|
||||
exclude_dirs="%{_prefix}/src/debug"
|
||||
exclude_dirs="$exclude_dirs $(echo %{_prefix}/lib/debug{,/%{_lib},/bin,/sbin})"
|
||||
exclude_dirs="$exclude_dirs $(echo %{_prefix}/lib/debug%{_prefix}{,/%{_lib},/libexec,/bin,/sbin})"
|
||||
|
||||
for d in $(echo $exclude_dirs | sed 's/ /\n/g'); do
|
||||
sed -i "\|^%%dir $d/\?$|d" $1
|
||||
done
|
||||
}
|
||||
|
||||
%ifarch %{debuginfocommonarches}
|
||||
exclude_common_dirs debuginfocommon.filelist
|
||||
%endif
|
||||
exclude_common_dirs debuginfo.filelist
|
||||
|
||||
%endif # 0%{?_enable_debug_packages}
|
||||
|
||||
# Remove the `dir' info-heirarchy file which will be maintained
|
||||
@ -1673,6 +1718,38 @@ rm -f *.filelist*
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Fri Feb 27 2015 Siddhesh Poyarekar <siddhesh@redhat.com> - 2.20-8
|
||||
- wordexp fails to honour WRDE_NOCMD (CVE-2014-7817, #1167569).
|
||||
- Avoid infinite loop in nss_dns getnetbyname (CVE-2014-9402, #1175370).
|
||||
- wscanf allocates too little memory (CVE-2015-1472, #1188237).
|
||||
- Fix segmentation fault when LD_LIBRARY_PATH contains only non-existing
|
||||
paths (#1184234).
|
||||
|
||||
* Tue Jan 06 2015 Siddhesh Poyarekar <siddhesh@redhat.com> - 2.20-7
|
||||
- Remove LIB_LANG since we don't install locales in /usr/lib/locale anymore.
|
||||
- Don't own any directories in /usr/share/locale (#1167445).
|
||||
- Use the %%find_lang macro to get the *.mo files (#1167445).
|
||||
- Add %%lang tags to language locale files in /usr/share/i18n/locale (#1169044).
|
||||
|
||||
* Wed Oct 1 2014 Siddhesh Poyarekar <siddhesh@redhat.com> - 2.20-6
|
||||
- Enable lock elision again on s390 and s390x.
|
||||
|
||||
* Sat Sep 27 2014 Carlos O'Donell <carlos@redhat.com> - 2.20-5
|
||||
- Disable more Intel TSX usage in rwlocks (#1146967).
|
||||
|
||||
* Fri Sep 26 2014 Carlos O'Donell <carlos@redhat.com> - 2.20-4
|
||||
- Disable lock elision support for Intel hardware until microcode
|
||||
updates can be done in early bootup (#1146967).
|
||||
|
||||
* Tue Sep 23 2014 Siddhesh Poyarekar <siddhesh@redhat.com> - 2.20-3
|
||||
- Don't own the common debuginfo directories (#1144853).
|
||||
|
||||
* Tue Sep 16 2014 Siddhesh Poyarekar <siddhesh@redhat.com> - 2.20-2
|
||||
- Make __extern_always_inline usable on clang++ again (#1133508).
|
||||
|
||||
* Mon Sep 8 2014 Siddhesh Poyarekar <siddhesh@redhat.com> - 2.20-1
|
||||
- Rebase to upstream release 2.20.
|
||||
|
||||
* Thu Sep 4 2014 Carlos O'Donell <carlos@redhat.com> - 2.19.90-36
|
||||
- Allow up to 32 dlopened modules to use static TLS (#1124987).
|
||||
- Run glibc tests in %%check section of RPM spec file.
|
||||
|
Loading…
Reference in New Issue
Block a user