From 76fc4757ac91ac7947a01fb7b53dddf9a78a01d1 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Mon, 4 Nov 2013 17:08:47 +0000 Subject: Slackware 14.1 Mon Nov 4 17:08:47 UTC 2013 Slackware 14.1 x86_64 stable is released! It's been another interesting release cycle here at Slackware bringing new features like support for UEFI machines, updated compilers and development tools, the switch from MySQL to MariaDB, and many more improvements throughout the system. Thanks to the team, the upstream developers, the dedicated Slackware community, and everyone else who pitched in to help make this release a reality. The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a dual-sided 32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware project by picking up a copy from store.slackware.com. We're taking pre-orders now, and offer a discount if you sign up for a subscription. Have fun! :-) --- source/l/glibc/doinst.sh-glibc | 43 ++- source/l/glibc/doinst.sh-glibc-solibs | 44 ++- .../glibc/glibc-2.14-reexport-rpc-interface.patch | 26 -- .../glibc-2.14-reinstall-nis-rpc-headers.patch | 27 -- source/l/glibc/glibc-2.14.1-fixes-1.patch | 159 -------- source/l/glibc/glibc-2.15-revert-c5a0802a.diff | 226 ------------ source/l/glibc/glibc-2.15.nscd-race-fix.diff | 47 --- source/l/glibc/glibc.CVE-2013-0242.diff | 189 ++++++++++ source/l/glibc/glibc.CVE-2013-1914.diff | 53 +++ source/l/glibc/glibc.CVE-2013-2207.diff | 241 ++++++++++++ source/l/glibc/glibc.CVE-2013-4332.diff | 64 ++++ source/l/glibc/glibc.SlackBuild | 90 +++-- ...t-6ee65ed6ddbf04402fad0bec6aa9c73b9d982ae4.diff | 322 ---------------- source/l/glibc/glibc.strtod.CVE-2012-3480.diff | 407 --------------------- .../timezone-scripts/output-updated-timeconfig.sh | 2 +- source/l/glibc/timezone-scripts/parts/00 | 1 + source/l/glibc/timezone-scripts/parts/01 | 7 + source/l/glibc/timezone-scripts/parts/03 | 7 + source/l/glibc/timezone-scripts/timeconfig | 31 ++ 19 files changed, 696 insertions(+), 1290 deletions(-) delete mode 100644 source/l/glibc/glibc-2.14-reexport-rpc-interface.patch delete mode 100644 source/l/glibc/glibc-2.14-reinstall-nis-rpc-headers.patch delete mode 100644 source/l/glibc/glibc-2.14.1-fixes-1.patch delete mode 100644 source/l/glibc/glibc-2.15-revert-c5a0802a.diff delete mode 100644 source/l/glibc/glibc-2.15.nscd-race-fix.diff create mode 100644 source/l/glibc/glibc.CVE-2013-0242.diff create mode 100644 source/l/glibc/glibc.CVE-2013-1914.diff create mode 100644 source/l/glibc/glibc.CVE-2013-2207.diff create mode 100644 source/l/glibc/glibc.CVE-2013-4332.diff delete mode 100644 source/l/glibc/glibc.git-6ee65ed6ddbf04402fad0bec6aa9c73b9d982ae4.diff delete mode 100644 source/l/glibc/glibc.strtod.CVE-2012-3480.diff mode change 100644 => 100755 source/l/glibc/timezone-scripts/output-updated-timeconfig.sh (limited to 'source/l/glibc') diff --git a/source/l/glibc/doinst.sh-glibc b/source/l/glibc/doinst.sh-glibc index 1b3e03e3..5904dc75 100644 --- a/source/l/glibc/doinst.sh-glibc +++ b/source/l/glibc/doinst.sh-glibc @@ -1,6 +1,6 @@ #!/bin/sh # Copyright (C) 2002, 2005 Slackware Linux, Inc. -# Copyright 2005, 2006, 2007, 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2005, 2006, 2007, 2011, 2012 Patrick J. Volkerding, Sebeka, Minnesota, USA # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -111,43 +111,43 @@ rm -f etc/profile.d/glibc.sh.new # In case there's no ldconfig, make the links manually: if [ ! -x /sbin/ldconfig ]; then ( cd lib ; rm -rf libnss_nis.so.2 ) -( cd lib ; ln -sf libnss_nis-2.15.so libnss_nis.so.2 ) +( cd lib ; ln -sf libnss_nis-2.17.so libnss_nis.so.2 ) ( cd lib ; rm -rf libm.so.6 ) -( cd lib ; ln -sf libm-2.15.so libm.so.6 ) +( cd lib ; ln -sf libm-2.17.so libm.so.6 ) ( cd lib ; rm -rf libnss_files.so.2 ) -( cd lib ; ln -sf libnss_files-2.15.so libnss_files.so.2 ) +( cd lib ; ln -sf libnss_files-2.17.so libnss_files.so.2 ) ( cd lib ; rm -rf libresolv.so.2 ) -( cd lib ; ln -sf libresolv-2.15.so libresolv.so.2 ) +( cd lib ; ln -sf libresolv-2.17.so libresolv.so.2 ) ( cd lib ; rm -rf libnsl.so.1 ) -( cd lib ; ln -sf libnsl-2.15.so libnsl.so.1 ) +( cd lib ; ln -sf libnsl-2.17.so libnsl.so.1 ) ( cd lib ; rm -rf libutil.so.1 ) -( cd lib ; ln -sf libutil-2.15.so libutil.so.1 ) +( cd lib ; ln -sf libutil-2.17.so libutil.so.1 ) ( cd lib ; rm -rf libnss_compat.so.2 ) -( cd lib ; ln -sf libnss_compat-2.15.so libnss_compat.so.2 ) +( cd lib ; ln -sf libnss_compat-2.17.so libnss_compat.so.2 ) ( cd lib ; rm -rf libthread_db.so.1 ) ( cd lib ; ln -sf libthread_db-1.0.so libthread_db.so.1 ) ( cd lib ; rm -rf libnss_hesiod.so.2 ) -( cd lib ; ln -sf libnss_hesiod-2.15.so libnss_hesiod.so.2 ) +( cd lib ; ln -sf libnss_hesiod-2.17.so libnss_hesiod.so.2 ) ( cd lib ; rm -rf libanl.so.1 ) -( cd lib ; ln -sf libanl-2.15.so libanl.so.1 ) +( cd lib ; ln -sf libanl-2.17.so libanl.so.1 ) ( cd lib ; rm -rf libcrypt.so.1 ) -( cd lib ; ln -sf libcrypt-2.15.so libcrypt.so.1 ) +( cd lib ; ln -sf libcrypt-2.17.so libcrypt.so.1 ) ( cd lib ; rm -rf libBrokenLocale.so.1 ) -( cd lib ; ln -sf libBrokenLocale-2.15.so libBrokenLocale.so.1 ) +( cd lib ; ln -sf libBrokenLocale-2.17.so libBrokenLocale.so.1 ) ( cd lib ; rm -rf ld-linux.so.2 ) -( cd lib ; ln -sf ld-2.15.so ld-linux.so.2 ) +( cd lib ; ln -sf ld-2.17.so ld-linux.so.2 ) ( cd lib ; rm -rf libdl.so.2 ) -( cd lib ; ln -sf libdl-2.15.so libdl.so.2 ) +( cd lib ; ln -sf libdl-2.17.so libdl.so.2 ) ( cd lib ; rm -rf libnss_dns.so.2 ) -( cd lib ; ln -sf libnss_dns-2.15.so libnss_dns.so.2 ) +( cd lib ; ln -sf libnss_dns-2.17.so libnss_dns.so.2 ) ( cd lib ; rm -rf libpthread.so.0 ) -( cd lib ; ln -sf libpthread-2.15.so libpthread.so.0 ) +( cd lib ; ln -sf libpthread-2.17.so libpthread.so.0 ) ( cd lib ; rm -rf libnss_nisplus.so.2 ) -( cd lib ; ln -sf libnss_nisplus-2.15.so libnss_nisplus.so.2 ) +( cd lib ; ln -sf libnss_nisplus-2.17.so libnss_nisplus.so.2 ) ( cd lib ; rm -rf libc.so.6 ) -( cd lib ; ln -sf libc-2.15.so libc.so.6 ) +( cd lib ; ln -sf libc-2.17.so libc.so.6 ) ( cd lib ; rm -rf librt.so.1 ) -( cd lib ; ln -sf librt-2.15.so librt.so.1 ) +( cd lib ; ln -sf librt-2.17.so librt.so.1 ) fi # More links: @@ -190,3 +190,8 @@ fi ( cd usr/share/zoneinfo ; ln -sf /etc/localtime localtime ) ( cd bin ; rm -rf sln ) ( cd bin ; ln -sf /sbin/sln sln ) + +# Reload to prevent init from holding a stale handle to glibc on shutdown: +if [ -x /sbin/telinit ]; then + /sbin/telinit u +fi diff --git a/source/l/glibc/doinst.sh-glibc-solibs b/source/l/glibc/doinst.sh-glibc-solibs index f6e41a96..f721926c 100644 --- a/source/l/glibc/doinst.sh-glibc-solibs +++ b/source/l/glibc/doinst.sh-glibc-solibs @@ -1,6 +1,6 @@ #!/bin/sh # Copyright (C) 2002, 2005 Slackware Linux, Inc. -# Copyright 2005, 2006, 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2005, 2006, 2011, 2012 Patrick J. Volkerding, Sebeka, Minnesota, USA # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -91,41 +91,47 @@ rm -f etc/profile.d/glibc.sh.new # In case there's no ldconfig, make the links manually: if [ ! -x /sbin/ldconfig ]; then ( cd lib ; rm -rf libnss_nis.so.2 ) -( cd lib ; ln -sf libnss_nis-2.15.so libnss_nis.so.2 ) +( cd lib ; ln -sf libnss_nis-2.17.so libnss_nis.so.2 ) ( cd lib ; rm -rf libm.so.6 ) -( cd lib ; ln -sf libm-2.15.so libm.so.6 ) +( cd lib ; ln -sf libm-2.17.so libm.so.6 ) ( cd lib ; rm -rf libnss_files.so.2 ) -( cd lib ; ln -sf libnss_files-2.15.so libnss_files.so.2 ) +( cd lib ; ln -sf libnss_files-2.17.so libnss_files.so.2 ) ( cd lib ; rm -rf libresolv.so.2 ) -( cd lib ; ln -sf libresolv-2.15.so libresolv.so.2 ) +( cd lib ; ln -sf libresolv-2.17.so libresolv.so.2 ) ( cd lib ; rm -rf libnsl.so.1 ) -( cd lib ; ln -sf libnsl-2.15.so libnsl.so.1 ) +( cd lib ; ln -sf libnsl-2.17.so libnsl.so.1 ) ( cd lib ; rm -rf libutil.so.1 ) -( cd lib ; ln -sf libutil-2.15.so libutil.so.1 ) +( cd lib ; ln -sf libutil-2.17.so libutil.so.1 ) ( cd lib ; rm -rf libnss_compat.so.2 ) -( cd lib ; ln -sf libnss_compat-2.15.so libnss_compat.so.2 ) +( cd lib ; ln -sf libnss_compat-2.17.so libnss_compat.so.2 ) ( cd lib ; rm -rf libthread_db.so.1 ) ( cd lib ; ln -sf libthread_db-1.0.so libthread_db.so.1 ) ( cd lib ; rm -rf libnss_hesiod.so.2 ) -( cd lib ; ln -sf libnss_hesiod-2.15.so libnss_hesiod.so.2 ) +( cd lib ; ln -sf libnss_hesiod-2.17.so libnss_hesiod.so.2 ) ( cd lib ; rm -rf libanl.so.1 ) -( cd lib ; ln -sf libanl-2.15.so libanl.so.1 ) +( cd lib ; ln -sf libanl-2.17.so libanl.so.1 ) ( cd lib ; rm -rf libcrypt.so.1 ) -( cd lib ; ln -sf libcrypt-2.15.so libcrypt.so.1 ) +( cd lib ; ln -sf libcrypt-2.17.so libcrypt.so.1 ) ( cd lib ; rm -rf libBrokenLocale.so.1 ) -( cd lib ; ln -sf libBrokenLocale-2.15.so libBrokenLocale.so.1 ) +( cd lib ; ln -sf libBrokenLocale-2.17.so libBrokenLocale.so.1 ) ( cd lib ; rm -rf ld-linux.so.2 ) -( cd lib ; ln -sf ld-2.15.so ld-linux.so.2 ) +( cd lib ; ln -sf ld-2.17.so ld-linux.so.2 ) ( cd lib ; rm -rf libdl.so.2 ) -( cd lib ; ln -sf libdl-2.15.so libdl.so.2 ) +( cd lib ; ln -sf libdl-2.17.so libdl.so.2 ) ( cd lib ; rm -rf libnss_dns.so.2 ) -( cd lib ; ln -sf libnss_dns-2.15.so libnss_dns.so.2 ) +( cd lib ; ln -sf libnss_dns-2.17.so libnss_dns.so.2 ) ( cd lib ; rm -rf libpthread.so.0 ) -( cd lib ; ln -sf libpthread-2.15.so libpthread.so.0 ) +( cd lib ; ln -sf libpthread-2.17.so libpthread.so.0 ) ( cd lib ; rm -rf libnss_nisplus.so.2 ) -( cd lib ; ln -sf libnss_nisplus-2.15.so libnss_nisplus.so.2 ) +( cd lib ; ln -sf libnss_nisplus-2.17.so libnss_nisplus.so.2 ) ( cd lib ; rm -rf libc.so.6 ) -( cd lib ; ln -sf libc-2.15.so libc.so.6 ) +( cd lib ; ln -sf libc-2.17.so libc.so.6 ) ( cd lib ; rm -rf librt.so.1 ) -( cd lib ; ln -sf librt-2.15.so librt.so.1 ) +( cd lib ; ln -sf librt-2.17.so librt.so.1 ) fi + +# Reload to prevent init from holding a stale handle to glibc on shutdown: +if [ -x /sbin/telinit ]; then + /sbin/telinit u +fi + diff --git a/source/l/glibc/glibc-2.14-reexport-rpc-interface.patch b/source/l/glibc/glibc-2.14-reexport-rpc-interface.patch deleted file mode 100644 index a0a38162..00000000 --- a/source/l/glibc/glibc-2.14-reexport-rpc-interface.patch +++ /dev/null @@ -1,26 +0,0 @@ -diff --git a/include/libc-symbols.h b/include/libc-symbols.h -index 67e1ca2..5e7cca5 100644 ---- a/include/libc-symbols.h -+++ b/include/libc-symbols.h -@@ -635,7 +635,7 @@ for linking") - # define libc_hidden_proto(name, attrs...) hidden_proto (name, ##attrs) - # define libc_hidden_def(name) hidden_def (name) - # define libc_hidden_weak(name) hidden_weak (name) --# define libc_hidden_nolink(name, version) hidden_nolink (name, libc, version) -+# define libc_hidden_nolink(name, version) hidden_def (name) - # define libc_hidden_ver(local, name) hidden_ver (local, name) - # define libc_hidden_data_def(name) hidden_data_def (name) - # define libc_hidden_data_weak(name) hidden_data_weak (name) -diff --git a/sunrpc/Makefile b/sunrpc/Makefile -index 5134ce9..40c73d1 100644 ---- a/sunrpc/Makefile -+++ b/sunrpc/Makefile -@@ -53,7 +53,7 @@ headers-in-tirpc = $(addprefix rpc/,auth.h auth_unix.h clnt.h pmap_clnt.h \ - des_crypt.h) - headers-not-in-tirpc = $(addprefix rpc/,key_prot.h rpc_des.h) \ - $(rpcsvc:%=rpcsvc/%) rpcsvc/bootparam.h --headers = rpc/netdb.h -+headers = rpc/netdb.h $(headers-in-tirpc) $(headers-not-in-tirpc) - install-others = $(inst_sysconfdir)/rpc - generated = $(rpcsvc:%.x=rpcsvc/%.h) $(rpcsvc:%.x=x%.c) $(rpcsvc:%.x=x%.stmp) \ - $(rpcsvc:%.x=rpcsvc/%.stmp) rpcgen \ No newline at end of file diff --git a/source/l/glibc/glibc-2.14-reinstall-nis-rpc-headers.patch b/source/l/glibc/glibc-2.14-reinstall-nis-rpc-headers.patch deleted file mode 100644 index 554b9e56..00000000 --- a/source/l/glibc/glibc-2.14-reinstall-nis-rpc-headers.patch +++ /dev/null @@ -1,27 +0,0 @@ -From bdd816a366c4e5bba5de7157d948e0c0737fb4fb Mon Sep 17 00:00:00 2001 -From: Andreas Schwab -Date: Tue, 17 May 2011 17:42:30 +0200 -Subject: [PATCH] Reinstall NIS RPC headers - ---- - nis/Makefile | 4 ++-- - 1 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/nis/Makefile b/nis/Makefile -index b5c9609..d2934d9 100644 ---- a/nis/Makefile -+++ b/nis/Makefile -@@ -23,9 +23,9 @@ subdir := nis - - aux := nis_hash - -+headers := $(wildcard rpcsvc/*.[hx]) - distribute := nss-nis.h nss-nisplus.h nis_intern.h Banner \ -- nisplus-parser.h nis_xdr.h nss \ -- $(wildcard rpcsvc/*.[hx]) -+ nisplus-parser.h nis_xdr.h nss - - # These are the databases available for the nis (and perhaps later nisplus) - # service. This must be a superset of the services in nss. --- -1.7.5.4 diff --git a/source/l/glibc/glibc-2.14.1-fixes-1.patch b/source/l/glibc/glibc-2.14.1-fixes-1.patch deleted file mode 100644 index b2b87f12..00000000 --- a/source/l/glibc/glibc-2.14.1-fixes-1.patch +++ /dev/null @@ -1,159 +0,0 @@ -Submitted By: Matt Burgess -Date: 2011-10-07 -Initial Package Version: 2.14.1 -Upstream Status: From upstream -Origin: Matt Burgess -Description: Fixes Firefox crashes and a bug when programs link to - SDL. - -diff -Naur glibc-2.14.1.orig/elf/dl-close.c glibc-2.14.1/elf/dl-close.c ---- glibc-2.14.1.orig/elf/dl-close.c 2011-10-07 09:48:55.000000000 +0000 -+++ glibc-2.14.1/elf/dl-close.c 2011-10-07 19:43:10.346411120 +0000 -@@ -119,17 +119,8 @@ - if (map->l_direct_opencount > 0 || map->l_type != lt_loaded - || dl_close_state != not_pending) - { -- if (map->l_direct_opencount == 0) -- { -- if (map->l_type == lt_loaded) -- dl_close_state = rerun; -- else if (map->l_type == lt_library) -- { -- struct link_map **oldp = map->l_initfini; -- map->l_initfini = map->l_orig_initfini; -- _dl_scope_free (oldp); -- } -- } -+ if (map->l_direct_opencount == 0 && map->l_type == lt_loaded) -+ dl_close_state = rerun; - - /* There are still references to this object. Do nothing more. */ - if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_FILES, 0)) -diff -Naur glibc-2.14.1.orig/elf/dl-deps.c glibc-2.14.1/elf/dl-deps.c ---- glibc-2.14.1.orig/elf/dl-deps.c 2011-10-07 09:48:55.000000000 +0000 -+++ glibc-2.14.1/elf/dl-deps.c 2011-10-07 19:43:10.348432639 +0000 -@@ -478,6 +478,7 @@ - nneeded * sizeof needed[0]); - atomic_write_barrier (); - l->l_initfini = l_initfini; -+ l->l_free_initfini = 1; - } - - /* If we have no auxiliary objects just go on to the next map. */ -@@ -678,6 +679,7 @@ - l_initfini[nlist] = NULL; - atomic_write_barrier (); - map->l_initfini = l_initfini; -+ map->l_free_initfini = 1; - if (l_reldeps != NULL) - { - atomic_write_barrier (); -@@ -686,7 +688,7 @@ - _dl_scope_free (old_l_reldeps); - } - if (old_l_initfini != NULL) -- map->l_orig_initfini = old_l_initfini; -+ _dl_scope_free (old_l_initfini); - - if (errno_reason) - _dl_signal_error (errno_reason == -1 ? 0 : errno_reason, objname, -diff -Naur glibc-2.14.1.orig/elf/dl-libc.c glibc-2.14.1/elf/dl-libc.c ---- glibc-2.14.1.orig/elf/dl-libc.c 2011-10-07 09:48:55.000000000 +0000 -+++ glibc-2.14.1/elf/dl-libc.c 2011-10-07 19:43:10.352411141 +0000 -@@ -279,6 +279,10 @@ - if (! old->dont_free) - free (old); - } -+ -+ /* Free the initfini dependency list. */ -+ if (l->l_free_initfini) -+ free (l->l_initfini); - } - - if (__builtin_expect (GL(dl_ns)[ns]._ns_global_scope_alloc, 0) != 0 -diff -Naur glibc-2.14.1.orig/elf/rtld.c glibc-2.14.1/elf/rtld.c ---- glibc-2.14.1.orig/elf/rtld.c 2011-10-07 09:48:55.000000000 +0000 -+++ glibc-2.14.1/elf/rtld.c 2011-10-07 19:43:10.355406263 +0000 -@@ -2263,6 +2263,7 @@ - lnp->dont_free = 1; - lnp = lnp->next; - } -+ l->l_free_initfini = 0; - - if (l != &GL(dl_rtld_map)) - _dl_relocate_object (l, l->l_scope, GLRO(dl_lazy) ? RTLD_LAZY : 0, -diff -Naur glibc-2.14.1.orig/include/link.h glibc-2.14.1/include/link.h ---- glibc-2.14.1.orig/include/link.h 2011-10-07 09:48:55.000000000 +0000 -+++ glibc-2.14.1/include/link.h 2011-10-07 19:43:10.357462703 +0000 -@@ -192,6 +192,9 @@ - during LD_TRACE_PRELINKING=1 - contains any DT_SYMBOLIC - libraries. */ -+ unsigned int l_free_initfini:1; /* Nonzero if l_initfini can be -+ freed, ie. not allocated with -+ the dummy malloc in ld.so. */ - - /* Collected information about own RPATH directories. */ - struct r_search_path_struct l_rpath_dirs; -@@ -240,9 +243,6 @@ - - /* List of object in order of the init and fini calls. */ - struct link_map **l_initfini; -- /* The init and fini list generated at startup, saved when the -- object is also loaded dynamically. */ -- struct link_map **l_orig_initfini; - - /* List of the dependencies introduced through symbol binding. */ - struct link_map_reldeps -diff -Naur glibc-2.14.1.orig/resolv/res_query.c glibc-2.14.1/resolv/res_query.c ---- glibc-2.14.1.orig/resolv/res_query.c 2011-10-07 09:48:55.000000000 +0000 -+++ glibc-2.14.1/resolv/res_query.c 2011-10-07 19:43:10.361412711 +0000 -@@ -122,6 +122,7 @@ - int *resplen2) - { - HEADER *hp = (HEADER *) answer; -+ HEADER *hp2; - int n, use_malloc = 0; - u_int oflags = statp->_flags; - -@@ -239,26 +240,25 @@ - /* __libc_res_nsend might have reallocated the buffer. */ - hp = (HEADER *) *answerp; - -- /* We simplify the following tests by assigning HP to HP2. It -- is easy to verify that this is the same as ignoring all -- tests of HP2. */ -- HEADER *hp2 = answerp2 ? (HEADER *) *answerp2 : hp; -- -- if (n < (int) sizeof (HEADER) && answerp2 != NULL -- && *resplen2 > (int) sizeof (HEADER)) -+ /* We simplify the following tests by assigning HP to HP2 or -+ vice versa. It is easy to verify that this is the same as -+ ignoring all tests of HP or HP2. */ -+ if (answerp2 == NULL || *resplen2 < (int) sizeof (HEADER)) - { -- /* Special case of partial answer. */ -- assert (hp != hp2); -- hp = hp2; -+ hp2 = hp; - } -- else if (answerp2 != NULL && *resplen2 < (int) sizeof (HEADER) -- && n > (int) sizeof (HEADER)) -+ else - { -- /* Special case of partial answer. */ -- assert (hp != hp2); -- hp2 = hp; -+ hp2 = (HEADER *) *answerp2; -+ if (n < (int) sizeof (HEADER)) -+ { -+ hp = hp2; -+ } - } - -+ /* Make sure both hp and hp2 are defined */ -+ assert((hp != NULL) && (hp2 != NULL)); -+ - if ((hp->rcode != NOERROR || ntohs(hp->ancount) == 0) - && (hp2->rcode != NOERROR || ntohs(hp2->ancount) == 0)) { - #ifdef DEBUG diff --git a/source/l/glibc/glibc-2.15-revert-c5a0802a.diff b/source/l/glibc/glibc-2.15-revert-c5a0802a.diff deleted file mode 100644 index b53581b3..00000000 --- a/source/l/glibc/glibc-2.15-revert-c5a0802a.diff +++ /dev/null @@ -1,226 +0,0 @@ -diff -rup a/nptl/sysdeps/unix/sysv/linux/i386/i486/pthread_cond_wait.S b/nptl/sysdeps/unix/sysv/linux/i386/i486/pthread_cond_wait.S ---- a/nptl/sysdeps/unix/sysv/linux/i386/i486/pthread_cond_wait.S 2011-12-22 18:04:12.937212834 +0000 -+++ b/nptl/sysdeps/unix/sysv/linux/i386/i486/pthread_cond_wait.S 2011-12-22 18:04:42.104222278 +0000 -@@ -137,7 +137,6 @@ __pthread_cond_wait: - cmpl $PI_BIT, %eax - jne 18f - --90: - movl $(FUTEX_WAIT_REQUEUE_PI|FUTEX_PRIVATE_FLAG), %ecx - movl %ebp, %edx - xorl %esi, %esi -@@ -151,9 +150,6 @@ __pthread_cond_wait: - sete 16(%esp) - je 19f - -- cmpl $-EAGAIN, %eax -- je 91f -- - /* Normal and PI futexes dont mix. Use normal futex functions only - if the kernel does not support the PI futex functions. */ - cmpl $-ENOSYS, %eax -@@ -398,78 +394,6 @@ __pthread_cond_wait: - #endif - call __lll_unlock_wake - jmp 11b -- --91: --.LcleanupSTART2: -- /* FUTEX_WAIT_REQUEUE_PI returned EAGAIN. We need to -- call it again. */ -- -- /* Get internal lock. */ -- movl $1, %edx -- xorl %eax, %eax -- LOCK --#if cond_lock == 0 -- cmpxchgl %edx, (%ebx) --#else -- cmpxchgl %edx, cond_lock(%ebx) --#endif -- jz 92f -- --#if cond_lock == 0 -- movl %ebx, %edx --#else -- leal cond_lock(%ebx), %edx --#endif --#if (LLL_SHARED-LLL_PRIVATE) > 255 -- xorl %ecx, %ecx --#endif -- cmpl $-1, dep_mutex(%ebx) -- setne %cl -- subl $1, %ecx -- andl $(LLL_SHARED-LLL_PRIVATE), %ecx --#if LLL_PRIVATE != 0 -- addl $LLL_PRIVATE, %ecx --#endif -- call __lll_lock_wait -- --92: -- /* Increment the cond_futex value again, so it can be used as a new -- expected value. */ -- addl $1, cond_futex(%ebx) -- movl cond_futex(%ebx), %ebp -- -- /* Unlock. */ -- LOCK --#if cond_lock == 0 -- subl $1, (%ebx) --#else -- subl $1, cond_lock(%ebx) --#endif -- je 93f --#if cond_lock == 0 -- movl %ebx, %eax --#else -- leal cond_lock(%ebx), %eax --#endif --#if (LLL_SHARED-LLL_PRIVATE) > 255 -- xorl %ecx, %ecx --#endif -- cmpl $-1, dep_mutex(%ebx) -- setne %cl -- subl $1, %ecx -- andl $(LLL_SHARED-LLL_PRIVATE), %ecx --#if LLL_PRIVATE != 0 -- addl $LLL_PRIVATE, %ecx --#endif -- call __lll_unlock_wake -- --93: -- /* Set the rest of SYS_futex args for FUTEX_WAIT_REQUEUE_PI. */ -- xorl %ecx, %ecx -- movl dep_mutex(%ebx), %edi -- jmp 90b --.LcleanupEND2: -- - .size __pthread_cond_wait, .-__pthread_cond_wait - versioned_symbol (libpthread, __pthread_cond_wait, pthread_cond_wait, - GLIBC_2_3_2) -@@ -642,10 +566,6 @@ __condvar_w_cleanup: - .long .LcleanupEND-.Lsub_cond_futex - .long __condvar_w_cleanup-.LSTARTCODE - .uleb128 0 -- .long .LcleanupSTART2-.LSTARTCODE -- .long .LcleanupEND2-.LcleanupSTART2 -- .long __condvar_w_cleanup-.LSTARTCODE -- .uleb128 0 - .long .LcallUR-.LSTARTCODE - .long .LENDCODE-.LcallUR - .long 0 -Only in b/nptl/sysdeps/unix/sysv/linux/i386/i486: pthread_cond_wait.S.orig -diff -rup a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S ---- a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S 2011-12-22 18:04:12.941212837 +0000 -+++ b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S 2011-12-22 18:05:05.155229737 +0000 -@@ -23,7 +23,6 @@ - #include - #include - #include --#include - - #include - -@@ -137,14 +136,11 @@ __pthread_cond_wait: - cmpl $PI_BIT, %eax - jne 61f - --90: - movl $(FUTEX_WAIT_REQUEUE_PI|FUTEX_PRIVATE_FLAG), %esi - movl $SYS_futex, %eax - syscall - - movl $1, %r8d -- cmpq $-EAGAIN, %rax -- je 91f - #ifdef __ASSUME_REQUEUE_PI - jmp 62f - #else -@@ -331,70 +327,6 @@ __pthread_cond_wait: - - 13: movq %r10, %rax - jmp 14b -- --91: --.LcleanupSTART2: -- /* FUTEX_WAIT_REQUEUE_PI returned EAGAIN. We need to -- call it again. */ -- movq 8(%rsp), %rdi -- -- /* Get internal lock. */ -- movl $1, %esi -- xorl %eax, %eax -- LOCK --#if cond_lock == 0 -- cmpxchgl %esi, (%rdi) --#else -- cmpxchgl %esi, cond_lock(%rdi) --#endif -- jz 92f -- --#if cond_lock != 0 -- addq $cond_lock, %rdi --#endif -- cmpq $-1, dep_mutex-cond_lock(%rdi) -- movl $LLL_PRIVATE, %eax -- movl $LLL_SHARED, %esi -- cmovne %eax, %esi -- callq __lll_lock_wait --#if cond_lock != 0 -- subq $cond_lock, %rdi --#endif --92: -- /* Increment the cond_futex value again, so it can be used as a new -- expected value. */ -- incl cond_futex(%rdi) -- movl cond_futex(%rdi), %edx -- -- /* Release internal lock. */ -- LOCK --#if cond_lock == 0 -- decl (%rdi) --#else -- decl cond_lock(%rdi) --#endif -- jz 93f -- --#if cond_lock != 0 -- addq $cond_lock, %rdi --#endif -- cmpq $-1, dep_mutex-cond_lock(%rdi) -- movl $LLL_PRIVATE, %eax -- movl $LLL_SHARED, %esi -- cmovne %eax, %esi -- /* The call preserves %rdx. */ -- callq __lll_unlock_wake --#if cond_lock != 0 -- subq $cond_lock, %rdi --#endif --93: -- /* Set the rest of SYS_futex args for FUTEX_WAIT_REQUEUE_PI. */ -- xorq %r10, %r10 -- movq dep_mutex(%rdi), %r8 -- leaq cond_futex(%rdi), %rdi -- jmp 90b --.LcleanupEND2: -- - .size __pthread_cond_wait, .-__pthread_cond_wait - versioned_symbol (libpthread, __pthread_cond_wait, pthread_cond_wait, - GLIBC_2_3_2) -@@ -547,15 +479,11 @@ __condvar_cleanup1: - .uleb128 .LcleanupSTART-.LSTARTCODE - .uleb128 .LcleanupEND-.LcleanupSTART - .uleb128 __condvar_cleanup1-.LSTARTCODE -- .uleb128 0 -- .uleb128 .LcleanupSTART2-.LSTARTCODE -- .uleb128 .LcleanupEND2-.LcleanupSTART2 -- .uleb128 __condvar_cleanup1-.LSTARTCODE -- .uleb128 0 -+ .uleb128 0 - .uleb128 .LcallUR-.LSTARTCODE - .uleb128 .LENDCODE-.LcallUR - .uleb128 0 -- .uleb128 0 -+ .uleb128 0 - .Lcstend: - diff --git a/source/l/glibc/glibc-2.15.nscd-race-fix.diff b/source/l/glibc/glibc-2.15.nscd-race-fix.diff deleted file mode 100644 index f1323570..00000000 --- a/source/l/glibc/glibc-2.15.nscd-race-fix.diff +++ /dev/null @@ -1,47 +0,0 @@ ---- c/nscd/nscd_gethst_r.c 2012-01-01 05:16:32.000000000 -0700 -+++ c/nscd/nscd_gethst_r.c 2012-03-28 10:45:51.546600822 -0600 -@@ -101,9 +101,27 @@ libc_freeres_fn (hst_map_free) - uint32_t - __nscd_get_nl_timestamp (void) - { -+ uint32_t retval; - if (__nss_not_use_nscd_hosts != 0) - return 0; - -+ int cnt = 0; -+ /* __nscd_get_mapping can change hst_map_handle.mapped to NO_MAPPING. -+ However, __nscd_get_mapping assumes the prior value was not NO_MAPPING. -+ Thus we have to acquire the lock to prevent this thread from changing -+ hst_map_handle.mapped to NO_MAPPING while another thread is inside -+ __nscd_get_mapping. */ -+ while (__builtin_expect -+ (atomic_compare_and_exchange_val_acq (&__hst_map_handle.lock, -+ 1, 0) != 0, 0)) -+ { -+ // XXX Best number of rounds? -+ if (__builtin_expect (++cnt > 5, 0)) -+ return 0; -+ -+ atomic_delay (); -+ } -+ - struct mapped_database *map = __hst_map_handle.mapped; - - if (map == NULL -@@ -113,9 +131,14 @@ __nscd_get_nl_timestamp (void) - map = __nscd_get_mapping (GETFDHST, "hosts", &__hst_map_handle.mapped); - - if (map == NO_MAPPING) -- return 0; -+ retval = 0; -+ else -+ retval = map->head->extra_data[NSCD_HST_IDX_CONF_TIMESTAMP]; -+ -+ /* Release the lock. */ -+ __hst_map_handle.lock = 0; - -- return map->head->extra_data[NSCD_HST_IDX_CONF_TIMESTAMP]; -+ return retval; - } - - diff --git a/source/l/glibc/glibc.CVE-2013-0242.diff b/source/l/glibc/glibc.CVE-2013-0242.diff new file mode 100644 index 00000000..e35a0bce --- /dev/null +++ b/source/l/glibc/glibc.CVE-2013-0242.diff @@ -0,0 +1,189 @@ +From libc-alpha-return-36620-listarch-libc-alpha=sources dot redhat dot com at sourceware dot org Tue Jan 29 16:13:50 2013 +Return-Path: +Delivered-To: listarch-libc-alpha at sources dot redhat dot com +Received: (qmail 32082 invoked by alias); 29 Jan 2013 16:13:48 -0000 +Received: (qmail 32049 invoked by uid 22791); 29 Jan 2013 16:13:43 -0000 +X-SWARE-Spam-Status: No, hits=-5.2 required=5.0 + tests=AWL,BAYES_00,KHOP_RCVD_UNTRUST,RCVD_IN_DNSWL_HI,RP_MATCHES_RCVD,TW_BK +X-Spam-Check-By: sourceware.org +From: Andreas Schwab +To: libc-alpha at sourceware dot org +Subject: [PATCH] Fix buffer overrun in regexp matcher +X-Yow: Are you selling NYLON OIL WELLS?? If so, we can use TWO DOZEN!! +Date: Tue, 29 Jan 2013 17:13:35 +0100 +Message-ID: +User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.2.92 (gnu/linux) +MIME-Version: 1.0 +Content-Type: text/plain; charset=utf-8 +Content-Transfer-Encoding: 8bit +Mailing-List: contact libc-alpha-help at sourceware dot org; run by ezmlm +Precedence: bulk +List-Id: +List-Subscribe: +List-Archive: +List-Post: +List-Help: , +Sender: libc-alpha-owner at sourceware dot org +Delivered-To: mailing list libc-alpha at sourceware dot org + +When extending regex buffers, make sure we allocate enough room for the +state log. Merely doubling the space may not be enough if the current +node has accepted a long run of characters. This part of the code only +triggers with multibyte characters. + +Andreas. + + [BZ #15078] + * posix/regexec.c (extend_buffers): Add parameter min_len. + (check_matching): Pass minimum needed length. + (clean_state_log_if_needed): Likewise. + (get_subexp): Likewise. + * posix/Makefile (tests): Add bug-regex34. + (bug-regex34-ENV): Define. + * posix/bug-regex34.c: New file. + +diff --git a/posix/Makefile b/posix/Makefile +index 57672d8..6ceb440 100644 +--- a/posix/Makefile ++++ b/posix/Makefile +@@ -86,7 +86,7 @@ tests := tstgetopt testfnm runtests runptests \ + tst-rfc3484-3 \ + tst-getaddrinfo3 tst-fnmatch2 tst-cpucount tst-cpuset \ + bug-getopt1 bug-getopt2 bug-getopt3 bug-getopt4 \ +- bug-getopt5 tst-getopt_long1 ++ bug-getopt5 tst-getopt_long1 bug-regex34 + xtests := bug-ga2 + ifeq (yes,$(build-shared)) + test-srcs := globtest +@@ -199,6 +199,7 @@ bug-regex26-ENV = LOCPATH=$(common-objpfx)localedata + bug-regex30-ENV = LOCPATH=$(common-objpfx)localedata + bug-regex32-ENV = LOCPATH=$(common-objpfx)localedata + bug-regex33-ENV = LOCPATH=$(common-objpfx)localedata ++bug-regex34-ENV = LOCPATH=$(common-objpfx)localedata + tst-rxspencer-ARGS = --utf8 rxspencer/tests + tst-rxspencer-ENV = LOCPATH=$(common-objpfx)localedata + tst-pcre-ARGS = PCRE.tests +diff --git a/posix/bug-regex34.c b/posix/bug-regex34.c +new file mode 100644 +index 0000000..bb3b613 +--- /dev/null ++++ b/posix/bug-regex34.c +@@ -0,0 +1,46 @@ ++/* Test re_search with multi-byte characters in UTF-8. ++ Copyright (C) 2013 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#define _GNU_SOURCE 1 ++#include ++#include ++#include ++#include ++ ++static int ++do_test (void) ++{ ++ struct re_pattern_buffer r; ++ /* ????????x */ ++ const char *s = "\xe1\x80\x80\xe1\x80\xbb\xe1\x80\xbd\xe1\x80\x94\xe1\x80\xba\xe1\x80\xaf\xe1\x80\x95\xe1\x80\xbax"; ++ ++ if (setlocale (LC_ALL, "en_US.UTF-8") == NULL) ++ { ++ puts ("setlocale failed"); ++ return 1; ++ } ++ memset (&r, 0, sizeof (r)); ++ ++ re_compile_pattern ("[^x]x", 5, &r); ++ /* This was triggering a buffer overflow. */ ++ re_search (&r, s, strlen (s), 0, strlen (s), 0); ++ return 0; ++} ++ ++#define TEST_FUNCTION do_test () ++#include "../test-skeleton.c" +diff --git a/posix/regexec.c b/posix/regexec.c +index 7f2de85..5ca2bf6 100644 +--- a/posix/regexec.c ++++ b/posix/regexec.c +@@ -197,7 +197,7 @@ static int group_nodes_into_DFAstates (const re_dfa_t *dfa, + static int check_node_accept (const re_match_context_t *mctx, + const re_token_t *node, int idx) + internal_function; +-static reg_errcode_t extend_buffers (re_match_context_t *mctx) ++static reg_errcode_t extend_buffers (re_match_context_t *mctx, int min_len) + internal_function; + + /* Entry point for POSIX code. */ +@@ -1160,7 +1160,7 @@ check_matching (re_match_context_t *mctx, int fl_longest_match, + || (BE (next_char_idx >= mctx->input.valid_len, 0) + && mctx->input.valid_len < mctx->input.len)) + { +- err = extend_buffers (mctx); ++ err = extend_buffers (mctx, next_char_idx + 1); + if (BE (err != REG_NOERROR, 0)) + { + assert (err == REG_ESPACE); +@@ -1738,7 +1738,7 @@ clean_state_log_if_needed (re_match_context_t *mctx, int next_state_log_idx) + && mctx->input.valid_len < mctx->input.len)) + { + reg_errcode_t err; +- err = extend_buffers (mctx); ++ err = extend_buffers (mctx, next_state_log_idx + 1); + if (BE (err != REG_NOERROR, 0)) + return err; + } +@@ -2792,7 +2792,7 @@ get_subexp (re_match_context_t *mctx, int bkref_node, int bkref_str_idx) + if (bkref_str_off >= mctx->input.len) + break; + +- err = extend_buffers (mctx); ++ err = extend_buffers (mctx, bkref_str_off + 1); + if (BE (err != REG_NOERROR, 0)) + return err; + +@@ -4102,7 +4102,7 @@ check_node_accept (const re_match_context_t *mctx, const re_token_t *node, + + static reg_errcode_t + internal_function __attribute_warn_unused_result__ +-extend_buffers (re_match_context_t *mctx) ++extend_buffers (re_match_context_t *mctx, int min_len) + { + reg_errcode_t ret; + re_string_t *pstr = &mctx->input; +@@ -4111,8 +4111,10 @@ extend_buffers (re_match_context_t *mctx) + if (BE (INT_MAX / 2 / sizeof (re_dfastate_t *) <= pstr->bufs_len, 0)) + return REG_ESPACE; + +- /* Double the lengthes of the buffers. */ +- ret = re_string_realloc_buffers (pstr, MIN (pstr->len, pstr->bufs_len * 2)); ++ /* Double the lengthes of the buffers, but allocate at least MIN_LEN. */ ++ ret = re_string_realloc_buffers (pstr, ++ MAX (min_len, ++ MIN (pstr->len, pstr->bufs_len * 2))); + if (BE (ret != REG_NOERROR, 0)) + return ret; + +-- +1.8.1.2 + + +-- +Andreas Schwab, SUSE Labs, schwab@suse.de +GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE 1748 E4D4 88E3 0EEA B9D7 +"And now for something completely different." + + diff --git a/source/l/glibc/glibc.CVE-2013-1914.diff b/source/l/glibc/glibc.CVE-2013-1914.diff new file mode 100644 index 00000000..fc844829 --- /dev/null +++ b/source/l/glibc/glibc.CVE-2013-1914.diff @@ -0,0 +1,53 @@ +From: Andreas Schwab +Date: Thu, 21 Mar 2013 14:50:27 +0000 (+0100) +Subject: Fix stack overflow in getaddrinfo with many results +X-Git-Url: http://sourceware.org/git/?p=glibc.git;a=commitdiff_plain;h=1cef1b19089528db11f221e938f60b9b048945d7 + +Fix stack overflow in getaddrinfo with many results +--- + +diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c +index d95c2d1..2309281 100644 +--- a/sysdeps/posix/getaddrinfo.c ++++ b/sysdeps/posix/getaddrinfo.c +@@ -2489,11 +2489,27 @@ getaddrinfo (const char *name, const char *service, + __typeof (once) old_once = once; + __libc_once (once, gaiconf_init); + /* Sort results according to RFC 3484. */ +- struct sort_result results[nresults]; +- size_t order[nresults]; ++ struct sort_result *results; ++ size_t *order; + struct addrinfo *q; + struct addrinfo *last = NULL; + char *canonname = NULL; ++ bool malloc_results; ++ ++ malloc_results ++ = !__libc_use_alloca (nresults * (sizeof (*results) + sizeof (size_t))); ++ if (malloc_results) ++ { ++ results = malloc (nresults * (sizeof (*results) + sizeof (size_t))); ++ if (results == NULL) ++ { ++ __free_in6ai (in6ai); ++ return EAI_MEMORY; ++ } ++ } ++ else ++ results = alloca (nresults * (sizeof (*results) + sizeof (size_t))); ++ order = (size_t *) (results + nresults); + + /* Now we definitely need the interface information. */ + if (! check_pf_called) +@@ -2664,6 +2680,9 @@ getaddrinfo (const char *name, const char *service, + + /* Fill in the canonical name into the new first entry. */ + p->ai_canonname = canonname; ++ ++ if (malloc_results) ++ free (results); + } + + __free_in6ai (in6ai); + diff --git a/source/l/glibc/glibc.CVE-2013-2207.diff b/source/l/glibc/glibc.CVE-2013-2207.diff new file mode 100644 index 00000000..c43ccf5c --- /dev/null +++ b/source/l/glibc/glibc.CVE-2013-2207.diff @@ -0,0 +1,241 @@ +From 5d96012d9978efe4bad88a38e2efcbeada9f7585 Mon Sep 17 00:00:00 2001 +From: mancha +Date: Thu, 22 Aug 2013 +Subject: CVE-2013-2207, BZ #15755: Disable pt_chown. + +Using the setuid installed pt_chown and a weak check on whether a file +descriptor is a tty, an attacker could fake a pty check using FUSE and +trick pt_chown to grant ownership of a pty descriptor that the current +user does not own. It cannot access /dev/pts/ptmx however. + +Pre-conditions for the attack: + + * Attacker with local user account + * Kernel with FUSE support + * "user_allow_other" in /etc/fuse.conf + * Victim with allocated slave in /dev/pts + +In most modern distributions pt_chown is not needed because devpts +is enabled by default. The fix for this CVE is to disable building +and using pt_chown by default. We still provide a configure option +to enable the use of pt_chown but distributions do so at their own +risk. + +--- +This patch was adapted for glibc 2.17 point release from: +http://sourceware.org/git/?p=glibc.git;a=commit;h=e4608715e6e1 +--- + + INSTALL | 12 ++++++++++++ + config.h.in | 3 +++ + config.make.in | 1 + + configure | 15 +++++++++++++++ + configure.in | 10 ++++++++++ + login/Makefile | 8 +++++++- + manual/install.texi | 14 ++++++++++++++ + sysdeps/unix/grantpt.c | 8 +++++--- + sysdeps/unix/sysv/linux/grantpt.c | 5 +++-- + 9 files changed, 70 insertions(+), 6 deletions(-) +--- + +--- a/INSTALL ++++ b/INSTALL +@@ -128,6 +128,18 @@ will be used, and CFLAGS sets optimizati + this can be prevented though there generally is no reason since it + creates compatibility problems. + ++`--enable-pt_chown' ++ The file `pt_chown' is a helper binary for `grantpt' (*note ++ Pseudo-Terminals: Allocation.) that is installed setuid root to ++ fix up pseudo-terminal ownership. It is not built by default ++ because systems using the Linux kernel are commonly built with the ++ `devpts' filesystem enabled and mounted at `/dev/pts', which ++ manages pseudo-terminal ownership automatically. By using ++ `--enable-pt_chown', you may build `pt_chown' and install it ++ setuid and owned by `root'. The use of `pt_chown' introduces ++ additional security risks to the system and you should enable it ++ only if you understand and accept those risks. ++ + `--build=BUILD-SYSTEM' + `--host=HOST-SYSTEM' + These options are for cross-compiling. If you specify both +--- a/config.h.in ++++ b/config.h.in +@@ -232,4 +232,7 @@ + /* The ARM hard-float ABI is being used. */ + #undef HAVE_ARM_PCS_VFP + ++/* The pt_chown binary is being built and used by grantpt. */ ++#undef HAVE_PT_CHOWN ++ + #endif +--- a/config.make.in ++++ b/config.make.in +@@ -101,6 +101,7 @@ force-install = @force_install@ + link-obsolete-rpc = @link_obsolete_rpc@ + build-nscd = @build_nscd@ + use-nscd = @use_nscd@ ++build-pt-chown = @build_pt_chown@ + + # Build tools. + CC = @CC@ +--- a/configure ++++ b/configure +@@ -653,6 +653,7 @@ multi_arch + base_machine + add_on_subdirs + add_ons ++build_pt_chown + build_nscd + link_obsolete_rpc + libc_cv_nss_crypt +@@ -759,6 +760,7 @@ enable_obsolete_rpc + enable_systemtap + enable_build_nscd + enable_nscd ++enable_pt_chown + with_cpu + ' + ac_precious_vars='build_alias +@@ -1419,6 +1421,7 @@ Optional Features: + --enable-systemtap enable systemtap static probe points [default=no] + --disable-build-nscd disable building and installing the nscd daemon + --disable-nscd library functions will not contact the nscd daemon ++ --enable-pt_chown Enable building and installing pt_chown + + Optional Packages: + --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] +@@ -3933,6 +3936,18 @@ else + use_nscd=yes + fi + ++# Check whether --enable-pt_chown was given. ++if test "${enable_pt_chown+set}" = set; then : ++ enableval=$enable_pt_chown; build_pt_chown=$enableval ++else ++ build_pt_chown=no ++fi ++ ++ ++if test $build_pt_chown = yes; then ++ $as_echo "#define HAVE_PT_CHOWN 1" >>confdefs.h ++ ++fi + + # The way shlib-versions is used to generate soversions.mk uses a + # fairly simplistic model for name recognition that can't distinguish +--- a/configure.in ++++ b/configure.in +@@ -315,6 +315,16 @@ AC_ARG_ENABLE([nscd], + [use_nscd=$enableval], + [use_nscd=yes]) + ++AC_ARG_ENABLE([pt_chown], ++ [AS_HELP_STRING([--enable-pt_chown], ++ [Enable building and installing pt_chown])], ++ [build_pt_chown=$enableval], ++ [build_pt_chown=no]) ++AC_SUBST(build_pt_chown) ++if test $build_pt_chown = yes; then ++ AC_DEFINE(HAVE_PT_CHOWN) ++fi ++ + # The way shlib-versions is used to generate soversions.mk uses a + # fairly simplistic model for name recognition that can't distinguish + # i486-pc-linux-gnu fully from i486-pc-gnu. So we mutate a $host_os +--- a/login/Makefile ++++ b/login/Makefile +@@ -29,9 +29,15 @@ routines := getutent getutent_r getutid + + CFLAGS-grantpt.c = -DLIBEXECDIR='"$(libexecdir)"' + +-others = utmpdump pt_chown ++others = utmpdump ++ ++include ../Makeconfig ++ ++ifeq (yes,$(build-pt-chown)) ++others += pt_chown + others-pie = pt_chown + install-others-programs = $(inst_libexecdir)/pt_chown ++endif + + subdir-dirs = programs + vpath %.c programs +--- a/manual/install.texi ++++ b/manual/install.texi +@@ -155,6 +155,20 @@ if the used tools support it. By using + prevented though there generally is no reason since it creates + compatibility problems. + ++@pindex pt_chown ++@findex grantpt ++@item --enable-pt_chown ++The file @file{pt_chown} is a helper binary for @code{grantpt} ++(@pxref{Allocation, Pseudo-Terminals}) that is installed setuid root to ++fix up pseudo-terminal ownership. It is not built by default because ++systems using the Linux kernel are commonly built with the @code{devpts} ++filesystem enabled and mounted at @file{/dev/pts}, which manages ++pseudo-terminal ownership automatically. By using ++@samp{--enable-pt_chown}, you may build @file{pt_chown} and install it ++setuid and owned by @code{root}. The use of @file{pt_chown} introduces ++additional security risks to the system and you should enable it only if ++you understand and accept those risks. ++ + @item --build=@var{build-system} + @itemx --host=@var{host-system} + These options are for cross-compiling. If you specify both options and +--- a/sysdeps/unix/grantpt.c ++++ b/sysdeps/unix/grantpt.c +@@ -173,9 +173,10 @@ grantpt (int fd) + retval = 0; + goto cleanup; + +- /* We have to use the helper program. */ ++ /* We have to use the helper program if it is available.. */ + helper:; + ++#ifdef HAVE_PT_CHOWN + pid_t pid = __fork (); + if (pid == -1) + goto cleanup; +@@ -190,9 +191,9 @@ grantpt (int fd) + if (__dup2 (fd, PTY_FILENO) < 0) + _exit (FAIL_EBADF); + +-#ifdef CLOSE_ALL_FDS ++# ifdef CLOSE_ALL_FDS + CLOSE_ALL_FDS (); +-#endif ++# endif + + execle (_PATH_PT_CHOWN, basename (_PATH_PT_CHOWN), NULL, NULL); + _exit (FAIL_EXEC); +@@ -231,6 +232,7 @@ grantpt (int fd) + assert(! "getpt: internal error: invalid exit code from pt_chown"); + } + } ++#endif + + cleanup: + if (buf != _buf) +--- a/sysdeps/unix/sysv/linux/grantpt.c ++++ b/sysdeps/unix/sysv/linux/grantpt.c +@@ -11,7 +11,7 @@ + + #include "pty-private.h" + +- ++#if HAVE_PT_CHOWN + /* Close all file descriptors except the one specified. */ + static void + close_all_fds (void) +@@ -38,6 +38,7 @@ close_all_fds (void) + __dup2 (STDOUT_FILENO, STDERR_FILENO); + } + } +-#define CLOSE_ALL_FDS() close_all_fds() ++# define CLOSE_ALL_FDS() close_all_fds() ++#endif + + #include diff --git a/source/l/glibc/glibc.CVE-2013-4332.diff b/source/l/glibc/glibc.CVE-2013-4332.diff new file mode 100644 index 00000000..9f7f5886 --- /dev/null +++ b/source/l/glibc/glibc.CVE-2013-4332.diff @@ -0,0 +1,64 @@ +From 0d6085cb1b4330b835ad08a3ec8f80b30f0cadb4 Mon Sep 17 00:00:00 2001 +From: mancha +Date: Wed, 11 Sep 2013 +Subject: CVE-2013-4332 + +malloc: Check for integer overflow in pvalloc, valloc, and memalign. + +A large bytes parameter to pvalloc, valloc, or memalign could cause +an integer overflow and corrupt allocator internals. Check the +overflow does not occur before continuing with the allocation. + +Note: This is a backport to glibc 2.17 of the following three commits: + * https://sourceware.org/git/?p=glibc.git;a=commit;h=1159a193696a + * https://sourceware.org/git/?p=glibc.git;a=commit;h=55e17aadc1ef + * https://sourceware.org/git/?p=glibc.git;a=commit;h=b73ed247781d +--- + +malloc.c | 21 +++++++++++++++++++++ + 1 file changed, 21 insertions(+) + +--- a/malloc/malloc.c ++++ b/malloc/malloc.c +@@ -3020,6 +3020,13 @@ __libc_memalign(size_t alignment, size_t + /* Otherwise, ensure that it is at least a minimum chunk size */ + if (alignment < MINSIZE) alignment = MINSIZE; + ++ /* Check for overflow. */ ++ if (bytes > SIZE_MAX - alignment - MINSIZE) ++ { ++ __set_errno (ENOMEM); ++ return 0; ++ } ++ + arena_get(ar_ptr, bytes + alignment + MINSIZE); + if(!ar_ptr) + return 0; +@@ -3051,6 +3058,13 @@ __libc_valloc(size_t bytes) + + size_t pagesz = GLRO(dl_pagesize); + ++ /* Check for overflow. */ ++ if (bytes > SIZE_MAX - pagesz - MINSIZE) ++ { ++ __set_errno (ENOMEM); ++ return 0; ++ } ++ + __malloc_ptr_t (*hook) __MALLOC_PMT ((size_t, size_t, + const __malloc_ptr_t)) = + force_reg (__memalign_hook); +@@ -3088,6 +3102,13 @@ __libc_pvalloc(size_t bytes) + size_t page_mask = GLRO(dl_pagesize) - 1; + size_t rounded_bytes = (bytes + page_mask) & ~(page_mask); + ++ /* Check for overflow. */ ++ if (bytes > SIZE_MAX - 2*pagesz - MINSIZE) ++ { ++ __set_errno (ENOMEM); ++ return 0; ++ } ++ + __malloc_ptr_t (*hook) __MALLOC_PMT ((size_t, size_t, + const __malloc_ptr_t)) = + force_reg (__memalign_hook); diff --git a/source/l/glibc/glibc.SlackBuild b/source/l/glibc/glibc.SlackBuild index 0ab9e714..c97559ee 100755 --- a/source/l/glibc/glibc.SlackBuild +++ b/source/l/glibc/glibc.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2006, 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2006, 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,7 +22,7 @@ ## build glibc-$VERSION for Slackware -VERSION=${VERSION:-2.15} +VERSION=${VERSION:-2.17} CHECKOUT=${CHECKOUT:-""} BUILD=${BUILD:-7} @@ -30,6 +30,9 @@ BUILD=${BUILD:-7} ## glibc-libidn version #LIBIDNVER=2.10.1 +# I was considering disabling NSCD, but MoZes talked me out of it. :) +#DISABLE_NSCD=" --disable-nscd " + # $ARCH may be preset, otherwise i486 compatibility with i686 binary # structuring is the Slackware default, since this is what gcc-3.2+ # requires for binary compatibility with previous releases. @@ -134,13 +137,6 @@ fix_doinst() { # This is a patch function to put all glibc patches in the build script # up near the top. apply_patches() { - # Reexport the RPC interfaces that were removed in glibc-2.14. - # Sure, it's crufy code, but stuff needs it, so rather than pull the - # rug out from under you, we'll just humbly recommend that you consider - # transitioning away from it... :-) - zcat $CWD/glibc-2.14-reexport-rpc-interface.patch.gz | patch -p1 --verbose || exit 1 - # Add back the NIS and RPC headers: - zcat $CWD/glibc-2.14-reinstall-nis-rpc-headers.patch.gz | patch -p1 --verbose || exit 1 # Use old-style locale directories rather than a single (and strangely # formatted) /usr/lib/locale/locale-archive file: zcat $CWD/glibc.locale.no-archive.diff.gz | patch -p1 --verbose || exit 1 @@ -172,32 +168,27 @@ apply_patches() { # Avoid the Intel optimized asm routines for now because they break # the flash player. We'll phase this in when it's safer to do so. zcat $CWD/glibc.disable.broken.optimized.memcpy.diff.gz | patch -p1 --verbose || exit 1 - # Upstream fixes to avert Firefox crashes: (still applies to 2.15... probably better not to drop it) - zcat $CWD/glibc-2.14.1-fixes-1.patch.gz | patch -p1 --verbose || exit 1 - # Upstream patch to fix relocation sorting related crashes: - zcat $CWD/glibc.git-6ee65ed6ddbf04402fad0bec6aa9c73b9d982ae4.diff.gz | patch -p1 --verbose || exit 1 - # Upstream patch to fix crashes when nscd is not running: - zcat $CWD/glibc-2.15.nscd-race-fix.diff.gz | patch -p1 --verbose || exit 1 - # Revert a patch that went into 2.15 that causes NPTL related crashes: - zcat $CWD/glibc-2.15-revert-c5a0802a.diff.gz | patch -p1 --verbose || exit 1 - # Patch integer overflows in strtod*() functions: - zcat $CWD/glibc.strtod.CVE-2012-3480.diff.gz | patch -p1 --verbose || exit 1 - # Update the timezone information: - ( cd timezone - tar xzf $CWD/tzdata?????.tar.gz - chown root:root * - mv yearistype.sh yearistype - chmod 644 * - chmod 755 yearistype - mkdir tzcode - cd tzcode - tar xzf $CWD/tzcode?????.tar.gz - # A partial build is needed here to update TZVERSION in version.h: - make -i - chown -R root:root . - chmod 644 * - cp -a *.c *.h .. - ) + # Fix buffer overrun in regexp matcher. This bug is deemed low impact since + # the buffer contents cannot be controlled, but could lead to a crash. + zcat $CWD/glibc.CVE-2013-0242.diff.gz | patch -p1 --verbose || exit 1 + # Fix stack overflow in getaddrinfo with many results. This bug can only be + # triggered through DNS poisoning or through the use of a hostile DNS + # server (in which case you already have problems), and requires large + # amounts of data to be sent to the targeted machine. May lead to a + # crash. Considered low impact. + zcat $CWD/glibc.CVE-2013-1914.diff.gz | patch -p1 --verbose || exit 1 + # Remove pt_chown by default, as it can be used for a local privilege + # escalation. However, although this is worth patching in the -current + # version, it requires a non-default (and known to weaken security) setting + # for FUSE. Additionally, the patch is not portable to older versions of + # glibc (but thanks Mancha for porting it to 2.17!). On older versions + # of glibc, making /usr/libexec/pt_chown a symlink to /bin/true will + # provide the same fix, if needed. But the insecure setting for FUSE + # probably opens up many other possible exploits and should be avoided. + zcat $CWD/glibc.CVE-2013-2207.diff.gz | patch -p1 --verbose || exit 1 + # Patch integer overflows in pvalloc, valloc, and + # posix_memalign/memalign/aligned_alloc (CVE-2013-4332). + zcat $CWD/glibc.CVE-2013-4332.diff.gz | patch -p1 --verbose || exit 1 } # This is going to be the initial $DESTDIR: @@ -275,10 +266,12 @@ CFLAGS="-g $OPTIMIZ" \ ../configure \ --prefix=/usr \ --libdir=/usr/lib${LIBDIRSUFFIX} \ - --enable-kernel=2.6.32 \ + --enable-kernel=3.2.29 \ --with-headers=/usr/include \ --enable-add-ons=libidn,nptl \ + --enable-obsolete-rpc \ --enable-profile \ + $DISABLE_NSCD \ --infodir=/usr/info \ --mandir=/usr/man \ --with-tls \ @@ -311,6 +304,25 @@ strip -g $PKG/lib${LIBDIRSUFFIX}/l*.so* strip -g $PKG/usr/lib${LIBDIRSUFFIX}/l*.so* strip -g $PKG/usr/lib${LIBDIRSUFFIX}/lib*.a +# Build and install the zoneinfo database: +cd $TMP +rm -rf tzcodedata-build +mkdir tzcodedata-build +cd tzcodedata-build +tar xzf $CWD/tzdata?????.tar.gz +tar xzf $CWD/tzcode?????.tar.gz +sed -i "s,/usr/local,$(pwd),g" Makefile +sed -i "s,/etc/zoneinfo,/zoneinfo,g" Makefile +make +make install +mkdir -p $PKG/usr/share/zoneinfo/{posix,right} +cp -a zoneinfo/* $PKG/usr/share/zoneinfo +cp -a zoneinfo-posix/* $PKG/usr/share/zoneinfo/posix +cp -a zoneinfo-leaps/* $PKG/usr/share/zoneinfo/right +# Remove $PKG/usr/share/zoneinfo/localtime -- the install script will +# create it as a link to /etc/localtime. +rm -f $PKG/usr/share/zoneinfo/localtime + # Back to the sources dir to add some files/docs: cd $TMP/glibc-$CVSVER @@ -320,6 +332,10 @@ mkdir -p $PKG/etc cat nscd/nscd.conf > $PKG/etc/nscd.conf.new # Install some scripts to help select a timezone: +( cd $CWD/timezone-scripts + # Try to rebuild this: + sh output-updated-timeconfig.sh $PKG/usr/share/zoneinfo > timeconfig 2> /dev/null +) mkdir -p $PKG/var/log/setup cp -a $CWD/timezone-scripts/setup.timeconfig $PKG/var/log/setup chown root:root $PKG/var/log/setup/setup.timeconfig @@ -378,7 +394,7 @@ rm $PKG/etc/ld.so.cache # glibc-zoneinfo. We will start with an easy one to avoid breaking a sweat. ;-) cd $CWD -ZONE_VERSIONS="$(echo tzcode* | cut -f1 -d . | cut -b7-11)_$(echo tzdata* | cut -f1 -d . | cut -b7-11)" +ZONE_VERSIONS="$(echo tzdata* | cut -f1 -d . | cut -b7-11)" echo $ZONE_VERSIONS cd $PZONE # Install some scripts to help select a timezone: diff --git a/source/l/glibc/glibc.git-6ee65ed6ddbf04402fad0bec6aa9c73b9d982ae4.diff b/source/l/glibc/glibc.git-6ee65ed6ddbf04402fad0bec6aa9c73b9d982ae4.diff deleted file mode 100644 index e9b3ba40..00000000 --- a/source/l/glibc/glibc.git-6ee65ed6ddbf04402fad0bec6aa9c73b9d982ae4.diff +++ /dev/null @@ -1,322 +0,0 @@ -From 6ee65ed6ddbf04402fad0bec6aa9c73b9d982ae4 Mon Sep 17 00:00:00 2001 -From: Ulrich Drepper -Date: Fri, 27 Jan 2012 15:05:19 -0500 -Subject: [PATCH] Sort objects before relocations - ---- - ChangeLog | 11 ++++ - Makeconfig | 6 ++ - NEWS | 4 +- - elf/Makefile | 15 +++++- - elf/dl-open.c | 128 ++++++++++++++++++++++++++++++++++++------------ - elf/tst-relsort1.c | 19 +++++++ - elf/tst-relsort1mod1.c | 7 +++ - elf/tst-relsort1mod2.c | 7 +++ - 8 files changed, 160 insertions(+), 37 deletions(-) - create mode 100644 elf/tst-relsort1.c - create mode 100644 elf/tst-relsort1mod1.c - create mode 100644 elf/tst-relsort1mod2.c - -#diff --git a/ChangeLog b/ChangeLog -#index 24c9550..2efe17a 100644 -#--- a/ChangeLog -#+++ b/ChangeLog -#@@ -1,3 +1,14 @@ -#+2012-01-27 Ulrich Drepper -#+ -#+ [BZ #13618] -#+ * elf/dl-open.c (dl_open_worker): Sort objects by dependency before -#+ relocation. -#+ * Makeconfig (libm): Define. -#+ * elf/Makefile: Add rules to build and run tst-relsort1. -#+ * elf/tst-relsort1.c: New file. -#+ * elf/tst-relsort1mod1.c: New file. -#+ * elf/tst-relsort1mod2.c: New file. -#+ - 2012-01-26 Joseph Myers - - * crypt/md5.h: Remove __STDC__ conditionals. -diff --git a/Makeconfig b/Makeconfig -index 2db2821..68547b2 100644 ---- a/Makeconfig -+++ b/Makeconfig -@@ -900,6 +900,12 @@ else - libdl = $(common-objpfx)dlfcn/libdl.a - endif - -+ifeq ($(build-shared),yes) -+libm = $(common-objpfx)math/libm.so$(libm.so-version) -+else -+libm = $(common-objpfx)math/libm.a -+endif -+ - # These are the subdirectories containing the library source. The order - # is more or less arbitrary. The sorting step will take care of the - # dependencies. -#diff --git a/NEWS b/NEWS -#index 42e09c1..3b502b7 100644 -#--- a/NEWS -#+++ b/NEWS -#@@ -1,4 +1,4 @@ -#-GNU C Library NEWS -- history of user-visible changes. 2012-1-26 -#+GNU C Library NEWS -- history of user-visible changes. 2012-1-27 - #Copyright (C) 1992-2009, 2010, 2011, 2012 Free Software Foundation, Inc. - #See the end for copying conditions. -# -#@@ -10,7 +10,7 @@ Version 2.16 - #* The following bugs are resolved with this release: -# - #13525, 13526, 13527, 13528, 13529, 13531, 13532, 13533, 13547, 13530, -#- 13551, 13552, 13553, 13555, 13559, 13583 -#+ 13551, 13552, 13553, 13555, 13559, 13583, 13618 -# - #* ISO C11 support: -# -diff --git a/elf/Makefile b/elf/Makefile -index 052e763..3f1772a 100644 ---- a/elf/Makefile -+++ b/elf/Makefile -@@ -124,7 +124,8 @@ distribute := rtld-Rules \ - tst-initordera1.c tst-initordera2.c tst-initorderb1.c \ - tst-initorderb2.c tst-initordera3.c tst-initordera4.c \ - tst-initorder.c \ -- tst-initorder2.c -+ tst-initorder2.c \ -+ tst-relsort1.c tst-relsort1mod1.c tst-relsort1mod2.c - - CFLAGS-dl-runtime.c = -fexceptions -fasynchronous-unwind-tables - CFLAGS-dl-lookup.c = -fexceptions -fasynchronous-unwind-tables -@@ -227,7 +228,7 @@ tests += loadtest restest1 preloadtest loadfail multiload origtest resolvfail \ - tst-audit1 tst-audit2 \ - tst-stackguard1 tst-addr1 tst-thrlock \ - tst-unique1 tst-unique2 tst-unique3 tst-unique4 \ -- tst-initorder tst-initorder2 -+ tst-initorder tst-initorder2 tst-relsort1 - # reldep9 - test-srcs = tst-pathopt - selinux-enabled := $(shell cat /selinux/enforce 2> /dev/null) -@@ -290,7 +291,9 @@ modules-names = testobj1 testobj2 testobj3 testobj4 testobj5 testobj6 \ - tst-initordera1 tst-initorderb1 \ - tst-initordera2 tst-initorderb2 \ - tst-initordera3 tst-initordera4 \ -- tst-initorder2a tst-initorder2b tst-initorder2c tst-initorder2d -+ tst-initorder2a tst-initorder2b tst-initorder2c \ -+ tst-initorder2d \ -+ tst-relsort1mod1 tst-relsort1mod2 - ifeq (yes,$(have-initfini-array)) - modules-names += tst-array2dep tst-array5dep - endif -@@ -1195,3 +1198,9 @@ CFLAGS-tst-auditmod6b.c += $(AVX-CFLAGS) - CFLAGS-tst-auditmod6c.c += $(AVX-CFLAGS) - CFLAGS-tst-auditmod7b.c += $(AVX-CFLAGS) - endif -+ -+$(objpfx)tst-relsort1: $(libdl) -+$(objpfx)tst-relsort1mod1.so: $(libm) $(objpfx)tst-relsort1mod2.so -+$(objpfx)tst-relsort1mod2.so: $(libm) -+$(objpfx)tst-relsort1.out: $(objpfx)tst-relsort1mod1.so \ -+ $(objpfx)tst-relsort1mod2.so -diff --git a/elf/dl-open.c b/elf/dl-open.c -index a0b5c50..a56bdc1 100644 ---- a/elf/dl-open.c -+++ b/elf/dl-open.c -@@ -1,5 +1,5 @@ - /* Load a shared object at runtime, relocate it, and run its initializer. -- Copyright (C) 1996-2007, 2009, 2010, 2011 Free Software Foundation, Inc. -+ Copyright (C) 1996-2007, 2009, 2010, 2011, 2012 Free Software Foundation, Inc. - This file is part of the GNU C Library. - - The GNU C Library is free software; you can redistribute it and/or -@@ -302,45 +302,109 @@ dl_open_worker (void *a) - if (GLRO(dl_lazy)) - reloc_mode |= mode & RTLD_LAZY; - -- /* Relocate the objects loaded. We do this in reverse order so that copy -- relocs of earlier objects overwrite the data written by later objects. */ -- -+ /* Sort the objects by dependency for the relocation process. This -+ allows IFUNC relocations to work and it also means copy -+ relocation of dependencies are if necessary overwritten. */ -+ size_t nmaps = 0; - struct link_map *l = new; -- while (l->l_next) -- l = l->l_next; -- while (1) -+ do -+ { -+ if (! l->l_real->l_relocated) -+ ++nmaps; -+ l = l->l_next; -+ } -+ while (l != NULL); -+ struct link_map *maps[nmaps]; -+ nmaps = 0; -+ l = new; -+ do - { - if (! l->l_real->l_relocated) -+ maps[nmaps++] = l; -+ l = l->l_next; -+ } -+ while (l != NULL); -+ if (nmaps > 1) -+ { -+ char seen[nmaps]; -+ memset (seen, '\0', nmaps); -+ size_t i = 0; -+ while (1) - { --#ifdef SHARED -- if (__builtin_expect (GLRO(dl_profile) != NULL, 0)) -+ ++seen[i]; -+ struct link_map *thisp = maps[i]; -+ -+ /* Find the last object in the list for which the current one is -+ a dependency and move the current object behind the object -+ with the dependency. */ -+ size_t k = nmaps - 1; -+ while (k > i) - { -- /* If this here is the shared object which we want to profile -- make sure the profile is started. We can find out whether -- this is necessary or not by observing the `_dl_profile_map' -- variable. If was NULL but is not NULL afterwars we must -- start the profiling. */ -- struct link_map *old_profile_map = GL(dl_profile_map); -+ struct link_map **runp = maps[k]->l_initfini; -+ if (runp != NULL) -+ /* Look through the dependencies of the object. */ -+ while (*runp != NULL) -+ if (__builtin_expect (*runp++ == thisp, 0)) -+ { -+ /* Move the current object to the back past the last -+ object with it as the dependency. */ -+ memmove (&maps[i], &maps[i + 1], -+ (k - i) * sizeof (maps[0])); -+ maps[k] = thisp; -+ -+ if (seen[i + 1] > 1) -+ { -+ ++i; -+ goto next_clear; -+ } -+ -+ char this_seen = seen[i]; -+ memmove (&seen[i], &seen[i + 1], -+ (k - i) * sizeof (seen[0])); -+ seen[k] = this_seen; -+ -+ goto next; -+ } -+ -+ --k; -+ } - -- _dl_relocate_object (l, l->l_scope, reloc_mode | RTLD_LAZY, 1); -+ if (++i == nmaps) -+ break; -+ next_clear: -+ memset (&seen[i], 0, (nmaps - i) * sizeof (seen[0])); -+ next:; -+ } -+ } - -- if (old_profile_map == NULL && GL(dl_profile_map) != NULL) -- { -- /* We must prepare the profiling. */ -- _dl_start_profile (); -+ for (size_t i = nmaps; i-- > 0; ) -+ { -+ l = maps[i]; - -- /* Prevent unloading the object. */ -- GL(dl_profile_map)->l_flags_1 |= DF_1_NODELETE; -- } -+#ifdef SHARED -+ if (__builtin_expect (GLRO(dl_profile) != NULL, 0)) -+ { -+ /* If this here is the shared object which we want to profile -+ make sure the profile is started. We can find out whether -+ this is necessary or not by observing the `_dl_profile_map' -+ variable. If it was NULL but is not NULL afterwars we must -+ start the profiling. */ -+ struct link_map *old_profile_map = GL(dl_profile_map); -+ -+ _dl_relocate_object (l, l->l_scope, reloc_mode | RTLD_LAZY, 1); -+ -+ if (old_profile_map == NULL && GL(dl_profile_map) != NULL) -+ { -+ /* We must prepare the profiling. */ -+ _dl_start_profile (); -+ -+ /* Prevent unloading the object. */ -+ GL(dl_profile_map)->l_flags_1 |= DF_1_NODELETE; - } -- else --#endif -- _dl_relocate_object (l, l->l_scope, reloc_mode, 0); - } -- -- if (l == new) -- break; -- l = l->l_prev; -+ else -+#endif -+ _dl_relocate_object (l, l->l_scope, reloc_mode, 0); - } - - /* If the file is not loaded now as a dependency, add the search -diff --git a/elf/tst-relsort1.c b/elf/tst-relsort1.c -new file mode 100644 -index 0000000..972100c ---- /dev/null -+++ b/elf/tst-relsort1.c -@@ -0,0 +1,19 @@ -+#include -+#include -+ -+ -+static int -+do_test () -+{ -+ const char lib[] = "$ORIGIN/tst-relsort1mod1.so"; -+ void *h = dlopen (lib, RTLD_NOW); -+ if (h == NULL) -+ { -+ puts (dlerror ()); -+ return 1; -+ } -+ return 0; -+} -+ -+#define TEST_FUNCTION do_test () -+#include "../test-skeleton.c" -diff --git a/elf/tst-relsort1mod1.c b/elf/tst-relsort1mod1.c -new file mode 100644 -index 0000000..9e4a943 ---- /dev/null -+++ b/elf/tst-relsort1mod1.c -@@ -0,0 +1,7 @@ -+extern int foo (double); -+ -+int -+bar (void) -+{ -+ return foo (1.2); -+} -diff --git a/elf/tst-relsort1mod2.c b/elf/tst-relsort1mod2.c -new file mode 100644 -index 0000000..a2c3e55 ---- /dev/null -+++ b/elf/tst-relsort1mod2.c -@@ -0,0 +1,7 @@ -+#include -+ -+int -+foo (double d) -+{ -+ return floor (d) != 0.0; -+} --- -1.7.3.4 - diff --git a/source/l/glibc/glibc.strtod.CVE-2012-3480.diff b/source/l/glibc/glibc.strtod.CVE-2012-3480.diff deleted file mode 100644 index 7a7bdeb7..00000000 --- a/source/l/glibc/glibc.strtod.CVE-2012-3480.diff +++ /dev/null @@ -1,407 +0,0 @@ -From 8a780f7f68a1cd4c575bb17973a9e18826b05ef9 Mon Sep 17 00:00:00 2001 -From: Joseph Myers -Date: Mon, 27 Aug 2012 15:59:24 +0000 -Subject: [PATCH 1/1] Fix strtod integer/buffer overflow (bug 14459). - (cherry picked from commit d6e70f4368533224e66d10b7f2126b899a3fd5e4) - -Conflicts: - - ChangeLog - NEWS - stdlib/Makefile ---- - ChangeLog | 17 +++++ - NEWS | 2 +- - stdlib/Makefile | 2 +- - stdlib/strtod_l.c | 142 ++++++++++++++++++++++++++++++++--------- - stdlib/tst-strtod-overflow.c | 48 ++++++++++++++ - 5 files changed, 178 insertions(+), 33 deletions(-) - create mode 100644 stdlib/tst-strtod-overflow.c - -diff --git a/stdlib/Makefile b/stdlib/Makefile -index 04c6ac5..b55f573 100644 ---- a/stdlib/Makefile -+++ b/stdlib/Makefile -@@ -71,7 +71,7 @@ tests := tst-strtol tst-strtod testmb testrand testsort testdiv \ - tst-atof1 tst-atof2 tst-strtod2 tst-strtod3 tst-rand48-2 \ - tst-makecontext tst-strtod4 tst-strtod5 tst-qsort2 \ - tst-makecontext2 tst-strtod6 tst-unsetenv1 \ -- tst-makecontext3 bug-getcontext -+ tst-makecontext3 bug-getcontext tst-strtod-overflow - - include ../Makeconfig - -diff --git a/stdlib/strtod_l.c b/stdlib/strtod_l.c -index f24d4de..0deaebf 100644 ---- a/stdlib/strtod_l.c -+++ b/stdlib/strtod_l.c -@@ -62,6 +62,7 @@ extern unsigned long long int ____strtoull_l_internal (const char *, char **, - #include - #include - #include -+#include - - /* The gmp headers need some configuration frobs. */ - #define HAVE_ALLOCA 1 -@@ -74,7 +75,6 @@ extern unsigned long long int ____strtoull_l_internal (const char *, char **, - #include "longlong.h" - #include "fpioconst.h" - --#define NDEBUG 1 - #include - - -@@ -176,19 +176,19 @@ extern const mp_limb_t _tens_in_limb[MAX_DIG_PER_LIMB + 1]; - /* Return a floating point number of the needed type according to the given - multi-precision number after possible rounding. */ - static FLOAT --round_and_return (mp_limb_t *retval, int exponent, int negative, -+round_and_return (mp_limb_t *retval, intmax_t exponent, int negative, - mp_limb_t round_limb, mp_size_t round_bit, int more_bits) - { - if (exponent < MIN_EXP - 1) - { -- mp_size_t shift = MIN_EXP - 1 - exponent; -- -- if (shift > MANT_DIG) -+ if (exponent < MIN_EXP - 1 - MANT_DIG) - { - __set_errno (ERANGE); - return 0.0; - } - -+ mp_size_t shift = MIN_EXP - 1 - exponent; -+ - more_bits |= (round_limb & ((((mp_limb_t) 1) << round_bit) - 1)) != 0; - if (shift == MANT_DIG) - /* This is a special case to handle the very seldom case where -@@ -235,6 +235,9 @@ round_and_return (mp_limb_t *retval, int exponent, int negative, - __set_errno (ERANGE); - } - -+ if (exponent > MAX_EXP) -+ goto overflow; -+ - if ((round_limb & (((mp_limb_t) 1) << round_bit)) != 0 - && (more_bits || (retval[0] & 1) != 0 - || (round_limb & ((((mp_limb_t) 1) << round_bit) - 1)) != 0)) -@@ -260,6 +263,7 @@ round_and_return (mp_limb_t *retval, int exponent, int negative, - } - - if (exponent > MAX_EXP) -+ overflow: - return negative ? -FLOAT_HUGE_VAL : FLOAT_HUGE_VAL; - - return MPN2FLOAT (retval, exponent, negative); -@@ -273,7 +277,7 @@ round_and_return (mp_limb_t *retval, int exponent, int negative, - factor for the resulting number (see code) multiply by it. */ - static const STRING_TYPE * - str_to_mpn (const STRING_TYPE *str, int digcnt, mp_limb_t *n, mp_size_t *nsize, -- int *exponent -+ intmax_t *exponent - #ifndef USE_WIDE_CHAR - , const char *decimal, size_t decimal_len, const char *thousands - #endif -@@ -303,6 +307,7 @@ str_to_mpn (const STRING_TYPE *str, int digcnt, mp_limb_t *n, mp_size_t *nsize, - cy += __mpn_add_1 (n, n, *nsize, low); - if (cy != 0) - { -+ assert (*nsize < MPNSIZE); - n[*nsize] = cy; - ++(*nsize); - } -@@ -337,7 +342,7 @@ str_to_mpn (const STRING_TYPE *str, int digcnt, mp_limb_t *n, mp_size_t *nsize, - } - while (--digcnt > 0); - -- if (*exponent > 0 && cnt + *exponent <= MAX_DIG_PER_LIMB) -+ if (*exponent > 0 && *exponent <= MAX_DIG_PER_LIMB - cnt) - { - low *= _tens_in_limb[*exponent]; - start = _tens_in_limb[cnt + *exponent]; -@@ -357,7 +362,10 @@ str_to_mpn (const STRING_TYPE *str, int digcnt, mp_limb_t *n, mp_size_t *nsize, - cy = __mpn_mul_1 (n, n, *nsize, start); - cy += __mpn_add_1 (n, n, *nsize, low); - if (cy != 0) -- n[(*nsize)++] = cy; -+ { -+ assert (*nsize < MPNSIZE); -+ n[(*nsize)++] = cy; -+ } - } - - return str; -@@ -415,7 +423,7 @@ ____STRTOF_INTERNAL (nptr, endptr, group, loc) - { - int negative; /* The sign of the number. */ - MPN_VAR (num); /* MP representation of the number. */ -- int exponent; /* Exponent of the number. */ -+ intmax_t exponent; /* Exponent of the number. */ - - /* Numbers starting `0X' or `0x' have to be processed with base 16. */ - int base = 10; -@@ -437,7 +445,7 @@ ____STRTOF_INTERNAL (nptr, endptr, group, loc) - /* Points at the character following the integer and fractional digits. */ - const STRING_TYPE *expp; - /* Total number of digit and number of digits in integer part. */ -- int dig_no, int_no, lead_zero; -+ size_t dig_no, int_no, lead_zero; - /* Contains the last character read. */ - CHAR_TYPE c; - -@@ -769,7 +777,7 @@ ____STRTOF_INTERNAL (nptr, endptr, group, loc) - are all or any is really a fractional digit will be decided - later. */ - int_no = dig_no; -- lead_zero = int_no == 0 ? -1 : 0; -+ lead_zero = int_no == 0 ? (size_t) -1 : 0; - - /* Read the fractional digits. A special case are the 'american - style' numbers like `16.' i.e. with decimal point but without -@@ -791,12 +799,13 @@ ____STRTOF_INTERNAL (nptr, endptr, group, loc) - (base == 16 && ({ CHAR_TYPE lo = TOLOWER (c); - lo >= L_('a') && lo <= L_('f'); }))) - { -- if (c != L_('0') && lead_zero == -1) -+ if (c != L_('0') && lead_zero == (size_t) -1) - lead_zero = dig_no - int_no; - ++dig_no; - c = *++cp; - } - } -+ assert (dig_no <= (uintmax_t) INTMAX_MAX); - - /* Remember start of exponent (if any). */ - expp = cp; -@@ -819,24 +828,80 @@ ____STRTOF_INTERNAL (nptr, endptr, group, loc) - - if (c >= L_('0') && c <= L_('9')) - { -- int exp_limit; -+ intmax_t exp_limit; - - /* Get the exponent limit. */ - if (base == 16) -- exp_limit = (exp_negative ? -- -MIN_EXP + MANT_DIG + 4 * int_no : -- MAX_EXP - 4 * int_no + 4 * lead_zero + 3); -+ { -+ if (exp_negative) -+ { -+ assert (int_no <= (uintmax_t) (INTMAX_MAX -+ + MIN_EXP - MANT_DIG) / 4); -+ exp_limit = -MIN_EXP + MANT_DIG + 4 * (intmax_t) int_no; -+ } -+ else -+ { -+ if (int_no) -+ { -+ assert (lead_zero == 0 -+ && int_no <= (uintmax_t) INTMAX_MAX / 4); -+ exp_limit = MAX_EXP - 4 * (intmax_t) int_no + 3; -+ } -+ else if (lead_zero == (size_t) -1) -+ { -+ /* The number is zero and this limit is -+ arbitrary. */ -+ exp_limit = MAX_EXP + 3; -+ } -+ else -+ { -+ assert (lead_zero -+ <= (uintmax_t) (INTMAX_MAX - MAX_EXP - 3) / 4); -+ exp_limit = (MAX_EXP -+ + 4 * (intmax_t) lead_zero -+ + 3); -+ } -+ } -+ } - else -- exp_limit = (exp_negative ? -- -MIN_10_EXP + MANT_DIG + int_no : -- MAX_10_EXP - int_no + lead_zero + 1); -+ { -+ if (exp_negative) -+ { -+ assert (int_no -+ <= (uintmax_t) (INTMAX_MAX + MIN_10_EXP - MANT_DIG)); -+ exp_limit = -MIN_10_EXP + MANT_DIG + (intmax_t) int_no; -+ } -+ else -+ { -+ if (int_no) -+ { -+ assert (lead_zero == 0 -+ && int_no <= (uintmax_t) INTMAX_MAX); -+ exp_limit = MAX_10_EXP - (intmax_t) int_no + 1; -+ } -+ else if (lead_zero == (size_t) -1) -+ { -+ /* The number is zero and this limit is -+ arbitrary. */ -+ exp_limit = MAX_10_EXP + 1; -+ } -+ else -+ { -+ assert (lead_zero -+ <= (uintmax_t) (INTMAX_MAX - MAX_10_EXP - 1)); -+ exp_limit = MAX_10_EXP + (intmax_t) lead_zero + 1; -+ } -+ } -+ } -+ -+ if (exp_limit < 0) -+ exp_limit = 0; - - do - { -- exponent *= 10; -- exponent += c - L_('0'); -- -- if (__builtin_expect (exponent > exp_limit, 0)) -+ if (__builtin_expect ((exponent > exp_limit / 10 -+ || (exponent == exp_limit / 10 -+ && c - L_('0') > exp_limit % 10)), 0)) - /* The exponent is too large/small to represent a valid - number. */ - { -@@ -845,7 +910,7 @@ ____STRTOF_INTERNAL (nptr, endptr, group, loc) - /* We have to take care for special situation: a joker - might have written "0.0e100000" which is in fact - zero. */ -- if (lead_zero == -1) -+ if (lead_zero == (size_t) -1) - result = negative ? -0.0 : 0.0; - else - { -@@ -864,6 +929,9 @@ ____STRTOF_INTERNAL (nptr, endptr, group, loc) - /* NOTREACHED */ - } - -+ exponent *= 10; -+ exponent += c - L_('0'); -+ - c = *++cp; - } - while (c >= L_('0') && c <= L_('9')); -@@ -932,7 +1000,14 @@ ____STRTOF_INTERNAL (nptr, endptr, group, loc) - } - #endif - startp += lead_zero + decimal_len; -- exponent -= base == 16 ? 4 * lead_zero : lead_zero; -+ assert (lead_zero <= (base == 16 -+ ? (uintmax_t) INTMAX_MAX / 4 -+ : (uintmax_t) INTMAX_MAX)); -+ assert (lead_zero <= (base == 16 -+ ? ((uintmax_t) exponent -+ - (uintmax_t) INTMAX_MIN) / 4 -+ : ((uintmax_t) exponent - (uintmax_t) INTMAX_MIN))); -+ exponent -= base == 16 ? 4 * (intmax_t) lead_zero : (intmax_t) lead_zero; - dig_no -= lead_zero; - } - -@@ -974,7 +1049,10 @@ ____STRTOF_INTERNAL (nptr, endptr, group, loc) - } - - /* Adjust the exponent for the bits we are shifting in. */ -- exponent += bits - 1 + (int_no - 1) * 4; -+ assert (int_no <= (uintmax_t) (exponent < 0 -+ ? (INTMAX_MAX - bits + 1) / 4 -+ : (INTMAX_MAX - exponent - bits + 1) / 4)); -+ exponent += bits - 1 + ((intmax_t) int_no - 1) * 4; - - while (--dig_no > 0 && idx >= 0) - { -@@ -1014,13 +1092,15 @@ ____STRTOF_INTERNAL (nptr, endptr, group, loc) - really integer digits or belong to the fractional part; i.e. we normalize - 123e-2 to 1.23. */ - { -- register int incr = (exponent < 0 ? MAX (-int_no, exponent) -- : MIN (dig_no - int_no, exponent)); -+ register intmax_t incr = (exponent < 0 -+ ? MAX (-(intmax_t) int_no, exponent) -+ : MIN ((intmax_t) dig_no - (intmax_t) int_no, -+ exponent)); - int_no += incr; - exponent -= incr; - } - -- if (__builtin_expect (int_no + exponent > MAX_10_EXP + 1, 0)) -+ if (__builtin_expect (exponent > MAX_10_EXP + 1 - (intmax_t) int_no, 0)) - { - __set_errno (ERANGE); - return negative ? -FLOAT_HUGE_VAL : FLOAT_HUGE_VAL; -@@ -1205,7 +1285,7 @@ ____STRTOF_INTERNAL (nptr, endptr, group, loc) - digits we should have enough bits for the result. The remaining - decimal digits give us the information that more bits are following. - This can be used while rounding. (Two added as a safety margin.) */ -- if (dig_no - int_no > (MANT_DIG - bits + 2) / 3 + 2) -+ if ((intmax_t) dig_no > (intmax_t) int_no + (MANT_DIG - bits + 2) / 3 + 2) - { - dig_no = int_no + (MANT_DIG - bits + 2) / 3 + 2; - more_bits = 1; -@@ -1213,7 +1293,7 @@ ____STRTOF_INTERNAL (nptr, endptr, group, loc) - else - more_bits = 0; - -- neg_exp = dig_no - int_no - exponent; -+ neg_exp = (intmax_t) dig_no - (intmax_t) int_no - exponent; - - /* Construct the denominator. */ - densize = 0; -diff --git a/stdlib/tst-strtod-overflow.c b/stdlib/tst-strtod-overflow.c -new file mode 100644 -index 0000000..668d55b ---- /dev/null -+++ b/stdlib/tst-strtod-overflow.c -@@ -0,0 +1,48 @@ -+/* Test for integer/buffer overflow in strtod. -+ Copyright (C) 2012 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+#include -+#include -+#include -+ -+#define EXPONENT "e-2147483649" -+#define SIZE 214748364 -+ -+static int -+do_test (void) -+{ -+ char *p = malloc (1 + SIZE + sizeof (EXPONENT)); -+ if (p == NULL) -+ { -+ puts ("malloc failed, cannot test for overflow"); -+ return 0; -+ } -+ p[0] = '1'; -+ memset (p + 1, '0', SIZE); -+ memcpy (p + 1 + SIZE, EXPONENT, sizeof (EXPONENT)); -+ double d = strtod (p, NULL); -+ if (d != 0) -+ { -+ printf ("strtod returned wrong value: %a\n", d); -+ return 1; -+ } -+ return 0; -+} -+ -+#define TEST_FUNCTION do_test () -+#include "../test-skeleton.c" --- -1.7.3.4 diff --git a/source/l/glibc/timezone-scripts/output-updated-timeconfig.sh b/source/l/glibc/timezone-scripts/output-updated-timeconfig.sh old mode 100644 new mode 100755 index 5d1ade37..a04f1b67 --- a/source/l/glibc/timezone-scripts/output-updated-timeconfig.sh +++ b/source/l/glibc/timezone-scripts/output-updated-timeconfig.sh @@ -1,5 +1,5 @@ #!/bin/sh -# Copyright 2006 Patrick J. Volkerding, Sebeka, MN, USA. +# Copyright 2000, 2001, 2006, 2007, 2008, 2012 Patrick J. Volkerding, Sebeka, MN, USA. # All rights reserved. # # Redistribution and use of this script, with or without modification, is diff --git a/source/l/glibc/timezone-scripts/parts/00 b/source/l/glibc/timezone-scripts/parts/00 index 9344c509..42d8a7e0 100644 --- a/source/l/glibc/timezone-scripts/parts/00 +++ b/source/l/glibc/timezone-scripts/parts/00 @@ -6,6 +6,7 @@ # Modified by: David Cantrell , 06-Oct-2000 # # ChangeLog: +# 2012-12-12: Updated timezones from tzdata2012j. # 2008-03-10: Updated timezones from tzdata2008a. # 2007-12-21: Updated timezones from tzdata2007j. # 2006-12-03: Updated timezones from tzdata2006p. diff --git a/source/l/glibc/timezone-scripts/parts/01 b/source/l/glibc/timezone-scripts/parts/01 index 13909447..3860d8bd 100644 --- a/source/l/glibc/timezone-scripts/parts/01 +++ b/source/l/glibc/timezone-scripts/parts/01 @@ -9,6 +9,7 @@ "US/Michigan" " " \ "US/Mountain" " " \ "US/Pacific" " " \ +"US/Pacific-New" " " \ "US/Samoa" " " \ "Africa/Abidjan" " " \ "Africa/Accra" " " \ @@ -260,6 +261,8 @@ "Asia/Karachi" " " \ "Asia/Kashgar" " " \ "Asia/Katmandu" " " \ +"Asia/Khandyga" " " \ +"Asia/Khandyga" " " \ "Asia/Krasnoyarsk" " " \ "Asia/Kuala_Lumpur" " " \ "Asia/Kuching" " " \ @@ -302,6 +305,7 @@ "Asia/Ulaanbaatar" " " \ "Asia/Ulan_Bator" " " \ "Asia/Urumqi" " " \ +"Asia/Ust-Nera" " " \ "Asia/Vientiane" " " \ "Asia/Vladivostok" " " \ "Asia/Yakutsk" " " \ @@ -408,6 +412,7 @@ "Europe/Brussels" " " \ "Europe/Bucharest" " " \ "Europe/Budapest" " " \ +"Europe/Busingen" " " \ "Europe/Chisinau" " " \ "Europe/Copenhagen" " " \ "Europe/Dublin" " " \ @@ -1096,6 +1101,7 @@ "posix/US/Michigan" " " \ "posix/US/Mountain" " " \ "posix/US/Pacific" " " \ +"posix/US/Pacific-New" " " \ "posix/US/Samoa" " " \ "posix/UTC" " " \ "posix/Universal" " " \ @@ -1649,6 +1655,7 @@ "right/US/Michigan" " " \ "right/US/Mountain" " " \ "right/US/Pacific" " " \ +"right/US/Pacific-New" " " \ "right/US/Samoa" " " \ "right/UTC" " " \ "right/Universal" " " \ diff --git a/source/l/glibc/timezone-scripts/parts/03 b/source/l/glibc/timezone-scripts/parts/03 index 9993c348..f9a201ab 100644 --- a/source/l/glibc/timezone-scripts/parts/03 +++ b/source/l/glibc/timezone-scripts/parts/03 @@ -9,6 +9,7 @@ US/Indiana-Starke US/Michigan US/Mountain US/Pacific +US/Pacific-New US/Samoa Africa/Abidjan Africa/Accra @@ -260,6 +261,8 @@ Asia/Kamchatka Asia/Karachi Asia/Kashgar Asia/Katmandu +Asia/Khandyga +Asia/Kolkata Asia/Krasnoyarsk Asia/Kuala_Lumpur Asia/Kuching @@ -302,6 +305,7 @@ Asia/Ujung_Pandang Asia/Ulaanbaatar Asia/Ulan_Bator Asia/Urumqi +Asia/Ust-Nera Asia/Vientiane Asia/Vladivostok Asia/Yakutsk @@ -408,6 +412,7 @@ Europe/Bratislava Europe/Brussels Europe/Bucharest Europe/Budapest +Europe/Busingen Europe/Chisinau Europe/Copenhagen Europe/Dublin @@ -1096,6 +1101,7 @@ posix/US/Indiana-Starke posix/US/Michigan posix/US/Mountain posix/US/Pacific +posix/US/Pacific-New posix/US/Samoa posix/UTC posix/Universal @@ -1649,6 +1655,7 @@ right/US/Indiana-Starke right/US/Michigan right/US/Mountain right/US/Pacific +right/US/Pacific-New right/US/Samoa right/UTC right/Universal diff --git a/source/l/glibc/timezone-scripts/timeconfig b/source/l/glibc/timezone-scripts/timeconfig index 56e786c3..e09550d4 100644 --- a/source/l/glibc/timezone-scripts/timeconfig +++ b/source/l/glibc/timezone-scripts/timeconfig @@ -6,6 +6,7 @@ # Modified by: David Cantrell , 06-Oct-2000 # # ChangeLog: +# 2012-12-12: Updated timezones from tzdata2012j. # 2008-03-10: Updated timezones from tzdata2008a. # 2007-12-21: Updated timezones from tzdata2007j. # 2006-12-03: Updated timezones from tzdata2006p. @@ -138,6 +139,7 @@ if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then "US/Michigan" " " \ "US/Mountain" " " \ "US/Pacific" " " \ +"US/Pacific-New" " " \ "US/Samoa" " " \ "Africa/Abidjan" " " \ "Africa/Accra" " " \ @@ -237,6 +239,7 @@ if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then "America/Coral_Harbour" " " \ "America/Cordoba" " " \ "America/Costa_Rica" " " \ +"America/Creston" " " \ "America/Cuiaba" " " \ "America/Curacao" " " \ "America/Danmarkshavn" " " \ @@ -411,6 +414,7 @@ if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then "Asia/Kashgar" " " \ "Asia/Kathmandu" " " \ "Asia/Katmandu" " " \ +"Asia/Khandyga" " " \ "Asia/Kolkata" " " \ "Asia/Krasnoyarsk" " " \ "Asia/Kuala_Lumpur" " " \ @@ -455,6 +459,7 @@ if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then "Asia/Ulaanbaatar" " " \ "Asia/Ulan_Bator" " " \ "Asia/Urumqi" " " \ +"Asia/Ust-Nera" " " \ "Asia/Vientiane" " " \ "Asia/Vladivostok" " " \ "Asia/Yakutsk" " " \ @@ -563,6 +568,7 @@ if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then "Europe/Brussels" " " \ "Europe/Bucharest" " " \ "Europe/Budapest" " " \ +"Europe/Busingen" " " \ "Europe/Chisinau" " " \ "Europe/Copenhagen" " " \ "Europe/Dublin" " " \ @@ -805,6 +811,7 @@ if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then "posix/America/Coral_Harbour" " " \ "posix/America/Cordoba" " " \ "posix/America/Costa_Rica" " " \ +"posix/America/Creston" " " \ "posix/America/Cuiaba" " " \ "posix/America/Curacao" " " \ "posix/America/Danmarkshavn" " " \ @@ -979,6 +986,7 @@ if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then "posix/Asia/Kashgar" " " \ "posix/Asia/Kathmandu" " " \ "posix/Asia/Katmandu" " " \ +"posix/Asia/Khandyga" " " \ "posix/Asia/Kolkata" " " \ "posix/Asia/Krasnoyarsk" " " \ "posix/Asia/Kuala_Lumpur" " " \ @@ -1023,6 +1031,7 @@ if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then "posix/Asia/Ulaanbaatar" " " \ "posix/Asia/Ulan_Bator" " " \ "posix/Asia/Urumqi" " " \ +"posix/Asia/Ust-Nera" " " \ "posix/Asia/Vientiane" " " \ "posix/Asia/Vladivostok" " " \ "posix/Asia/Yakutsk" " " \ @@ -1131,6 +1140,7 @@ if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then "posix/Europe/Brussels" " " \ "posix/Europe/Bucharest" " " \ "posix/Europe/Budapest" " " \ +"posix/Europe/Busingen" " " \ "posix/Europe/Chisinau" " " \ "posix/Europe/Copenhagen" " " \ "posix/Europe/Dublin" " " \ @@ -1281,6 +1291,7 @@ if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then "posix/US/Michigan" " " \ "posix/US/Mountain" " " \ "posix/US/Pacific" " " \ +"posix/US/Pacific-New" " " \ "posix/US/Samoa" " " \ "posix/UTC" " " \ "posix/Universal" " " \ @@ -1386,6 +1397,7 @@ if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then "right/America/Coral_Harbour" " " \ "right/America/Cordoba" " " \ "right/America/Costa_Rica" " " \ +"right/America/Creston" " " \ "right/America/Cuiaba" " " \ "right/America/Curacao" " " \ "right/America/Danmarkshavn" " " \ @@ -1560,6 +1572,7 @@ if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then "right/Asia/Kashgar" " " \ "right/Asia/Kathmandu" " " \ "right/Asia/Katmandu" " " \ +"right/Asia/Khandyga" " " \ "right/Asia/Kolkata" " " \ "right/Asia/Krasnoyarsk" " " \ "right/Asia/Kuala_Lumpur" " " \ @@ -1604,6 +1617,7 @@ if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then "right/Asia/Ulaanbaatar" " " \ "right/Asia/Ulan_Bator" " " \ "right/Asia/Urumqi" " " \ +"right/Asia/Ust-Nera" " " \ "right/Asia/Vientiane" " " \ "right/Asia/Vladivostok" " " \ "right/Asia/Yakutsk" " " \ @@ -1712,6 +1726,7 @@ if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then "right/Europe/Brussels" " " \ "right/Europe/Bucharest" " " \ "right/Europe/Budapest" " " \ +"right/Europe/Busingen" " " \ "right/Europe/Chisinau" " " \ "right/Europe/Copenhagen" " " \ "right/Europe/Dublin" " " \ @@ -1862,6 +1877,7 @@ if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then "right/US/Michigan" " " \ "right/US/Mountain" " " \ "right/US/Pacific" " " \ +"right/US/Pacific-New" " " \ "right/US/Samoa" " " \ "right/UTC" " " \ "right/Universal" " " \ @@ -1907,6 +1923,7 @@ US/Indiana-Starke US/Michigan US/Mountain US/Pacific +US/Pacific-New US/Samoa Africa/Abidjan Africa/Accra @@ -2006,6 +2023,7 @@ America/Chihuahua America/Coral_Harbour America/Cordoba America/Costa_Rica +America/Creston America/Cuiaba America/Curacao America/Danmarkshavn @@ -2180,6 +2198,7 @@ Asia/Karachi Asia/Kashgar Asia/Kathmandu Asia/Katmandu +Asia/Khandyga Asia/Kolkata Asia/Krasnoyarsk Asia/Kuala_Lumpur @@ -2224,6 +2243,7 @@ Asia/Ujung_Pandang Asia/Ulaanbaatar Asia/Ulan_Bator Asia/Urumqi +Asia/Ust-Nera Asia/Vientiane Asia/Vladivostok Asia/Yakutsk @@ -2332,6 +2352,7 @@ Europe/Bratislava Europe/Brussels Europe/Bucharest Europe/Budapest +Europe/Busingen Europe/Chisinau Europe/Copenhagen Europe/Dublin @@ -2574,6 +2595,7 @@ posix/America/Chihuahua posix/America/Coral_Harbour posix/America/Cordoba posix/America/Costa_Rica +posix/America/Creston posix/America/Cuiaba posix/America/Curacao posix/America/Danmarkshavn @@ -2748,6 +2770,7 @@ posix/Asia/Karachi posix/Asia/Kashgar posix/Asia/Kathmandu posix/Asia/Katmandu +posix/Asia/Khandyga posix/Asia/Kolkata posix/Asia/Krasnoyarsk posix/Asia/Kuala_Lumpur @@ -2792,6 +2815,7 @@ posix/Asia/Ujung_Pandang posix/Asia/Ulaanbaatar posix/Asia/Ulan_Bator posix/Asia/Urumqi +posix/Asia/Ust-Nera posix/Asia/Vientiane posix/Asia/Vladivostok posix/Asia/Yakutsk @@ -2900,6 +2924,7 @@ posix/Europe/Bratislava posix/Europe/Brussels posix/Europe/Bucharest posix/Europe/Budapest +posix/Europe/Busingen posix/Europe/Chisinau posix/Europe/Copenhagen posix/Europe/Dublin @@ -3050,6 +3075,7 @@ posix/US/Indiana-Starke posix/US/Michigan posix/US/Mountain posix/US/Pacific +posix/US/Pacific-New posix/US/Samoa posix/UTC posix/Universal @@ -3155,6 +3181,7 @@ right/America/Chihuahua right/America/Coral_Harbour right/America/Cordoba right/America/Costa_Rica +right/America/Creston right/America/Cuiaba right/America/Curacao right/America/Danmarkshavn @@ -3329,6 +3356,7 @@ right/Asia/Karachi right/Asia/Kashgar right/Asia/Kathmandu right/Asia/Katmandu +right/Asia/Khandyga right/Asia/Kolkata right/Asia/Krasnoyarsk right/Asia/Kuala_Lumpur @@ -3373,6 +3401,7 @@ right/Asia/Ujung_Pandang right/Asia/Ulaanbaatar right/Asia/Ulan_Bator right/Asia/Urumqi +right/Asia/Ust-Nera right/Asia/Vientiane right/Asia/Vladivostok right/Asia/Yakutsk @@ -3481,6 +3510,7 @@ right/Europe/Bratislava right/Europe/Brussels right/Europe/Bucharest right/Europe/Budapest +right/Europe/Busingen right/Europe/Chisinau right/Europe/Copenhagen right/Europe/Dublin @@ -3631,6 +3661,7 @@ right/US/Indiana-Starke right/US/Michigan right/US/Mountain right/US/Pacific +right/US/Pacific-New right/US/Samoa right/UTC right/Universal -- cgit v1.2.3