GNU C Library master sources branch, fedora/2.11/master, updated. fedora/glibc-2.11.2-1-8-g232b9ad

schwab@sourceware.org schwab@sourceware.org
Thu Oct 21 12:15:00 GMT 2010


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, fedora/2.11/master has been updated
       via  232b9ad51c023e55d3c726adc0da754db26ea2b2 (commit)
       via  e933bae6a3b96ab5746dd5bdca23f7bf9131d2ba (commit)
       via  a2328cd094a6661ba6b5a36034b4300e332c9d6e (commit)
       via  21580967038a0150e330e56508ec4f04fdf0f490 (commit)
       via  ef43572852a615b6f85bf3864a6c4f1175a93a19 (commit)
       via  4d4e902530cad7cd18570ad4b7bd7f31b33cce28 (commit)
       via  d0d308e32b10a0776c6b7d5748b96bb5a9076f96 (commit)
       via  a8226edc795e0f3682eec8be3ee183422eaefd24 (commit)
      from  f0e6fe2f620dfd05259b0df4dc125981497c052b (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://sources.redhat.com/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=232b9ad51c023e55d3c726adc0da754db26ea2b2

commit 232b9ad51c023e55d3c726adc0da754db26ea2b2
Author: Andreas Schwab <schwab@redhat.com>
Date:   Thu Oct 21 11:51:00 2010 +0200

    2.11.2-2

diff --git a/fedora/glibc.spec.in b/fedora/glibc.spec.in
index c72c500..abafe75 100644
--- a/fedora/glibc.spec.in
+++ b/fedora/glibc.spec.in
@@ -25,7 +25,7 @@
 Summary: The GNU libc libraries
 Name: glibc
 Version: %{glibcversion}
-Release: 1
+Release: 2
 # GPLv2+ is used in a bunch of programs, LGPLv2+ is used for libraries.
 # Things that are linked directly into dynamically linked programs
 # and shared libraries (e.g. crt files, lib*_nonshared.a) have an additional
@@ -1034,6 +1034,13 @@ rm -f *.filelist*
 %endif
 
 %changelog
+* Thu Oct 21 2010 Andreas Schwab <schwab@redhat.com> - 2.11.2-2
+- Update from 2.11 branch
+  - Correct x86 CPU family and model check (BZ#11640, #596554)
+  - Don't crash on unresolved weak symbol reference
+  - sunrpc: Fix spurious fall-through
+- Never expand $ORIGIN in privileged programs (#643306, CVE-2010-3847)
+
 * Thu May 20 2010 Andreas Schwab <schwab@redhat.com> - 2.11.2-1
 - Update to 2.11.2 release
 

http://sources.redhat.com/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=e933bae6a3b96ab5746dd5bdca23f7bf9131d2ba

commit e933bae6a3b96ab5746dd5bdca23f7bf9131d2ba
Author: Andreas Schwab <schwab@redhat.com>
Date:   Mon Oct 18 11:46:00 2010 +0200

    Never expand $ORIGIN in privileged programs

diff --git a/ChangeLog b/ChangeLog
index ccbba2f..690f7aa 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2010-10-18  Andreas Schwab  <schwab@redhat.com>
+
+	* elf/dl-load.c (is_dst): Remove last parameter.
+	(_dl_dst_count): Ignore $ORIGIN in privileged programs.
+	(_dl_dst_substitute): Likewise.
+
 2010-05-26  H.J. Lu  <hongjiu.lu@intel.com>
 
 	[BZ #11640]
diff --git a/elf/dl-load.c b/elf/dl-load.c
index 597193c..7115c68 100644
--- a/elf/dl-load.c
+++ b/elf/dl-load.c
@@ -169,8 +169,7 @@ local_strdup (const char *s)
 
 
 static size_t
-is_dst (const char *start, const char *name, const char *str,
-	int is_path, int secure)
+is_dst (const char *start, const char *name, const char *str, int is_path)
 {
   size_t len;
   bool is_curly = false;
@@ -199,11 +198,6 @@ is_dst (const char *start, const char *name, const char *str,
 	   && (!is_path || name[len] != ':'))
     return 0;
 
-  if (__builtin_expect (secure, 0)
-      && ((name[len] != '\0' && (!is_path || name[len] != ':'))
-	  || (name != start + 1 && (!is_path || name[-2] != ':'))))
-    return 0;
-
   return len;
 }
 
@@ -218,13 +212,12 @@ _dl_dst_count (const char *name, int is_path)
     {
       size_t len;
 
-      /* $ORIGIN is not expanded for SUID/GUID programs (except if it
-	 is $ORIGIN alone) and it must always appear first in path.  */
+      /* $ORIGIN is not expanded for SUID/GUID programs.  */
       ++name;
-      if ((len = is_dst (start, name, "ORIGIN", is_path,
-			 INTUSE(__libc_enable_secure))) != 0
-	  || (len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0
-	  || (len = is_dst (start, name, "LIB", is_path, 0)) != 0)
+      if (((len = is_dst (start, name, "ORIGIN", is_path)) != 0
+	   && !INTUSE(__libc_enable_secure))
+	  || (len = is_dst (start, name, "PLATFORM", is_path)) != 0
+	  || (len = is_dst (start, name, "LIB", is_path)) != 0)
 	++cnt;
 
       name = strchr (name + len, '$');
@@ -256,9 +249,12 @@ _dl_dst_substitute (struct link_map *l, const char *name, char *result,
 	  size_t len;
 
 	  ++name;
-	  if ((len = is_dst (start, name, "ORIGIN", is_path,
-			     INTUSE(__libc_enable_secure))) != 0)
+	  if ((len = is_dst (start, name, "ORIGIN", is_path)) != 0)
 	    {
+	      /* Ignore this path element in SUID/SGID programs.  */
+	      if (INTUSE(__libc_enable_secure))
+		repl = (const char *) -1;
+	      else
 #ifndef SHARED
 	      if (l == NULL)
 		repl = _dl_get_origin ();
@@ -266,9 +262,9 @@ _dl_dst_substitute (struct link_map *l, const char *name, char *result,
 #endif
 		repl = l->l_origin;
 	    }
-	  else if ((len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0)
+	  else if ((len = is_dst (start, name, "PLATFORM", is_path)) != 0)
 	    repl = GLRO(dl_platform);
-	  else if ((len = is_dst (start, name, "LIB", is_path, 0)) != 0)
+	  else if ((len = is_dst (start, name, "LIB", is_path)) != 0)
 	    repl = DL_DST_LIB;
 
 	  if (repl != NULL && repl != (const char *) -1)

http://sources.redhat.com/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=a2328cd094a6661ba6b5a36034b4300e332c9d6e

commit a2328cd094a6661ba6b5a36034b4300e332c9d6e
Merge: f0e6fe2 2158096
Author: Andreas Schwab <schwab@redhat.com>
Date:   Thu Oct 21 11:48:52 2010 +0200

    Merge remote branch 'origin/release/2.11/master' into fedora/2.11/master


-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                                      |   32 ++++++++++++++++++++++++
 elf/dl-load.c                                  |   30 +++++++++------------
 elf/dl-runtime.c                               |   12 +++++---
 fedora/glibc.spec.in                           |    9 ++++++-
 sunrpc/clnt_tcp.c                              |    1 +
 sunrpc/clnt_udp.c                              |    1 +
 sunrpc/clnt_unix.c                             |    1 +
 sysdeps/unix/sysv/linux/sh/sh4/register-dump.h |    4 +-
 sysdeps/x86_64/multiarch/init-arch.c           |    4 +-
 9 files changed, 67 insertions(+), 27 deletions(-)


hooks/post-receive
-- 
GNU C Library master sources



More information about the Glibc-cvs mailing list