commit 5614803c3ed675c3750cf05ea34a4679871ec01a Author: Thomas Penteker <tek@serverop.de> Date: Wed Feb 4 20:27:53 2015 +0100 [notify] glibc: fix CVE-2015-0235 ghost vulnerability in 3.0, too diff --git a/glibc/.md5sum b/glibc/.md5sum index 3ee8978..456cc87 100644 --- a/glibc/.md5sum +++ b/glibc/.md5sum @@ -1,6 +1,7 @@ 3402b18f924954aa68d1d59ed378545f glibc-2.16.0-multilib-dirs.patch 80b181b02ab249524ec92822c0174cf7 glibc-2.16.0.tar.xz 3a51662cd99783b3d01ceac2dca19597 glibc-CVE-2013-4332.patch +1168de0dd6aeca3e85a992e4ffaf53d5 glibc-ghost-CVE-2015-0235.patch d4a2a19efe1e9b59b86fd15a968f7e10 glibc-regexp_buffer_overrun.patch 7e6a5a13c37f93213db9803d9790b7de glibc-resolv_assert.patch 99ed7b88221475d51a073f00d7ee9c42 glibc-segfault_in_strncasecmp.patch diff --git a/glibc/Pkgfile b/glibc/Pkgfile index 0ec459d..768946f 100644 --- a/glibc/Pkgfile +++ b/glibc/Pkgfile @@ -4,7 +4,7 @@ name=glibc version=2.16.0 -release=5 +release=6 source=(http://ftp.gnu.org/gnu/glibc/glibc-$version.tar.xz \ http://crux.nu/files/distfiles/kernel-headers-3.4.11.tar.xz \ $name-$version-multilib-dirs.patch \ @@ -13,6 +13,7 @@ source=(http://ftp.gnu.org/gnu/glibc/glibc-$version.tar.xz \ $name-segfault_in_strncasecmp.patch \ $name-strtod_integer_overflow.patch \ $name-regexp_buffer_overrun.patch \ + $name-ghost-CVE-2015-0235.patch \ $name-CVE-2013-4332.patch) build() { @@ -27,6 +28,7 @@ build() { patch -p1 -d $name-$version -i $SRC/$name-regexp_buffer_overrun.patch patch -p1 -d $name-$version -i $SRC/$name-$version-multilib-dirs.patch patch -p1 -d $name-$version -i $SRC/$name-CVE-2013-4332.patch + patch -p1 -d $name-$version -i $SRC/$name-ghost-CVE-2015-0235.patch mkdir build cd build