[ELDK] glibc getaddrinfo() bug (CVE-2015-7547)
Marek Vasut
marex at denx.de
Wed Apr 13 00:15:00 CEST 2016
On 04/11/2016 11:00 PM, Albrecht Dreß wrote:
> Am 19.02.16 08:44 schrieb(en) Wolfgang Denk:
>> Thanks for bringing this up, and thanks in advance for any potential
>> patches :-)
>
> Just a dumb question - as I still use ELDK 5.4, I had the idea to get
> the latest CentOS 7 source rpm including the critical fixes for the same
> glibc version (2.17), and to just cross-compile the patched sources.
> However, this process failed, for the e500v2 first with some strange asm
> errors, and after I added "--without-fp" (although I want SPE hw float,
> not fp emulation...) to configure, with linker errors regarding memmove
> etc. I didn't try the MPC5200 version yet.
>
> Would it be possible to get a usable glibc so using this process? Any
> idea about the "proper" configure args?
I'd just spin a dumb docker container or virtual machine with some
old(er) version of centos/ubuntu/redhat/fedora/whatever, add necessary
patches to the eldk 5.4 codebase and rebuild whatever images you need.
That seem to be the most straightforward and least problem-prone way to
go about it.
> Cheers
> Albrecht.
>
>
> _______________________________________________
> eldk mailing list
> eldk at lists.denx.de
> http://lists.denx.de/mailman/listinfo/eldk
>
--
Best regards,
Marek Vasut
More information about the eldk
mailing list