Accepting request 359989 from home:Andreas_Schwab:Factory

- tls-dtor-list-mangling.patch: Harden tls_dtor_list with pointer mangling (BZ #19018) - prelink-elf-rtype-class.patch: Keep only ELF_RTYPE_CLASS_{PLT|COPY} bits for prelink (BZ #19178) - vector-finite-math-aliases.patch: Better workaround for aliases of *_finite symbols in vector math library (BZ# 19058) - powerpc-elision-adapt-param.patch: powerpc: Fix usage of elision transient failure adapt param (BZ #19174) - catopen-unbound-alloca.patch: Fix unbound alloca in catopen (CVE-2015-8779, bsc#962739, BZ #17905) - strftime-range-check.patch: Add range check on time fields (CVE-2015-8776, bsc#962736, BZ #18985) - hcreate-overflow-check.patch: Handle overflow in hcreate (CVE-2015-8778, bsc#962737, BZ #18240) - errorcheck-mutex-no-elision.patch: Don't do lock elision on an error checking mutex (bsc#956716, BZ #17514) - refactor-nan-parsing.patch: Refactor strtod parsing of NaN payloads (CVE-2014-9761, bsc#962738, BZ #16962) - send-dg-buffer-overflow.patch: Fix getaddrinfo stack-based buffer overflow (CVE-2015-7547, bsc#961721, BZ #18665) - powerpc-lock-elision-race.patch: renamed from 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch OBS-URL: https://build.opensuse.org/request/show/359989 OBS-URL: https://build.opensuse.org/package/show/Base:System/glibc?expand=0&rev=421
2016-02-17 14:42:34 +00:00
parent 7c1a380109
commit 5005d4836d
17 changed files with 2866 additions and 44 deletions
--- a/glibc.spec
+++ b/glibc.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package glibc
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -35,7 +35,9 @@ Summary:        Standard Shared Libraries (from the GNU C Library)
 License:        LGPL-2.1+ and SUSE-LGPL-2.1+-with-GCC-exception and GPL-2.0+
 Group:          System/Libraries
 # UTILS-SUMMARY-END
+BuildRequires:  audit-devel
 BuildRequires:  fdupes
+BuildRequires:  libcap-devel
 BuildRequires:  libselinux-devel
 BuildRequires:  makeinfo
 BuildRequires:  pwdutils
@@ -242,6 +244,28 @@ Patch1003:      opendir-o-directory-check.patch
 Patch1004:      strcoll-remove-strdiff-opt.patch
 # PATCH-FIX-UPSTREAM Always enable pointer guard (BZ #18928)
 Patch1005:      ld-pointer-guard.patch
+# PATCH-FIX-UPSTREAM Harden tls_dtor_list with pointer mangling (BZ #19018)
+Patch1006:      tls-dtor-list-mangling.patch
+# PATCH-FIX-UPSTREAM PowerPC: Fix a race condition when eliding a lock (BZ #18743)
+Patch1007:      powerpc-lock-elision-race.patch
+# PATCH-FIX-UPSTREAM Keep only ELF_RTYPE_CLASS_{PLT|COPY} bits for prelink (BZ #19178)
+Patch1008:      prelink-elf-rtype-class.patch
+# PATCH-FIX-UPSTREAM Better workaround for aliases of *_finite symbols in vector math library (BZ# 19058)
+Patch1009:      vector-finite-math-aliases.patch
+# PATCH-FIX-UPSTREAM powerpc: Fix usage of elision transient failure adapt param (BZ #19174)
+Patch1010:      powerpc-elision-adapt-param.patch
+# PATCH-FIX-UPSTREAM Fix unbound alloca in catopen (CVE-2015-8779, BZ #17905)
+Patch1011:      catopen-unbound-alloca.patch
+# PATCH-FIX-UPSTREAM Add range check on time fields (CVE-2015-8776, BZ #18985)
+Patch1012:      strftime-range-check.patch
+# PATCH-FIX-UPSTREAM Handle overflow in hcreate (CVE-2015-8778, BZ #18240)
+Patch1013:      hcreate-overflow-check.patch
+# PATCH-FIX-UPSTREAM Don't do lock elision on an error checking mutex (BZ #17514)
+Patch1014:      errorcheck-mutex-no-elision.patch
+# PATCH-FIX-UPSTREAM Refactor strtod parsing of NaN payloads (CVE-2014-9761, BZ #16962)
+Patch1015:      refactor-nan-parsing.patch
+# PATCH-FIX-UPSTREAM Fix getaddrinfo stack-based buffer overflow (CVE-2015-7547, BZ #18665)
+Patch1016:      send-dg-buffer-overflow.patch

 ### 
 # Patches awaiting upstream approval
@@ -262,16 +286,14 @@ Patch2007:      static-dlopen.patch
 Patch2008:      fnmatch-collating-elements.patch
 # PATCH-FIX-UPSTREAM Properly reread entry after failure in nss_files getent function (BZ #18991)
 Patch2009:      nss-files-long-lines-2.patch
-# PATCH-FIX-UPSTREAM PowerPC: Fix a race condition when eliding a lock (BZ #18743)
-Patch2010:      0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch
 # PATCH-FIX-UPSTREAM Fix iconv buffer handling with IGNORE error handler (BZ #18830)
-Patch2011:      iconv-reset-input-buffer.patch
+Patch2010:      iconv-reset-input-buffer.patch
 # PATCH-FIX-UPSTREAM Force rereading TZDEFRULES after it was used to set DST rules only (BZ #19253)
-Patch2012:      tzset-tzname.patch
+Patch2011:      tzset-tzname.patch
 # PATCH-FIX-UPSTREAM Fix resource leak in resolver (BZ #19257)
-Patch2013:      resolv-mem-leak.patch
+Patch2012:      resolv-mem-leak.patch
 # PATCH-FIX-UPSTREAM Reinitialize dl_load_write_lock on fork (BZ #19282)
-Patch2014:      reinitialize-dl_load_write_lock.patch
+Patch2013:      reinitialize-dl_load_write_lock.patch

 # Non-glibc patches
 # PATCH-FIX-OPENSUSE Remove debianisms from manpages
@@ -477,6 +499,17 @@ rm nscd/s-stamp
 %patch1003 -p1
 %patch1004 -p1
 %patch1005 -p1
+%patch1006 -p1
+%patch1007 -p1
+%patch1008 -p1
+%patch1009 -p1
+%patch1010 -p1
+%patch1011 -p1
+%patch1012 -p1
+%patch1013 -p1
+%patch1014 -p1
+%patch1015 -p1
+%patch1016 -p1

 %patch2000 -p1
 %patch2002 -p1
@@ -490,7 +523,6 @@ rm nscd/s-stamp
 %patch2011 -p1
 %patch2012 -p1
 %patch2013 -p1
-%patch2014 -p1

 %patch3000

@@ -1264,6 +1296,9 @@ exit 0
 	%{_libdir}/libnldbl_nonshared.a
 %endif
 %{_libdir}/libmcheck.a
+%ifarch x86_64
+%{_libdir}/libmvec_nonshared.a
+%endif
 %{_libdir}/libpthread_nonshared.a
 %{_libdir}/librpcsvc.a