Accepting request 1112308 from home:Andreas_Schwab:Factory

- getcanonname-use-after-free.patch: getaddrinfo: Fix use after free in getcanonname (CVE-2023-4806, bsc#1215281, BZ #30843) - Do not build any cross packages in SLES OBS-URL: https://build.opensuse.org/request/show/1112308 OBS-URL: https://build.opensuse.org/package/show/Base:System/glibc?expand=0&rev=672
2023-09-19 14:01:57 +00:00
parent 3e5ba0b46a
commit 6e23f72fe7
3 changed files with 351 additions and 0 deletions
--- a/glibc.spec
+++ b/glibc.spec
@@ -96,6 +96,9 @@ ExclusiveArch:  do_not_build
 %define build_cross 1
 %undefine _build_create_debug
 ExcludeArch:    %{cross_arch}
+%if 0%{?suse_version} < 1600
+ExclusiveArch:  do_not_build
+%endif
 %endif
 %define host_arch %{?cross_cpu}%{!?cross_cpu:%{_target_cpu}}

@@ -317,6 +320,8 @@ Patch1007:      call-init-proxy-objects.patch
 Patch1008:      dtors-reverse-ctor-order.patch
 # PATCH-FIX-UPSTREAM Stack read overflow with large TCP responses in no-aaaa mode (CVE-2023-4527, BZ #30842)
 Patch1009:      no-aaaa-read-overflow.patch
+# PATCH-FIX-UPSTREAM getaddrinfo: Fix use after free in getcanonname (CVE-2023-4806, BZ #30843)
+Patch1010:      getcanonname-use-after-free.patch

 ###
 # Patches awaiting upstream approval
@@ -549,6 +554,7 @@ library in a cross compilation setting.
 %patch1007 -p1
 %patch1008 -p1
 %patch1009 -p1
+%patch1010 -p1
 %endif

 %patch2000 -p1