This is the mail archive of the
libc-help@sourceware.org
mailing list for the glibc project.
Re: glibc-2.9 CVE-2015-7547 fix
- From: Florian Weimer <fweimer at redhat dot com>
- To: Darcy Watkins <dwatkins at sierrawireless dot com>
- Cc: "libc-help at sourceware dot org" <libc-help at sourceware dot org>
- Date: Mon, 14 Mar 2016 20:17:05 +0100
- Subject: Re: glibc-2.9 CVE-2015-7547 fix
- Authentication-results: sourceware.org; auth=none
- References: <1457455604 dot 7751 dot 15 dot camel at sierrawireless dot com> <56E30B31 dot 8090603 at redhat dot com> <1457730937 dot 27962 dot 9 dot camel at sierrawireless dot com>
On 03/11/2016 10:15 PM, Darcy Watkins wrote:
> On Fri, 2016-03-11 at 10:15 -0800, Florian Weimer wrote:
>> On 03/08/2016 05:46 PM, Darcy Watkins wrote:
>>
>>> Someone who understands what is going on in this part of the library
>>
>>> please comment to give me some insight, particularly if this change may
>>
>>> be a bad idea for other reasons.
>>
>>
>> Are you actually dealing with an unpatched glibc 2.9?
>
> I patched it with backports of a number of Red Hat patches from glibc
> 2.12 (that is used in el6 and centos6). I had to cherry pick from some
> 200+ patches (it wasn't easy).
Yes, we also had to backport additional patches to our 6.2 and 6.4
branches to get cleaner test suite runs.
> It was pretty close to pristine 2.9. That version was released from CVS
> rather than GIT. Do you know how good the CVS history conversion into
> GIT was?
It's not super-accurate in terms of commit matching, but the changes are
all there.
Do you need IPv6 support? If not, you could just replace AF_UNSPEC with
AF_INET.
Florian