mirror of
https://github.com/godotengine/buildroot.git
synced 2026-01-05 14:09:53 +03:00
62949d4ced
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH
values to manipulate the heap/stack, causing them to alias, potentially
resulting in arbitrary code execution. Please note that additional
hardening changes have been made to glibc to prevent manipulation of stack
and heap memory but these issues are not directly exploitable, as such they
have not been given a CVE.
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
Patches are identical to upstream, except that the ChangeLog modifications
have been stripped.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit c87fdfb605)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>