[OE-core] [PATCH] gcc-9.2: Security fix for CVE-2019-14250

Mikko.Rapeli at bmw.de Mikko.Rapeli at bmw.de
Tue Sep 3 05:50:19 UTC 2019 

On Mon, Sep 02, 2019 at 02:33:02PM -0700, akuster808 wrote:
> 
> 
> On 9/2/19 5:40 AM, Adrian Bunk wrote:
> > On Sun, Sep 01, 2019 at 10:07:13AM -0700, akuster808 wrote:
> >>
> >> On 9/1/19 7:05 AM, Adrian Bunk wrote:
> >>> thud and zeus are providing 2 gcc versions each that need fixing.
> >> That is a true statement. What are you expecting?
> > The other versions also being fixed?
> >
> > gcc-8 being fixed in warrior before it gets fixed in master would be
> > the wrong order, and would introduce a security regression in master.
> sent a patch. hope it is what is meant by the above.
> 
> >
> > The code should be nearly identical in warrior and master, so fixing
> > this also in gcc-8 in master should be trivial.
> >
> > Fixing gcc-7 in thud would be a bonus.

FWIW, gcc-7-branch of https://github.com/gcc-mirror/gcc.git has this fix already.

-Mikko

commit 740d8b3baeea47cd5407be1752c5159223f77042
Author:     rguenth <rguenth at 138bc75d-0d04-0410-961f-82ee72b054a4>
AuthorDate: Thu Jul 25 10:50:47 2019 +0000
Commit:     rguenth <rguenth at 138bc75d-0d04-0410-961f-82ee72b054a4>
CommitDate: Thu Jul 25 10:50:47 2019 +0000

    2019-07-25  Richard Biener  <rguenther at suse.de>
    
        PR lto/90924
        Backport from mainline
        2019-07-12  Ren Kimura  <rkx1209dev at gmail.com>
    
        * simple-object-elf.c (simple_object_elf_match): Check zero value
        shstrndx.
    
    
    git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-7-branch@273795 138bc75d-0d04-0410-961f-82ee72b054a4

diff --git a/libiberty/ChangeLog b/libiberty/ChangeLog
index b785e71..0ecdec0 100644
--- a/libiberty/ChangeLog
+++ b/libiberty/ChangeLog
@@ -1,3 +1,12 @@
+2019-07-25  Richard Biener  <rguenther at suse.de>
+
+       PR lto/90924
+       Backport from mainline
+       2019-07-12  Ren Kimura  <rkx1209dev at gmail.com>
+
+       * simple-object-elf.c (simple_object_elf_match): Check zero value
+       shstrndx.
+
 2018-12-06  Release Manager
 
        * GCC 7.4.0 released.

More information about the Openembedded-core mailing list