[lfs-book] r10903 - in trunk/BOOK: . chapter01 chapter03 chapter05 chapter06

bdubbs at higgs.linuxfromscratch.org bdubbs at higgs.linuxfromscratch.org
Thu Apr 23 20:19:38 PDT 2015


Author: bdubbs
Date: Thu Apr 23 20:19:38 2015
New Revision: 10903

Log:
Added a fix for security issue in Glibc (CVE-2015-1781). 
Thanks to Ken Moffat for identifying the proplem and the fix.

Fixed Ncurses and Perl build with GCC 5. Thanks to Ken Moffat and 
Douglas R. Reno for providing the patches.

Updated to GCC-5.1.0.  Imported changes from systemd version.

Modified:
   trunk/BOOK/chapter01/changelog.xml
   trunk/BOOK/chapter01/whatsnew.xml
   trunk/BOOK/chapter03/patches.xml
   trunk/BOOK/chapter05/glibc.xml
   trunk/BOOK/chapter05/libstdc++.xml
   trunk/BOOK/chapter05/ncurses.xml
   trunk/BOOK/chapter06/glibc.xml
   trunk/BOOK/chapter06/ncurses.xml
   trunk/BOOK/chapter06/perl.xml
   trunk/BOOK/general.ent
   trunk/BOOK/packages.ent
   trunk/BOOK/patches.ent

Modified: trunk/BOOK/chapter01/changelog.xml
==============================================================================
--- trunk/BOOK/chapter01/changelog.xml	Thu Apr 23 17:10:06 2015	(r10902)
+++ trunk/BOOK/chapter01/changelog.xml	Thu Apr 23 20:19:38 2015	(r10903)
@@ -37,6 +37,26 @@
 -->
 
     <listitem>
+      <para>2015-04-24</para>
+      <itemizedlist>
+        <listitem>
+          <para>[krejzi] - Added a fix for security issue
+          in Glibc (CVE-2015-1781). Thanks to Ken Moffat
+          for identifying the proplem and the fix.</para>
+        </listitem>
+        <listitem>
+          <para>[krejzi] - Fixed Ncurses and Perl build
+          with GCC 5. Thanks to Ken Moffat and Douglas
+          R. Reno for providing the patches.</para>
+        </listitem>
+        <listitem>
+          <para>[krejzi] - Updated to GCC-5.1.0. Fixes
+          <ulink url="&lfs-ticket-root;3779">#3779</ulink>.</para>
+        </listitem>
+      </itemizedlist>
+    </listitem>
+
+    <listitem>
       <para>2015-04-21</para>
       <itemizedlist>
         <listitem>

Modified: trunk/BOOK/chapter01/whatsnew.xml
==============================================================================
--- trunk/BOOK/chapter01/whatsnew.xml	Thu Apr 23 17:10:06 2015	(r10902)
+++ trunk/BOOK/chapter01/whatsnew.xml	Thu Apr 23 20:19:38 2015	(r10903)
@@ -85,9 +85,9 @@
     <!--<listitem>
       <para>Gawk &gawk-version;</para>
     </listitem>-->
-    <!--<listitem>
+    <listitem>
       <para>GCC &gcc-version;</para>
-    </listitem>-->
+    </listitem>
     <!--<listitem>
       <para>GDBM &gdbm-version;</para>
     </listitem>-->
@@ -248,6 +248,14 @@
       <para>Tcl-core-&tcl-version;</para>
     </listitem>
 
+    <listitem>
+      <para>&ncurses-gcc5-buildfixes-patch;</para>
+    </listitem>
+
+    <listitem>
+      <para>&perl-gcc5-fixes-patch;</para>
+    </listitem>
+
     <!--<listitem>
       <para>&bash-fixes-patch;</para>
     </listitem>-->

Modified: trunk/BOOK/chapter03/patches.xml
==============================================================================
--- trunk/BOOK/chapter03/patches.xml	Thu Apr 23 17:10:06 2015	(r10902)
+++ trunk/BOOK/chapter03/patches.xml	Thu Apr 23 20:19:38 2015	(r10903)
@@ -123,15 +123,23 @@
         <para>MD5 sum: <literal>&mpfr-fixes-patch-md5;</literal></para>
       </listitem>
     </varlistentry>
-<!--
+
     <varlistentry>
-      <term>Perl Data::Dumper Patch - <token>&perl-fix-patch-size;</token>:</term>
+      <term>Ncurses GCC 5 Fixes Patch - <token>&ncurses-gcc5-buildfixes-patch-size;</token>:</term>
       <listitem>
-        <para>Download: <ulink url="&patches-root;&perl-fix-patch;"/></para>
-        <para>MD5 sum: <literal>&perl-fix-patch-md5;</literal></para>
+        <para>Download: <ulink url="&patches-root;&ncurses-gcc5-buildfixes-patch;"/></para>
+        <para>MD5 sum: <literal>&ncurses-gcc5-buildfixes-patch-md5;</literal></para>
       </listitem>
     </varlistentry>
--->
+
+    <varlistentry>
+      <term>Perl GCC 5 Fixes Patch - <token>&perl-gcc5-fixes-patch-size;</token>:</term>
+      <listitem>
+        <para>Download: <ulink url="&patches-root;&perl-gcc5-fixes-patch;"/></para>
+        <para>MD5 sum: <literal>&perl-gcc5-fixes-patch-md5;</literal></para>
+      </listitem>
+    </varlistentry>
+
     <varlistentry>
       <term>Readline Upstream Fixes Patch - <token>&readline-fixes-patch-size;</token>:</term>
       <listitem>

Modified: trunk/BOOK/chapter05/glibc.xml
==============================================================================
--- trunk/BOOK/chapter05/glibc.xml	Thu Apr 23 17:10:06 2015	(r10902)
+++ trunk/BOOK/chapter05/glibc.xml	Thu Apr 23 20:19:38 2015	(r10903)
@@ -43,6 +43,7 @@
   <sect2 role="installation">
     <title>Installation of Glibc</title>
 
+<!-- The enable-obsolete-rpc should handle this just fine.
     <para>In some cases, particularly LFS 7.1, the rpc headers were not
     installed properly.  Test to see if they are installed in the host system
     and install if they are not:</para>
@@ -51,7 +52,7 @@
   su -c 'mkdir -pv /usr/include/rpc'
   su -c 'cp -v sunrpc/rpc/*.h /usr/include/rpc'
 fi</userinput></screen>
-
+-->
     <para>Fix a regression in the package that affects 32-bit architectures:</para>
 
 <screen><userinput remap="pre">sed -e '/ia32/s/^/1:/' \
@@ -87,6 +88,7 @@
       --build=$(../glibc-&glibc-version;/scripts/config.guess) \
       --disable-profile                             \
       --enable-kernel=&min-kernel;                        \
+      --enable-obsolete-rpc                         \
       --with-headers=/tools/include                 \
       libc_cv_forced_unwind=yes                     \
       libc_cv_ctors_header=yes                      \
@@ -121,6 +123,15 @@
         </listitem>
       </varlistentry>
 
+      <varlistentry>
+        <term><parameter>--enable-obsolete-rpc</parameter></term>
+        <listitem>
+          <para>This installs NIS and RPC related headers that are not
+          installed by default. They are required to build GCC and by
+          several BLFS packages.</para>
+        </listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><parameter>--with-headers=/tools/include</parameter></term>
         <listitem>

Modified: trunk/BOOK/chapter05/libstdc++.xml
==============================================================================
--- trunk/BOOK/chapter05/libstdc++.xml	Thu Apr 23 17:10:06 2015	(r10902)
+++ trunk/BOOK/chapter05/libstdc++.xml	Thu Apr 23 20:19:38 2015	(r10903)
@@ -50,7 +50,7 @@
 
     <para>Create a directory for Libstdc++ and enter it:</para>
 
-<screen><userinput remap="pre">mkdir -pv ../gcc-build
+<screen><userinput remap="pre">mkdir -v ../gcc-build
 cd ../gcc-build</userinput></screen>
 
     <para>Prepare Libstdc++ for compilation:</para>
@@ -59,7 +59,6 @@
     --host=$LFS_TGT                 \
     --prefix=/tools                 \
     --disable-multilib              \
-    --disable-shared                \
     --disable-nls                   \
     --disable-libstdcxx-threads     \
     --disable-libstdcxx-pch         \

Modified: trunk/BOOK/chapter05/ncurses.xml
==============================================================================
--- trunk/BOOK/chapter05/ncurses.xml	Thu Apr 23 17:10:06 2015	(r10902)
+++ trunk/BOOK/chapter05/ncurses.xml	Thu Apr 23 20:19:38 2015	(r10903)
@@ -43,6 +43,11 @@
   <sect2 role="installation">
     <title>Installation of Ncurses</title>
 
+    <para>First, apply a patch to prevent a build failure
+    when building with GCC 5:</para>
+
+<screen><userinput remap="pre">patch -Np1 -i ../&ncurses-gcc5-buildfixes-patch;</userinput></screen>
+
     <para>Prepare Ncurses for compilation:</para>
 
 <screen><userinput remap="configure">./configure --prefix=/tools \

Modified: trunk/BOOK/chapter06/glibc.xml
==============================================================================
--- trunk/BOOK/chapter06/glibc.xml	Thu Apr 23 17:10:06 2015	(r10902)
+++ trunk/BOOK/chapter06/glibc.xml	Thu Apr 23 20:19:38 2015	(r10903)
@@ -74,6 +74,16 @@
     -e '/SSE2/s/^1://' \
     -i  sysdeps/i386/i686/multiarch/mempcpy_chk.S</userinput></screen>
 
+    <para>Fix a potential security issue identified upstream:</para>
+
+<screen><userinput remap="pre">sed -i '/glibc.*pad/{i\  buflen = buflen > pad ? buflen - pad : 0;
+                     s/ + pad//}' resolv/nss_dns/dns-host.c</userinput></screen>
+
+    <para>Fix a test case that fails when built using GCC 5:</para>
+
+<screen><userinput remap="pre">sed -e '/tst-audit2-ENV/i CFLAGS-tst-audit2.c += -fno-builtin' \
+    -i elf/Makefile</userinput></screen>
+
     <para>The Glibc documentation recommends building Glibc outside of the source
     directory in a dedicated build directory:</para>
 
@@ -88,20 +98,6 @@
     --enable-kernel=&min-kernel; \
     --enable-obsolete-rpc</userinput></screen>
 
-    <variablelist>
-      <title>The meaning of the new configure options:</title>
-
-      <varlistentry>
-        <term><parameter>--enable-obsolete-rpc</parameter></term>
-        <listitem>
-          <para>Installs NIS and RPC related headers that are not installed by
-          default; these are required to rebuild Glibc and by several BLFS
-          packages.</para>
-        </listitem>
-      </varlistentry>
-
-    </variablelist>
-
     <para>Compile the package:</para>
 
 <screen><userinput remap="make">make</userinput></screen>

Modified: trunk/BOOK/chapter06/ncurses.xml
==============================================================================
--- trunk/BOOK/chapter06/ncurses.xml	Thu Apr 23 17:10:06 2015	(r10902)
+++ trunk/BOOK/chapter06/ncurses.xml	Thu Apr 23 20:19:38 2015	(r10903)
@@ -41,6 +41,11 @@
   <sect2 role="installation">
     <title>Installation of Ncurses</title>
 
+    <para>First, apply a patch to prevent a build failure
+    when building with GCC 5:</para>
+
+<screen><userinput remap="pre">patch -Np1 -i ../&ncurses-gcc5-buildfixes-patch;</userinput></screen>
+
     <para>Don't install a static library that is not handled by configure:</para>
 
 <screen><userinput remap="pre">sed -i '/LIBTOOL_INSTALL/d' c++/Makefile.in</userinput></screen>

Modified: trunk/BOOK/chapter06/perl.xml
==============================================================================
--- trunk/BOOK/chapter06/perl.xml	Thu Apr 23 17:10:06 2015	(r10902)
+++ trunk/BOOK/chapter06/perl.xml	Thu Apr 23 20:19:38 2015	(r10903)
@@ -55,11 +55,12 @@
 
 <screen><userinput remap="pre">export BUILD_ZLIB=False
 export BUILD_BZIP2=0</userinput></screen>
-<!--
-    <para>Fix a potential security problem:</para>
 
-<screen><userinput remap="pre">patch -Np1 -i ../&perl-fix-patch;</userinput></screen>
--->
+    <para>Apply a patch to allow the Errno.pm module and the h2ph
+    program to build correctly when building with GCC 5:</para>
+
+<screen><userinput remap="pre">patch -Np1 -i ../&perl-gcc5-fixes-patch;</userinput></screen>
+
     <para>To have full control over the way Perl is set up, you can remove the
     <quote>-des</quote> options from the following command and hand-pick the way
     this package is built. Alternatively, use the command exactly as below to

Modified: trunk/BOOK/general.ent
==============================================================================
--- trunk/BOOK/general.ent	Thu Apr 23 17:10:06 2015	(r10902)
+++ trunk/BOOK/general.ent	Thu Apr 23 20:19:38 2015	(r10903)
@@ -1,14 +1,14 @@
-<!ENTITY version         "SVN-20150421">
+<!ENTITY version         "SVN-20150424">
 <!ENTITY short-version   "svn">  <!-- Used below in &blfs-book;. Change to x.y for release 
                                       but not -rc releases -->
-<!ENTITY releasedate     "April 21, 2015">
+<!ENTITY releasedate     "April 24, 2015">
 <!ENTITY copyrightdate   "1999-2015"><!-- jhalfs needs a literal dash, not – -->
 <!ENTITY milestone       "7.8">
 <!ENTITY generic-version "development"> <!-- Use "development", "testing", or "x.y[-pre{x}]" -->
 
 <!ENTITY lfs-root        "http://www.linuxfromscratch.org/">
 <!ENTITY blfs-root       "&lfs-root;blfs/">
-<!ENTITY blfs-book       "&blfs-root;view/&short-version;/"> 
+<!ENTITY blfs-book       "&blfs-root;view/&short-version;/">
 <!ENTITY faq-root        "&lfs-root;faq/">
 <!ENTITY hints-root      "&lfs-root;hints/downloads/files/">
 <!ENTITY hints-index     "&lfs-root;hints/list.html">

Modified: trunk/BOOK/packages.ent
==============================================================================
--- trunk/BOOK/packages.ent	Thu Apr 23 17:10:06 2015	(r10902)
+++ trunk/BOOK/packages.ent	Thu Apr 23 20:19:38 2015	(r10903)
@@ -196,20 +196,20 @@
 <!ENTITY gawk-ch6-du "39 MB">
 <!ENTITY gawk-ch6-sbu "0.3 SBU">
 
-<!ENTITY gcc-version "4.9.2">
-<!ENTITY gcc-size "87,832 KB">
+<!ENTITY gcc-version "5.1.0">
+<!ENTITY gcc-size "92,736 KB">
 <!ENTITY gcc-url "&gnu;gcc/gcc-&gcc-version;/gcc-&gcc-version;.tar.bz2">
-<!ENTITY gcc-md5 "4df8ee253b7f3863ad0b86359cd39c43">
+<!ENTITY gcc-md5 "d5525b1127d07d215960e6051c5da35e">
 <!ENTITY gcc-home "http://gcc.gnu.org/">
-<!ENTITY gcc-ch5p1-du "2.0 GB">
-<!ENTITY gcc-ch5p1-sbu "5.9 SBU">
-<!ENTITY gcc-ch5p2-du "2.6 GB">
-<!ENTITY gcc-ch5p2-sbu "7.7 SBU">
-<!ENTITY gcc-ch6-du "2.9 GB ">
-<!ENTITY gcc-ch6-sbu "63 SBU (with tests)">
+<!ENTITY gcc-ch5p1-du "2.4 GB">
+<!ENTITY gcc-ch5p1-sbu "8.0 SBU">
+<!ENTITY gcc-ch5p2-du "2.8 GB">
+<!ENTITY gcc-ch5p2-sbu "10.2 SBU">
+<!ENTITY gcc-ch6-du "2.6 GB ">
+<!ENTITY gcc-ch6-sbu "92 SBU (with tests)">
 
-<!ENTITY libstdcpp-ch5-du "798 MB">
-<!ENTITY libstdcpp-ch5-sbu "0.3 SBU">
+<!ENTITY libstdcpp-ch5-du "838 MB">
+<!ENTITY libstdcpp-ch5-sbu "0.4 SBU">
 
 <!ENTITY gdbm-version "1.11">
 <!ENTITY gdbm-size "796 KB">

Modified: trunk/BOOK/patches.ent
==============================================================================
--- trunk/BOOK/patches.ent	Thu Apr 23 17:10:06 2015	(r10902)
+++ trunk/BOOK/patches.ent	Thu Apr 23 20:19:38 2015	(r10903)
@@ -30,11 +30,13 @@
 <!ENTITY mpfr-fixes-patch-md5 "5ba8bafe42920d6e570567529629bc59">
 <!ENTITY mpfr-fixes-patch-size "38 KB">
 
-<!--
-<!ENTITY perl-fix-patch "perl-&perl-version;-infinite_recurse_fix-1.patch">
-<!ENTITY perl-fix-patch-md5 "579dfed34e97e0a2fe21b74aa53946ac">
-<!ENTITY perl-fix-patch-size "11 KB">
--->
+<!ENTITY ncurses-gcc5-buildfixes-patch "ncurses-&ncurses-version;-gcc5_buildfixes-1.patch">
+<!ENTITY ncurses-gcc5-buildfixes-patch-md5 "f9015f670940350a3fc3c2ef347e2b33">
+<!ENTITY ncurses-gcc5-buildfixes-patch-size "4 KB">
+
+<!ENTITY perl-gcc5-fixes-patch "perl-&perl-version;-gcc5_fixes-1.patch">
+<!ENTITY perl-gcc5-fixes-patch-md5 "30f4907f63ec3ef7d50fa55e12d2923e">
+<!ENTITY perl-gcc5-fixes-patch-size "8 KB">
 
 <!ENTITY readline-fixes-patch "readline-&readline-version;-upstream_fixes-3.patch">
 <!ENTITY readline-fixes-patch-md5 "6b0d9f4e79319d56a7fee9b35e5cfd1b">


More information about the lfs-book mailing list