From 363fece4283164d114b330b430d9bb3d056c77b9 Mon Sep 17 00:00:00 2001 From: Xi Ruoyao Date: Wed, 4 Oct 2023 13:39:03 +0800 Subject: [PATCH 1/2] glibc: Fix CVE-2023-4911 --- chapter01/changelog.xml | 10 ++++++++++ patches.ent | 4 ++-- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/chapter01/changelog.xml b/chapter01/changelog.xml index 956e208d5..4a3bd21ae 100644 --- a/chapter01/changelog.xml +++ b/chapter01/changelog.xml @@ -40,6 +40,16 @@ appropriate for the entry or if needed the entire day's listitem. --> + + 2023-10-03 + + + [xry111] - Update Glibc upstream fixes patch to fix + CVE-2023-4911. + + + + 2023-10-01 diff --git a/patches.ent b/patches.ent index 3677f3e66..4107b2dc2 100644 --- a/patches.ent +++ b/patches.ent @@ -14,8 +14,8 @@ - - + + From 623081aa93df0ec73c93332103a2c31ec6d29ffa Mon Sep 17 00:00:00 2001 From: Pierre Labastie Date: Wed, 4 Oct 2023 15:50:38 +0200 Subject: [PATCH 2/2] bootscripts: change "halt stop" to "halt start" Commit 27d23b1d has changed the convention that scripts with Sxxx symlinks should be run with "stop" parameter in runlevels 0 and 6. They should now be called with the more intuitive "start" parameter. But a few scripts still call "/etc/init.d/halt stop". Fortunately, this occurs in code paths that are rarely run (unrecoverable errors). So it was not noticed until now. Anyway, this is fixed in this commit. --- bootscripts/ChangeLog | 7 ++++++- bootscripts/lfs/init.d/checkfs | 4 ++-- bootscripts/lfs/init.d/udev | 2 +- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/bootscripts/ChangeLog b/bootscripts/ChangeLog index aff30cb41..3853ff83a 100644 --- a/bootscripts/ChangeLog +++ b/bootscripts/ChangeLog @@ -1,3 +1,8 @@ +2023-10-04 Pierre Labastie + * After the changes done on 2022-03-24, several "halt stop" should + have been changed to "halt start". Done now. Fortunately, those + occur only when something wrong happens with disks or devices. + 2023-07-28 Xi Ruoyao * In mountvirtfs, mount /sys/fs/cgroup for udev from systemd-254. @@ -24,7 +29,7 @@ * New semantics for K and S scripts: - S scripts only started if not already marked S in the previous runlevel - K scripts only started if not already marked K in the previous runlevel - - remove the convention of running S scripts ith "stop" in rl 0/6 + - remove the convention of running S scripts with "stop" in rl 0/6 2021-06-08 Bruce Dubbs * When shutting down the network, ignore invalid interfaces or interfaces that are not UP. diff --git a/bootscripts/lfs/init.d/checkfs b/bootscripts/lfs/init.d/checkfs index bbbae8d99..b7f6e3ff2 100644 --- a/bootscripts/lfs/init.d/checkfs +++ b/bootscripts/lfs/init.d/checkfs @@ -63,7 +63,7 @@ case "${1}" in log_info_msg "Press Enter to continue..." wait_for_user - /etc/rc.d/init.d/halt stop + /etc/rc.d/init.d/halt start else log_success_msg2 fi @@ -127,7 +127,7 @@ case "${1}" in log_info_msg "Press Enter to continue..." wait_for_user - /etc/rc.d/init.d/halt stop + /etc/rc.d/init.d/halt start fi if [ "${error_value}" -ge 16 ]; then diff --git a/bootscripts/lfs/init.d/udev b/bootscripts/lfs/init.d/udev index f3b07b022..a843e0c39 100644 --- a/bootscripts/lfs/init.d/udev +++ b/bootscripts/lfs/init.d/udev @@ -41,7 +41,7 @@ case "${1}" in log_info_msg "$msg" log_info_msg "Press Enter to continue..." wait_for_user - /etc/rc.d/init.d/halt stop + /etc/rc.d/init.d/halt start fi # Start the udev daemon to continually watch for, and act on,