* [2.31 COMMITTED] math/test-sinl-pseudo: Use stack protector only if available
@ 2020-03-11 11:51 Aurelien Jarno
2020-03-11 11:51 ` [2.31 COMMITTED] Add NEWS entry for CVE-2020-10029 (bug 25487) Aurelien Jarno
0 siblings, 1 reply; 2+ messages in thread
From: Aurelien Jarno @ 2020-03-11 11:51 UTC (permalink / raw)
To: libc-stable
From: Florian Weimer <fweimer@redhat.com>
This fixes commit 9333498794cde1d5cca518bad ("Avoid ldbl-96 stack
corruption from range reduction of pseudo-zero (bug 25487).").
(cherry picked from commit c10acd40262486dac597001aecc20ad9d3bd0e4a)
---
sysdeps/ieee754/ldbl-96/Makefile | 2 ++
1 file changed, 2 insertions(+)
diff --git a/sysdeps/ieee754/ldbl-96/Makefile b/sysdeps/ieee754/ldbl-96/Makefile
index 318628aed6b..6030adf7e7e 100644
--- a/sysdeps/ieee754/ldbl-96/Makefile
+++ b/sysdeps/ieee754/ldbl-96/Makefile
@@ -18,5 +18,7 @@
ifeq ($(subdir),math)
tests += test-canonical-ldbl-96 test-totalorderl-ldbl-96 test-sinl-pseudo
+ifeq ($(have-ssp),yes)
CFLAGS-test-sinl-pseudo.c += -fstack-protector-all
endif
+endif # $(subdir) == math
--
2.24.1
^ permalink raw reply [flat|nested] 2+ messages in thread
* [2.31 COMMITTED] Add NEWS entry for CVE-2020-10029 (bug 25487)
2020-03-11 11:51 [2.31 COMMITTED] math/test-sinl-pseudo: Use stack protector only if available Aurelien Jarno
@ 2020-03-11 11:51 ` Aurelien Jarno
0 siblings, 0 replies; 2+ messages in thread
From: Aurelien Jarno @ 2020-03-11 11:51 UTC (permalink / raw)
To: libc-stable
(cherry picked from commit 15ab195229dc288d1d49612c3de14a33b88065ed)
---
NEWS | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/NEWS b/NEWS
index d0ad1693f2c..f614cf5b61f 100644
--- a/NEWS
+++ b/NEWS
@@ -13,7 +13,9 @@ The following bugs are resolved with this release:
Security related changes:
- CVE-2020-10029
+ CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
+ corruption when they were passed a pseudo-zero argument. Reported by Guido
+ Vranken / ForAllSecure Mayhem.
\f
Version 2.31
--
2.24.1
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-03-11 11:51 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-03-11 11:51 [2.31 COMMITTED] math/test-sinl-pseudo: Use stack protector only if available Aurelien Jarno
2020-03-11 11:51 ` [2.31 COMMITTED] Add NEWS entry for CVE-2020-10029 (bug 25487) Aurelien Jarno
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).