From: Jan Palus Date: Wed, 6 Apr 2022 12:07:46 +0000 (+0200) Subject: add patch fixing firefox sandbox regression; rel 7 X-Git-Tag: auto/th/glibc-2.35-7 X-Git-Url: https://git.pld-linux.org/?a=commitdiff_plain;h=570f02604f7dc273eddfb526cf8827300b8c514c;p=packages%2Fglibc.git add patch fixing firefox sandbox regression; rel 7 from: https://patchwork.sourceware.org/project/glibc/patch/20220314175316.3239120-2-sam@gentoo.org/ --- diff --git a/glibc.spec b/glibc.spec index f21aedd..866879e 100644 --- a/glibc.spec +++ b/glibc.spec @@ -50,7 +50,7 @@ Summary(tr.UTF-8): GNU libc Summary(uk.UTF-8): GNU libc версії Name: glibc Version: %{core_version} -Release: 6 +Release: 7 Epoch: 6 License: LGPL v2.1+ Group: Libraries @@ -73,7 +73,7 @@ Patch0: glibc-git.patch Patch2: %{name}-pld.patch Patch3: %{name}-crypt-blowfish.patch Patch4: %{name}-no-bash-nls.patch - +Patch5: nss_crash.patch Patch6: %{name}-paths.patch Patch10: %{name}-info.patch @@ -950,6 +950,7 @@ exit 1 %patch2 -p1 %patch3 -p1 %{!?with_bash_nls:%patch4 -p1} +%patch5 -p1 %patch6 -p1 diff --git a/nss_crash.patch b/nss_crash.patch new file mode 100644 index 0000000..489aacc --- /dev/null +++ b/nss_crash.patch @@ -0,0 +1,31 @@ +diff --git a/nss/nss_database.c b/nss/nss_database.c +index d56c5b798d..a0522ea7d2 100644 +--- a/nss/nss_database.c ++++ b/nss/nss_database.c +@@ -424,17 +424,21 @@ nss_database_check_reload_and_get (struct nss_database_state *local, + errors here are very unlikely, but the chance that we're entering + a container is also very unlikely, so we err on the side of both + very unlikely things not happening at the same time. */ +- if (__stat64_time64 ("/", &str) != 0 +- || (local->root_ino != 0 +- && (str.st_ino != local->root_ino +- || str.st_dev != local->root_dev))) +- { ++ if (__stat64_time64 ("/", &str) != 0) { ++ __libc_lock_unlock (local->lock); ++ return false; ++ } ++ ++ if (local->root_ino != 0 && (str.st_ino != local->root_ino ++ || str.st_dev != local->root_dev)) ++ { + /* Change detected; disable reloading and return current state. */ + atomic_store_release (&local->data.reload_disabled, 1); + *result = local->data.services[database_index]; + __libc_lock_unlock (local->lock); + return true; + } ++ + local->root_ino = str.st_ino; + local->root_dev = str.st_dev; + __libc_lock_unlock (local->lock);