++++CVE-2015-7547 --- glibc getaddrinfo() stack-based buffer overflow|
Pengutronix has released new versions of their OSELAS Toolchains, which fix the [[https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7547|CVE-2015-7547 --- glibc getaddrinfo() stack-based buffer overflow]] issue:
^ OSELAS version ^ glibc version ^
| [[http://www.pengutronix.de/oselas/toolchain/download/OSELAS.Toolchain-2014.12.2.tar.bz2|2014.12.2]] | 2.20 |
| [[http://www.pengutronix.de/oselas/toolchain/download/OSELAS.Toolchain-2013.12.3.tar.bz2|2013.12.3]] | 2.18 |
| [[http://www.pengutronix.de/oselas/toolchain/download/OSELAS.Toolchain-2012.12.2.tar.bz2|2012.12.2]] | 2.16.0 |
| [[http://www.pengutronix.de/oselas/toolchain/download/OSELAS.Toolchain-2011.11.4.tar.bz2|2011.11.4]] | 2.14.1 |
| [[http://www.pengutronix.de/oselas/toolchain/download/OSELAS.Toolchain-2011.03.2.tar.bz2|2011.03.2]] | 2.13 |
\\
TQ **strongly recommends** to switch your PTXdist based BSP(s) to one of the above mentioned (or later) OSELAS toolchains.
**For deployed systems with network connectivity, an update should be taken into consideration!**
**__Step-by-step instructions to switch your BSP to a new toolchain__**
1. Build the new OSELAS toolchain
* Choose the new toolchain version, which fits best and build it according to the [[http://www.pengutronix.de/software/ptxdist/appnotes/AppNote_BuildingToolchain.pdf|Application Note: Building OSELAS.Toolchains()]].\\
2. Reconfigure your BSP / platform
* Move to your BSP root folder and execute
ptxdist platformconfig
* Navigate to
architecture --> toolchain -->
and modify the following options
(OSELAS.Toolchain-YYYY.MM.P) check for specific toolchain vendor
(MAJOR.MINOR[.PATCH]) check for specific glibc version
to match the version information for the toochain you built in the first step.
* Exit PTXdist and make sure your changes are saved.
* To make PTXdist use the new toolchain for your BSP / platform execute
ptxdist toolchain
3. Rebuild your BSP
* For a clean rebuild execute
ptxdist clean
ptxdist go --git
++++