glibc 2.23-5

git-svn-id: http://trac.vinelinux.org/repos/projects/specs@11690 ec354946-7b23-47d6-9f5a-488ba84defc7

g/glibc/glibc-vl.spec

@@ -30,7 +30,7 @@ Summary: The GNU libc libraries
 Summary(ja): GNU libc ライブラリ
 Name: glibc
 Version: %{glibcversion}
-Release: 4%{?_dist_release}
+Release: 5%{?_dist_release}
 # GPLv2+ is used in a bunch of programs, LGPLv2+ is used for libraries.
 # Things that are linked directly into dynamically linked programs
 # and shared libraries (e.g. crt files, lib*_nonshared.a) have an additional
@@ -62,6 +62,7 @@ Patch20001: CVE-2016-1234-2.patch
 Patch20002: CVE-2016-3075.patch
 Patch20003: CVE-2016-3706.patch
 Patch20004: CVE-2016-4429.patch
+Patch20005: glibc-2.23_CVE-2017-1000366.patch
 
 Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Obsoletes: glibc-profile < 2.4
@@ -441,6 +442,7 @@ package or when debugging this package.
 %patch20002 -p1
 %patch20003 -p1
 %patch20004 -p1
+%patch20005 -p1 -b .CVE-2017-1000366
 
 # A lot of programs still misuse memcpy when they have to use
 # memmove. The memcpy implementation below is not tolerant at
@@ -1413,6 +1415,9 @@ rm -f *.filelist*
 %endif
 
 %changelog
+* Tue Jun 20 2017 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2.23-5
+- add patch20005 for fix CVE-2017-1000366
+
 * Mon Aug  1 2016 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.23-4
 - added Patch20000-20004 to fix vulnerabilities.
   - CVE-2016-1234