This is not exploitable when glibc has CVE-2016-10739 fixed,
which is fixed in the upstream version since warrior.
(From OE-Core rev: 0da6e0a232019fe7eccfbdf33a13c1fe0a35cddd)
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Update to account for review feedback on list.
(From OE-Core rev: ec788594f3f6a47687c6eb321437f2d2b58b1518)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
=help>
List-Subscribe:
<http://lists.openembedded.org/mailman/listinfo/openembedded-core>,
<mailto:openembedded-core-request@lists.openembedded.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Sender: openembedded-core-bounces@lists.openembedded.org
Errors-To: openembedded-core-bounces@lists.openembedded.org
X-Virus-Scanned: clamav-milter 0.101.4 at dan
X-Virus-Status: Clean
X-Evolution-Source: 1525863794.3857.16@hex
Content-Transfer-Encoding: 8bit
Python uses features of glibc that require it to dynamically load (i.e.
dlopen()) libgcc_s at runtime. However, since this isn't a link time
dependency, it doesn't get picked up automatically by bitbake so
manually add it to RDEPENDS.
There is an outstanding bug in Python to make it explicitly link against
libgcc at link time which would remove the need for this. See:
https://bugs.python.org/issue37395
(From OE-Core rev: df107f3a149b1e88d9f869e7ff87950ccf5aaee0)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
