Can we update glibc to newer version? v2.23 is latest.
We are interested in some of the fixes that went in release 2.20 and later. We can backport them, but unless there is a problem would prefer if we can just update to the newer version.
@adityakali
can you please provide more details about what fixes do you need?
There is another request to upgrade glibc but we were not planning to do the upgrade this quarter.
We like to see crostool do some testing before us.
Last time we did the upgrade we had an issue that was quite nasty and took several days to fix.
We need fix for https://sourceware.org/bugzilla/show_bug.cgi?id=15946 at the minimum (which I think can be backported as well). But there are several bug fixes that went in since 2.19, and it would be better to simply upgrade to newer version.
If not 2.23 (latest), is it possible to upgrade to 2.22?
Thanks.
if you look at the list of bugfixes in the glibc-2.20+ NEWS files, there will be a number of security related changes that we don't have in CrOS. the question then becomes how many of those are important/critical to us ... i suspect the answer is non-zero.
I would prefer we dont do any glibc upgrades this quarter.
I am loosing one engineer and another is on parental leave.
We have plenty of work for this quarter and, in my experience, a glibc roll will take at least 2 weeks of work (assuming there will be some problems introduced by it, which usually happens).
So, I will prefer to backport the change required by GCI and do the roll later in the year (and let 2.23 mature a little bit).
About security, I have not heard any request from the security team for gblic updagrades or backports (except for the recent CVE-2015-7547 which we backported to 2.19).
I am adding security team in case there is any hard request.
And as Yunlian said, we prefer to trail Google3 on glibc rolls.
This issue has been approved for a merge. Please merge the fix to any appropriate branches as soon as possible!
If all merges have been completed, please remove any remaining Merge-Approved labels from this issue.
Thanks for your time! To disable nags, add the Disable-Nags label.
For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
any idea on timeframe for this ? on a completely unrelated topic, i found a bug in glibc-2.19 with C++/PIEs/finalizers that looks fixed in glibc-2.23. i'd like to be lazy and not track down the upstream fix :).
Comment 1 by yunlian@chromium.org
, Apr 13 2016Owner: yunlian@chromium.org