diff --git a/SOURCES/glibc-armhfp-ELF_MACHINE_NO_REL-undefined.patch b/SOURCES/glibc-armhfp-ELF_MACHINE_NO_REL-undefined.patch
deleted file mode 100644
index 78d7c4b..0000000
--- a/SOURCES/glibc-armhfp-ELF_MACHINE_NO_REL-undefined.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From patchwork Thu Jul 3 13:26:40 2014
-Content-Type: text/plain; charset="utf-8"
-MIME-Version: 1.0
-Content-Transfer-Encoding: 7bit
-Subject: ARM: Define ELF_MACHINE_NO_REL
-X-Patchwork-Submitter: Will Newton <will.newton@linaro.org>
-X-Patchwork-Id: 366862
-Message-Id: <1404394000-13429-1-git-send-email-will.newton@linaro.org>
-To: libc-alpha@sourceware.org
-Date: Thu, 3 Jul 2014 14:26:40 +0100
-From: Will Newton <will.newton@linaro.org>
-List-Id: <libc-alpha.sourceware.org>
-
-Fix a -Wundef warning on ARM.
-
-ChangeLog:
-
-2014-07-03 Will Newton <will.newton@linaro.org>
-
- * sysdeps/arm/dl-machine.h (ELF_MACHINE_NO_REL): Define.
----
- sysdeps/arm/dl-machine.h | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/sysdeps/arm/dl-machine.h b/sysdeps/arm/dl-machine.h
-index c5ffc93..d6b0c52 100644
---- a/sysdeps/arm/dl-machine.h
-+++ b/sysdeps/arm/dl-machine.h
-@@ -296,6 +296,7 @@ elf_machine_plt_value (struct link_map *map, const Elf32_Rel *reloc,
- /* ARM never uses Elf32_Rela relocations for the dynamic linker.
- Prelinked libraries may use Elf32_Rela though. */
- #define ELF_MACHINE_NO_RELA defined RTLD_BOOTSTRAP
-+#define ELF_MACHINE_NO_REL 0
-
- /* Names of the architecture-specific auditing callback functions. */
- #define ARCH_LA_PLTENTER arm_gnu_pltenter
diff --git a/SOURCES/glibc-rh1256317-armhfp-build-issue.patch b/SOURCES/glibc-rh1256317-armhfp-build-issue.patch
deleted file mode 100644
index aa6e7fe..0000000
--- a/SOURCES/glibc-rh1256317-armhfp-build-issue.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/sysdeps/unix/arm/sysdep.S 2016-11-05 11:44:45.561945344 +0100
-+++ b/sysdeps/unix/arm/sysdep.S 2016-11-05 11:44:19.542069815 +0100
-@@ -37,7 +37,7 @@
- moveq r0, $EAGAIN /* Yes; translate it to EAGAIN. */
- #endif
-
--#ifndef IS_IN_rtld
-+#if !IS_IN (rtld)
- mov ip, lr
- cfi_register (lr, ip)
- mov r1, r0
diff --git a/SOURCES/glibc-rh1772307.patch b/SOURCES/glibc-rh1772307.patch
deleted file mode 100644
index 1ccc6dd..0000000
--- a/SOURCES/glibc-rh1772307.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From 27d3ce1467990f89126e228559dec8f84b96c60e Mon Sep 17 00:00:00 2001
-From: "H.J. Lu" <hjl.tools@gmail.com>
-Date: Fri, 1 Apr 2016 15:08:48 -0700
-Subject: [PATCH] Remove Fast_Copy_Backward from Intel Core processors
-
-Intel Core i3, i5 and i7 processors have fast unaligned copy and
-copy backward is ignored. Remove Fast_Copy_Backward from Intel Core
-processors to avoid confusion.
-
- * sysdeps/x86/cpu-features.c (init_cpu_features): Don't set
- bit_arch_Fast_Copy_Backward for Intel Core proessors.
----
- ChangeLog | 5 +++++
- sysdeps/x86/cpu-features.c | 6 +-----
- 2 files changed, 6 insertions(+), 5 deletions(-)
-
-diff -rup a/sysdeps/x86/cpu-features.c b/sysdeps/x86/cpu-features.c
---- a/sysdeps/x86/cpu-features.c 2020-01-21 16:44:28.637555853 -0500
-+++ b/sysdeps/x86/cpu-features.c 2020-01-21 16:46:51.208756416 -0500
-@@ -116,11 +116,8 @@ init_cpu_features (struct cpu_features *
- case 0x2c:
- case 0x2e:
- case 0x2f:
-- /* Rep string instructions, copy backward, unaligned loads
-+ /* Rep string instructions, unaligned load, unaligned copy,
- and pminub are fast on Intel Core i3, i5 and i7. */
--#if index_Fast_Rep_String != index_Fast_Copy_Backward
--# error index_Fast_Rep_String != index_Fast_Copy_Backward
--#endif
- #if index_Fast_Rep_String != index_Fast_Unaligned_Load
- # error index_Fast_Rep_String != index_Fast_Unaligned_Load
- #endif
-@@ -129,7 +126,6 @@ init_cpu_features (struct cpu_features *
- #endif
- cpu_features->feature[index_Fast_Rep_String]
- |= (bit_Fast_Rep_String
-- | bit_Fast_Copy_Backward
- | bit_Fast_Unaligned_Load
- | bit_Prefer_PMINUB_for_stringop);
- break;
-
diff --git a/SOURCES/glibc-rh1812119-1.patch b/SOURCES/glibc-rh1812119-1.patch
new file mode 100644
index 0000000..85b8399
--- /dev/null
+++ b/SOURCES/glibc-rh1812119-1.patch
@@ -0,0 +1,130 @@
+Based on the following commit, but modified for rhel-7.9.
+Added sysdeps/ieee754/ldbl-96/Makefile to contain test case.
+Adjust test case to use #include <math_private.h>.
+
+commit 9333498794cde1d5cca518badf79533a24114b6f
+Author: Joseph Myers <joseph@codesourcery.com>
+Date: Wed Feb 12 23:31:56 2020 +0000
+
+ Avoid ldbl-96 stack corruption from range reduction of pseudo-zero (bug 25487).
+
+ Bug 25487 reports stack corruption in ldbl-96 sinl on a pseudo-zero
+ argument (an representation where all the significand bits, including
+ the explicit high bit, are zero, but the exponent is not zero, which
+ is not a valid representation for the long double type).
+
+ Although this is not a valid long double representation, existing
+ practice in this area (see bug 4586, originally marked invalid but
+ subsequently fixed) is that we still seek to avoid invalid memory
+ accesses as a result, in case of programs that treat arbitrary binary
+ data as long double representations, although the invalid
+ representations of the ldbl-96 format do not need to be consistently
+ handled the same as any particular valid representation.
+
+ This patch makes the range reduction detect pseudo-zero and unnormal
+ representations that would otherwise go to __kernel_rem_pio2, and
+ returns a NaN for them instead of continuing with the range reduction
+ process. (Pseudo-zero and unnormal representations whose unbiased
+ exponent is less than -1 have already been safely returned from the
+ function before this point without going through the rest of range
+ reduction.) Pseudo-zero representations would previously result in
+ the value passed to __kernel_rem_pio2 being all-zero, which is
+ definitely unsafe; unnormal representations would previously result in
+ a value passed whose high bit is zero, which might well be unsafe
+ since that is not a form of input expected by __kernel_rem_pio2.
+
+ Tested for x86_64.
+
+diff -urN a/sysdeps/ieee754/ldbl-96/e_rem_pio2l.c b/sysdeps/ieee754/ldbl-96/e_rem_pio2l.c
+--- a/sysdeps/ieee754/ldbl-96/e_rem_pio2l.c 2012-12-24 22:02:13.000000000 -0500
++++ b/sysdeps/ieee754/ldbl-96/e_rem_pio2l.c 2021-01-06 20:39:13.502241328 -0500
+@@ -210,6 +210,18 @@
+ return 0;
+ }
+
++ if ((i0 & 0x80000000) == 0)
++ {
++ /* Pseudo-zero and unnormal representations are not valid
++ representations of long double. We need to avoid stack
++ corruption in __kernel_rem_pio2, which expects input in a
++ particular normal form, but those representations do not need
++ to be consistently handled like any particular floating-point
++ value. */
++ y[1] = y[0] = __builtin_nanl ("");
++ return 0;
++ }
++
+ /* Split the 64 bits of the mantissa into three 24-bit integers
+ stored in a double array. */
+ exp = j0 - 23;
+diff -urN a/sysdeps/ieee754/ldbl-96/Makefile b/sysdeps/ieee754/ldbl-96/Makefile
+--- a/sysdeps/ieee754/ldbl-96/Makefile 1969-12-31 19:00:00.000000000 -0500
++++ b/sysdeps/ieee754/ldbl-96/Makefile 2021-01-06 20:55:49.163141757 -0500
+@@ -0,0 +1,22 @@
++# Makefile for sysdeps/ieee754/ldbl-96.
++# Copyright (C) 2016-2021 Free Software Foundation, Inc.
++# This file is part of the GNU C Library.
++
++# The GNU C Library is free software; you can redistribute it and/or
++# modify it under the terms of the GNU Lesser General Public
++# License as published by the Free Software Foundation; either
++# version 2.1 of the License, or (at your option) any later version.
++
++# The GNU C Library is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++# Lesser General Public License for more details.
++
++# You should have received a copy of the GNU Lesser General Public
++# License along with the GNU C Library; if not, see
++# <https://www.gnu.org/licenses/>.
++
++ifeq ($(subdir),math)
++tests += test-sinl-pseudo
++CFLAGS-test-sinl-pseudo.c += -fstack-protector-all
++endif
+diff -urN a/sysdeps/ieee754/ldbl-96/test-sinl-pseudo.c b/sysdeps/ieee754/ldbl-96/test-sinl-pseudo.c
+--- a/sysdeps/ieee754/ldbl-96/test-sinl-pseudo.c 1969-12-31 19:00:00.000000000 -0500
++++ b/sysdeps/ieee754/ldbl-96/test-sinl-pseudo.c 2021-01-05 16:27:24.658596782 -0500
+@@ -0,0 +1,41 @@
++/* Test sinl for pseudo-zeros and unnormals for ldbl-96 (bug 25487).
++ Copyright (C) 2020 Free Software Foundation, Inc.
++ This file is part of the GNU C Library.
++
++ The GNU C Library is free software; you can redistribute it and/or
++ modify it under the terms of the GNU Lesser General Public
++ License as published by the Free Software Foundation; either
++ version 2.1 of the License, or (at your option) any later version.
++
++ The GNU C Library is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++
++ You should have received a copy of the GNU Lesser General Public
++ License along with the GNU C Library; if not, see
++ <https://www.gnu.org/licenses/>. */
++
++#include <math.h>
++#include <math_private.h>
++#include <stdint.h>
++
++static int
++do_test (void)
++{
++ for (int i = 0; i < 64; i++)
++ {
++ uint64_t sig = i == 63 ? 0 : 1ULL << i;
++ long double ld;
++ SET_LDOUBLE_WORDS (ld, 0x4141,
++ sig >> 32, sig & 0xffffffffULL);
++ /* The requirement is that no stack overflow occurs when the
++ pseudo-zero or unnormal goes through range reduction. */
++ volatile long double ldr;
++ ldr = sinl (ld);
++ (void) ldr;
++ }
++ return 0;
++}
++
++#include <support/test-driver.c>
diff --git a/SOURCES/glibc-rh1812119-2.patch b/SOURCES/glibc-rh1812119-2.patch
new file mode 100644
index 0000000..7ad13fb
--- /dev/null
+++ b/SOURCES/glibc-rh1812119-2.patch
@@ -0,0 +1,22 @@
+Based on the following commit, but modified for rhel-7.9.
+
+commit c10acd40262486dac597001aecc20ad9d3bd0e4a
+Author: Florian Weimer <fweimer@redhat.com>
+Date: Thu Feb 13 17:01:15 2020 +0100
+
+ math/test-sinl-pseudo: Use stack protector only if available
+
+ This fixes commit 9333498794cde1d5cca518bad ("Avoid ldbl-96 stack
+ corruption from range reduction of pseudo-zero (bug 25487).").
+
+diff -urN a/sysdeps/ieee754/ldbl-96/Makefile b/sysdeps/ieee754/ldbl-96/Makefile
+--- a/sysdeps/ieee754/ldbl-96/Makefile 2021-01-06 20:55:49.163141757 -0500
++++ b/sysdeps/ieee754/ldbl-96/Makefile 2021-01-06 20:58:06.612989216 -0500
+@@ -18,5 +18,7 @@
+
+ ifeq ($(subdir),math)
+ tests += test-sinl-pseudo
++ifeq ($(have-ssp),yes)
+ CFLAGS-test-sinl-pseudo.c += -fstack-protector-all
+ endif
++endif # $(subdir) == math
diff --git a/SOURCES/glibc-rh1869380.patch b/SOURCES/glibc-rh1869380.patch
new file mode 100644
index 0000000..94d7935
--- /dev/null
+++ b/SOURCES/glibc-rh1869380.patch
@@ -0,0 +1,134 @@
+This is a custom patch for RHEL 7 to fix CVE-2020-29573 and includes
+parts of 41290b6e842a2adfbda77a49abfacb0db2d63bfb, and
+681900d29683722b1cb0a8e565a0585846ec5a61.
+
+We had a discussion[1] upstream about the treatment of unnormal long
+double numbers in glibc and gcc and there is general consensus that
+unnormal numbers (pseudos in general) ought to be treated like NaNs
+without the guarantee that they will always be treated correctly in
+glibc. That is, there is agreement that we should fix bugs and
+security issues arising from such inputs but not guarantee glibc
+behaviour with such inputs since the latter would involve extensive
+coverage.
+
+Now on to #1869380, this crash in printf manifests itself only in
+RHEL-7 and not in any other Red Hat distribution because later
+versions of glibc use __builtin_nan from gcc, which always recognizes
+pseudos as NaN. Based on that and the recent consensus, the correct
+way to fix #1869380 appears to be to treat unnormals as NaN instead of
+fixing the unnormal representation as in this patch[2].
+
+[1] https://sourceware.org/pipermail/libc-alpha/2020-November/119949.html
+[2] https://sourceware.org/pipermail/libc-alpha/2020-September/117779.html
+
+Co-authored-by: Siddhesh Poyarekar <siddhesh@redhat.com>
+
+diff --git a/stdio-common/printf_fp.c b/stdio-common/printf_fp.c
+index d0e082494af6b0a3..60b143571065a082 100644
+--- a/stdio-common/printf_fp.c
++++ b/stdio-common/printf_fp.c
+@@ -151,6 +151,28 @@ static wchar_t *group_number (wchar_t *buf, wchar_t *bufend,
+ wchar_t thousands_sep, int ngroups)
+ internal_function;
+
++static __always_inline int
++isnanl_or_pseudo (long double in)
++{
++#if defined __x86_64__ || defined __i386__
++ union
++ {
++ long double f;
++ struct
++ {
++ uint64_t low;
++ uint64_t high;
++ } u;
++ } ldouble;
++
++ ldouble.f = in;
++
++ return __isnanl (in) || (ldouble.u.low & 0x8000000000000000) == 0;
++#else
++ return __isnanl (in);
++#endif
++}
++
+
+ int
+ __printf_fp_l (FILE *fp, locale_t loc,
+@@ -335,7 +357,7 @@ __printf_fp_l (FILE *fp, locale_t loc,
+
+ /* Check for special values: not a number or infinity. */
+ int res;
+- if (__isnanl (fpnum.ldbl))
++ if (isnanl_or_pseudo (fpnum.ldbl))
+ {
+ is_neg = signbit (fpnum.ldbl);
+ if (isupper (info->spec))
+diff --git a/sysdeps/x86/Makefile b/sysdeps/x86/Makefile
+index c26533245e8a8103..f1da941dbbadadb3 100644
+--- a/sysdeps/x86/Makefile
++++ b/sysdeps/x86/Makefile
+@@ -18,3 +18,7 @@ sysdep-dl-routines += dl-get-cpu-features
+ tests += tst-get-cpu-features
+ tests-static += tst-get-cpu-features-static
+ endif
++
++ifeq ($(subdir),math)
++tests += tst-ldbl-nonnormal-printf
++endif # $(subdir) == math
+diff --git a/sysdeps/x86/tst-ldbl-nonnormal-printf.c b/sysdeps/x86/tst-ldbl-nonnormal-printf.c
+new file mode 100644
+index 0000000000000000..e4e3e428747488b9
+--- /dev/null
++++ b/sysdeps/x86/tst-ldbl-nonnormal-printf.c
+@@ -0,0 +1,49 @@
++/* Test printf with x86-specific non-normal long double value.
++ Copyright (C) 2020-2021 Free Software Foundation, Inc.
++
++ This file is part of the GNU C Library.
++
++ The GNU C Library is free software; you can redistribute it and/or
++ modify it under the terms of the GNU Lesser General Public
++ License as published by the Free Software Foundation; either
++ version 2.1 of the License, or (at your option) any later version.
++
++ The GNU C Library is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++
++ You should have received a copy of the GNU Lesser General Public
++ License along with the GNU C Library; if not, see
++ <https://www.gnu.org/licenses/>. */
++
++#include <stdio.h>
++#include <string.h>
++#include <support/check.h>
++
++/* Fill the stack with non-zero values. This makes a crash in
++ snprintf more likely. */
++static void __attribute__ ((noinline, noclone))
++fill_stack (void)
++{
++ char buffer[65536];
++ memset (buffer, 0xc0, sizeof (buffer));
++ asm ("" ::: "memory");
++}
++
++static int
++do_test (void)
++{
++ fill_stack ();
++
++ long double value;
++ memcpy (&value, "\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04", 10);
++
++ char buf[30];
++ int ret = snprintf (buf, sizeof (buf), "%Lg", value);
++ TEST_COMPARE (ret, strlen (buf));
++ TEST_COMPARE_STRING (buf, "nan");
++ return 0;
++}
++
++#include <support/test-driver.c>
diff --git a/SOURCES/glibc-rh1883162.patch b/SOURCES/glibc-rh1883162.patch
new file mode 100644
index 0000000..d146a06
--- /dev/null
+++ b/SOURCES/glibc-rh1883162.patch
@@ -0,0 +1,28 @@
+Use stat64 to detect presence of file that alters IFUNC selection.
+This avoids problems in NVMe drives where 32-bit stat would fail
+because the device ID doesn't fit into teh truncated 16-bit dev_t.
+
+diff --git a/sysdeps/x86/cpu-features.h b/sysdeps/x86/cpu-features.h
+index 4e2e6fabb39ab600..e3b8167ae0669f00 100644
+--- a/sysdeps/x86/cpu-features.h
++++ b/sysdeps/x86/cpu-features.h
+@@ -184,11 +184,19 @@
+ static bool __attribute__ ((unused))
+ use_unaligned_strstr (void)
+ {
++# if defined __x86_64__
+ struct stat unaligned_strstr_etc_sysconfig_file;
++# else
++ struct stat64 unaligned_strstr_etc_sysconfig_file;
++# endif
+
+ /* TLS may not have been set up yet, so avoid using stat since it tries to
+ set errno. */
++# if defined __x86_64__
+ return INTERNAL_SYSCALL (stat, , 2,
++# else
++ return INTERNAL_SYSCALL (stat64, , 2,
++# endif
+ ENABLE_STRSTR_UNALIGNED_PATHNAME,
+ &unaligned_strstr_etc_sysconfig_file) == 0;
+ }
diff --git a/SOURCES/glibc-rh1912543.patch b/SOURCES/glibc-rh1912543.patch
new file mode 100644
index 0000000..44dd01f
--- /dev/null
+++ b/SOURCES/glibc-rh1912543.patch
@@ -0,0 +1,131 @@
+commit ee7a3144c9922808181009b7b3e50e852fb4999b
+Author: Andreas Schwab <schwab@suse.de>
+Date: Mon Dec 21 08:56:43 2020 +0530
+
+ Fix buffer overrun in EUC-KR conversion module (bz #24973)
+
+ The byte 0xfe as input to the EUC-KR conversion denotes a user-defined
+ area and is not allowed. The from_euc_kr function used to skip two bytes
+ when told to skip over the unknown designation, potentially running over
+ the buffer end.
+
+Conflicts:
+ iconvdata/Makefile
+
+Textual conflict in iconvdata/Makefile due to tests differences.
+
+diff --git a/iconvdata/Makefile b/iconvdata/Makefile
+index 4ec2741cdc..85009f3390 100644
+--- a/iconvdata/Makefile
++++ b/iconvdata/Makefile
+@@ -73,7 +73,7 @@ modules.so := $(addsuffix .so, $(modules))
+ ifeq (yes,$(build-shared))
+ tests = bug-iconv1 bug-iconv2 tst-loading tst-e2big tst-iconv4 bug-iconv4 \
+ tst-iconv6 bug-iconv5 bug-iconv6 tst-iconv7 bug-iconv8 bug-iconv9 \
+- bug-iconv10 bug-iconv11 bug-iconv12
++ bug-iconv10 bug-iconv11 bug-iconv12 bug-iconv13
+ ifeq ($(have-thread-library),yes)
+ tests += bug-iconv3
+ endif
+diff --git a/iconvdata/bug-iconv13.c b/iconvdata/bug-iconv13.c
+new file mode 100644
+index 0000000000..87aaff398e
+--- /dev/null
++++ b/iconvdata/bug-iconv13.c
+@@ -0,0 +1,53 @@
++/* bug 24973: Test EUC-KR module
++ Copyright (C) 2020 Free Software Foundation, Inc.
++ This file is part of the GNU C Library.
++
++ The GNU C Library is free software; you can redistribute it and/or
++ modify it under the terms of the GNU Lesser General Public
++ License as published by the Free Software Foundation; either
++ version 2.1 of the License, or (at your option) any later version.
++
++ The GNU C Library is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++
++ You should have received a copy of the GNU Lesser General Public
++ License along with the GNU C Library; if not, see
++ <https://www.gnu.org/licenses/>. */
++
++#include <errno.h>
++#include <iconv.h>
++#include <stdio.h>
++#include <support/check.h>
++
++static int
++do_test (void)
++{
++ iconv_t cd = iconv_open ("UTF-8//IGNORE", "EUC-KR");
++ TEST_VERIFY_EXIT (cd != (iconv_t) -1);
++
++ /* 0xfe (->0x7e : row 94) and 0xc9 (->0x49 : row 41) are user-defined
++ areas, which are not allowed and should be skipped over due to
++ //IGNORE. The trailing 0xfe also is an incomplete sequence, which
++ should be checked first. */
++ char input[4] = { '\xc9', '\xa1', '\0', '\xfe' };
++ char *inptr = input;
++ size_t insize = sizeof (input);
++ char output[4];
++ char *outptr = output;
++ size_t outsize = sizeof (output);
++
++ /* This used to crash due to buffer overrun. */
++ TEST_VERIFY (iconv (cd, &inptr, &insize, &outptr, &outsize) == (size_t) -1);
++ TEST_VERIFY (errno == EINVAL);
++ /* The conversion should produce one character, the converted null
++ character. */
++ TEST_VERIFY (sizeof (output) - outsize == 1);
++
++ TEST_VERIFY_EXIT (iconv_close (cd) != -1);
++
++ return 0;
++}
++
++#include <support/test-driver.c>
+diff --git a/iconvdata/euc-kr.c b/iconvdata/euc-kr.c
+index b0d56cf3ee..1045bae926 100644
+--- a/iconvdata/euc-kr.c
++++ b/iconvdata/euc-kr.c
+@@ -80,11 +80,7 @@ euckr_from_ucs4 (uint32_t ch, unsigned char *cp)
+ \
+ if (ch <= 0x9f) \
+ ++inptr; \
+- /* 0xfe(->0x7e : row 94) and 0xc9(->0x59 : row 41) are \
+- user-defined areas. */ \
+- else if (__builtin_expect (ch == 0xa0, 0) \
+- || __builtin_expect (ch > 0xfe, 0) \
+- || __builtin_expect (ch == 0xc9, 0)) \
++ else if (__glibc_unlikely (ch == 0xa0)) \
+ { \
+ /* This is illegal. */ \
+ STANDARD_FROM_LOOP_ERR_HANDLER (1); \
+diff --git a/iconvdata/ksc5601.h b/iconvdata/ksc5601.h
+index d3eb3a4ff8..f5cdc72797 100644
+--- a/iconvdata/ksc5601.h
++++ b/iconvdata/ksc5601.h
+@@ -50,15 +50,15 @@ ksc5601_to_ucs4 (const unsigned char **s, size_t avail, unsigned char offset)
+ unsigned char ch2;
+ int idx;
+
++ if (avail < 2)
++ return 0;
++
+ /* row 94(0x7e) and row 41(0x49) are user-defined area in KS C 5601 */
+
+ if (ch < offset || (ch - offset) <= 0x20 || (ch - offset) >= 0x7e
+ || (ch - offset) == 0x49)
+ return __UNKNOWN_10646_CHAR;
+
+- if (avail < 2)
+- return 0;
+-
+ ch2 = (*s)[1];
+ if (ch2 < offset || (ch2 - offset) <= 0x20 || (ch2 - offset) >= 0x7f)
+ return __UNKNOWN_10646_CHAR;
+--
+2.29.2
+
diff --git a/SPECS/glibc.spec b/SPECS/glibc.spec
index 24c6272..25f68dd 100644
--- a/SPECS/glibc.spec
+++ b/SPECS/glibc.spec
@@ -1,6 +1,6 @@
%define glibcsrcdir glibc-2.17-c758a686
%define glibcversion 2.17
-%define glibcrelease 317%{?dist}
+%define glibcrelease 322%{?dist}
##############################################################################
# We support the following options:
# --with/--without,
@@ -249,11 +249,6 @@ Patch0068: glibc-rh1349982.patch
# These changes were brought forward from RHEL 6 for compatibility
Patch0069: glibc-rh1448107.patch
-
-# Armhfp build issue
-Patch9998: glibc-armhfp-ELF_MACHINE_NO_REL-undefined.patch
-Patch9999: glibc-rh1256317-armhfp-build-issue.patch
-
Patch1000: glibc-rh905877.patch
Patch1001: glibc-rh958652.patch
Patch1002: glibc-rh977870.patch
@@ -1626,7 +1621,6 @@ Patch2837: glibc-rh1775599.patch
Patch2838: glibc-rh1235112.patch
Patch2839: glibc-rh1728915-1.patch
Patch2840: glibc-rh1728915-2.patch
-Patch2841: glibc-rh1772307.patch
Patch2842: glibc-rh1747465-1.patch
Patch2843: glibc-rh1747465-2.patch
Patch2844: glibc-rh1747465-3.patch
@@ -1639,6 +1633,11 @@ Patch2850: glibc-rh1775816.patch
Patch2851: glibc-rh1763325.patch
Patch2852: glibc-rh1406732-6.patch
Patch2853: glibc-rh1834816.patch
+Patch2854: glibc-rh1912543.patch
+Patch2855: glibc-rh1869380.patch
+Patch2856: glibc-rh1812119-1.patch
+Patch2857: glibc-rh1812119-2.patch
+Patch2858: glibc-rh1883162.patch
##############################################################################
# End of glibc patches.
@@ -2990,7 +2989,6 @@ package or when debugging this package.
%patch2838 -p1
%patch2839 -p1
%patch2840 -p1
-%patch2841 -p1
%patch2842 -p1
%patch2843 -p1
%patch2844 -p1
@@ -3003,11 +3001,11 @@ package or when debugging this package.
%patch2851 -p1
%patch2852 -p1
%patch2853 -p1
-
-%ifarch %{arm}
-%patch9998 -p1
-%patch9999 -p1
-%endif
+%patch2854 -p1
+%patch2855 -p1
+%patch2856 -p1
+%patch2857 -p1
+%patch2858 -p1
##############################################################################
# %%prep - Additional prep required...
@@ -4195,6 +4193,22 @@ rm -f *.filelist*
%endif
%changelog
+* Wed Jan 06 2021 Carlos O'Donell <carlos@redhat.com> - 2.17-322
+- Enable file-based IFUNC selection on NVMe devices (#1883162)
+
+* Wed Jan 06 2021 Carlos O'Donell <carlos@redhat.com> - 2.17-321
+- CVE-2020-10029: Prevent stack corruption from crafted input in cosl, sinl,
+ sincosl, and tanl function. (#1812119)
+
+* Tue Jan 05 2021 Carlos O'Donell <carlos@redhat.com> - 2.17-320
+- CVE-2020-29573: Harden printf family of functions (#1869380)
+
+* Tue Jan 05 2021 Carlos O'Donell <carlos@redhat.com> - 2.17-319
+- Revert fix for #1772307 to improve Intel Xeon performance (#1889977)
+
+* Tue Jan 05 2021 Carlos O'Donell <carlos@redhat.com> - 2.17-318
+- CVE-2019-25013: Fix EUC-KR conversion module defect (#1912543)
+
* Tue May 12 2020 Florian Weimer <fweimer@redhat.com> - 2.17-317
- Do not clobber errno in nss_compat (#1834816)