main/musl: cherry-pick upstream fixes

ldso changes (lazy emulation etc) are not stable yet, so it's
are not included. the missing patch numbers are for those commits.

20 files changed, 726 insertions, 15 deletions

diff --git a/main/musl/0007-fix-bindtextdomain-logic-error-deactivating-other-do.patch b/main/musl/0007-fix-bindtextdomain-logic-error-deactivating-other-do.patch
new file mode 100644
index 0000000000..bacb3bc8e8
--- /dev/null
+++ b/main/musl/0007-fix-bindtextdomain-logic-error-deactivating-other-do.patch
@@ -0,0 +1,30 @@
+From 01e6bbece2bdcac243cdb8dff6916f2bb80a19e1 Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Sun, 29 Jan 2017 00:11:23 -0500
+Subject: [PATCH] fix bindtextdomain logic error deactivating other domains
+
+this loop was only supposed to deactivate other bindings for the same
+text domain name, but due to copy-and-paste error, deactivated all
+other bindings.
+
+patch by He X.
+---
+ src/locale/dcngettext.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/locale/dcngettext.c b/src/locale/dcngettext.c
+index a5ff8475..e48c50f0 100644
+--- a/src/locale/dcngettext.c
++++ b/src/locale/dcngettext.c
+@@ -74,7 +74,7 @@ char *bindtextdomain(const char *domainname, const char *dirname)
+ 	a_store(&p->active, 1);
+ 
+ 	for (q=bindings; q; q=q->next) {
+-		if (!strcmp(p->domainname, domainname) && q != p)
++		if (!strcmp(q->domainname, domainname) && q != p)
+ 			a_store(&q->active, 0);
+ 	}
+ 
+-- 
+2.11.1
+
diff --git a/main/musl/0008-fix-use-of-uninitialized-pointer-in-gettext-core.patch b/main/musl/0008-fix-use-of-uninitialized-pointer-in-gettext-core.patch
new file mode 100644
index 0000000000..8e0f33d6ce
--- /dev/null
+++ b/main/musl/0008-fix-use-of-uninitialized-pointer-in-gettext-core.patch
@@ -0,0 +1,50 @@
+From dbbb3734d8c0176feabd6c46e2e85bbc3b8a60af Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Sun, 29 Jan 2017 11:14:00 -0500
+Subject: [PATCH] fix use of uninitialized pointer in gettext core
+
+the plural_rule field of allocated msgcat structures was assumed to be
+initially-null but was never initialized. for future-proofing, the
+nplurals field which was left uninitialized should also be cleared.
+
+likewise, in the binding structure, the active field could be used
+uninitialized by a technicality: the a_store which stores the initial
+value of 0 may be implemented as a cas operation, which reads the old
+value.
+
+rather than fixing these issues individually, just use calloc for both
+allocations. this does result in wasteful clearing of name buffers (up
+to NAME_MAX+PATH_MAX) before filling them, but since the size if
+bounded and the time is dominated by filesystem operations, it really
+doesn't matter; simplicity and future-proofing have more value here.
+
+modified from patch submitted by He X.
+---
+ src/locale/dcngettext.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/locale/dcngettext.c b/src/locale/dcngettext.c
+index e48c50f0..73a9fd70 100644
+--- a/src/locale/dcngettext.c
++++ b/src/locale/dcngettext.c
+@@ -57,7 +57,7 @@ char *bindtextdomain(const char *domainname, const char *dirname)
+ 	}
+ 
+ 	if (!p) {
+-		p = malloc(sizeof *p + domlen + dirlen + 2);
++		p = calloc(sizeof *p + domlen + dirlen + 2, 1);
+ 		if (!p) {
+ 			UNLOCK(lock);
+ 			return 0;
+@@ -171,7 +171,7 @@ notrans:
+ 		size_t map_size;
+ 		const void *map = __map_file(name, &map_size);
+ 		if (!map) goto notrans;
+-		p = malloc(sizeof *p + namelen + 1);
++		p = calloc(sizeof *p + namelen + 1, 1);
+ 		if (!p) {
+ 			__munmap((void *)map, map_size);
+ 			goto notrans;
+-- 
+2.11.1
+
diff --git a/main/musl/0009-avoid-unbounded-strlen-in-gettext-functions.patch b/main/musl/0009-avoid-unbounded-strlen-in-gettext-functions.patch
new file mode 100644
index 0000000000..b682490010
--- /dev/null
+++ b/main/musl/0009-avoid-unbounded-strlen-in-gettext-functions.patch
@@ -0,0 +1,38 @@
+From d6601f0af0452b218d247cb47513fc9cd6bbf2e2 Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Sun, 29 Jan 2017 11:24:20 -0500
+Subject: [PATCH] avoid unbounded strlen in gettext functions
+
+use the standard strnlen idiom for cases where lengths greater than an
+imposed limit are going to be rejected immediately anyway.
+---
+ src/locale/dcngettext.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/locale/dcngettext.c b/src/locale/dcngettext.c
+index 73a9fd70..b68e24bc 100644
+--- a/src/locale/dcngettext.c
++++ b/src/locale/dcngettext.c
+@@ -40,8 +40,8 @@ char *bindtextdomain(const char *domainname, const char *dirname)
+ 	if (!domainname) return 0;
+ 	if (!dirname) return gettextdir(domainname, &(size_t){0});
+ 
+-	size_t domlen = strlen(domainname);
+-	size_t dirlen = strlen(dirname);
++	size_t domlen = strnlen(domainname, NAME_MAX+1);
++	size_t dirlen = strnlen(dirname, PATH_MAX);
+ 	if (domlen > NAME_MAX || dirlen >= PATH_MAX) {
+ 		errno = EINVAL;
+ 		return 0;
+@@ -127,7 +127,7 @@ char *dcngettext(const char *domainname, const char *msgid1, const char *msgid2,
+ 
+ 	if (!domainname) domainname = __gettextdomain();
+ 
+-	domlen = strlen(domainname);
++	domlen = strnlen(domainname, NAME_MAX+1);
+ 	if (domlen > NAME_MAX) goto notrans;
+ 
+ 	dirname = gettextdir(domainname, &dirlen);
+-- 
+2.11.1
+
diff --git a/main/musl/0007-add-s390x-dlsym.patch b/main/musl/0010-s390x-implement-dlsym.patch
index ed88df7fd0..3611d3efd9 100644
--- a/main/musl/0007-add-s390x-dlsym.patch
+++ b/main/musl/0010-s390x-implement-dlsym.patch
@@ -1,7 +1,7 @@
 From 9201c3afce0ff53a9b1c5da5285ff84c11dee9d4 Mon Sep 17 00:00:00 2001
 From: Bobby Bingham <koorogi@koorogi.info>
 Date: Sun, 5 Feb 2017 21:29:52 -0600
-Subject: s390x: implement dlsym
+Subject: [PATCH] s390x: implement dlsym
 
 This was missed when writing the port initially.
 ---
@@ -11,7 +11,7 @@ This was missed when writing the port initially.
 
 diff --git a/src/ldso/s390x/dlsym.s b/src/ldso/s390x/dlsym.s
 new file mode 100644
-index 0000000..2e9fa8f
+index 00000000..2e9fa8fb
 --- /dev/null
 +++ b/src/ldso/s390x/dlsym.s
 @@ -0,0 +1,6 @@
@@ -22,5 +22,5 @@ index 0000000..2e9fa8f
 +	lgr %r4, %r14
 +	jg __dlsym
 -- 
-cgit v0.11.2
+2.11.1
 
diff --git a/main/musl/0011-fix-build-regression-in-arm-atomics-asm-with-new-bin.patch b/main/musl/0011-fix-build-regression-in-arm-atomics-asm-with-new-bin.patch
new file mode 100644
index 0000000000..37373594e2
--- /dev/null
+++ b/main/musl/0011-fix-build-regression-in-arm-atomics-asm-with-new-bin.patch
@@ -0,0 +1,40 @@
+From b261a24256792177a5f0531dbb25cc6267220ca5 Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Wed, 15 Feb 2017 17:05:50 -0500
+Subject: [PATCH] fix build regression in arm atomics asm with new binutils
+
+binutils commit bada43421274615d0d5f629a61a60b7daa71bc15 tightened
+immediate fixup handling in gas in such a way that the final .arch of
+an object file must be compatible with the fixups used when the
+instruction was assembled; this in turn broke assembling of atomics.s,
+at least in thumb mode.
+
+it's not clear whether this should be considered a bug in gas, but
+.object_arch is preferable anyway for our purpose here of controlling
+the ISA level tag on the object file being produced, and it's the
+intended directive for use in object files with runtime code
+selection. research by Szabolcs Nagy confirmed that .object_arch is
+supported in all relevant versions of binutils and clang's integrated
+assembler.
+
+patch by Reiner Herrmann.
+---
+ src/thread/arm/atomics.s | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/thread/arm/atomics.s b/src/thread/arm/atomics.s
+index 202faa4a..101ad391 100644
+--- a/src/thread/arm/atomics.s
++++ b/src/thread/arm/atomics.s
+@@ -84,7 +84,7 @@ __a_gettp_cp15:
+ 	bx lr
+ 
+ /* Tag this file with minimum ISA level so as not to affect linking. */
+-.arch armv4t
++.object_arch armv4t
+ .eabi_attribute 6,2
+ 
+ .data
+-- 
+2.11.1
+
diff --git a/main/musl/0012-allow-page-size-to-vary-on-arm.patch b/main/musl/0012-allow-page-size-to-vary-on-arm.patch
new file mode 100644
index 0000000000..bba55300cd
--- /dev/null
+++ b/main/musl/0012-allow-page-size-to-vary-on-arm.patch
@@ -0,0 +1,31 @@
+From 0a4a16d11cc263c3f32325f985b9ed94b04af79f Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Wed, 22 Feb 2017 19:25:13 -0500
+Subject: [PATCH] allow page size to vary on arm
+
+the ABI for arm was silently changed at some point to allow page sizes
+other than 4k; traditional binaries built with only 4k-aligned offsets
+between load segments cannot run on such systems, but newer binutils
+versions use 64k offset alignment.
+
+while larger page size is undesirable for various reasons, users have
+encountered hardware and/or kernels that lock the page size to a
+larger value, so follow the new ABI and allow it to vary.
+---
+ arch/arm/bits/limits.h | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/arch/arm/bits/limits.h b/arch/arm/bits/limits.h
+index 65a3dd64..fbc6d238 100644
+--- a/arch/arm/bits/limits.h
++++ b/arch/arm/bits/limits.h
+@@ -1,6 +1,5 @@
+ #if defined(_POSIX_SOURCE) || defined(_POSIX_C_SOURCE) \
+  || defined(_XOPEN_SOURCE) || defined(_GNU_SOURCE) || defined(_BSD_SOURCE)
+-#define PAGE_SIZE 4096
+ #define LONG_BIT 32
+ #endif
+ 
+-- 
+2.11.1
+
diff --git a/main/musl/0013-fix-lsearch-and-lfind-to-pass-key-as-first-arg-to-th.patch b/main/musl/0013-fix-lsearch-and-lfind-to-pass-key-as-first-arg-to-th.patch
new file mode 100644
index 0000000000..75e3d96ba9
--- /dev/null
+++ b/main/musl/0013-fix-lsearch-and-lfind-to-pass-key-as-first-arg-to-th.patch
@@ -0,0 +1,41 @@
+From 827c4e6fbe46142049ef3d8bcb8f35951712797d Mon Sep 17 00:00:00 2001
+From: Szabolcs Nagy <nsz@port70.net>
+Date: Sun, 5 Mar 2017 23:03:35 +0100
+Subject: [PATCH] fix lsearch and lfind to pass key as first arg to the compar
+ callback
+
+this is not a conformance issue as posix does not specify the
+argument order, but the order is specified for bsearch and some
+systems document the order for lsearch consistently (openbsd).
+
+since there were two indpendent reports of this issue it's better
+to use the more widely expected argument order.
+---
+ src/search/lsearch.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/search/lsearch.c b/src/search/lsearch.c
+index 63f31922..5eb5cc2b 100644
+--- a/src/search/lsearch.c
++++ b/src/search/lsearch.c
+@@ -9,7 +9,7 @@ void *lsearch(const void *key, void *base, size_t *nelp, size_t width,
+ 	size_t i;
+ 
+ 	for (i = 0; i < n; i++)
+-		if (compar(p[i], key) == 0)
++		if (compar(key, p[i]) == 0)
+ 			return p[i];
+ 	*nelp = n+1;
+ 	return memcpy(p[n], key, width);
+@@ -23,7 +23,7 @@ void *lfind(const void *key, const void *base, size_t *nelp,
+ 	size_t i;
+ 
+ 	for (i = 0; i < n; i++)
+-		if (compar(p[i], key) == 0)
++		if (compar(key, p[i]) == 0)
+ 			return p[i];
+ 	return 0;
+ }
+-- 
+2.11.1
+
diff --git a/main/musl/0008-fix-ld-behavior-dependent-crash-in-ppc64-ldso-startu.patch b/main/musl/0014-fix-ld-behavior-dependent-crash-in-ppc64-ldso-startu.patch
index d8230159e7..cf026c0f9a 100644
--- a/main/musl/0008-fix-ld-behavior-dependent-crash-in-ppc64-ldso-startu.patch
+++ b/main/musl/0014-fix-ld-behavior-dependent-crash-in-ppc64-ldso-startu.patch
@@ -12,7 +12,7 @@ negative, which depends on the linker's ordering of text sections.
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/arch/powerpc64/reloc.h b/arch/powerpc64/reloc.h
-index e1bad00..faf70ac 100644
+index e1bad009..faf70acd 100644
 --- a/arch/powerpc64/reloc.h
 +++ b/arch/powerpc64/reloc.h
 @@ -27,6 +27,6 @@
@@ -24,5 +24,5 @@ index e1bad00..faf70ac 100644
  	"	add %0, %0, %1 \n" \
  	: "=r"(*(fp)), "=r"((long){0}) : : "memory", "lr" )
 -- 
-1.9.3
+2.11.1
 
diff --git a/main/musl/0015-treat-STB_WEAK-and-STB_GNU_UNIQUE-like-STB_GLOBAL-in.patch b/main/musl/0015-treat-STB_WEAK-and-STB_GNU_UNIQUE-like-STB_GLOBAL-in.patch
new file mode 100644
index 0000000000..af8d843923
--- /dev/null
+++ b/main/musl/0015-treat-STB_WEAK-and-STB_GNU_UNIQUE-like-STB_GLOBAL-in.patch
@@ -0,0 +1,40 @@
+From c9783e4d32e786c4b76bf77c6030111d9e79dbb7 Mon Sep 17 00:00:00 2001
+From: Szabolcs Nagy <nsz@port70.net>
+Date: Sat, 3 Dec 2016 20:52:43 +0000
+Subject: [PATCH] treat STB_WEAK and STB_GNU_UNIQUE like STB_GLOBAL in find_sym
+
+A weak symbol definition is not special during dynamic linking, so
+don't let a strong definition in a later module override it.
+(glibc dynamic linker allows overriding weak definitions if
+LD_DYNAMIC_WEAK is set, musl does not.)
+
+STB_GNU_UNIQUE means that the symbol is global, even if it is in a
+module that's loaded with RTLD_LOCAL, and all references resolve to
+the same definition. This semantics is only relevant for c++ plugin
+systems and even there it's often not what the user wants (so it can
+be turned off in g++ by -fno-gnu-unique when the c++ shared lib is
+compiled). In musl just treat it like STB_GLOBAL.
+---
+ ldso/dynlink.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/ldso/dynlink.c b/ldso/dynlink.c
+index a03f75e3..d00827a3 100644
+--- a/ldso/dynlink.c
++++ b/ldso/dynlink.c
+@@ -286,11 +286,9 @@ static struct symdef find_sym(struct dso *dso, const char *s, int need_def)
+ 				continue;
+ 		if (!(1<<(sym->st_info&0xf) & OK_TYPES)) continue;
+ 		if (!(1<<(sym->st_info>>4) & OK_BINDS)) continue;
+-
+-		if (def.sym && sym->st_info>>4 == STB_WEAK) continue;
+ 		def.sym = sym;
+ 		def.dso = dso;
+-		if (sym->st_info>>4 == STB_GLOBAL) break;
++		break;
+ 	}
+ 	return def;
+ }
+-- 
+2.11.1
+
diff --git a/main/musl/0019-fix-free-of-uninitialized-buffer-pointer-on-error-in.patch b/main/musl/0019-fix-free-of-uninitialized-buffer-pointer-on-error-in.patch
new file mode 100644
index 0000000000..f168e0c7fe
--- /dev/null
+++ b/main/musl/0019-fix-free-of-uninitialized-buffer-pointer-on-error-in.patch
@@ -0,0 +1,41 @@
+From 6582baa752a8facb2c8a7b5b3dcf67331429cdc1 Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Tue, 14 Mar 2017 14:18:07 -0400
+Subject: [PATCH] fix free of uninitialized buffer pointer on error in regexec
+
+the fix in commit c3edc06d1e1360f3570db9155d6b318ae0d0f0f7 for
+CVE-2016-8859 used gotos to exit on overflow conditions, but the code
+in that error path assumed the buffer pointer was valid or null. thus,
+the conditions which previously led to under-allocation and buffer
+overflow could instead lead to an invalid pointer being passed to
+free.
+---
+ src/regex/regexec.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/regex/regexec.c b/src/regex/regexec.c
+index 5c4cb922..253b0e14 100644
+--- a/src/regex/regexec.c
++++ b/src/regex/regexec.c
+@@ -215,15 +215,15 @@ tre_tnfa_run_parallel(const tre_tnfa_t *tnfa, const void *string,
+     /* Ensure that tbytes and xbytes*num_states cannot overflow, and that
+      * they don't contribute more than 1/8 of SIZE_MAX to total_bytes. */
+     if (num_tags > SIZE_MAX/(8 * sizeof(regoff_t) * tnfa->num_states))
+-      goto error_exit;
++      return REG_ESPACE;
+ 
+     /* Likewise check rbytes. */
+     if (tnfa->num_states+1 > SIZE_MAX/(8 * sizeof(*reach_next)))
+-      goto error_exit;
++      return REG_ESPACE;
+ 
+     /* Likewise check pbytes. */
+     if (tnfa->num_states > SIZE_MAX/(8 * sizeof(*reach_pos)))
+-      goto error_exit;
++      return REG_ESPACE;
+ 
+     /* Compute the length of the block we need. */
+     tbytes = sizeof(*tmp_tags) * num_tags;
+-- 
+2.11.1
+
diff --git a/main/musl/0020-in-static-dl_iterate_phdr-fix-use-of-possibly-uninit.patch b/main/musl/0020-in-static-dl_iterate_phdr-fix-use-of-possibly-uninit.patch
new file mode 100644
index 0000000000..0dd2d6f8b6
--- /dev/null
+++ b/main/musl/0020-in-static-dl_iterate_phdr-fix-use-of-possibly-uninit.patch
@@ -0,0 +1,28 @@
+From 500f5bee6c03981961f1586fca2a1dee6fdce7c7 Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Tue, 14 Mar 2017 14:29:50 -0400
+Subject: [PATCH] in static dl_iterate_phdr, fix use of possibly-uninitialized
+ aux data
+
+this could only happen if an incomplete auxv was passed into the
+program, but it's better to just initialize the data anyway.
+---
+ src/ldso/dl_iterate_phdr.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/ldso/dl_iterate_phdr.c b/src/ldso/dl_iterate_phdr.c
+index c141fd9b..e55cbf76 100644
+--- a/src/ldso/dl_iterate_phdr.c
++++ b/src/ldso/dl_iterate_phdr.c
+@@ -11,7 +11,7 @@ static int static_dl_iterate_phdr(int(*callback)(struct dl_phdr_info *info, size
+ 	size_t base = 0;
+ 	size_t n;
+ 	struct dl_phdr_info info;
+-	size_t i, aux[AUX_CNT];
++	size_t i, aux[AUX_CNT] = {0};
+ 
+ 	for (i=0; libc.auxv[i]; i+=2)
+ 		if (libc.auxv[i]<AUX_CNT) aux[libc.auxv[i]] = libc.auxv[i+1];
+-- 
+2.11.1
+
diff --git a/main/musl/0021-fix-possible-fd-leak-unrestored-cancellation-state-o.patch b/main/musl/0021-fix-possible-fd-leak-unrestored-cancellation-state-o.patch
new file mode 100644
index 0000000000..138bd77f83
--- /dev/null
+++ b/main/musl/0021-fix-possible-fd-leak-unrestored-cancellation-state-o.patch
@@ -0,0 +1,30 @@
+From 6a209f14ff7273d9429e5153c5b6b1990cb508e3 Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Tue, 14 Mar 2017 14:31:34 -0400
+Subject: [PATCH] fix possible fd leak, unrestored cancellation state on dns
+ socket fail
+
+---
+ src/network/res_msend.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/src/network/res_msend.c b/src/network/res_msend.c
+index de7f6157..3e018009 100644
+--- a/src/network/res_msend.c
++++ b/src/network/res_msend.c
+@@ -76,7 +76,11 @@ int __res_msend_rc(int nqueries, const unsigned char *const *queries,
+ 		fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
+ 		family = AF_INET;
+ 	}
+-	if (fd < 0 || bind(fd, (void *)&sa, sl) < 0) return -1;
++	if (fd < 0 || bind(fd, (void *)&sa, sl) < 0) {
++		if (fd >= 0) close(fd);
++		pthread_setcancelstate(cs, 0);
++		return -1;
++	}
+ 
+ 	/* Past this point, there are no errors. Each individual query will
+ 	 * yield either no reply (indicated by zero length) or an answer
+-- 
+2.11.1
+
diff --git a/main/musl/0022-fix-wide-scanf-s-use-of-a-compound-literal-past-its-.patch b/main/musl/0022-fix-wide-scanf-s-use-of-a-compound-literal-past-its-.patch
new file mode 100644
index 0000000000..4e0c165fb6
--- /dev/null
+++ b/main/musl/0022-fix-wide-scanf-s-use-of-a-compound-literal-past-its-.patch
@@ -0,0 +1,30 @@
+From 733d1ea759119bcd0554f25034d1b4113b910900 Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Tue, 14 Mar 2017 15:06:58 -0400
+Subject: [PATCH] fix wide scanf's use of a compound literal past its lifetime
+
+---
+ src/stdio/vfwscanf.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/stdio/vfwscanf.c b/src/stdio/vfwscanf.c
+index 223aad4f..1ebc5cef 100644
+--- a/src/stdio/vfwscanf.c
++++ b/src/stdio/vfwscanf.c
+@@ -214,11 +214,12 @@ int vfwscanf(FILE *restrict f, const wchar_t *restrict fmt, va_list ap)
+ 				set = L"";
+ 			} else if (t == 's') {
+ 				invert = 1;
+-				set = (const wchar_t[]){
++				static const wchar_t spaces[] = {
+ 					' ', '\t', '\n', '\r', 11, 12,  0x0085,
+ 					0x2000, 0x2001, 0x2002, 0x2003, 0x2004, 0x2005,
+ 					0x2006, 0x2008, 0x2009, 0x200a,
+ 					0x2028, 0x2029, 0x205f, 0x3000, 0 };
++				set = spaces;
+ 			} else {
+ 				if (*++p == '^') p++, invert = 1;
+ 				else invert = 0;
+-- 
+2.11.1
+
diff --git a/main/musl/0023-fix-one-byte-overflow-in-legacy-getpass-function.patch b/main/musl/0023-fix-one-byte-overflow-in-legacy-getpass-function.patch
new file mode 100644
index 0000000000..ef0efac006
--- /dev/null
+++ b/main/musl/0023-fix-one-byte-overflow-in-legacy-getpass-function.patch
@@ -0,0 +1,27 @@
+From 3ec8b3aeb88cef8574a7b0f677ebc1801f03821d Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Tue, 14 Mar 2017 15:13:16 -0400
+Subject: [PATCH] fix one-byte overflow in legacy getpass function
+
+if the length of the input was equal to the buffer size (128), a fixed
+value of zero was written one byte past the end of the static buffer.
+---
+ src/legacy/getpass.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/legacy/getpass.c b/src/legacy/getpass.c
+index 15ab9851..d51286c0 100644
+--- a/src/legacy/getpass.c
++++ b/src/legacy/getpass.c
+@@ -27,7 +27,7 @@ char *getpass(const char *prompt)
+ 
+ 	l = read(fd, password, sizeof password);
+ 	if (l >= 0) {
+-		if (l > 0 && password[l-1] == '\n') l--;
++		if (l > 0 && password[l-1] == '\n' || l==sizeof password) l--;
+ 		password[l] = 0;
+ 	}
+ 
+-- 
+2.11.1
+
diff --git a/main/musl/0024-avoid-loading-of-multiple-libc-versions-via-explicit.patch b/main/musl/0024-avoid-loading-of-multiple-libc-versions-via-explicit.patch
new file mode 100644
index 0000000000..d2e352183f
--- /dev/null
+++ b/main/musl/0024-avoid-loading-of-multiple-libc-versions-via-explicit.patch
@@ -0,0 +1,55 @@
+From c49d3c8adadfa24235fcf4779bb722b1aa6f480b Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Tue, 14 Mar 2017 18:51:27 -0400
+Subject: [PATCH] avoid loading of multiple libc versions via explicit pathname
+
+such loading is unsafe, and can happen when programs use their own
+logic to locate a .so file then pass the absolute pathname to dlopen,
+or if an absolute pathname ends up in DT_NEEDED headers. multiple
+loads with only the base name were already precluded, provided libc
+was named appropriately, by special-casing standard library names.
+
+one function symbol (in the reserved namespace, but public, since it's
+part of the crt1 entry point ABI) and one data symbol are checked.
+this way we avoid likely false positives, particularly from libraries
+interposing and wrapping functions. there is no hard requirement to
+avoid breaking such usage, since trying to run a hook before libc is
+even initialized is not a supported usage case, but it's friendlier
+not to break things.
+---
+ ldso/dynlink.c | 12 +++++++++++-
+ 1 file changed, 11 insertions(+), 1 deletion(-)
+
+diff --git a/ldso/dynlink.c b/ldso/dynlink.c
+index f8db1f82..80d85e94 100644
+--- a/ldso/dynlink.c
++++ b/ldso/dynlink.c
+@@ -1042,6 +1042,17 @@ static struct dso *load_library(const char *name, struct dso *needed_by)
+ 	close(fd);
+ 	if (!map) return 0;
+ 
++	/* Avoid the danger of getting two versions of libc mapped into the
++	 * same process when an absolute pathname was used. The symbols
++	 * checked are chosen to catch both musl and glibc, and to avoid
++	 * false positives from interposition-hack libraries. */
++	decode_dyn(&temp_dso);
++	if (find_sym(&temp_dso, "__libc_start_main", 1).sym &&
++	    find_sym(&temp_dso, "stdin", 1).sym) {
++		unmap_library(&temp_dso);
++		return load_library("libc.so", needed_by);
++	}
++
+ 	/* Allocate storage for the new DSO. When there is TLS, this
+ 	 * storage must include a reservation for all pre-existing
+ 	 * threads to obtain copies of both the new TLS, and an
+@@ -1061,7 +1072,6 @@ static struct dso *load_library(const char *name, struct dso *needed_by)
+ 		return 0;
+ 	}
+ 	memcpy(p, &temp_dso, sizeof temp_dso);
+-	decode_dyn(p);
+ 	p->dev = st.st_dev;
+ 	p->ino = st.st_ino;
+ 	p->refcnt = 1;
+-- 
+2.11.1
+
diff --git a/main/musl/0025-remove-unused-refcnt-field-for-shared-libraries.patch b/main/musl/0025-remove-unused-refcnt-field-for-shared-libraries.patch
new file mode 100644
index 0000000000..15b76119fe
--- /dev/null
+++ b/main/musl/0025-remove-unused-refcnt-field-for-shared-libraries.patch
@@ -0,0 +1,48 @@
+From cb525397bb053ea49cf160965477a17b17286eb3 Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Tue, 14 Mar 2017 19:00:02 -0400
+Subject: [PATCH] remove unused refcnt field for shared libraries
+
+---
+ ldso/dynlink.c | 4 ----
+ 1 file changed, 4 deletions(-)
+
+diff --git a/ldso/dynlink.c b/ldso/dynlink.c
+index 80d85e94..178fe27e 100644
+--- a/ldso/dynlink.c
++++ b/ldso/dynlink.c
+@@ -52,7 +52,6 @@ struct dso {
+ 	Phdr *phdr;
+ 	int phnum;
+ 	size_t phentsize;
+-	int refcnt;
+ 	Sym *syms;
+ 	Elf_Symndx *hashtab;
+ 	uint32_t *ghashtab;
+@@ -971,7 +970,6 @@ static struct dso *load_library(const char *name, struct dso *needed_by)
+ 		/* Search for the name to see if it's already loaded */
+ 		for (p=head->next; p; p=p->next) {
+ 			if (p->shortname && !strcmp(p->shortname, name)) {
+-				p->refcnt++;
+ 				return p;
+ 			}
+ 		}
+@@ -1034,7 +1032,6 @@ static struct dso *load_library(const char *name, struct dso *needed_by)
+ 			if (!p->shortname && pathname != name)
+ 				p->shortname = strrchr(p->name, '/')+1;
+ 			close(fd);
+-			p->refcnt++;
+ 			return p;
+ 		}
+ 	}
+@@ -1074,7 +1071,6 @@ static struct dso *load_library(const char *name, struct dso *needed_by)
+ 	memcpy(p, &temp_dso, sizeof temp_dso);
+ 	p->dev = st.st_dev;
+ 	p->ino = st.st_ino;
+-	p->refcnt = 1;
+ 	p->needed_by = needed_by;
+ 	p->name = p->buf;
+ 	strcpy(p->name, pathname);
+-- 
+2.11.1
+
diff --git a/main/musl/0026-fix-threshold-constants-in-j0f-y0f-j1f-y1f.patch b/main/musl/0026-fix-threshold-constants-in-j0f-y0f-j1f-y1f.patch
new file mode 100644
index 0000000000..52eed490a5
--- /dev/null
+++ b/main/musl/0026-fix-threshold-constants-in-j0f-y0f-j1f-y1f.patch
@@ -0,0 +1,103 @@
+From 8cba1dc46c8f29261aa441e70bac798f2c2c0f58 Mon Sep 17 00:00:00 2001
+From: Szabolcs Nagy <nsz@port70.net>
+Date: Wed, 15 Mar 2017 02:55:49 +0100
+Subject: [PATCH] fix threshold constants in j0f, y0f, j1f, y1f
+
+partly following freebsd rev 279491
+https://svnweb.freebsd.org/base?view=revision&revision=279491
+(musl had some of the fixes before freebsd).
+
+the change should not matter much for j0f, y0f, but it improves
+j1f and y1f in [2.5,~3.75] (that is [0x40200000,~0x40700000]).
+near roots (e.g. around 3.8317 for j1f) there are still large
+ulp errors.
+
+dropped code that tried to raise inexact.
+---
+ src/math/j0f.c |  8 ++++----
+ src/math/j1f.c | 17 ++++++++---------
+ 2 files changed, 12 insertions(+), 13 deletions(-)
+
+diff --git a/src/math/j0f.c b/src/math/j0f.c
+index 45883dc4..fab554a3 100644
+--- a/src/math/j0f.c
++++ b/src/math/j0f.c
+@@ -208,8 +208,8 @@ static float pzerof(float x)
+ 	GET_FLOAT_WORD(ix, x);
+ 	ix &= 0x7fffffff;
+ 	if      (ix >= 0x41000000){p = pR8; q = pS8;}
+-	else if (ix >= 0x40f71c58){p = pR5; q = pS5;}
+-	else if (ix >= 0x4036db68){p = pR3; q = pS3;}
++	else if (ix >= 0x409173eb){p = pR5; q = pS5;}
++	else if (ix >= 0x4036d917){p = pR3; q = pS3;}
+ 	else /*ix >= 0x40000000*/ {p = pR2; q = pS2;}
+ 	z = 1.0f/(x*x);
+ 	r = p[0]+z*(p[1]+z*(p[2]+z*(p[3]+z*(p[4]+z*p[5]))));
+@@ -304,8 +304,8 @@ static float qzerof(float x)
+ 	GET_FLOAT_WORD(ix, x);
+ 	ix &= 0x7fffffff;
+ 	if      (ix >= 0x41000000){p = qR8; q = qS8;}
+-	else if (ix >= 0x40f71c58){p = qR5; q = qS5;}
+-	else if (ix >= 0x4036db68){p = qR3; q = qS3;}
++	else if (ix >= 0x409173eb){p = qR5; q = qS5;}
++	else if (ix >= 0x4036d917){p = qR3; q = qS3;}
+ 	else /*ix >= 0x40000000*/ {p = qR2; q = qS2;}
+ 	z = 1.0f/(x*x);
+ 	r = p[0]+z*(p[1]+z*(p[2]+z*(p[3]+z*(p[4]+z*p[5]))));
+diff --git a/src/math/j1f.c b/src/math/j1f.c
+index 58875af9..3434c53d 100644
+--- a/src/math/j1f.c
++++ b/src/math/j1f.c
+@@ -74,14 +74,13 @@ float j1f(float x)
+ 		return 1/(x*x);
+ 	if (ix >= 0x40000000)  /* |x| >= 2 */
+ 		return common(ix, fabsf(x), 0, sign);
+-	if (ix >= 0x32000000) {  /* |x| >= 2**-27 */
++	if (ix >= 0x39000000) {  /* |x| >= 2**-13 */
+ 		z = x*x;
+ 		r = z*(r00+z*(r01+z*(r02+z*r03)));
+ 		s = 1+z*(s01+z*(s02+z*(s03+z*(s04+z*s05))));
+ 		z = 0.5f + r/s;
+ 	} else
+-		/* raise inexact if x!=0 */
+-		z = 0.5f + x;
++		z = 0.5f;
+ 	return z*x;
+ }
+ 
+@@ -114,7 +113,7 @@ float y1f(float x)
+ 		return 1/x;
+ 	if (ix >= 0x40000000)  /* |x| >= 2.0 */
+ 		return common(ix,x,1,0);
+-	if (ix < 0x32000000)  /* x < 2**-27 */
++	if (ix < 0x33000000)  /* x < 2**-25 */
+ 		return -tpi/x;
+ 	z = x*x;
+ 	u = U0[0]+z*(U0[1]+z*(U0[2]+z*(U0[3]+z*U0[4])));
+@@ -205,8 +204,8 @@ static float ponef(float x)
+ 	GET_FLOAT_WORD(ix, x);
+ 	ix &= 0x7fffffff;
+ 	if      (ix >= 0x41000000){p = pr8; q = ps8;}
+-	else if (ix >= 0x40f71c58){p = pr5; q = ps5;}
+-	else if (ix >= 0x4036db68){p = pr3; q = ps3;}
++	else if (ix >= 0x409173eb){p = pr5; q = ps5;}
++	else if (ix >= 0x4036d917){p = pr3; q = ps3;}
+ 	else /*ix >= 0x40000000*/ {p = pr2; q = ps2;}
+ 	z = 1.0f/(x*x);
+ 	r = p[0]+z*(p[1]+z*(p[2]+z*(p[3]+z*(p[4]+z*p[5]))));
+@@ -300,9 +299,9 @@ static float qonef(float x)
+ 
+ 	GET_FLOAT_WORD(ix, x);
+ 	ix &= 0x7fffffff;
+-	if      (ix >= 0x40200000){p = qr8; q = qs8;}
+-	else if (ix >= 0x40f71c58){p = qr5; q = qs5;}
+-	else if (ix >= 0x4036db68){p = qr3; q = qs3;}
++	if      (ix >= 0x41000000){p = qr8; q = qs8;}
++	else if (ix >= 0x409173eb){p = qr5; q = qs5;}
++	else if (ix >= 0x4036d917){p = qr3; q = qs3;}
+ 	else /*ix >= 0x40000000*/ {p = qr2; q = qs2;}
+ 	z = 1.0f/(x*x);
+ 	r = p[0]+z*(p[1]+z*(p[2]+z*(p[3]+z*(p[4]+z*p[5]))));
+-- 
+2.11.1
+
diff --git a/main/musl/0009-fix-fpreg_t-remove-unused-per_struct-s390x.patch b/main/musl/0028-s390x-fix-fpreg_t-and-remove-unused-per_struct.patch
index 3dbbb84234..6ad516e316 100644
--- a/main/musl/0009-fix-fpreg_t-remove-unused-per_struct-s390x.patch
+++ b/main/musl/0028-s390x-fix-fpreg_t-and-remove-unused-per_struct.patch
@@ -1,7 +1,7 @@
 From 74bca42e1613c58805d7b048841c2fa8f8502158 Mon Sep 17 00:00:00 2001
 From: "Tuan M. Hoang" <tmhoang@flatglobe.org>
 Date: Tue, 14 Mar 2017 16:44:04 -0400
-Subject: s390x: fix fpreg_t and remove unused per_struct
+Subject: [PATCH] s390x: fix fpreg_t and remove unused per_struct
 
 Including sys/procfs.h complains unknown type name 'fpreg_t' in
 bits/user.h. fpreg_t in bits/signal.h and elf_fpreg_t in bits/user.h
@@ -14,7 +14,7 @@ asm/ptrace.h
  1 file changed, 2 insertions(+), 2 deletions(-)
 
 diff --git a/arch/s390x/bits/user.h b/arch/s390x/bits/user.h
-index 90f07b7..17bce16 100644
+index 90f07b78..17bce16f 100644
 --- a/arch/s390x/bits/user.h
 +++ b/arch/s390x/bits/user.h
 @@ -8,7 +8,7 @@ typedef union {
@@ -36,5 +36,5 @@ index 90f07b7..17bce16 100644
  struct _user_regs_struct {
  	struct _user_psw_struct psw;
 -- 
-cgit v0.11.2
+2.11.1
 
diff --git a/main/musl/0029-fix-POSIX-format-TZ-dst-transition-times-for-souther.patch b/main/musl/0029-fix-POSIX-format-TZ-dst-transition-times-for-souther.patch
new file mode 100644
index 0000000000..f3bcceb6dc
--- /dev/null
+++ b/main/musl/0029-fix-POSIX-format-TZ-dst-transition-times-for-souther.patch
@@ -0,0 +1,47 @@
+From dbff2bb889bc831599b022c49252c69bf48f4e4e Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Wed, 15 Mar 2017 20:27:38 -0400
+Subject: [PATCH] fix POSIX-format TZ dst transition times for southern
+ hemisphere
+
+the time of day at which daylight time switches over is specified in
+local time in the dst state prior to the transition. the code for
+handling this wrongly assumed it needed to switch whether dst or
+standard offset is applied to the transition time when the dst end
+date is before the dst start date (souther hemisphere summer), but in
+fact the end transition time should always be adjusted for dst, and
+the start transition time should always be adjusted for standard time.
+---
+ src/time/__tz.c | 12 ++++--------
+ 1 file changed, 4 insertions(+), 8 deletions(-)
+
+diff --git a/src/time/__tz.c b/src/time/__tz.c
+index 0e0c4ea2..ffe8d402 100644
+--- a/src/time/__tz.c
++++ b/src/time/__tz.c
+@@ -373,18 +373,14 @@ void __secs_to_zone(long long t, int local, int *isdst, long *offset, long *oppo
+ 	long long t0 = rule_to_secs(r0, y);
+ 	long long t1 = rule_to_secs(r1, y);
+ 
++	if (!local) {
++		t0 += __timezone;
++		t1 += dst_off;
++	}
+ 	if (t0 < t1) {
+-		if (!local) {
+-			t0 += __timezone;
+-			t1 += dst_off;
+-		}
+ 		if (t >= t0 && t < t1) goto dst;
+ 		goto std;
+ 	} else {
+-		if (!local) {
+-			t1 += __timezone;
+-			t0 += dst_off;
+-		}
+ 		if (t >= t1 && t < t0) goto std;
+ 		goto dst;
+ 	}
+-- 
+2.11.1
+
diff --git a/main/musl/APKBUILD b/main/musl/APKBUILD
index 9a83d4ceea..0efec418dc 100644
--- a/main/musl/APKBUILD
+++ b/main/musl/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: Timo Teräs <timo.teras@iki.fi>
 pkgname=musl
 pkgver=1.1.16
-pkgrel=3
+pkgrel=4
 pkgdesc="the musl c library (libc) implementation"
 url="http://www.musl-libc.org/"
 arch="all"
@@ -23,9 +23,25 @@ source="http://www.musl-libc.org/releases/musl-$pkgver.tar.gz
 	0004-fix-getopt-_long-clobbering-of-optopt-on-success.patch
 	0005-treat-base-1-as-an-error-in-strtol-family-functions.patch
 	0006-fix-crash-from-corrupted-tls-module-list-after-faile.patch
-	0007-add-s390x-dlsym.patch
-	0008-fix-ld-behavior-dependent-crash-in-ppc64-ldso-startu.patch
-	0009-fix-fpreg_t-remove-unused-per_struct-s390x.patch
+	0007-fix-bindtextdomain-logic-error-deactivating-other-do.patch
+	0008-fix-use-of-uninitialized-pointer-in-gettext-core.patch
+	0009-avoid-unbounded-strlen-in-gettext-functions.patch
+	0010-s390x-implement-dlsym.patch
+	0011-fix-build-regression-in-arm-atomics-asm-with-new-bin.patch
+	0012-allow-page-size-to-vary-on-arm.patch
+	0013-fix-lsearch-and-lfind-to-pass-key-as-first-arg-to-th.patch
+	0014-fix-ld-behavior-dependent-crash-in-ppc64-ldso-startu.patch
+	0015-treat-STB_WEAK-and-STB_GNU_UNIQUE-like-STB_GLOBAL-in.patch
+	0019-fix-free-of-uninitialized-buffer-pointer-on-error-in.patch
+	0020-in-static-dl_iterate_phdr-fix-use-of-possibly-uninit.patch
+	0021-fix-possible-fd-leak-unrestored-cancellation-state-o.patch
+	0022-fix-wide-scanf-s-use-of-a-compound-literal-past-its-.patch
+	0023-fix-one-byte-overflow-in-legacy-getpass-function.patch
+	0024-avoid-loading-of-multiple-libc-versions-via-explicit.patch
+	0025-remove-unused-refcnt-field-for-shared-libraries.patch
+	0026-fix-threshold-constants-in-j0f-y0f-j1f-y1f.patch
+	0028-s390x-fix-fpreg_t-and-remove-unused-per_struct.patch
+	0029-fix-POSIX-format-TZ-dst-transition-times-for-souther.patch
 
 	ldconfig
 	__stack_chk_fail_local.c
@@ -152,9 +168,25 @@ sha512sums="47c00e50b7605102fb4aebe1f9ba9db94d26fac64805f6d744c9c557a05b8a58dff7
 ea103de2721926111510116dedb10e2320715fd20563a342c1dd30f3d1e68049990924b2cf4d03fd9d481ae9488f0e49da5373a79bcec4a8d8c357c64a24751b  0004-fix-getopt-_long-clobbering-of-optopt-on-success.patch
 df96c4bd5ff9c197c8aa599948b69716587837de0f298d3adec56077b073e71a49a3c3345e0508cf8a4ed636e3171495bbbdc35435bd8e343c546436f6348359  0005-treat-base-1-as-an-error-in-strtol-family-functions.patch
 4dc5cdcab11dee6b62fcb81401a816341e1d802a99e46b072c51575a2c25933354540fe22ae06dcdc85eb9a3cbf7256e7c43aab0e75843846551f9e18bfc39c2  0006-fix-crash-from-corrupted-tls-module-list-after-faile.patch
-39eaf56fe30c7098c75c09567a0d990b90c1017c1c2c160017b2d5f41e6503a23d21c7b20bad0186cf3e6fec9fa28ab4f7d655a8382140186c96302f262379fe  0007-add-s390x-dlsym.patch
-4018ca56adef65df0041805b9359caba467c7f95fe40cba90dfd32333b7dab180bff519b42f8c56c55eab88a35c040bdf4882e15ce5f6dcf155d545578ab8f7b  0008-fix-ld-behavior-dependent-crash-in-ppc64-ldso-startu.patch
-8060f8094c55857a7f21be6d5092e249eebf312507e02c1e6a469824407f5399e613fa3e47af25ed0c91bf0d5cedb325a92908b137727ca588996daf75037606  0009-fix-fpreg_t-remove-unused-per_struct-s390x.patch
+2184c81e97b78ed7c9e0d41200560420c9e60a8ec297d2e2055c9bf0ee5fdaef475ea6a9bcd4b732d53b453379146a9efb28b7b8aef0726e326fb3da26ba0b8d  0007-fix-bindtextdomain-logic-error-deactivating-other-do.patch
+9c443c0902ed3d38ca2503ce7d4fd6d09d325caf07117833dd03ae999fa2e69ea2bd7b2751f1037eadaa9f13dfaae351841cfbf23301ca2682c98ff3af1a8294  0008-fix-use-of-uninitialized-pointer-in-gettext-core.patch
+fc3fce8a2dc10e1b48ef5d3c57cc1702503a849aa98166b2f25a56f6141340030c87e087b4eef5ccb5e2c3b750205c602c0dced3513031f39d19d1d5a0184506  0009-avoid-unbounded-strlen-in-gettext-functions.patch
+ba0a1e644f3b360e22716333f1125f04130f9fc0a2a0ee4c2cd51a454da5ccced043a510f41088b39ca565787d987331d5730cb87f35b21ad5bb3b85db939a72  0010-s390x-implement-dlsym.patch
+75348cf93be68039aebe37c670981bca04b816fd7ba5846adfe07623592645f6ff2541389a9083fe012cf3472d91eb9d8da47fb31574693557152a34b080e51a  0011-fix-build-regression-in-arm-atomics-asm-with-new-bin.patch
+d73358b5377db7b708dd8fecda8f6bdae007423e853cde86b33ce5078e31761eab3f2169541aca5be8f72a59286db4b866f443a6c2f6565e5852447778fbadac  0012-allow-page-size-to-vary-on-arm.patch
+e3fe35bf310c9d5813553e6762c66764b384a9c2f405e3ba3cea887ff55f6bcd947e55012c5f3e06e16a66d5f289b694ac898fc9b1d4bb0cfb50cf92135e36a3  0013-fix-lsearch-and-lfind-to-pass-key-as-first-arg-to-th.patch
+7a6cd67a5ca246eaedb992f9267bb94b0baccbbd5bb9a6a10a503f623ef052480fc4832da4330b5d3531f239580fdb9e36072f456fe4dd2e9ca6ae6050c55aab  0014-fix-ld-behavior-dependent-crash-in-ppc64-ldso-startu.patch
+48d4fd3510404b2fe934dffb2fc725c6a31e30e33421dc81073673d680d00866890f9c826bf48874845c863db52ebbb015c9e94b45c7a20b6949236f76f81709  0015-treat-STB_WEAK-and-STB_GNU_UNIQUE-like-STB_GLOBAL-in.patch
+0754297d5e2cc9d2244835badb39325b0907604e377ddbabbb865a12429741c71b461ee9f19ebdebc6bd9b6e878919b2bc292b113e1477591171627623dbf557  0019-fix-free-of-uninitialized-buffer-pointer-on-error-in.patch
+0fb792b688bea5024a59645eda680c57c509ad5f6923c8816647644ce5b438f18ef2036b4252ae2993c003e0e192d3a0cfd1f909d5a8c3cd8c21ef1130fca929  0020-in-static-dl_iterate_phdr-fix-use-of-possibly-uninit.patch
+5cb2e43b01d30b9552668508bc4e855c7e90b323c811bf34989eae97b8cfbdccbe50e13bf95cac727314c0077af823eb4666318e53cb2d4584052b2870c36a3b  0021-fix-possible-fd-leak-unrestored-cancellation-state-o.patch
+d8faf157e46f46cf1fbdd8422a1c918834192634f66e54d7cfa88d14a618a8a3c321269b98e2ad33e4059a58b3a23ffd16111011a51f4007c7258befed64bfb5  0022-fix-wide-scanf-s-use-of-a-compound-literal-past-its-.patch
+efabb66abd01dbf73d89933328beffb738d71b227f7d7dd48b02ca0c9b04b554475bde70a814317b7a016c64c60fbaf98bf78c1b50da504a3e23fd175950515a  0023-fix-one-byte-overflow-in-legacy-getpass-function.patch
+b1141d2b5c28d16848dcd8b40182938d634023a4aa0e7f0be567fa7e6c40c03431574e9214949e723a031f90a6c20153ca1a6c21eda3b8ea05de5cebf6b1fe38  0024-avoid-loading-of-multiple-libc-versions-via-explicit.patch
+955882a1a2a3e7211e20527858ca5dc0944b5d44fdacb547e0d4b4bd27fdf63672b95e16faa4b37e9ee4b384e7f33ce394ee556a201be6011630c84ebf64b312  0025-remove-unused-refcnt-field-for-shared-libraries.patch
+dad1ed979898ddaa0a49c601160a948ba229b251307210a14240e4ebf6230b16ffc0138f396fc226942c487e196211964449e7314f83d208ac219a071a4e11b3  0026-fix-threshold-constants-in-j0f-y0f-j1f-y1f.patch
+0472694cdd5a95b8df9b0e585afc7171ae9138133832ad7c0fadae4ea0a742eaa09a4d4449197ccaaefeae99c3cb7ec784068243a3a2d434429a0455c396e6bb  0028-s390x-fix-fpreg_t-and-remove-unused-per_struct.patch
+33c24b895bcf1b84d90a522328b39d5b0a4aff822d0701f2f9db07a6c44c49bb3a8b16a19150c550b4fe04fad40e9af43fdf5e1fda0201e9779a471088fe9f23  0029-fix-POSIX-format-TZ-dst-transition-times-for-souther.patch
 8d3a2d5315fc56fee7da9abb8b89bb38c6046c33d154c10d168fb35bfde6b0cf9f13042a3bceee34daf091bc409d699223735dcf19f382eeee1f6be34154f26f  ldconfig
 062bb49fa54839010acd4af113e20f7263dde1c8a2ca359b5fb2661ef9ed9d84a0f7c3bc10c25dcfa10bb3c5a4874588dff636ac43d5dbb3d748d75400756d0b  __stack_chk_fail_local.c
 0d80f37b34a35e3d14b012257c50862dfeb9d2c81139ea2dfa101d981d093b009b9fa450ba27a708ac59377a48626971dfc58e20a3799084a65777a0c32cbc7d  getconf.c