-
glibc-2.319ea36862 · ·
The GNU C Library ================= The GNU C Library version 2.31 is now available. The GNU C Library is used as *the* C library in the GNU system and in GNU/Linux systems, as well as many other systems that use Linux as the kernel. The GNU C Library is primarily designed to be a portable and high performance C library. It follows all relevant standards including ISO C11 and POSIX.1-2017. It is also internationalized and has one of the most complete internationalization interfaces known. The GNU C Library webpage is at http://www.gnu.org/software/libc/ Packages for the 2.31 release may be downloaded from: http://ftpmirror.gnu.org/libc/ http://ftp.gnu.org/gnu/libc/ The mirror list is at http://www.gnu.org/order/ftp.html NEWS for version 2.31 ===================== Major new features: * The GNU C Library now supports a feature test macro _ISOC2X_SOURCE to enable features from the draft ISO C2X standard. Only some features from this draft standard are supported by the GNU C Library, and as the draft is under active development, the set of features enabled by this macro is liable to change. Features from C2X are also enabled by _GNU_SOURCE, or by compiling with "gcc -std=gnu2x". * The <math.h> functions that round their results to a narrower type now have corresponding type-generic macros in <tgmath.h>, as defined in TS 18661-1:2014 and TS 18661-3:2015 as amended by the resolution of Clarification Request 13 to TS 18661-3. * The function pthread_clockjoin_np has been added, enabling join with a terminated thread with a specific clock. It allows waiting against CLOCK_MONOTONIC and CLOCK_REALTIME. This function is a GNU extension. * New locale added: mnw_MM (Mon language spoken in Myanmar). * The DNS stub resolver will optionally send the AD (authenticated data) bit in queries if the trust-ad option is set via the options directive in /etc/resolv.conf (or if RES_TRUSTAD is set in _res.options). In this mode, the AD bit, as provided by the name server, is available to applications which call res_search and related functions. In the default mode, the AD bit is not set in queries, and it is automatically cleared in responses, indicating a lack of DNSSEC validation. (Therefore, the name servers and the network path to them are treated as untrusted.) Deprecated and removed features, and other changes affecting compatibility: * The totalorder and totalordermag functions, and the corresponding functions for other floating-point types, now take pointer arguments to avoid signaling NaNs possibly being converted to quiet NaNs in argument passing. This is in accordance with the resolution of Clarification Request 25 to TS 18661-1, as applied for C2X. Existing binaries that pass floating-point arguments directly will continue to work. * The obsolete function stime is no longer available to newly linked binaries, and its declaration has been removed from <time.h>. Programs that set the system time should use clock_settime instead. * We plan to remove the obsolete function ftime, and the header <sys/timeb.h>, in a future version of glibc. In this release, the header still exists but calling ftime will cause a compiler warning. All programs should use gettimeofday or clock_gettime instead. * The gettimeofday function no longer reports information about a system-wide time zone. This 4.2-BSD-era feature has been deprecated for many years, as it cannot handle the full complexity of the world's timezones, but hitherto we have supported it on a best-effort basis. Changes required to support 64-bit time_t on 32-bit architectures have made this no longer practical. As of this release, callers of gettimeofday with a non-null 'tzp' argument should expect to receive a 'struct timezone' whose tz_minuteswest and tz_dsttime fields are zero. (For efficiency reasons, this does not always happen on a few Linux-based ports. This will be corrected in a future release.) All callers should supply a null pointer for the 'tzp' argument to gettimeofday. For accurate information about the time zone associated with the current time, use the localtime function. gettimeofday itself is obsolescent according to POSIX. We have no plans to remove access to this function, but portable programs should consider using clock_gettime instead. * The settimeofday function can still be used to set a system-wide time zone when the operating system supports it. This is because the Linux kernel reused the API, on some architectures, to describe a system-wide time-zone-like offset between the software clock maintained by the kernel, and the "RTC" clock that keeps time when the system is shut down. However, to reduce the odds of this offset being set by accident, settimeofday can no longer be used to set the time and the offset simultaneously. If both of its two arguments are non-null, the call will fail (setting errno to EINVAL). Callers attempting to set this offset should also be prepared for the call to fail and set errno to ENOSYS; this already happens on the Hurd and on some Linux architectures. The Linux kernel maintainers are discussing a more principled replacement for the reused API. After a replacement becomes available, we will change settimeofday to fail with ENOSYS on all platforms when its 'tzp' argument is not a null pointer. settimeofday itself is obsolescent according to POSIX. Programs that set the system time should use clock_settime and/or the adjtime family of functions instead. We may cease to make settimeofday available to newly linked binaries after there is a replacement for Linux's time-zone-like offset API. * SPARC ISA v7 is no longer supported. v8 is still supported, but only if the optional CAS instruction is implemented (for instance, LEON processors are still supported, but SuperSPARC processors are not). As the oldest 64-bit SPARC ISA is v9, this only affects 32-bit configurations. * If a lazy binding failure happens during dlopen, during the execution of an ELF constructor, the process is now terminated. Previously, the dynamic loader would return NULL from dlopen, with the lazy binding error captured in a dlerror message. In general, this is unsafe because resetting the stack in an arbitrary function call is not possible. * For MIPS hard-float ABIs, the GNU C Library will be configured to need an executable stack unless explicitly configured at build time to require minimum kernel version 4.8 or newer. This is because executing floating-point branches on a non-executable stack on Linux kernels prior to 4.8 can lead to application crashes for some MIPS configurations. While currently PT_GNU_STACK is not widely used on MIPS, future releases of GCC are expected to enable non-executable stack by default with PT_GNU_STACK by default and is thus likely to trigger a crash on older kernels. The GNU C Library can be built with --enable-kernel=4.8.0 in order to keep a non-executable stack while dropping support for older kernels. * System call wrappers for time system calls now use the new time64 system calls when available. On 32-bit targets, these wrappers attempt to call the new system calls first and fall back to the older 32-bit time system calls if they are not present. This may cause issues in environments that cannot handle unsupported system calls gracefully by returning -ENOSYS. Seccomp sandboxes are affected by this issue. Changes to build and runtime requirements: * It is no longer necessary to have recent Linux kernel headers to build working (non-stub) system call wrappers on all architectures except 64-bit RISC-V. 64-bit RISC-V requires a minimum kernel headers version of 5.0. * The ChangeLog file is no longer present in the toplevel directory of the source tree. ChangeLog files are located in the ChangeLog.old directory as ChangeLog.N where the highest N has the latest entries. Security related changes: CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program. Reported by Marcin Kościelnicki. The following bugs are resolved with this release: [12031] localedata: iconv -t ascii//translit with Greek characters [15813] libc: Multiple issues in __gen_tempname [17726] libc: [arm, sparc] profil_counter should be compat symbol [18231] libc: ipc_perm struct's mode member has wrong type in sys/ipc.h [19767] libc: vdso is not used with static linking [19903] hurd: Shared mappings not being inherited by children processes [20358] network: RES_USE_DNSSEC sets DO; should also have a way to set AD [20839] dynamic-link: Incomplete rollback of dynamic linker state on linking failure [23132] localedata: Missing transliterations in Miscellaneous Mathematical Symbols-A/B Unicode blocks [23518] libc: Eliminate __libc_utmp_jump_table [24026] malloc: malloc_info() returns wrong numbers [24054] localedata: Many locales are missing date_fmt [24214] dynamic-link: user defined ifunc resolvers may run in ldd mode [24304] dynamic-link: Lazy binding failure during ELF constructors/destructors is not fatal [24376] libc: RISC-V symbol size confusion with _start [24682] localedata: zh_CN first weekday should be Monday per GB/T 7408-2005 [24824] libc: test-in-container does not install charmap files compatible with localedef [24844] regex: regex bad pointer / leakage if malloc fails [24867] malloc: Unintended malloc_info formatting changes [24879] libc: login: utmp alarm timer can arrive after lock acquisition [24880] libc: login: utmp implementation uses struct flock with fcntl64 [24882] libc: login: pututline uses potentially outdated cache [24899] libc: Missing nonstring attributes in <utmp.h>, <utmpx.h> [24902] libc: login: Repeating pututxline on EINTR/EAGAIN causes stale utmp entries [24916] dynamic-link: [MIPS] Highest EI_ABIVERSION value not raised to ABSOLUTE ABI [24930] dynamic-link: dlopen of PIE executable can result in _dl_allocate_tls_init assertion failure [24950] localedata: Top-of-tree glibc does not build with top-of-tree GCC (stringop-overflow error) [24959] time: librt IFUNC resolvers for clock_gettime and clock_* functions other can lead to crashes [24967] libc: jemalloc static linking causes runtime failure [24986] libc: alpha: new getegid, geteuid and getppid syscalls used unconditionally [25035] libc: sbrk() failure handled poorly in tunables_strdup [25087] dynamic-link: ldconfig mishandles unusual .dynstr placement [25097] libc: new -Warray-bounds with GCC 10 [25112] dynamic-link: dlopen must not make new objects accessible when it still can fail with an error [25139] localedata: Please add the new mnw_MM locale [25149] regex: Array bounds violation in proceed_next_node [25157] dynamic-link: Audit cookie for the dynamic loader is not initialized correctly [25189] libc: glibc's __glibc_has_include causes issues with clang -frewrite-includes [25194] malloc: malloc.c: do_set_mxfast incorrectly casts the mallopt value to an unsigned [25204] dynamic-link: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries (CVE-2019-19126) [25225] libc: ld.so fails to link on x86 if GCC defaults to -fcf- protection [25226] string: strstr: Invalid result if needle crosses page on s390-z15 ifunc variant. [25232] string: <string.h> does not enable const correctness for strchr et al. for Clang++ [25233] localedata: Consider "." as the thousands separator for sl_SI (Slovenian) [25241] nptl: __SIZEOF_PTHREAD_MUTEX_T defined twice for x86 [25251] build: Failure to run tests when CFLAGS contains -DNDEBUG. [25271] libc: undeclared identifier PTHREAD_MUTEX_DEFAULT when compiling with -std=c11 [25323] localedata: km_KH: d_t_fmt contains "m" instead of "%M" [25324] localedata: lv_LV: d_t_fmt contains suspicious words in the time part [25396] dynamic-link: Failing dlopen can leave behind dangling GL (dl_initfirst) link map pointer [25401] malloc: pvalloc must not have __attribute_alloc_size__ [25423] libc: Array overflow in backtrace on powerpc [25425] network: Missing call to __resolv_context_put in getaddrinfo.c:gethosts Release Notes ============= https://sourceware.org/glibc/wiki/Release/2.31 Contributors ============ This release was made possible by the contributions of many people. The maintainers are grateful to everyone who has contributed changes or bug reports. These include: Adhemerval Zanella Alexandra Hájková Alistair Francis Andreas Schwab Andrew Eggenberger Arjun Shankar Aurelien Jarno Carlos O'Donell Chung-Lin Tang DJ Delorie Dmitry V. Levin Dragan Mladjenovic Egor Kobylkin Emilio Cobos Álvarez Emilio Pozuelo Monfort Feng Xue Florian Weimer Gabriel F. T. Gomes Gustavo Romero H.J. Lu Ian Kent James Clarke Jeremie Koenig John David Anglin Joseph Myers Kamlesh Kumar Krzysztof Koch Leandro Pereira Lucas A. M. Magalhaes Lukasz Majewski Marcin Kościelnicki Matheus Castanho Mihailo Stojanovic Mike Crowe Mike FABIAN Niklas Hambüchen Paul A. Clarke Paul Eggert Petr Vorel Rafal Luzynski Rafał Lużyński Rajalakshmi Srinivasaraghavan Raoni Fassina Firmino Richard Braun Samuel Thibault Sandra Loosemore Siddhesh Poyarekar Stefan Liebler Svante Signell Szabolcs Nagy Talachan Mon Thomas Schwinge Tim Rühsen Tulio Magno Quites Machado Filho Wilco Dijkstra Xuelei Zhang Zack Weinberg liqingqing
-
glibc-2.300a8262a1 · ·
The GNU C Library ================= The GNU C Library version 2.30 is now available. The GNU C Library is used as *the* C library in the GNU system and in GNU/Linux systems, as well as many other systems that use Linux as the kernel. The GNU C Library is primarily designed to be a portable and high performance C library. It follows all relevant standards including ISO C11 and POSIX.1-2017. It is also internationalized and has one of the most complete internationalization interfaces known. The GNU C Library webpage is at http://www.gnu.org/software/libc/ Packages for the 2.30 release may be downloaded from: http://ftpmirror.gnu.org/libc/ http://ftp.gnu.org/gnu/libc/ The mirror list is at http://www.gnu.org/order/ftp.html NEWS for version 2.30 ===================== Major new features: * Unicode 12.1.0 Support: Character encoding, character type info, and transliteration tables are all updated to Unicode 12.1.0, using generator scripts contributed by Mike FABIAN (Red Hat). * The dynamic linker accepts the --preload argument to preload shared objects, in addition to the LD_PRELOAD environment variable. * The twalk_r function has been added. It is similar to the existing twalk function, but it passes an additional caller-supplied argument to the callback function. * On Linux, the getdents64, gettid, and tgkill functions have been added. * Minguo (Republic of China) calendar support has been added as an alternative calendar for the following locales: zh_TW, cmn_TW, hak_TW, nan_TW, lzh_TW. * The entry for the new Japanese era has been added for ja_JP locale. * Memory allocation functions malloc, calloc, realloc, reallocarray, valloc, pvalloc, memalign, and posix_memalign fail now with total object size larger than PTRDIFF_MAX. This is to avoid potential undefined behavior with pointer subtraction within the allocated object, where results might overflow the ptrdiff_t type. * The dynamic linker no longer refuses to load objects which reference versioned symbols whose implementation has moved to a different soname since the object has been linked. The old error message, symbol FUNCTION-NAME, version SYMBOL-VERSION not defined in file DSO-NAME with link time reference, is gone. * Add new POSIX-proposed pthread_cond_clockwait, pthread_mutex_clocklock, pthread_rwlock_clockrdlock, pthread_rwlock_clockwrlock and sem_clockwait functions. These behave similarly to their "timed" equivalents, but also accept a clockid_t parameter to determine which clock their timeout should be measured against. All functions allow waiting against CLOCK_MONOTONIC and CLOCK_REALTIME. The decision of which clock to be used is made at the time of the wait (unlike with pthread_condattr_setclock, which requires the clock choice at initialization time). * On AArch64 the GNU IFUNC resolver call ABI changed: old resolvers still work, new resolvers can use a second argument which can be extended in the future, currently it contains the AT_HWCAP2 value. Deprecated and removed features, and other changes affecting compatibility: * The copy_file_range function fails with ENOSYS if the kernel does not support the system call of the same name. Previously, user space emulation was performed, but its behavior did not match the kernel behavior, which was deemed too confusing. Applications which use the copy_file_range function can no longer rely on glibc to provide a fallback on kernels that do not support the copy_file_range system call, and if this function returns ENOSYS, they will need to use their own fallback. Support for copy_file_range for most architectures was added in version 4.5 of the mainline Linux kernel. * The functions clock_gettime, clock_getres, clock_settime, clock_getcpuclockid, clock_nanosleep were removed from the librt library for new applications (on architectures which had them). Instead, the definitions in libc will be used automatically, which have been available since glibc 2.17. * The obsolete and never-implemented XSI STREAMS header files <stropts.h> and <sys/stropts.h> have been removed. * Support for the "inet6" option in /etc/resolv.conf and the RES_USE_INET6 resolver flag (deprecated in glibc 2.25) have been removed. * The obsolete RES_INSECURE1 and RES_INSECURE2 option flags for the DNS stub resolver have been removed from <resolv.h>. * With --enable-bind-now, installed programs are now linked with the BIND_NOW flag. * Support for the PowerPC SPE ISA extension (powerpc-*-*gnuspe* configurations) has been removed, following the deprecation of this subarchitecture in version 8 of GCC, and its removal in version 9. * On 32-bit Arm, support for the port-based I/O emulation and the <sys/io.h> header have been removed. * The Linux-specific <sys/sysctl.h> header and the sysctl function have been deprecated and will be removed from a future version of glibc. Application should directly access /proc instead. For obtaining random bits, the getentropy function can be used. Changes to build and runtime requirements: * GCC 6.2 or later is required to build the GNU C Library. Older GCC versions and non-GNU compilers are still supported when compiling programs that use the GNU C Library. Security related changes: CVE-2019-7309: x86-64 memcmp used signed Jcc instructions to check size. For x86-64, memcmp on an object size larger than SSIZE_MAX has undefined behavior. On x32, the size_t argument may be passed in the lower 32 bits of the 64-bit RDX register with non-zero upper 32 bits. When it happened with the sign bit of RDX register set, memcmp gave the wrong result since it treated the size argument as zero. Reported by H.J. Lu. CVE-2019-9169: Attempted case-insensitive regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read. Reported by Hongxu Chen. The following bugs are resolved with this release: [2872] locale: Transliteration Cyrillic -> ASCII fails [6399] libc: gettid() should have a wrapper [16573] malloc: mtrace hangs when MALLOC_TRACE is defined [16976] glob: fnmatch unbounded stack VLA for collating symbols [17396] localedata: globbing for locale by [[.collating-element.]] [18035] dynamic-link: pldd does no longer work, enters infinite loop [18465] malloc: memusagestat is built using system C library [18830] locale: iconv -c -f ascii with >buffer size worth of input before invalid input drops valid char [20188] nptl: libpthread IFUNC resolver for vfork can lead to crash [20568] locale: Segfault with wide characters and setlocale/fgetwc/UTF-8 [21897] localedata: Afar locales: Fix mon, abmon, and abday [22964] localedata: The Japanese Era name will be changed on May 1, 2019 [23352] malloc: __malloc_check_init still defined in public header malloc.h. [23403] nptl: Wrong alignment of TLS variables [23501] libc: nftw() doesn't return dangling symlink's inode [23733] malloc: Check the count before calling tcache_get() [23741] malloc: Missing __attribute_alloc_size__ in many allocation functions [23831] localedata: nl_NL missing LC_NUMERIC thousands_sep [23844] nptl: pthread_rwlock_trywrlock results in hang [23983] argparse: Missing compat versions of argp_failure and argp_error for long double = double [23984] libc: Missing compat versions of err.h and error.h functions for long double = double [23996] localedata: Dutch salutations [24040] libc: riscv64: unterminated call chain in __thread_start [24047] network: libresolv should use IP_RECVERR/IPV6_RECVERR to avoid long timeouts [24051] stdio: puts and putchar ouput to _IO_stdout instead of stdout [24059] nss: nss_files: get_next_alias calls fgets_unlocked without checking for NULL. [24114] regex: regexec buffer read overrun in "grep -i '\(\(\)*.\)*\(\)\(\)\1'" [24122] libc: Segfaults if 0 returned from la_version [24153] stdio: Some input functions do not react to stdin assignment [24155] string: x32 memcmp can treat positive length as 0 (if sign bit in RDX is set) (CVE-2019-7309) [24161] nptl: __run_fork_handlers self-deadlocks in malloc/tst-mallocfork2 [24164] libc: Systemtap probes need to use "nr" constraint on 32-bit Arm, not the default "nor" [24166] dynamic-link: Dl_serinfo.dls_serpath[1] in dlfcn.h causes UBSAN false positives, change to modern flexible array [24180] nptl: pthread_mutex_trylock does not use the correct order of instructions while maintaining the robust mutex list due to missing compiler barriers. [24194] librt: Non-compatibility symbols for clock_gettime etc. cause unnecessary librt dependencies [24200] localedata: Revert first_weekday removal in en_IE locale [24211] nptl: Use-after-free in Systemtap probe in pthread_join [24215] nptl: pthread_timedjoin_np should be a cancellation point [24216] malloc: Check for large bin list corruption when inserting unsorted chunk [24228] stdio: old x86 applications that use legacy libio crash on exit [24231] dynamic-link: [sparc64] R_SPARC_H34 implementation falls through to R_SPARC_H44 [24293] localedata: Missing Minguo calendar support for TW locales [24296] localedata: Orthographic mistakes in 'day' and 'abday' sections in tt_RU (Tatar) locale [24307] localedata: Update locale data to Unicode 12.0.0 [24323] dynamic-link: dlopen should not be able open PIE objects [24335] build: "Obsolete types detected" with Linux 5.0 headers [24369] localedata: Orthographic mistakes in 'mon' and 'abmon' sections in tt_RU (Tatar) locale [24370] localedata: Add lang_name for tt_RU locale [24372] locale: Binary locale files are not architecture independent [24394] time: strptime %Ey mis-parses final year of era [24476] dynamic-link: __libc_freeres triggers bad free in libdl if dlerror was not used [24506] dynamic-link: FAIL: elf/tst-pldd with --enable-hardcoded-path-in- tests [24531] malloc: Malloc tunables give tcache assertion failures [24532] libc: conform/arpa/inet.h failures due to linux kernel 64-bit time_t changes [24535] localedata: Update locale data to Unicode 12.1.0 [24537] build: nptl/tst-eintr1 test case can hit task limits on some kernels and break testing [24544] build: elf/tst-pldd doesn't work if you install with a --prefix [24556] build: [GCC 9] error: ‘%s’ directive argument is null [-Werror=format-overflow=] [24570] libc: alpha: compat msgctl uses __IPC_64 [24584] locale: Data race in __wcsmbs_clone_conv [24588] stdio: Remove codecvt vtables from libio [24603] math: sysdeps/ieee754/dbl-64/branred.c is slow when compiled with -O3 -march=skylake [24614] localedata: nl_NL LC_MONETARY doesn't match CLDR 35 [24632] stdio: Old binaries which use freopen with default stdio handles crash [24640] libc: __ppc_get_timebase_freq() always return 0 when using static linked glibc [24652] localedata: szl_PL spelling correction [24695] nss: nss_db: calling getpwent after endpwent crashes [24696] nss: endgrent() clobbers errno=ERRNO for 'group: db files' entry in /etc/nsswitch.conf [24699] libc: mmap64 with very large offset broken on MIPS64 n32 [24740] libc: getdents64 type confusion [24741] dynamic-link: ld.so should not require that a versioned symbol is always implemented in the same library [24744] libc: Remove copy_file_range emulation [24757] malloc: memusagestat is linked against system libpthread [24794] libc: Partial test suite run builds corrupt test-in-container testroot Release Notes ============= https://sourceware.org/glibc/wiki/Release/2.30 Contributors ============ This release was made possible by the contributions of many people. The maintainers are grateful to everyone who has contributed changes or bug reports. These include: Adam Maris Adhemerval Zanella Alexandra Hájková Andreas K. Hüttel Andreas Schwab Anton Youdkevitch Aurelien Jarno Carlos O'Donell DJ Delorie Daniil Zhilin David Abdurachmanov David Newall Dmitry V. Levin Egor Kobylkin Felix Yan Feng Xue Florian Weimer Gabriel F. T. Gomes Grzegorz Kulik H.J. Lu Jan Kratochvil Jim Wilson Joseph Myers Maciej W. Rozycki Mao Han Mark Wielaard Matthew Malcomson Mike Crowe Mike FABIAN Mike Frysinger Mike Gerow PanderMusubi Patsy Franklin Paul A. Clarke Paul Clarke Paul Eggert Paul Pluzhnikov Rafal Luzynski Richard Henderson Samuel Thibault Siddhesh Poyarekar Stan Shebs Stefan Liebler Szabolcs Nagy TAMUKI Shoichi Tobias Klauser Tulio Magno Quites Machado Filho Uros Bizjak Vincent Chen Vineet Gupta Wilco Dijkstra Wolfram Sang Yann Droneaud Zack Weinberg mansayk marxin
-
glibc-2.2956c86f5d · ·
The GNU C Library ================= The GNU C Library version 2.29 is now available. The GNU C Library is used as *the* C library in the GNU system and in GNU/Linux systems, as well as many other systems that use Linux as the kernel. The GNU C Library is primarily designed to be a portable and high performance C library. It follows all relevant standards including ISO C11 and POSIX.1-2008. It is also internationalized and has one of the most complete internationalization interfaces known. The GNU C Library webpage is at http://www.gnu.org/software/libc/ Packages for the 2.29 release may be downloaded from: http://ftpmirror.gnu.org/libc/ http://ftp.gnu.org/gnu/libc/ The mirror list is at http://www.gnu.org/order/ftp.html NEWS for version 2.29 ==================== * The getcpu wrapper function has been added, which returns the currently used CPU and NUMA node. This function is Linux-specific. * A new convenience target has been added for distribution maintainers to build and install all locales as directories with files. The new target is run by issuing the following command in your build tree: 'make localedata/install-locale-files', with an optional DESTDIR to set the install root if you wish to install into a non-default configured location. * Optimized generic exp, exp2, log, log2, pow, sinf, cosf, sincosf and tanf. * The reallocarray function is now declared under _DEFAULT_SOURCE, not just for _GNU_SOURCE, to match BSD environments. * For powercp64le ABI, Transactional Lock Elision is now enabled iff kernel indicates that it will abort the transaction prior to entering the kernel (PPC_FEATURE2_HTM_NOSC on hwcap2). On older kernels the transaction is suspended, and this caused some undefined side-effects issues by aborting transactions manually. Glibc avoided it by abort transactions manually on each syscall, but it lead to performance issues on newer kernels where the HTM state is saved and restore lazily (the state being saved even when the process actually does not use HTM). * The functions posix_spawn_file_actions_addchdir_np and posix_spawn_file_actions_addfchdir_np have been added, enabling posix_spawn and posix_spawnp to run the new process in a different directory. These functions are GNU extensions. The function posix_spawn_file_actions_addchdir_np is similar to the Solaris function of the same name. * The popen and system do not run atfork handlers anymore (BZ#17490). Although it is a possible POSIX violation, the POSIX rationale in pthread_atfork documentation regarding atfork handlers is to handle inconsistent mutex state after a fork call in a multi-threaded process. In both popen and system there is no direct access to user-defined mutexes. * Support for the C-SKY ABIV2 running on Linux has been added. This port requires at least binutils-2.32, gcc-9.0, and linux-4.20. Two ABIs are supported: - C-SKY ABIV2 soft-float little-endian - C-SKY ABIV2 hard-float little-endian * strftime's default formatting of a locale's alternative year (%Ey) has been changed to zero-pad the year to a minimum of two digits, like "%y". This improves the display of Japanese era years during the first nine years of a new era, and is expected to be harmless for all other locales (only Japanese locales regularly have alternative year numbers less than 10). Zero-padding can be overridden with the '_' or '-' flags (which are GNU extensions). * As a GNU extension, the '_' and '-' flags can now be applied to "%EY" to control how the year number is formatted; they have the same effect that they would on "%Ey". Deprecated and removed features, and other changes affecting compatibility: * The glibc.tune tunable namespace has been renamed to glibc.cpu and the tunable glibc.tune.cpu has been renamed to glibc.cpu.name. * The type of the pr_uid and pr_gid members of struct elf_prpsinfo, defined in <sys/procfs.h>, has been corrected to match the type actually used by the Linux kernel. This affects the size and layout of that structure on MicroBlaze, MIPS (n64 ABI only), Nios II and RISC-V. * For the MIPS n32 ABI, the type of the pr_sigpend and pr_sighold members of struct elf_prstatus, and the pr_flag member of struct elf_prpsinfo, defined in <sys/procfs.h>, has been corrected to match the type actually used by the Linux kernel. This affects the size and layout of those structures. * An archaic GNU extension to scanf, under which '%as', '%aS', and '%a[...]' meant to scan a string and allocate space for it with malloc, is now restricted to programs compiled in C89 or C++98 mode with _GNU_SOURCE defined. This extension conflicts with C99's use of '%a' to scan a hexadecimal floating-point number, which is now available to programs compiled as C99 or C++11 or higher, regardless of _GNU_SOURCE. POSIX.1-2008 includes the feature of allocating a buffer for string input with malloc, using the modifier letter 'm' instead. Programs using '%as', '%aS', or '%a[...]' with the old GNU meaning should change to '%ms', '%mS', or '%m[...]' respectively. Programs that wish to use the C99 '%a' no longer need to avoid _GNU_SOURCE. GCC's -Wformat warnings can detect most uses of this extension, as long as all functions that call vscanf, vfscanf, or vsscanf are annotated with __attribute__ ((format (scanf, ...))). Changes to build and runtime requirements: * Python 3.4 or later is required to build the GNU C Library. * On most architectures, GCC 5 or later is required to build the GNU C Library. (On powerpc64le, GCC 6.2 or later is still required, as before.) Older GCC versions and non-GNU compilers are still supported when compiling programs that use the GNU C Library. Security related changes: CVE-2018-19591: A file descriptor leak in if_nametoindex can lead to a denial of service due to resource exhaustion when processing getaddrinfo calls with crafted host names. Reported by Guido Vranken. CVE-2019-6488: On x32, the size_t parameter may be passed in the lower 32 bits of a 64-bit register with with non-zero upper 32 bit. When it happened, accessing the 32-bit size_t value as the full 64-bit register in the assembly string/memory functions would cause a buffer overflow. Reported by H.J. Lu. CVE-2016-10739: The getaddrinfo function could successfully parse IPv4 addresses with arbitrary trailing characters, potentially leading to data or command injection issues in applications. Release Notes ============= https://sourceware.org/glibc/wiki/Release/2.29 Contributors ============ This release was made possible by the contributions of many people. The maintainers are grateful to everyone who has contributed changes or bug reports. These include: Adhemerval Zanella Albert ARIBAUD (3ADEV) Alexandra Hájková Andreas K. Hüttel Andreas Schwab Anton Youdkevitch Arjun Shankar Assaf Gordon Aurelien Jarno Carlos O'Donell Charles-Antoine Couret DJ Delorie Darius Rad David S. Miller Dmitry V. Levin Florian Weimer Fredrik Noring Gabriel F. T. Gomes H.J. Lu Ilya Leoshkevich Ilya Yu. Malakhov Istvan Kurucsai Jim Wilson Joseph Myers Justus Winter Kemi Wang Leonardo Sandoval Mao Han Martin Jansa Martin Kuchta Martin Sebor Mingli Yu Moritz Eckert PanderMusubi Paul Clarke Paul Eggert Paul Pluzhnikov Pochang Chen Rafael Avila de Espindola Rafael Ávila de Espíndola Rafal Luzynski Rajalakshmi Srinivasaraghavan Rogerio Alves Samuel Thibault Sergi Almacellas Abellana Siddhesh Poyarekar Stefan Liebler Steve Ellcey Szabolcs Nagy TAMUKI Shoichi Tobias Klauser Tulio Magno Quites Machado Filho Uroš Bizjak Wilco Dijkstra Zack Weinberg Zong Li
-
glibc-2.283c03baca · ·
The GNU C Library ================= The GNU C Library version 2.28 is now available. The GNU C Library is used as *the* C library in the GNU system and in GNU/Linux systems, as well as many other systems that use Linux as the kernel. The GNU C Library is primarily designed to be a portable and high performance C library. It follows all relevant standards including ISO C11 and POSIX.1-2008. It is also internationalized and has one of the most complete internationalization interfaces known. The GNU C Library webpage is at http://www.gnu.org/software/libc/ Packages for the 2.28 release may be downloaded from: http://ftpmirror.gnu.org/libc/ http://ftp.gnu.org/gnu/libc/ The mirror list is at http://www.gnu.org/order/ftp.html NEWS for version 2.28 ===================== Major new features: * The localization data for ISO 14651 is updated to match the 2016 Edition 4 release of the standard, this matches data provided by Unicode 9.0.0. This update introduces significant improvements to the collation of Unicode characters. This release deviates slightly from the standard in that the collation element ordering for lowercase and uppercase LATIN script characters is adjusted to ensure that regular expressions with ranges like [a-z] and [A-Z] don't interleave e.g. A is not matched by [a-z]. With the update many locales have been updated to take advantage of the new collation information. The new collation information has increased the size of the compiled locale archive or binary locales. * The GNU C Library can now be compiled with support for Intel CET, AKA Intel Control-flow Enforcement Technology. When the library is built with --enable-cet, the resulting glibc is protected with indirect branch tracking (IBT) and shadow stack (SHSTK). CET-enabled glibc is compatible with all existing executables and shared libraries. This feature is currently supported on i386, x86_64 and x32 with GCC 8 and binutils 2.29 or later. Note that CET-enabled glibc requires CPUs capable of multi-byte NOPs, like x86-64 processors as well as Intel Pentium Pro or newer. NOTE: --enable-cet has been tested for i686, x86_64 and x32 on non-CET processors. --enable-cet has been tested for x86_64 and x32 on CET SDVs, but Intel CET support hasn't been validated for i686. * The GNU C Library now has correct support for ABSOLUTE symbols (SHN_ABS-relative symbols). Previously such ABSOLUTE symbols were relocated incorrectly or in some cases discarded. The GNU linker can make use of the newer semantics, but it must communicate it to the dynamic loader by setting the ELF file's identification (EI_ABIVERSION field) to indicate such support is required. * Unicode 11.0.0 Support: Character encoding, character type info, and transliteration tables are all updated to Unicode 11.0.0, using generator scripts contributed by Mike FABIAN (Red Hat). * <math.h> functions that round their results to a narrower type are added from TS 18661-1:2014 and TS 18661-3:2015: - fadd, faddl, daddl and corresponding fMaddfN, fMaddfNx, fMxaddfN and fMxaddfNx functions. - fsub, fsubl, dsubl and corresponding fMsubfN, fMsubfNx, fMxsubfN and fMxsubfNx functions. - fmul, fmull, dmull and corresponding fMmulfN, fMmulfNx, fMxmulfN and fMxmulfNx functions. - fdiv, fdivl, ddivl and corresponding fMdivfN, fMdivfNx, fMxdivfN and fMxdivfNx functions. * Two grammatical forms of month names are now supported for the following languages: Armenian, Asturian, Catalan, Czech, Kashubian, Occitan, Ossetian, Scottish Gaelic, Upper Sorbian, and Walloon. The following languages now support two grammatical forms in abbreviated month names: Catalan, Greek, and Kashubian. * Newly added locales: Lower Sorbian (dsb_DE) and Yakut (sah_RU) also include the support for two grammatical forms of month names. * Building and running on GNU/Hurd systems now works without out-of-tree patches. * The renameat2 function has been added, a variant of the renameat function which has a flags argument. If the flags are zero, the renameat2 function acts like renameat. If the flag is not zero and there is no kernel support for renameat2, the function will fail with an errno value of EINVAL. This is different from the existing gnulib function renameatu, which performs a plain rename operation in case of a RENAME_NOREPLACE flags and a non-existing destination (and therefore has a race condition that can clobber the destination inadvertently). * The statx function has been added, a variant of the fstatat64 function with an additional flags argument. If there is no direct kernel support for statx, glibc provides basic stat support based on the fstatat64 function. * IDN domain names in getaddrinfo and getnameinfo now use the system libidn2 library if installed. libidn2 version 2.0.5 or later is recommended. If libidn2 is not available, internationalized domain names are not encoded or decoded even if the AI_IDN or NI_IDN flags are passed to getaddrinfo or getnameinfo. (getaddrinfo calls with non-ASCII names and AI_IDN will fail with an encoding error.) Flags which used to change the IDN encoding and decoding behavior (AI_IDN_ALLOW_UNASSIGNED, AI_IDN_USE_STD3_ASCII_RULES, NI_IDN_ALLOW_UNASSIGNED, NI_IDN_USE_STD3_ASCII_RULES) have been deprecated. They no longer have any effect. * Parsing of dynamic string tokens in DT_RPATH, DT_RUNPATH, DT_NEEDED, DT_AUXILIARY, and DT_FILTER has been expanded to support the full range of ELF gABI expressions including such constructs as '$ORIGIN$ORIGIN' (if valid). For SUID/GUID applications the rules have been further restricted, and where in the past a dynamic string token sequence may have been interpreted as a literal string it will now cause a load failure. These load failures were always considered unspecified behaviour from the perspective of the dynamic loader, and for safety are now load errors e.g. /foo/${ORIGIN}.so in DT_NEEDED results in a load failure now. * Support for ISO C threads (ISO/IEC 9899:2011) has been added. The implementation includes all the standard functions provided by <threads.h>: - thrd_current, thrd_equal, thrd_sleep, thrd_yield, thrd_create, thrd_detach, thrd_exit, and thrd_join for thread management. - mtx_init, mtx_lock, mtx_timedlock, mtx_trylock, mtx_unlock, and mtx_destroy for mutual exclusion. - call_once for function call synchronization. - cnd_broadcast, cnd_destroy, cnd_init, cnd_signal, cnd_timedwait, and cnd_wait for conditional variables. - tss_create, tss_delete, tss_get, and tss_set for thread-local storage. Application developers must link against libpthread to use ISO C threads. Deprecated and removed features, and other changes affecting compatibility: * The nonstandard header files <libio.h> and <_G_config.h> are no longer installed. Software that was using either header should be updated to use standard <stdio.h> interfaces instead. * The stdio functions 'getc' and 'putc' are no longer defined as macros. This was never required by the C standard, and the macros just expanded to call alternative names for the same functions. If you hoped getc and putc would provide performance improvements over fgetc and fputc, instead investigate using (f)getc_unlocked and (f)putc_unlocked, and, if necessary, flockfile and funlockfile. * All stdio functions now treat end-of-file as a sticky condition. If you read from a file until EOF, and then the file is enlarged by another process, you must call clearerr or another function with the same effect (e.g. fseek, rewind) before you can read the additional data. This corrects a longstanding C99 conformance bug. It is most likely to affect programs that use stdio to read interactive input from a terminal. (Bug #1190.) * The macros 'major', 'minor', and 'makedev' are now only available from the header <sys/sysmacros.h>; not from <sys/types.h> or various other headers that happen to include <sys/types.h>. These macros are rarely used, not part of POSIX nor XSI, and their names frequently collide with user code; see https://sourceware.org/bugzilla/show_bug.cgi?id=19239 for further explanation. <sys/sysmacros.h> is a GNU extension. Portable programs that require these macros should first include <sys/types.h>, and then include <sys/sysmacros.h> if __GNU_LIBRARY__ is defined. * The tilegx*-*-linux-gnu configurations are no longer supported. * The obsolete function ustat is no longer available to newly linked binaries; the headers <ustat.h> and <sys/ustat.h> have been removed. This function has been deprecated in favor of fstatfs and statfs. * The obsolete function nfsservctl is no longer available to newly linked binaries. This function was specific to systems using the Linux kernel and could not usefully be used with the GNU C Library on systems with version 3.1 or later of the Linux kernel. * The obsolete function name llseek is no longer available to newly linked binaries. This function was specific to systems using the Linux kernel and was not declared in a header. Programs should use the lseek64 name for this function instead. * The AI_IDN_ALLOW_UNASSIGNED and NI_IDN_ALLOW_UNASSIGNED flags for the getaddrinfo and getnameinfo functions have been deprecated. The behavior previously selected by them is now always enabled. * The AI_IDN_USE_STD3_ASCII_RULES and NI_IDN_USE_STD3_ASCII_RULES flags for the getaddrinfo and getnameinfo functions have been deprecated. The STD3 restriction (rejecting '_' in host names, among other things) has been removed, for increased compatibility with non-IDN name resolution. * The fcntl function now have a Long File Support variant named fcntl64. It is added to fix some Linux Open File Description (OFD) locks usage on non LFS mode. As for others *64 functions, fcntl64 semantics are analogous with fcntl and LFS support is handled transparently. Also for Linux, the OFD locks act as a cancellation entrypoint. * The obsolete functions encrypt, encrypt_r, setkey, setkey_r, cbc_crypt, ecb_crypt, and des_setparity are no longer available to newly linked binaries, and the headers <rpc/des_crypt.h> and <rpc/rpc_des.h> are no longer installed. These functions encrypted and decrypted data with the DES block cipher, which is no longer considered secure. Software that still uses these functions should switch to a modern cryptography library, such as libgcrypt. * Reflecting the removal of the encrypt and setkey functions above, the macro _XOPEN_CRYPT is no longer defined. As a consequence, the crypt function is no longer declared unless _DEFAULT_SOURCE or _GNU_SOURCE is enabled. * The obsolete function fcrypt is no longer available to newly linked binaries. It was just another name for the standard function crypt, and it has not appeared in any header file in many years. * We have tentative plans to hand off maintenance of the passphrase-hashing library, libcrypt, to a separate development project that will, we hope, keep up better with new passphrase-hashing algorithms. We will continue to declare 'crypt' in <unistd.h>, and programs that use 'crypt' or 'crypt_r' should not need to change at all; however, distributions will need to install <crypt.h> and libcrypt from a separate project. In this release, if the configure option --disable-crypt is used, glibc will not install <crypt.h> or libcrypt, making room for the separate project's versions of these files. The plan is to make this the default behavior in a future release. Changes to build and runtime requirements: GNU make 4.0 or later is now required to build glibc. Security related changes: CVE-2016-6261, CVE-2016-6263, CVE-2017-14062: Various vulnerabilities have been fixed by removing the glibc-internal IDNA implementation and using the system-provided libidn2 library instead. Originally reported by Hanno Böck and Christian Weisgerber. CVE-2017-18269: An SSE2-based memmove implementation for the i386 architecture could corrupt memory. Reported by Max Horn. CVE-2018-11236: Very long pathname arguments to realpath function could result in an integer overflow and buffer overflow. Reported by Alexey Izbyshev. CVE-2018-11237: The mempcpy implementation for the Intel Xeon Phi architecture could write beyond the target buffer, resulting in a buffer overflow. Reported by Andreas Schwab. The following bugs are resolved with this release: [1190] stdio: fgetc()/fread() behaviour is not POSIX compliant [6889] manual: 'PWD' mentioned but not specified [13575] libc: SSIZE_MAX defined as LONG_MAX is inconsistent with ssize_t, when __WORDSIZE != 64 [13762] regex: re_search etc. should return -2 on memory exhaustion [13888] build: /tmp usage during testing [13932] math: dbl-64 pow unexpectedly slow for some inputs [14092] nptl: Support C11 threads [14095] localedata: Review / update collation data from Unicode / ISO 14651 [14508] libc: -Wformat warnings [14553] libc: Namespace pollution loff_t in sys/types.h [14890] libc: Make NT_PRFPREG canonical. [15105] libc: Extra PLT references with -Os [15512] libc: __bswap_constant_16 not compiled when -Werror -Wsign- conversion is given [16335] manual: Feature test macro documentation incomplete and out of date [16552] libc: Unify umount implementations in terms of umount2 [17082] libc: htons et al.: statement-expressions prevent use on global scope with -O1 and higher [17343] libc: Signed integer overflow in /stdlib/random_r.c [17438] localedata: pt_BR: wrong d_fmt delimiter [17662] libc: please implement binding for the new renameat2 syscall [17721] libc: __restrict defined as /* Ignore */ even in c11 [17979] libc: inconsistency between uchar.h and stdint.h [18018] dynamic-link: Additional $ORIGIN handling issues (CVE-2011-0536) [18023] libc: extend_alloca is broken (questionable pointer comparison, horrible machine code) [18124] libc: hppa: setcontext erroneously returns -1 as exit code for last constant. [18471] libc: llseek should be a compat symbol [18473] soft-fp: [powerpc-nofpu] __sqrtsf2, __sqrtdf2 should be compat symbols [18991] nss: nss_files skips large entry in database [19239] libc: Including stdlib.h ends up with macros major and minor being defined [19463] libc: linknamespace failures when compiled with -Os [19485] localedata: csb_PL: Update month translations + add yesstr/nostr [19527] locale: Normalized charset name not recognized by setlocale [19667] string: Missing Sanity Check for malloc calls in file 'testcopy.c' [19668] libc: Missing Sanity Check for malloc() in file 'tst-setcontext- fpscr.c' [19728] network: out of bounds stack read in libidn function idna_to_ascii_4i (CVE-2016-6261) [19729] network: out of bounds heap read on invalid utf-8 inputs in stringprep_utf8_nfkc_normalize (CVE-2016-6263) [19818] dynamic-link: Absolute (SHN_ABS) symbols incorrectly relocated by the base address [20079] libc: Add SHT_X86_64_UNWIND to elf.h [20251] libc: 32bit programs pass garbage in struct flock for OFD locks [20419] dynamic-link: files with large allocated notes crash in open_verify [20530] libc: bswap_16 should use __builtin_bswap16() when available [20890] dynamic-link: ldconfig: fsync the files before atomic rename [20980] manual: CFLAGS environment variable replaces vital options [21163] regex: Assertion failure in pop_fail_stack when executing a malformed regexp (CVE-2015-8985) [21234] manual: use of CFLAGS makes glibc detect no optimization [21269] dynamic-link: i386 sigaction sa_restorer handling is wrong [21313] build: Compile Error GCC 5.4.0 MIPS with -0S [21314] build: Compile Error GCC 5.2.0 MIPS with -0s [21508] locale: intl/tst-gettext failure with latest msgfmt [21547] localedata: Tibetan script collation broken (Dzongkha and Tibetan) [21812] network: getifaddrs() returns entries with ifa_name == NULL [21895] libc: ppc64 setjmp/longjmp not fully interoperable with static dlopen [21942] dynamic-link: _dl_dst_substitute incorrectly handles $ORIGIN: with AT_SECURE=1 [22241] localedata: New locale: Yakut (Sakha) locale for Russia (sah_RU) [22247] network: Integer overflow in the decode_digit function in puny_decode.c in libidn (CVE-2017-14062) [22342] nscd: NSCD not properly caching netgroup [22391] nptl: Signal function clear NPTL internal symbols inconsistently [22550] localedata: es_ES locale (and other es_* locales): collation should treat ñ as a primary different character, sync the collation for Spanish with CLDR [22638] dynamic-link: sparc: static binaries are broken if glibc is built by gcc configured with --enable-default-pie [22639] time: year 2039 bug for localtime etc. on 64-bit platforms [22644] string: memmove-sse2-unaligned on 32bit x86 produces garbage when crossing 2GB threshold (CVE-2017-18269) [22646] localedata: redundant data (LC_TIME) for es_CL, es_CU, es_EC and es_BO [22735] time: Misleading typo in time.h source comment regarding CLOCKS_PER_SECOND [22753] libc: preadv2/pwritev2 fallback code should handle offset=-1 [22761] libc: No trailing `%n' conversion specifier in FMT passed from `__assert_perror_fail ()' to `__assert_fail_base ()' [22766] libc: all glibc internal dlopen should use RTLD_NOW for robust dlopen failures [22786] libc: Stack buffer overflow in realpath() if input size is close to SSIZE_MAX (CVE-2018-11236) [22787] dynamic-link: _dl_check_caller returns false when libc is linked through an absolute DT_NEEDED path [22792] build: tcb-offsets.h dependency dropped [22797] libc: pkey_get() uses non-reserved name of argument [22807] libc: PTRACE_* constants missing for powerpc [22818] glob: posix/tst-glob_lstat_compat failure on alpha [22827] dynamic-link: RISC-V ELF64 parser mis-reads flag in ldconfig [22830] malloc: malloc_stats doesn't restore cancellation state on stderr [22848] localedata: ca_ES: update date definitions from CLDR [22862] build: _DEFAULT_SOURCE is defined even when _ISOC11_SOURCE is [22884] math: RISCV fmax/fmin handle signalling NANs incorrectly [22896] localedata: Update locale data for an_ES [22902] math: float128 test failures with GCC 8 [22918] libc: multiple common of `__nss_shadow_database' [22919] libc: sparc32: backtrace yields infinite backtrace with makecontext [22926] libc: FTBFS on powerpcspe [22932] localedata: lt_LT: Update of abbreviated month names from CLDR required [22937] localedata: Greek (el_GR, el_CY) locales actually need ab_alt_mon [22947] libc: FAIL: misc/tst-preadvwritev2 [22963] localedata: cs_CZ: Add alternative month names [22987] math: [powerpc/sparc] fdim inlines errno, exceptions handling [22996] localedata: change LC_PAPER to en_US in es_BO locale [22998] dynamic-link: execstack tests are disabled when SELinux is disabled [23005] network: Crash in __res_context_send after memory allocation failure [23007] math: strtod cannot handle -nan [23024] nss: getlogin_r is performing NSS lookups when loginid isn't set [23036] regex: regex equivalence class regression [23037] libc: initialize msg_flags to zero for sendmmsg() calls [23069] libc: sigaction broken on riscv64-linux-gnu [23094] localedata: hr_HR: wrong thousands_sep and mon_thousands_sep [23102] dynamic-link: Incorrect parsing of multiple consecutive $variable patterns in runpath entries (e.g. $ORIGIN$ORIGIN) [23137] nptl: s390: pthread_join sometimes block indefinitely (on 31bit and libc build with -Os) [23140] localedata: More languages need two forms of month names [23145] libc: _init/_fini aren't marked as hidden [23152] localedata: gd_GB: Fix typo in "May" (abbreviated) [23171] math: C++ iseqsig for long double converts arguments to double [23178] nscd: sudo will fail when it is run in concurrent with commands that changes /etc/passwd [23196] string: __mempcpy_avx512_no_vzeroupper mishandles large copies (CVE-2018-11237) [23206] dynamic-link: static-pie + dlopen breaks debugger interaction [23208] localedata: New locale - Lower Sorbian (dsb) [23233] regex: Memory leak in build_charclass_op function in file posix/regcomp.c [23236] stdio: Harden function pointers in _IO_str_fields [23250] nptl: Offset of __private_ss differs from GCC [23253] math: tgamma test suite failures on i686 with -march=x86-64 -mtune=generic -mfpmath=sse [23259] dynamic-link: Unsubstituted ${ORIGIN} remains in DT_NEEDED for AT_SECURE [23264] libc: posix_spawnp wrongly executes ENOEXEC in non compat mode [23266] nis: stringop-truncation warning with new gcc8.1 in nisplus- parser.c [23272] math: fma(INFINITY,INFIITY,0.0) should be INFINITY [23277] math: nan function should not have const attribute [23279] math: scanf and strtod wrong for some hex floating-point [23280] math: wscanf rounds wrong; wcstod is ok for negative numbers and directed rounding [23290] localedata: IBM273 is not equivalent to ISO-8859-1 [23303] build: undefined reference to symbol '__parse_hwcap_and_convert_at_platform@@GLIBC_2.23' [23307] dynamic-link: Absolute symbols whose value is zero ignored in lookup [23313] stdio: libio vtables validation and standard file object interposition [23329] libc: The __libc_freeres infrastructure is not properly run across DSO boundaries. [23349] libc: Various glibc headers no longer compatible with <linux/time.h> [23351] malloc: Remove unused code related to heap dumps and malloc checking [23363] stdio: stdio-common/tst-printf.c has non-free license [23396] regex: Regex equivalence regression in single-byte locales [23422] localedata: oc_FR: More updates of locale data [23442] build: New warning with GCC 8 [23448] libc: Out of bounds access in IBM-1390 converter [23456] libc: Wrong index_cpu_LZCNT [23458] build: tst-get-cpu-features-static isn't added to tests [23459] libc: COMMON_CPUID_INDEX_80000001 isn't populated for Intel processors [23467] dynamic-link: x86/CET: A property note parser bug Release Notes ============= https://sourceware.org/glibc/wiki/Release/2.28 Contributors ============ This release was made possible by the contributions of many people. The maintainers are grateful to everyone who has contributed changes or bug reports. These include: Adhemerval Zanella Agustina Arzille Alan Modra Alexandre Oliva Amit Pawar Andreas Schwab Andrew Senkevich Andrew Waterman Aurelien Jarno Carlos O'Donell Chung-Lin Tang DJ Delorie Daniel Alvarez David Michael Dmitry V. Levin Dragan Stanojevic - Nevidljivi Florian Weimer Flávio Cruz Francois Goichon Gabriel F. T. Gomes H.J. Lu Herman ten Brugge Hongbo Zhang Igor Gnatenko Jesse Hathaway John David Anglin Joseph Myers Leonardo Sandoval Maciej W. Rozycki Mark Wielaard Martin Sebor Michael Wolf Mike FABIAN Patrick McGehearty Patsy Franklin Paul Pluzhnikov Quentin PAGÈS Rafal Luzynski Rajalakshmi Srinivasaraghavan Raymond Nicholson Rical Jasan Richard Braun Robert Buj Rogerio Alves Samuel Thibault Sean McKean Siddhesh Poyarekar Stefan Liebler Steve Ellcey Sylvain Lesage Szabolcs Nagy Thomas Schwinge Tulio Magno Quites Machado Filho Valery Timiriliyev Vincent Chen Wilco Dijkstra Zack Weinberg Zong Li
-
glibc-2.2723158b08 · ·
The GNU C Library ================= The GNU C Library version 2.27 is now available. The GNU C Library is used as *the* C library in the GNU system and in GNU/Linux systems, as well as many other systems that use Linux as the kernel. The GNU C Library is primarily designed to be a portable and high performance C library. It follows all relevant standards including ISO C11 and POSIX.1-2008. It is also internationalized and has one of the most complete internationalization interfaces known. The GNU C Library webpage is at https://www.gnu.org/software/libc/ Packages for the 2.27 release may be downloaded from: https://ftpmirror.gnu.org/libc/ https://ftp.gnu.org/gnu/libc/ The mirror list is at https://www.gnu.org/order/ftp.html NEWS for version 2.27 ===================== Major new features: * The GNU C Library can now be compiled with support for building static PIE executables (See --enable-static-pie in INSTALL). These static PIE executables are like static executables but can be loaded at any address and provide additional security hardening benefits at the cost of some memory and performance. When the library is built with --enable-static-pie the resulting libc.a is usable with GCC 8 and above to create static PIE executables using the GCC option '-static-pie'. This feature is currently supported on i386, x86_64 and x32 with binutils 2.29 or later, and on aarch64 with binutils 2.30 or later. * Optimized x86-64 asin, atan2, exp, expf, log, pow, atan, sin, cosf, sinf, sincosf and tan with FMA, contributed by Arjan van de Ven and H.J. Lu from Intel. * Optimized x86-64 trunc and truncf for processors with SSE4.1. * Optimized generic expf, exp2f, logf, log2f, powf, sinf, cosf and sincosf. * In order to support faster and safer process termination the malloc API family of functions will no longer print a failure address and stack backtrace after detecting heap corruption. The goal is to minimize the amount of work done after corruption is detected and to avoid potential security issues in continued process execution. Reducing shutdown time leads to lower overall process restart latency, so there is benefit both from a security and performance perspective. * The abort function terminates the process immediately, without flushing stdio streams. Previous glibc versions used to flush streams, resulting in deadlocks and further data corruption. This change also affects process aborts as the result of assertion failures. * On platforms where long double has the IEEE binary128 format (aarch64, alpha, mips64, riscv, s390 and sparc), the math library now implements _Float128 interfaces for that type, as defined by ISO/IEC TS 18661-3:2015. These are the same interfaces added in version 2.26 for some platforms where this format is supported but is not the format of long double. * On platforms with support for _Float64x (aarch64, alpha, i386, ia64, mips64, powerpc64le, riscv, s390, sparc and x86_64), the math library now implements interfaces for that type, as defined by ISO/IEC TS 18661-3:2015. These are corresponding interfaces to those supported for _Float128. * The math library now implements interfaces for the _Float32, _Float64 and _Float32x types, as defined by ISO/IEC TS 18661-3:2015. These are corresponding interfaces to those supported for _Float128. * glibc now implements the memfd_create and mlock2 functions on Linux. * Support for memory protection keys was added. The <sys/mman.h> header now declares the functions pkey_alloc, pkey_free, pkey_mprotect, pkey_set, pkey_get. * The copy_file_range function was added. * Optimized memcpy, mempcpy, memmove, and memset for sparc M7. * The ldconfig utility now processes `include' directives using the C/POSIX collation ordering. Previous glibc versions used locale-specific ordering, the change might break systems that relied on that. * Support for two grammatical forms of month names has been added. In a call to strftime, the "%B" and "%b" format specifiers will now produce the grammatical form required when the month is used as part of a complete date. New "%OB" and "%Ob" specifiers produce the form required when the month is named by itself. For instance, in Greek and in many Slavic and Baltic languages, "%B" will produce the month in genitive case, and "%OB" will produce the month in nominative case. In a call to strptime, "%B", "%b", "%h", "%OB", "%Ob", and "%Oh" are all valid and will all accept any known form of month name---standalone or complete, abbreviated or full. In a call to nl_langinfo, the query constants MON_1..12 and ABMON_1..12 return the strings used by "%B" and "%b", respectively. New query constants ALTMON_1..12 and _NL_ABALTMON_1..12 return the strings used by "%OB" and "%Ob", respectively. In a locale definition file, use "alt_mon" and "ab_alt_mon" to define the strings for %OB and %Ob, respectively; these have the same syntax as "mon" and "abmon". These arrays are optional; if they are not provided then they have the same content as "mon" and "abmon", respectively. These features are provided for locales which define "alt_mon" and/or "ab_alt_mon" in their locale source data. This release includes such alternative month name data for the following languages: Belarusian, Croatian, Greek, Lithuanian, Polish, Russian, and Ukrainian. This feature is currently a GNU extension, but it is expected to be added to the next revision of POSIX, and it is also already available on some BSD-derived operating systems. This feature will cause existing statically compiled applications to fail to load locales and fall back to the builtin C/POSIX locales. See notes below for other changes affecting compatibility. * Support for the RISC-V ISA running on Linux has been added. This port requires at least binutils-2.30, gcc-7.3.0, and linux-4.15; and is supported for the following ISA and ABI pairs: - rv64imac lp64 - rv64imafdc lp64 - rv64imafdc lp64d Deprecated and removed features, and other changes affecting compatibility: * Statically compiled applications attempting to load locales compiled for the GNU C Library version 2.27 will fail and fall back to the builtin C/POSIX locale. The reason for this is that the addition of the new "%OB" and "%Ob", support for two grammatical forms of the month names, also extends the locale data binary format. Static applications needing locale support must be recompiled to match the runtime and data they are deployed with. In some distributions there is an upgrade window where dynamically linked applications may use a new library but the old locale data and also fall back to the builtin C/POSIX locales; restarting the application process is sufficient to fix this. * Support for statically linked applications which call dlopen is deprecated and will be removed in a future version of glibc. Applications which call dlopen need to be linked dynamically instead. * Support for old programs which use internal stdio data structures and functions is deprecated. This includes programs which use the C++ streams provided by libstdc++ in GCC 2.95. Programs which use the internal symbols _IO_adjust_wcolumn, _IO_default_doallocate, _IO_default_finish, _IO_default_pbackfail, _IO_default_uflow, _IO_default_xsgetn, _IO_default_xsputn, _IO_doallocbuf, _IO_do_write, _IO_file_attach, _IO_file_close, _IO_file_close_it, _IO_file_doallocate, _IO_file_fopen, _IO_file_init, _IO_file_jumps, _IO_fileno, _IO_file_open, _IO_file_overflow, _IO_file_read, _IO_file_seek, _IO_file_seekoff, _IO_file_setbuf, _IO_file_stat, _IO_file_sync, _IO_file_underflow, _IO_file_write, _IO_file_xsputn, _IO_flockfile, _IO_flush_all, _IO_flush_all_linebuffered, _IO_free_backup_area, _IO_free_wbackup_area, _IO_init, _IO_init_marker, _IO_init_wmarker, _IO_iter_begin, _IO_iter_end, _IO_iter_file, _IO_iter_next, _IO_least_wmarker, _IO_link_in, _IO_list_all, _IO_list_lock, _IO_list_resetlock, _IO_list_unlock, _IO_marker_delta, _IO_marker_difference, _IO_remove_marker, _IO_seekmark, _IO_seekwmark, _IO_str_init_readonly, _IO_str_init_static, _IO_str_overflow, _IO_str_pbackfail, _IO_str_seekoff, _IO_str_underflow, _IO_switch_to_main_wget_area, _IO_switch_to_wget_mode, _IO_unsave_wmarkers, _IO_wdefault_doallocate, _IO_wdefault_finish, _IO_wdefault_pbackfail, _IO_wdefault_setbuf, _IO_wdefault_uflow, _IO_wdefault_xsgetn, _IO_wdefault_xsputn, _IO_wdoallocbuf, _IO_wdo_write, _IO_wfile_jumps, _IO_wfile_overflow, _IO_wfile_sync, _IO_wfile_underflow, _IO_wfile_xsputn, _IO_wmarker_delta, or _IO_wsetb may stop working with a future version of glibc. Unlike other symbol removals, these old applications will not be supported using compatibility symbols. * On GNU/Linux, the obsolete Linux constant PTRACE_SEIZE_DEVEL is no longer defined by <sys/ptrace.h>. * libm no longer supports SVID error handling (calling a user-provided matherr function on error) or the _LIB_VERSION variable to control error handling. (SVID error handling and the _LIB_VERSION variable still work for binaries linked against older versions of the GNU C Library.) The libieee.a library is no longer provided. math.h no longer defines struct exception, or the macros X_TLOSS, DOMAIN, SING, OVERFLOW, UNDERFLOW, TLOSS, PLOSS and HUGE. * The libm functions pow10, pow10f and pow10l are no longer supported for new programs. Programs should use the standard names exp10, exp10f and exp10l for these functions instead. * The mcontext_t type is no longer the same as struct sigcontext. On platforms where it was previously the same, this changes the C++ name mangling for interfaces involving this type. * The add-ons mechanism for building additional packages at the same time as glibc has been removed. The --enable-add-ons configure option is now ignored. * The --without-fp configure option is now ignored. Whether hardware floating-point instructions are used is now configured based on whether the compiler used at configure time (without any options implied by a --with-cpu= configure option) uses such instructions. * The res_hnok, res_dnok, res_mailok and res_ownok functions now check that the specified string can be parsed as a domain name. * In the malloc_info output, the <heap> element may contain another <aspace> element, "subheaps", which contains the number of sub-heaps. * The libresolv function p_secstodate is no longer supported for new programs. * The tilepro-*-linux-gnu configuration is no longer supported. * The nonstandard header files <libio.h> and <_G_config.h> are deprecated and will be removed in a future release. Software that is still using either header should be updated to use standard <stdio.h> interfaces instead. libio.h was originally the header for a set of supported GNU extensions, but they have not been maintained as such in many years, they are now standing in the way of improvements to stdio, and we don't think there are any remaining external users. _G_config.h was never intended for public use, but predates the bits convention. Changes to build and runtime requirements: * bison version 2.7 or later is required to generate code in the 'intl' subdirectory. Security related changes: CVE-2009-5064: The ldd script would sometimes run the program under examination directly, without preventing code execution through the dynamic linker. (The glibc project disputes that this is a security vulnerability; only trusted binaries must be examined using the ldd script.) CVE-2017-15670: The glob function, when invoked with GLOB_TILDE, suffered from a one-byte overflow during ~ operator processing (either on the stack or the heap, depending on the length of the user name). Reported by Tim Rühsen. CVE-2017-15671: The glob function, when invoked with GLOB_TILDE, would sometimes fail to free memory allocated during ~ operator processing, leading to a memory leak and, potentially, to a denial of service. CVE-2017-15804: The glob function, when invoked with GLOB_TILDE and without GLOB_NOESCAPE, could write past the end of a buffer while unescaping user names. Reported by Tim Rühsen. CVE-2017-17426: The malloc function, when called with an object size near the value SIZE_MAX, would return a pointer to a buffer which is too small, instead of NULL. This was a regression introduced with the new malloc thread cache in glibc 2.26. Reported by Iain Buclaw. CVE-2017-1000408: Incorrect array size computation in _dl_init_paths leads to the allocation of too much memory. (This is not a security bug per se, it is mentioned here only because of the CVE assignment.) Reported by Qualys. CVE-2017-1000409: Buffer overflow in _dl_init_paths due to miscomputation of the number of search path components. (This is not a security vulnerability per se because no trust boundary is crossed if the fix for CVE-2017-1000366 has been applied, but it is mentioned here only because of the CVE assignment.) Reported by Qualys. CVE-2017-16997: Incorrect handling of RPATH or RUNPATH containing $ORIGIN for AT_SECURE or SUID binaries could be used to load libraries from the current directory. CVE-2018-1000001: Buffer underflow in realpath function when getcwd function succeeds without returning an absolute path due to unexpected behaviour of the Linux kernel getcwd syscall. Reported by halfdog. CVE-2018-6485: The posix_memalign and memalign functions, when called with an object size near the value of SIZE_MAX, would return a pointer to a buffer which is too small, instead of NULL. Reported by Jakub Wilk. Release Notes ============= https://sourceware.org/glibc/wiki/Release/2.27 Contributors ============ This release was made possible by the contributions of many people. The maintainers are grateful to everyone who has contributed changes or bug reports. These include: Adhemerval Zanella Akhilesh Kumar Alan Hayward Alan Modra Alexandre Oliva Alexey Makhalov Andreas Schwab Arjun Shankar Arnold Robbins Aurelien Jarno Bernd Edlinger Carlos O'Donell Chris Metcalf Christian Brauner Claude Paroz DJ Delorie David S. Miller Dmitry V. Levin Dragan Stanojević - Nevidljivi Egmont Koblinger Eric Blake Florian Weimer Gabriel F. T. Gomes Guido Trentalancia Gustavo Romero H.J. Lu Il'ya Malakhov Istvan Kurucsai James Clarke John David Anglin Jonathan Wakely Jose E. Marchesi Joseph Myers Julen Ruiz Aizpuru Juro Bystricky Luke Shumaker Markus Trippelsdorf Martin Sebor Michael Collison Mike FABIAN Palmer Dabbelt Patrick McGehearty Patsy Franklin Paul Clarke Paul Eggert Paul Pluzhnikov Peter Zelezny Rafal Luzynski Rajalakshmi Srinivasaraghavan Rical Jasan Richard Henderson Rogerio Alves Romain Naour Samuel Thibault Sergei Trofimovich Siddhesh Poyarekar Stanislav Brabec Stefan Liebler Steve Ellcey Szabolcs Nagy Thierry Vignaud Thomas Schwinge Thorsten Glaser Tobias Klauser Tulio Magno Quites Machado Filho Victor Rodriguez Wang Boshi Wei-Lun Chao Wilco Dijkstra Will Hawkins Yury Norov Zack Weinberg