-
glibc-2.11.3
glibc-2.11.3 release This is a bugfix glibc release, revising the glibc-2.11.2 release only by bugfixes and trivial changes backported from the master glibc development branch. These commits were included since glibc-2.11.2: Andreas Krebbel (1): Fix concurrency problem between dl_open and dl_iterate_phdr Andreas Schwab (15): sunrpc: Fix spurious fall-through Don't crash on unresolved weak symbol reference Fix use of extend_alloca in NIS Require suid bit on audit objects in privileged programs Document M_PERTURB Fix array overflow in floating point parser Fix register conflict in s390 ____longjmp_chk Expect PLT call to _Unwind_Find_FDE on s390*-linux Don't expand DST twice in dl_open Require suid bit on audit objects in privileged programs Work around shortest-stem feature in make 3.82+ Properly quote output of locale Don't mix pattern rules with normal rules Fix memory leak in fnmatch Properly convert f_fsid in statvfs Chung-Lin Tang (1): Fix _FORITY_SOURCE version of longjmp for Linux/x86-64. Emilio Pozuelo Monfort (1): Hurd: Fix linkat symlink handling. Eric Blake (1): Fix strstr and memmem algorithm. H.J. Lu (4): Incorrect x86 CPU family and model check. Fix alignment of AVX safe area on x86-64. Add -fno-asynchronous-unwind-tables to initfini.s for i386 Fix alignment of AVX safe area on x86-64. Jakub Jelinek (1): Fix a couple of __REDIRECT () __THROW occurrences Joseph Myers (1): getdents64 fallback d_type support Kirill A. Shutemov (1): Flush cache after solving TEXTRELs if arch requires it. Luis Machado (1): Fix comparison in sqrtl for IBM long double 128. Mike Frysinger (2): Fix typo in x86-64 epoll.h. Update sparc epoll.h from epoll_create2 to epoll_create1 Miklos Szeredi (1): Verify in ttyname() that the symlink is valid. Petr Baudis (2): Fix multiple nss_compat initgroups() bugs Allow aux_cache_file open()ing to fail silently even in the chroot mode. Richard Li (1): Fix x86-64 strchr propagation of search byte into all bytes of SSE register Roland McGrath (4): Manual wording fix for round{,f,l}. Fix vDSO synthetic hwcap handling so they are not masked out from ld.so.cache matching. BZ #11840: Fix config.cache usage for -fgnu89-inline check. BZ 11856: fix manual nit Samuel Thibault (1): Hurd: fix timeout rounding in select Takashi Yoshii (2): Fix iov[] size in SH register_dump() [sh] Fix incorrect location of ifndef for __ASSUME_FUTEX_CLOCK_REALTIME. Ulrich Drepper (19): Don't crash on unresolved weak symbol reference when auditing. Fix handling of tail bytes of buffer in SSE2/SSSE3 x86-64 version strn{,case}cmp Add test case for strstr problem. 32bit memset-sse2.S fails with uneven cache size Fix build with newer linker. More linking issues fixed. Missing server address again leads to localhost being used Actually make it possible to user the default name server. Handle large requests. Remove specific binutils version recommendation in INSTALL file. Linux getifaddrs might return entries with ->ifa_addr being NULL. Fix memory leak for some invalid regular expressions. More regex memory leak fixes and testcases One more regex memory leak fixed. Fix perturbing in malloc on free. Fix warnings in __bswap_16. Avoid too much stack use in fnmatch. Define SWAP_FLAG_DISCARD. Define MAP_HUGETLB. -
glibc-2.16
The GNU C Library ================= The GNU C Library version 2.16 is now available. The GNU C Library is used as *the* C library in the GNU systems and most systems with the Linux kernel. The GNU C Library is primarily designed to be a portable and high performance C library. It follows all relevant standards including ISO C99 and POSIX.1-2008. It is also internationalized and has one of the most complete internationalization interfaces known. The GNU C Library webpage is at http://www.gnu.org/software/libc/ Packages for the 2.16 release may be downloaded from: http://ftpmirror.gnu.org/libc/ http://ftp.gnu.org/gnu/libc/ The mirror list is at http://www.gnu.org/order/ftp.html NEWS for version 2.16 ===================== * The following bugs are resolved with this release: 174, 208, 350, 369, 411, 706, 766, 887, 2074, 2541, 2547, 2548, 2550, 2551, 2552, 2553, 2554, 2562, 2563, 2565, 2566, 2570, 2576, 2636, 2678, 3335, 3440, 3748, 3768, 3866, 3868, 3906, 3976, 3992, 4026, 4108, 4596, 4822, 5077, 5461, 5805, 5993, 6471, 6486, 6578, 6649, 6730, 6770, 6794, 6884, 6890, 6894, 6895, 6907, 6911, 6959, 7064, 9739, 9902, 10110, 10135, 10140, 10153, 10210, 10254, 10346, 10375, 10545, 10716, 10846, 11174, 11322, 11365, 11451, 11494, 11521, 11677, 11837, 11959, 12047, 12097, 12193, 12194, 12297, 12298, 12301, 12340, 12354, 12416, 12495, 13058, 13223, 13361, 13525, 13526, 13527, 13528, 13529, 13530, 13531, 13532, 13533, 13547, 13551, 13552, 13553, 13555, 13556, 13559, 13563, 13566, 13576, 13579, 13583, 13592, 13594, 13613, 13618, 13637, 13656, 13658, 13673, 13691, 13695, 13704, 13705, 13706, 13718, 13726, 13738, 13739, 13743, 13750, 13758, 13760, 13761, 13775, 13786, 13787, 13792, 13806, 13824, 13840, 13841, 13844, 13846, 13848, 13851, 13852, 13854, 13871, 13872, 13873, 13879, 13882, 13883, 13884, 13885, 13886, 13892, 13895, 13908, 13910, 13911, 13912, 13913, 13914, 13915, 13916, 13917, 13918, 13919, 13920, 13921, 13922, 13923, 13924, 13926, 13927, 13928, 13938, 13941, 13942, 13954, 13955, 13956, 13963, 13967, 13968, 13970, 13973, 13979, 13983, 13986, 13996, 14012, 14027, 14033, 14034, 14036, 14040, 14043, 14044, 14048, 14049, 14050, 14053, 14055, 14059, 14064, 14075, 14080, 14083, 14103, 14104, 14109, 14112, 14117, 14122, 14123, 14134, 14153, 14183, 14188, 14199, 14210, 14218, 14229, 14241, 14273, 14277, 14278 * Support for the x32 ABI on x86-64 added. The x32 target is selected by configuring glibc with: BUILD_CC='gcc' CC='gcc -mx32' CXX='g++ -mx32' Visit <http://sites.google.com/site/x32abi/> for more x32 ABI info. Implemented by H.J. Lu. * ISO C11 support: + define static_assert + do not declare gets + declare at_quick_exit and quick_exit also for ISO C11 + aligned_alloc. NB: The code is deliberately allows the size parameter to not be a multiple of the alignment. This is a moronic requirement in the standard but it is only a requirement on the caller, not the implementation. + timespec_get added + uchar.h support added + CMPLX, CMPLXF, CMPLXL added Implemented by Ulrich Drepper. * Support for the IA-64 has been moved to ports. * Remove support for anything but ELF binary format * Checking versions of poll, ppoll added. Implemented by Ulrich Drepper. * More generic and 64-bit performance optimizations to math functions. Implemented by Ulrich Drepper. * New configure option --enable-obsolete-rpc makes the deprecated RPC headers and functions available at compile time as they were before version 2.14. This option will be removed at some time in the future after the TI-RPC library becomes fully sufficient for the needs of existing applications. * Compatibility code for Linux kernel versions before 2.4 has been removed. Note that glibc is not expected to work with any Linux kernel version before 2.6. * New header <sys/auxv.h> and function getauxval allowing easy access to the AT_* key-value pairs passed from the Linux kernel. The header also defines the HWCAP_* bits associated with the AT_HWCAP key. * New locales: mag_IN * New configure option --enable-systemtap builds SystemTap static probes into libc for setjmp and longjmp and into libpthread for various operations. So far the setjmp/longjmp probes and some of the libpthread probes are provided only for i*86 and x86_64. Implemented by Roland McGrath and Rayson Ho. * Optimized expf for x86-32 and x86-64. Implemented by Liubov Dmitrieva. * More optimized functions for PowerPC. Implemented by Adhemerval Zanella and Will Schmidt. * More optimized functions for SPARC. Implemented by David S. Miller. * Improved support for cross-compilation, especially bootstrap builds without a previously built glibc. * Ports for the TILE-Gx and TILEPro families of processors. Contributed by Chris Metcalf from Tilera. * Support for the old ARM ABI has been removed from ports. Only the EABI is now supported for ARM processors. * The hard-float variant of the ARM EABI now uses /lib/ld-linux-armhf.so.3 as the name of the dynamic linker, to distinguish it from the /lib/ld-linux.so.3 dynamic linker used for the base EABI. * Support for CRIS has been removed from ports. * A new class of installed header has been documented for low-level platform-specific functionality. PowerPC added the first instance with a function to provide time base register access. Contributed by Tulio Magno Quites Machado Filho. * ix86 configurations now install header files that are consistent with what x86-64 configurations install. These same header files can be used for -m32, -m64, or -mx32 builds. Contributed by H.J. Lu. * Math library bug fixes. A thorough audit of all open math library bugs was conducted by Joseph Myers. Significant progress was made on many math library bugs resulting in more accurate exceptions and function results. Many thanks to all those that contributed including Andreas Jaeger for his patch review and work on the x87 trigonometric instruction issues. * Timezone data is no longer installed. Timezone-related binaries and scripts will continue to be installed. Users should obtain their timezone data from their distribution provider or from the tzdata package at <ftp://munnari.oz.au/pub/>. Contributors ============ This release was made possible by the contributions of many people. The maintainers are grateful to everyone who has contributed changes or bug reports. These include: Adhemerval Zanella Allan McRae Andreas Jaeger Andreas Krebbel Andreas Schwab Antoine Balestrat Anton Blanchard Aurelien Jarno Carlos O'Donell Carlos Sánchez de La Lama Chandan Kumar Chris Demetriou Chris Leonard Chris Metcalf Chung-Lin Tang Cyril Hrubis David S. Miller Dwayne Grant McConnell Fabrice Bauzac H.J. Lu Ian Wienand Jakub Jelinek Jan Kratochvil Jeff Law Jim Meyering Joseph Myers Kai Tietz Kaz Kojima Kees Cook Liubov Dmitrieva Marek Polacek Markus Trippelsdorf Maxim Kuvyrkov Michael Matz Mike Frysinger Nick Bowler Nicolas Boulenguez Nix Paul Bolle Paul Eggert Paul Pluzhnikov Petr Baudis Pino Toscano Rafe Kettler Rayson Ho Richard Henderson Robert Millan Roland Mc Grath Roland McGrath Ryan S. Arnold Samuel Thibault Serkan Kaba Siddhesh Poyarekar Simon Josefsson Stanislav Brabec Stephen Compall Thomas Schwinge Tom de Vries Tulio Magno Quites Machado Filho Ulrich Drepper Will Schmidt -
glibc-2.16.075f0d304 · Release 2.16 ·
The GNU C Library ================= The GNU C Library version 2.16 is now available. The GNU C Library is used as *the* C library in the GNU systems and most systems with the Linux kernel. The GNU C Library is primarily designed to be a portable and high performance C library. It follows all relevant standards including ISO C99 and POSIX.1-2008. It is also internationalized and has one of the most complete internationalization interfaces known. The GNU C Library webpage is at http://www.gnu.org/software/libc/ Packages for the 2.16 release may be downloaded from: http://ftpmirror.gnu.org/libc/ http://ftp.gnu.org/gnu/libc/ The mirror list is at http://www.gnu.org/order/ftp.html NEWS for version 2.16 ===================== * The following bugs are resolved with this release: 174, 208, 350, 369, 411, 706, 766, 887, 2074, 2541, 2547, 2548, 2550, 2551, 2552, 2553, 2554, 2562, 2563, 2565, 2566, 2570, 2576, 2636, 2678, 3335, 3440, 3748, 3768, 3866, 3868, 3906, 3976, 3992, 4026, 4108, 4596, 4822, 5077, 5461, 5805, 5993, 6471, 6486, 6578, 6649, 6730, 6770, 6794, 6884, 6890, 6894, 6895, 6907, 6911, 6959, 7064, 9739, 9902, 10110, 10135, 10140, 10153, 10210, 10254, 10346, 10375, 10545, 10716, 10846, 11174, 11322, 11365, 11451, 11494, 11521, 11677, 11837, 11959, 12047, 12097, 12193, 12194, 12297, 12298, 12301, 12340, 12354, 12416, 12495, 13058, 13223, 13361, 13525, 13526, 13527, 13528, 13529, 13530, 13531, 13532, 13533, 13547, 13551, 13552, 13553, 13555, 13556, 13559, 13563, 13566, 13576, 13579, 13583, 13592, 13594, 13613, 13618, 13637, 13656, 13658, 13673, 13691, 13695, 13704, 13705, 13706, 13718, 13726, 13738, 13739, 13743, 13750, 13758, 13760, 13761, 13775, 13786, 13787, 13792, 13806, 13824, 13840, 13841, 13844, 13846, 13848, 13851, 13852, 13854, 13871, 13872, 13873, 13879, 13882, 13883, 13884, 13885, 13886, 13892, 13895, 13908, 13910, 13911, 13912, 13913, 13914, 13915, 13916, 13917, 13918, 13919, 13920, 13921, 13922, 13923, 13924, 13926, 13927, 13928, 13938, 13941, 13942, 13954, 13955, 13956, 13963, 13967, 13968, 13970, 13973, 13979, 13983, 13986, 13996, 14012, 14027, 14033, 14034, 14036, 14040, 14043, 14044, 14048, 14049, 14050, 14053, 14055, 14059, 14064, 14075, 14080, 14083, 14103, 14104, 14109, 14112, 14117, 14122, 14123, 14134, 14153, 14183, 14188, 14199, 14210, 14218, 14229, 14241, 14273, 14277, 14278 * Support for the x32 ABI on x86-64 added. The x32 target is selected by configuring glibc with: BUILD_CC='gcc' CC='gcc -mx32' CXX='g++ -mx32' Visit <http://sites.google.com/site/x32abi/> for more x32 ABI info. Implemented by H.J. Lu. * ISO C11 support: + define static_assert + do not declare gets + declare at_quick_exit and quick_exit also for ISO C11 + aligned_alloc. NB: The code is deliberately allows the size parameter to not be a multiple of the alignment. This is a moronic requirement in the standard but it is only a requirement on the caller, not the implementation. + timespec_get added + uchar.h support added + CMPLX, CMPLXF, CMPLXL added Implemented by Ulrich Drepper. * Support for the IA-64 has been moved to ports. * Remove support for anything but ELF binary format * Checking versions of poll, ppoll added. Implemented by Ulrich Drepper. * More generic and 64-bit performance optimizations to math functions. Implemented by Ulrich Drepper. * New configure option --enable-obsolete-rpc makes the deprecated RPC headers and functions available at compile time as they were before version 2.14. This option will be removed at some time in the future after the TI-RPC library becomes fully sufficient for the needs of existing applications. * Compatibility code for Linux kernel versions before 2.4 has been removed. Note that glibc is not expected to work with any Linux kernel version before 2.6. * New header <sys/auxv.h> and function getauxval allowing easy access to the AT_* key-value pairs passed from the Linux kernel. The header also defines the HWCAP_* bits associated with the AT_HWCAP key. * New locales: mag_IN * New configure option --enable-systemtap builds SystemTap static probes into libc for setjmp and longjmp and into libpthread for various operations. So far the setjmp/longjmp probes and some of the libpthread probes are provided only for i*86 and x86_64. Implemented by Roland McGrath and Rayson Ho. * Optimized expf for x86-32 and x86-64. Implemented by Liubov Dmitrieva. * More optimized functions for PowerPC. Implemented by Adhemerval Zanella and Will Schmidt. * More optimized functions for SPARC. Implemented by David S. Miller. * Improved support for cross-compilation, especially bootstrap builds without a previously built glibc. * Ports for the TILE-Gx and TILEPro families of processors. Contributed by Chris Metcalf from Tilera. * Support for the old ARM ABI has been removed from ports. Only the EABI is now supported for ARM processors. * The hard-float variant of the ARM EABI now uses /lib/ld-linux-armhf.so.3 as the name of the dynamic linker, to distinguish it from the /lib/ld-linux.so.3 dynamic linker used for the base EABI. * Support for CRIS has been removed from ports. * A new class of installed header has been documented for low-level platform-specific functionality. PowerPC added the first instance with a function to provide time base register access. Contributed by Tulio Magno Quites Machado Filho. * ix86 configurations now install header files that are consistent with what x86-64 configurations install. These same header files can be used for -m32, -m64, or -mx32 builds. Contributed by H.J. Lu. * Math library bug fixes. A thorough audit of all open math library bugs was conducted by Joseph Myers. Significant progress was made on many math library bugs resulting in more accurate exceptions and function results. Many thanks to all those that contributed including Andreas Jaeger for his patch review and work on the x87 trigonometric instruction issues. * Timezone data is no longer installed. Timezone-related binaries and scripts will continue to be installed. Users should obtain their timezone data from their distribution provider or from the tzdata package at <ftp://munnari.oz.au/pub/>. Contributors ============ This release was made possible by the contributions of many people. The maintainers are grateful to everyone who has contributed changes or bug reports. These include: Adhemerval Zanella Allan McRae Andreas Jaeger Andreas Krebbel Andreas Schwab Antoine Balestrat Anton Blanchard Aurelien Jarno Carlos O'Donell Carlos Sánchez de La Lama Chandan Kumar Chris Demetriou Chris Leonard Chris Metcalf Chung-Lin Tang Cyril Hrubis David S. Miller Dwayne Grant McConnell Fabrice Bauzac H.J. Lu Ian Wienand Jakub Jelinek Jan Kratochvil Jeff Law Jim Meyering Joseph Myers Kai Tietz Kaz Kojima Kees Cook Liubov Dmitrieva Marek Polacek Markus Trippelsdorf Maxim Kuvyrkov Michael Matz Mike Frysinger Nick Bowler Nicolas Boulenguez Nix Paul Bolle Paul Eggert Paul Pluzhnikov Petr Baudis Pino Toscano Rafe Kettler Rayson Ho Richard Henderson Robert Millan Roland Mc Grath Roland McGrath Ryan S. Arnold Samuel Thibault Serkan Kaba Siddhesh Poyarekar Simon Josefsson Stanislav Brabec Stephen Compall Thomas Schwinge Tom de Vries Tulio Magno Quites Machado Filho Ulrich Drepper Will Schmidt -
glibc-2.16-ports-merge
libc and ports repositories merged as of the 2.16.0 release.
-
glibc-2.17
The GNU C Library ================= The GNU C Library version 2.17 is now available. The GNU C Library is used as *the* C library in the GNU systems and most systems with the Linux kernel. The GNU C Library is primarily designed to be a portable and high performance C library. It follows all relevant standards including ISO C11 and POSIX.1-2008. It is also internationalized and has one of the most complete internationalization interfaces known. The GNU C Library webpage is at http://www.gnu.org/software/libc/ Packages for the 2.17 release may be downloaded from: http://ftpmirror.gnu.org/libc/ http://ftp.gnu.org/gnu/libc/ The mirror list is at http://www.gnu.org/order/ftp.html NEWS for version 2.17 ==================== * The following bugs are resolved with this release: 1349, 3439, 3479, 3665, 5044, 5246, 5298, 5400, 6530, 6677, 6778, 6808, 9685, 9914, 10014, 10038, 10114, 10631, 10873, 11438, 11607, 11638, 11741, 12140, 13013, 13412, 13542, 13601, 13603, 13604, 13629, 13679, 13696, 13698, 13717, 13741, 13759, 13761, 13763, 13881, 13939, 13950, 13952, 13966, 14042, 14047, 14090, 14150, 14151, 14152, 14154, 14157, 14166, 14173, 14195, 14197, 14237, 14246, 14251, 14252, 14283, 14298, 14303, 14307, 14328, 14331, 14336, 14337, 14347, 14349, 14368, 14376, 14417, 14447, 14459, 14476, 14477, 14501, 14505, 14510, 14516, 14518, 14519, 14530, 14532, 14538, 14543, 14544, 14545, 14557, 14562, 14568, 14576, 14579, 14583, 14587, 14595, 14602, 14610, 14621, 14638, 14645, 14648, 14652, 14660, 14661, 14669, 14672, 14683, 14694, 14716, 14719, 14743, 14767, 14783, 14784, 14785, 14793, 14796, 14797, 14801, 14803, 14805, 14807, 14811, 14815, 14821, 14822, 14824, 14828, 14831, 14833, 14835, 14838, 14856, 14863, 14865, 14866, 14868, 14869, 14871, 14872, 14879, 14889, 14893, 14898, 14914. * Optimization of memcpy for MIPS. * CVE-2011-4609 svc_run() produces high cpu usage when accept fails with EMFILE has been fixed (Bugzilla #14889). * The add-on ports collection is now distributed in the "ports" subdirectory of the main GNU C Library distribution, rather than separately. * Port to ARM AArch64 contributed by Linaro. * Support for STT_GNU_IFUNC symbols added for s390 and s390x. Optimized versions of memcpy, memset, and memcmp added for System z10 and zEnterprise z196. Implemented by Andreas Krebbel. * The new function secure_getenv allows secure access to the environment, returning NULL if running in a SUID/SGID process. This function replaces the internal function __secure_getenv. * SystemTap static probes have been added into the dynamic linker. Implemented by Gary Benson. * Optimizations of string functions strstr, strcasestr and memmem. Implemented by Maxim Kuvyrkov. * The minimum Linux kernel version that this version of the GNU C Library can be used with is 2.6.16. * Optimizations of string functions memchr, wcschr, wcscpy, and wcsrchr for powerpc POWER7. Implemented by Will Schmidt. * New configure option --disable-nscd builds the C library such that it never attempts to contact the Name Service Caching Daemon (nscd). New configure option --disable-build-nscd avoids building nscd itself; this is the default if --disable-nscd is used. * Improved support for cross-compilation, including cross-testing and bootstrap builds without a previously built glibc. * Several testsuite tests are now able to test multiple IFUNC variants of an interface, rather than just testing the one that would be chooen by default. * New configure options --with-bugurl and --with-pkgversion, for distributors to use to embed their bug-reporting and package version information in --help and --version output. * The ttyname and ttyname_r functions on Linux now fall back to searching for the tty file descriptor in /dev/pts or /dev if /proc is not available. This allows creation of chroots without the procfs mounted on /proc. * The `crypt' function now fails if passed salt bytes that violate the specification for those values. On Linux, the `crypt' function will consult /proc/sys/crypto/fips_enabled to determine if "FIPS mode" is enabled, and fail on encrypted strings using the MD5 or DES algorithm when the mode is enabled. * The `clock_*' suite of functions (declared in <time.h>) is now available directly in the main C library. Previously it was necessary to link with -lrt to use these functions. This change has the effect that a single-threaded program that uses a function such as `clock_gettime' (and is not linked with -lrt) will no longer implicitly load the pthreads library at runtime and so will not suffer the overheads associated with multi-thread support in other code such as the C++ runtime library. * New locales: ayc_PE, doi_IN, ia_FR, mni_IN, nhn_MX, niu_NU, niu_NZ, sat_IN, and szl_PL. Contributors ============ This release was made possible by the contributions of many people. The maintainers are grateful to everyone who has contributed changes or bug reports. These include: Adam Conrad Adhemerval Zanella Alan Modra Alexander Kanevskiy Alexandre Oliva Allan McRae Andreas Jaeger Andreas Krebbel Andreas Schwab Andrej Lajovic Andrew Haley Andrew Stubbs Aurelien Jarno Benno Schulenberg Brendan Kehoe Carlos O'Donell Chandrakala Chavva Chris Leonard Chris Metcalf Daniel Gutson Daniel Jacobowitz David Alan Gilbert David S. Miller Dmitry V. Levin Eagle Burkut Florian Pritz Florian Weimer GOTO Masanori Gary Benson Greg McGary Guido Guenther H.J. Lu Jakub Jelinek Jeff Bailey Jeff Law Jeroen van Bemmel Jim Blandy Jim Meyering John Tobey Jonathan Nieder Joseph Myers Julian Brown Ken Werner Khem Raj Konstantinos Margaritis Liubov Dmitrieva Luis Machado Manjunath Matti Marcus Shawcroft Marek Polacek Mark Salter Marko Myllynen Markus Trippelsdorf Matt Turner Maxim Kuvyrkov Michael Cree Michael Hope Mike Frysinger Mike Hommey Mischa Jonker Nathan Froyd Nathan Sidwell Nik Kalach Paul Brook Paul Eggert Peng Haitao Petar Jovanovic Peter Green Petr Machata Phil Blundell Philip Blundell Pino Toscano Pravin Satpute Ramana Radhakrishnan Richard Henderson Richard Sandiford Robert Millan Roland McGrath Ryan S. Arnold Ryosei Takagi Samuel Thibault Sebastan Andrzej Siewior Siddhesh Poyarekar Steve Ellcey Steve McIntyre Thomas Bushnell, BSG Thomas Schwinge Thorsten Glaser Tom de Vries Torbjorn Granlund Tulio Magno Quites Machado Filho Ulrich Drepper Ulrich Weigand Viju Vincent Will Schmidt -
glibc-2.18
The GNU C Library ================= The GNU C Library version 2.18 is now available. The GNU C Library is used as *the* C library in the GNU systems and most systems with the Linux kernel. The GNU C Library is primarily designed to be a portable and high performance C library. It follows all relevant standards including ISO C11 and POSIX.1-2008. It is also internationalized and has one of the most complete internationalization interfaces known. The GNU C Library webpage is at http://www.gnu.org/software/libc/ Packages for the 2.18 release may be downloaded from: http://ftpmirror.gnu.org/libc/ http://ftp.gnu.org/gnu/libc/ The mirror list is at http://www.gnu.org/order/ftp.html NEWS for version 2.18 ==================== * The following bugs are resolved with this release: 2546, 2560, 5159, 6809, 7006, 10060, 10062, 10283, 10357, 10686, 11120, 11561, 12310, 12387, 12492, 12515, 12723, 13550, 13889, 13951, 13988, 14142, 14176, 14200, 14256, 14280, 14293, 14317, 14327, 14478, 14496, 14582, 14686, 14812, 14888, 14894, 14907, 14908, 14909, 14920, 14952, 14964, 14981, 14982, 14985, 14991, 14994, 14996, 15000, 15003, 15006, 15007, 15014, 15020, 15022, 15023, 15036, 15054, 15055, 15062, 15078, 15084, 15085, 15086, 15100, 15160, 15214, 15221, 15232, 15234, 15283, 15285, 15287, 15304, 15305, 15307, 15309, 15327, 15330, 15335, 15336, 15337, 15339, 15342, 15346, 15359, 15361, 15366, 15380, 15381, 15394, 15395, 15405, 15406, 15409, 15416, 15418, 15419, 15423, 15424, 15426, 15429, 15431, 15432, 15441, 15442, 15448, 15465, 15480, 15485, 15488, 15490, 15492, 15493, 15497, 15506, 15529, 15536, 15553, 15577, 15583, 15618, 15627, 15631, 15654, 15655, 15666, 15667, 15674, 15711, 15755, 15759. * CVE-2013-2207 Incorrectly granting access to another user's pseudo-terminal has been fixed by disabling the use of pt_chown (Bugzilla #15755). Distributions can re-enable building and using pt_chown via the new configure option `--enable-pt_chown'. Enabling the use of pt_chown carries with it considerable security risks and should only be used if the distribution understands and accepts the risks. * CVE-2013-0242 Buffer overrun in regexp matcher has been fixed (Bugzilla #15078). * CVE-2013-1914 Stack overflow in getaddrinfo with many results has been fixed (Bugzilla #15330). * Add support for calling C++11 thread_local object destructors on thread and program exit. This needs compiler support for offloading C++11 destructor calls to glibc. * Improved worst case performance of libm functions with double inputs and output. * Support for priority inherited mutexes in pthread condition variables on non-x86 architectures. * Port to Xilinx MicroBlaze contributed by David Holsgrove. * Optimized string functions for AArch64. Implemented by Marcus Shawcroft. * Optimized string functions for ARM. Implemented by Will Newton and Richard Henderson. * Optimized libm functions for SPARC. Implemented by David S. Miller. * Support for building more of ARM glibc as Thumb-2 code. Implemented by Richard Henderson. * Support for building most of MIPS glibc as MIPS16 code. Implemented by Chung-Lin Tang, Maciej W. Rozycki and Maxim Kuvyrkov. * Added a benchmark framework to track performance of functions in glibc. * New <math.h> macro named issignaling to check for a signaling NaN (sNaN). It is based on draft TS 18661 and currently enabled as a GNU extension. * On Linux, the clock function now uses the clock_gettime system call for improved precision, rather than old times system call. * Added new API functions pthread_getattr_default_np and pthread_setattr_default_np to get and set the default pthread attributes of a process. * Added support for TSX lock elision for pthread mutexes on i386 and x86-64. This may improve lock scaling of existing programs on TSX capable systems. When the --enable-lock-elision=yes parameter is specified at configure time lock elision will be enabled by default for all PTHREAD_MUTEX_DEFAULT mutexes. * Support added for AT_HWCAP2 (to coincide with Linux kernel 3.10 availability). Implemented by Ryan S. Arnold. * Support added for POWER8 platform. Implemented by Ryan S. Arnold. Contributors ============ This release was made possible by the contributions of many people. The maintainers are grateful to everyone who has contributed changes or bug reports. These include: Adam Conrad Adhemerval Zanella Alan Modra Allan McRae Andi Kleen Andreas Jaeger Andreas Krebbel Andreas Schwab Anton Blanchard Aurelien Jarno Ben Norht Bruno Haible Carlos O'Donell Chris Leonard Chris Metcalf Christian Grönke David Holsgrove David S. Miller Dmitry V. Levin Dominik Vogt Edjunior Barbosa Machado Edjunior Machado Florian Weimer H.J. Lu Heiko Carstens Jakub Jelinek Jan Kratochvil Jan-Benedict Glaw Jeff Law Jeroen Albers Johan Heikkila Joseph Myers Kaz Kojima Kirk Meyer Liubov Dmitrieva Maciej W. Rozycki Mans Rullgard Marcus Shawcroft Mark H Weaver Marko Myllynen Markus Trippelsdorf Maxim Kuvyrkov Mike Frysinger Nathan Froyd Nathan Sidwell Nik Kalach Ondrej Bilka Patsy Franklin Paul Eggert Paul Pluzhnikov Peter Collingbourne Petr Baudis Petr Machata Pierre Ynard Pino Toscano Richard Henderson Richard Smith Roland McGrath Ryan S. Arnold Siddhesh Poyarekar Steve Ellcey Thomas Schwinge Thorsten Kukuk Tom de Vries Vladimir Nikulichev Will Newton -
glibc-2.19
The GNU C Library ================= The GNU C Library version 2.19 is now available. The GNU C Library is used as *the* C library in the GNU systems and most systems with the Linux kernel. The GNU C Library is primarily designed to be a portable and high performance C library. It follows all relevant standards including ISO C11 and POSIX.1-2008. It is also internationalized and has one of the most complete internationalization interfaces known. The GNU C Library webpage is at http://www.gnu.org/software/libc/ Packages for the 2.19 release may be downloaded from: http://ftpmirror.gnu.org/libc/ http://ftp.gnu.org/gnu/libc/ The mirror list is at http://www.gnu.org/order/ftp.html NEWS for version 2.19 ===================== * The following bugs are resolved with this release: 156, 387, 431, 762, 832, 926, 2801, 4772, 6786, 6787, 6807, 6810, 6981, 7003, 9721, 9954, 10253, 10278, 11087, 11157, 11214, 12100, 12486, 12751, 12986, 13028, 13982, 13985, 14029, 14032, 14120, 14143, 14155, 14286, 14547, 14699, 14752, 14782, 14876, 14910, 15004, 15048, 15073, 15089, 15128, 15218, 15268, 15277, 15308, 15362, 15374, 15400, 15425, 15427, 15483, 15522, 15531, 15532, 15593, 15601, 15608, 15609, 15610, 15632, 15640, 15670, 15672, 15680, 15681, 15723, 15734, 15735, 15736, 15748, 15749, 15754, 15760, 15763, 15764, 15797, 15799, 15825, 15843, 15844, 15846, 15847, 15849, 15850, 15855, 15856, 15857, 15859, 15867, 15886, 15887, 15890, 15892, 15893, 15895, 15897, 15901, 15905, 15909, 15915, 15917, 15919, 15921, 15923, 15939, 15941, 15948, 15963, 15966, 15968, 15985, 15988, 15997, 16032, 16034, 16036, 16037, 16038, 16041, 16046, 16055, 16071, 16072, 16074, 16077, 16078, 16103, 16112, 16143, 16144, 16146, 16150, 16151, 16153, 16167, 16169, 16172, 16195, 16214, 16245, 16271, 16274, 16283, 16289, 16293, 16314, 16316, 16330, 16337, 16338, 16356, 16365, 16366, 16369, 16372, 16375, 16379, 16384, 16385, 16386, 16387, 16390, 16394, 16398, 16400, 16407, 16408, 16414, 16430, 16431, 16453, 16474, 16506, 16510, 16529 * Slovenian translations for glibc messages have been contributed by the Translation Project's Slovenian team of translators. * The public headers no longer use __unused nor __block. This change is to support compiling programs that are derived from BSD sources and use __unused internally, and to support compiling with Clang's -fblock extension which uses __block. * CVE-2012-4412 The strcoll implementation caches indices and rules for large collation sequences to optimize multiple passes. This cache computation may overflow for large collation sequences and may cause a stack or buffer overflow. This is now fixed to use a slower algorithm which does not use a cache if there is an integer overflow. * CVE-2012-4424 The strcoll implementation uses malloc to cache indices and rules for large collation sequences to optimize multiple passes and falls back to alloca if malloc fails, resulting in a possible stack overflow. The implementation now falls back to an uncached collation sequence lookup if malloc fails. * CVE-2013-4788 The pointer guard used for pointer mangling was not initialized for static applications resulting in the security feature being disabled. The pointer guard is now correctly initialized to a random value for static applications. Existing static applications need to be recompiled to take advantage of the fix (bug 15754). * CVE-2013-4237 The readdir_r function could write more than NAME_MAX bytes to the d_name member of struct dirent, or omit the terminating NUL character. (Bugzilla #14699). * CVE-2013-4332 The pvalloc, valloc, memalign, posix_memalign and aligned_alloc functions could allocate too few bytes or corrupt the heap when passed very large allocation size values (Bugzilla #15855, #15856, #15857). * CVE-2013-4458 Stack overflow in getaddrinfo with large number of results for AF_INET6 has been fixed (Bugzilla #16072). * New locales: ak_GH, anp_IN, ar_SS, cmn_TW, hak_TW, lzh_TW, nan_TW, pap_AW, pap_CW, quz_PE, the_NP. * Substantially revised locales: gd_GB, ht_HT * The LC_ADDRESS field was updated to support country_car for almost all supported locales. * ISO 1427 definitions were updated. * ISO 3166 definitions were updated. * The localedef utility now supports --big-endian and --little-endian command-line options to generate locales for a different system from that for which the C library was built. * Binary locale files now only depend on the endianness of the system for which they are generated and not on other properties of that system. As a consequence, binary files generated with new localedef may be incompatible with old versions of the GNU C Library, and binary files generated with old localedef may be incompatible with this version of the GNU C Library, in the following circumstances: + Locale files may be incompatible on m68k systems. + Locale archive files (but not separate files for individual locales) may be incompatible on systems where plain "char" is signed. * The configure option --disable-versioning has been removed. Builds with --disable-versioning had not worked for several years. * ISO 639 definitions were updated for Chiga (cgg) and Chinese (gan, hak, czh, cjy, lzh, cmn, mnp, cdo, czo, cpx, wuu, hsn, yue). * SystemTap probes for malloc have been introduced. * SystemTap probes for slow multiple precision fallback paths of transcendental functions have been introduced. * Support for powerpc64le has been added. * The soft-float powerpc port now supports e500 processors. * Support for STT_GNU_IFUNC symbols added for ppc32/power4+ and ppc64. * A new feature test macro _DEFAULT_SOURCE is available to enable the same set of header declarations that are enabled by default, even when other feature test macros or compiler options such as -std=c99 would otherwise disable some of those declarations. * The _BSD_SOURCE feature test macro no longer enables BSD interfaces that conflict with POSIX. The libbsd-compat library (which was a dummy library that did nothing) has also been removed. * Preliminary documentation about Multi-Thread, Async-Signal and Async-Cancel Safety has been added. Contributors ============ This release was made possible by the contributions of many people. The maintainers are grateful to everyone who has contributed changes or bug reports. These include: Adam Buchbinder Adam Conrad Adhemerval Zanella Alan Modra Alexandre Oliva Allan McRae Andreas Arnez Andreas Jaeger Andreas Krebbel Andreas Schwab Andrew Hunter Andrew Pinski Anton Blanchard Arun Kumar Pyasi Aurelien Jarno Brooks Moses Bruno Haible Carlos O'Donell Chris Leonard Chris Metcalf Chung-Lin Tang David Holsgrove David S. Miller Eric Biggers Eric Blake Eric Wong Fabrice Bauzac Fernando J. V. da Silva Florian Weimer Guy Martin H.J. Lu Jan Kratochvil Jia Liu Joseph Myers Kaz Kojima Liubov Dmitrieva Maciej W. Rozycki Marc-Antoine Perennou Marcus Shawcroft Marko Myllynen Markus Trippelsdorf Maxim Kuvyrkov Meador Inge Michael Bauer Michael Stahl Mike Frysinger Olivier Langlois Ondřej Bílka Patrick 'P. J.' McDermott Paul Eggert Paul Pluzhnikov Pavel Simerda Petr Machata Rajalakshmi Srinivasaraghavan Reuben Thomas Richard Henderson Richard Sandiford Roland McGrath Ryan S. Arnold Sami Kerola Samuel Thibault Siddhesh Poyarekar Stefan Liebler Steve Ellcey Thomas Schwinge Toke Høiland-Jørgensen Tom Tromey Torvald Riegel Ulrich Weigand Uros Bizjak Venkataramanan Kumar Ville Skytta Vinitha Vijayan Wei-Lun Chao Will Newton Yogesh Chaudhari Yuri Chornoivan Yuriy Kaminskiy -
glibc-2.20
The GNU C Library ================= The GNU C Library version 2.20 is now available. The GNU C Library is used as *the* C library in the GNU systems and is widely used on systems with the Linux kernel. The GNU C Library is primarily designed to be a portable and high performance C library. It follows all relevant standards including ISO C11 and POSIX.1-2008. It is also internationalized and has one of the most complete internationalization interfaces known. The GNU C Library webpage is at http://www.gnu.org/software/libc/ Packages for the 2.20 release may be downloaded from: http://ftpmirror.gnu.org/libc/ http://ftp.gnu.org/gnu/libc/ The mirror list is at http://www.gnu.org/order/ftp.html NEWS for version 2.20 ==================== * The following bugs are resolved with this release: 6804, 9894, 12994, 13347, 13651, 14308, 14770, 15119, 15132, 15347, 15514, 15698, 15804, 15894, 15946, 16002, 16064, 16095, 16194, 16198, 16275, 16284, 16287, 16315, 16348, 16349, 16354, 16357, 16362, 16447, 16516, 16532, 16539, 16545, 16561, 16562, 16564, 16574, 16599, 16600, 16609, 16610, 16611, 16613, 16619, 16623, 16629, 16632, 16634, 16639, 16642, 16648, 16649, 16670, 16674, 16677, 16680, 16681, 16683, 16689, 16695, 16701, 16706, 16707, 16712, 16713, 16714, 16724, 16731, 16739, 16740, 16743, 16754, 16758, 16759, 16760, 16770, 16786, 16789, 16791, 16796, 16799, 16800, 16815, 16823, 16824, 16831, 16838, 16839, 16849, 16854, 16876, 16877, 16878, 16882, 16885, 16888, 16890, 16892, 16912, 16915, 16916, 16917, 16918, 16922, 16927, 16928, 16932, 16943, 16958, 16965, 16966, 16967, 16977, 16978, 16984, 16990, 16996, 17009, 17022, 17031, 17042, 17048, 17050, 17058, 17061, 17062, 17069, 17075, 17078, 17079, 17084, 17086, 17088, 17092, 17097, 17125, 17135, 17137, 17150, 17153, 17187, 17213, 17259, 17261, 17262, 17263, 17319, 17325, 17354. * Reverted change of ABI data structures for s390 and s390x: On s390 and s390x the size of struct ucontext and jmp_buf was increased in 2.19. This change is reverted in 2.20. The introduced 2.19 symbol versions of getcontext, setjmp, _setjmp, __sigsetjmp, longjmp, _longjmp, siglongjmp are preserved pointing straight to the same implementation as the old ones. Given that, new callers will simply provide a too-big buffer to these functions. Any applications/libraries out there that embed jmp_buf or ucontext_t in an ABI-relevant data structure that have already been rebuilt against 2.19 headers will have to rebuilt again. This is necessary in any case to revert the breakage in their ABI caused by the glibc change. * Support for file description locks is added to systems running the Linux kernel. The standard file locking interfaces are extended to operate on file descriptions, not file descriptors, via the use of F_OFD_GETLK, F_OFD_SETLK, and F_OFD_SETLKW. File description locks are associated with an open file instead of a process. * Optimized strchr implementation for AArch64. Contributed by ARM Ltd. * The minimum Linux kernel version that this version of the GNU C Library can be used with is 2.6.32. * Running the testsuite no longer terminates as soon as a test fails. Instead, a file tests.sum (xtests.sum from "make xcheck") is generated, with PASS or FAIL lines for individual tests. A summary of the results is printed, including a list of failing lists, and "make check" exits with error status if there were any unexpected failures. "make check stop-on-test-failure=y" may be used to keep the old behavior. * The am33 port, which had not worked for several years, has been removed from ports. * The _BSD_SOURCE and _SVID_SOURCE feature test macros are no longer supported; they now act the same as _DEFAULT_SOURCE (but generate a warning). Except for cases where _BSD_SOURCE enabled BSD interfaces that conflicted with POSIX (support for which was removed in 2.19), the interfaces those macros enabled remain available when compiling with _GNU_SOURCE defined, with _DEFAULT_SOURCE defined, or without any feature test macros defined. * Optimized strcmp implementation for ARMv7. Contributed by ARM Ltd. * Added support for TX lock elision of pthread mutexes on s390 and s390x. This may improve lock scaling of existing programs on TX capable systems. The lock elision code is only built with --enable-lock-elision=yes and then requires a GCC version supporting the TX builtins. With lock elision default mutexes are elided via __builtin_tbegin, if the cpu supports transactions. By default lock elision is not enabled and the elision code is not built. * CVE-2014-4043 The posix_spawn_file_actions_addopen implementation did not copy the path argument. This allowed programs to cause posix_spawn to deference a dangling pointer, or use an unexpected pathname argument if the string was modified after the posix_spawn_file_actions_addopen invocation. * All supported architectures now use the main glibc sysdeps directory instead of some being in a separate "ports" directory (which was distributed separately before glibc 2.17). * The NPTL implementation of POSIX pthreads is no longer an "add-on". On configurations that support it (all Linux configurations), it's now used regardless of the --enable-add-ons switch to configure. It is no longer possible to build such configurations without pthreads support. * Locale names, including those obtained from environment variables (LANG and the LC_* variables), are more tightly checked for proper syntax. setlocale will now fail (with EINVAL) for locale names that are overly long, contain slashes without starting with a slash, or contain ".." path components. (CVE-2014-0475) Previously, some valid locale names were silently replaced with the "C" locale when running in AT_SECURE mode (e.g., in a SUID program). This is no longer necessary because of the additional checks. * On x86-64, the dynamic linker's lazy-binding support is now compatible with application code using Intel MPX instructions. (With all previous versions, the MPX register state could be clobbered when making calls into or out of a shared library.) Note that while the new dynamic linker is compatible with all known x86 hardware whether or not it supports Intel MPX, some x86 instruction-set emulators might fail to handle the new instruction encodings. This is known to affect Valgrind versions up through 3.9 (but will be fixed in the forthcoming 3.10 release), and might affect other tools that do instruction emulation. * Support for loadable gconv transliteration modules has been removed. The support for transliteration modules has been non-functional for over a decade, and the removal is prompted by security defects. The normal gconv conversion modules are still supported. Transliteration with //TRANSLIT is still possible, and the //IGNORE specifier continues to be supported. (CVE-2014-5119) * Decoding a crafted input sequence in the character sets IBM933, IBM935, IBM937, IBM939, IBM1364 could result in an out-of-bounds array read, resulting a denial-of-service security vulnerability in applications which use functions related to iconv. (CVE-2014-6040) Contributors ============ This release was made possible by the contributions of many people. The maintainers are grateful to everyone who has contributed changes or bug reports. These include: Adam Conrad Adhemerval Zanella Alan Modra Allan McRae Andi Kleen Andreas Krebbel Andreas Schwab Arjun Shankar Aurelien Jarno Bernard Ogden Carlos O'Donell Chris Metcalf David Holsgrove David S. Miller David Svoboda Dominik Vogt Dylan Alex Simon Eric Wong Florian Weimer Guo Yixuan H.J. Lu Ian Bolton Igor Zamyatin Jeff Layton Jim Meyering Joey Ye Jose E. Marchesi Joseph Anthony Pasquale Holsten Joseph Myers Julian Brown Khem Raj Konstantin Serebryany Kyle McMartin Ling Ma Ludovic Courtès Maciej W. Rozycki Marcus Shawcroft Mark Wielaard Marko Myllynen Meador Inge Mike Frysinger Ondřej Bílka Paul Eggert Paul Pluzhnikov Peter TB Brett Rajalakshmi Srinivasaraghavan Rasmus Villemoes Richard Earnshaw Richard Henderson Roland McGrath Sami Kerola Samuel Thibault Sean Anderson Serge Hallyn Siddhesh Poyarekar Sihai Yao Stefan Liebler Steve Ellcey Tomas Dohnalek Torvald Riegel Venkataramanan Kumar Vidya Ranganathan Wilco Wilco Dijkstra Will Newton Yang Yingliang Yufeng Zhang Yury Gribov Yvan Roux -
glibc-2.21
The GNU C Library ================= The GNU C Library version 2.21 is now available. The GNU C Library is used as *the* C library in the GNU system and in GNU/Linux systems, as well as many other systems that use Linux as the kernel. The GNU C Library is primarily designed to be a portable and high performance C library. It follows all relevant standards including ISO C11 and POSIX.1-2008. It is also internationalized and has one of the most complete internationalization interfaces known. The GNU C Library webpage is at http://www.gnu.org/software/libc/ Packages for the 2.21 release may be downloaded from: http://ftpmirror.gnu.org/libc/ http://ftp.gnu.org/gnu/libc/ The mirror list is at http://www.gnu.org/order/ftp.html NEWS for version 2.21 ===================== * The following bugs are resolved with this release: 6652, 10672, 12674, 12847, 12926, 13862, 14132, 14138, 14171, 14498, 15215, 15378, 15884, 16009, 16418, 16191, 16469, 16576, 16617, 16618, 16619, 16657, 16740, 16857, 17192, 17266, 17273, 17344, 17363, 17370, 17371, 17411, 17460, 17475, 17485, 17501, 17506, 17508, 17522, 17555, 17570, 17571, 17572, 17573, 17574, 17582, 17583, 17584, 17585, 17589, 17594, 17601, 17608, 17616, 17625, 17630, 17633, 17634, 17635, 17647, 17653, 17657, 17658, 17664, 17665, 17668, 17682, 17702, 17717, 17719, 17722, 17723, 17724, 17725, 17732, 17733, 17744, 17745, 17746, 17747, 17748, 17775, 17777, 17780, 17781, 17782, 17791, 17793, 17796, 17797, 17801, 17803, 17806, 17834, 17844, 17848, 17868, 17869, 17870, 17885, 17892. * CVE-2015-1472 Under certain conditions wscanf can allocate too little memory for the to-be-scanned arguments and overflow the allocated buffer. The implementation now correctly computes the required buffer size when using malloc. * A new semaphore algorithm has been implemented in generic C code for all machines. Previous custom assembly implementations of semaphore were difficult to reason about or ensure that they were safe. The new version of semaphore supports machines with 64-bit or 32-bit atomic operations. The new semaphore algorithm is used by sem_init, sem_open, sem_post, sem_wait, sem_timedwait, sem_trywait, and sem_getvalue. * Port to Altera Nios II has been contributed by Mentor Graphics. * Optimized strcpy, stpcpy, strncpy, stpncpy, strcmp, and strncmp implementations for powerpc64/powerpc64le. Implemented by Adhemerval Zanella (IBM). * Added support for TSX lock elision of pthread mutexes on powerpc32, powerpc64 and powerpc64le. This may improve lock scaling of existing programs on HTM capable systems. The lock elision code is only enabled with --enable-lock-elision=yes. Also, the TSX lock elision implementation for powerpc will issue a transaction abort on every syscall to avoid side effects being visible outside transactions. * Optimized strcpy, stpcpy, strchrnul and strrchr implementations for AArch64. Contributed by ARM Ltd. * i386 memcpy functions optimized with SSE2 unaligned load/store. * CVE-2104-7817 The wordexp function could ignore the WRDE_NOCMD flag under certain input conditions resulting in the execution of a shell for command substitution when the applicaiton did not request it. The implementation now checks WRDE_NOCMD immediately before executing the shell and returns the error WRDE_CMDSUB as expected. * CVE-2012-3406 printf-style functions could run into a stack overflow when processing format strings with a large number of format specifiers. * CVE-2014-9402 The nss_dns implementation of getnetbyname could run into an infinite loop if the DNS response contained a PTR record of an unexpected format. * The minimum GCC version that can be used to build this version of the GNU C Library is GCC 4.6. Older GCC versions, and non-GNU compilers, can still be used to compile programs using the GNU C Library. * The GNU C Library is now built with -Werror by default. This can be disabled by configuring with --disable-werror. * New locales: tu_IN, bh_IN, raj_IN, ce_RU. * The obsolete sigvec function has been removed. This was the original 4.2BSD interface that inspired the POSIX.1 sigaction interface, which programs have been using instead for about 25 years. Of course, ABI compatibility for old binaries using sigvec remains intact. * Merged gettext 0.19.3 into the intl subdirectory. This fixes building with newer versions of bison. * Support for MIPS o32 FPXX, FP64A and FP64 ABI Extensions. The original MIPS o32 hard-float ABI requires an FPU where double-precision registers overlay two consecutive single-precision registers. MIPS32R2 introduced a new FPU mode (FR=1) where double-precision registers extend the corresponding single-precision registers which is incompatible with the o32 hard-float ABI. The MIPS SIMD ASE and the MIPSR6 architecture both require the use of FR=1 making a transition necessary. New o32 ABI extensions enable users to migrate over time from the original o32 ABI through to the updated o32 FP64 ABI. To achieve this the dynamic linker now tracks the ABI of any loaded object and verifies that new objects are compatible. Mode transitions will also be requested as required and unsupportable objects will be rejected. The ABI checks include both soft and hard float ABIs for o32, n32 and n64. GCC 5 with GNU binutils 2.25 onwards: It is strongly recommended that all o32 system libraries are built using the new o32 FPXX ABI (-mfpxx) to facilitate the transition as this is compatible with the original and all new o32 ABI extensions. Configure a MIPS GCC compiler using --with-fp-32=xx to set this by default. Contributors ============ This release was made possible by the contributions of many people. The maintainers are grateful to everyone who has contributed changes or bug reports. These include: Adhemerval Zanella Alan Hayward Alexandre Oliva Allan McRae Anders Kaseorg Andreas Krebbel Andreas Schwab Andrew Pinski Andrew Senkevich Anton Blanchard Arjun Shankar Aurelien Jarno Bram Brooks Moses Carlos O'Donell Chris Metcalf Chung-Lin Tang David Holsgrove David S. Miller Eric Biggers Florian Weimer Gratian Crisan H.J. Lu J. Brown James Lemke Jeff Law Jose E. Marchesi Joseph Myers Kaz Kojima Kostya Serebryany Leonhard Holz Ma Shimiao Maciej W. Rozycki Marcus Shawcroft Marek Polacek Martin Sebor Matthew Fortune Mike Frysinger Ondřej Bílka Paul Eggert Paul Pluzhnikov Petar Jovanovic Pravin Satpute Rajalakshmi Srinivasaraghavan Rasmus Villemoes Renlin Li Richard Earnshaw Richard Henderson Roland McGrath Ryan Cumming Samuel Thibault Siddhesh Poyarekar Stefan Liebler Steve Ellcey Tatiana Udalova Tim Lammens Tom de Vries Torvald Riegel Vladimir A. Nazarenko Wilco Dijkstra Will Newton -
glibc-2.22
The GNU C Library ================= The GNU C Library version 2.22 is now available. The GNU C Library is used as *the* C library in the GNU system and in GNU/Linux systems, as well as many other systems that use Linux as the kernel. The GNU C Library is primarily designed to be a portable and high performance C library. It follows all relevant standards including ISO C11 and POSIX.1-2008. It is also internationalized and has one of the most complete internationalization interfaces known. The GNU C Library webpage is at http://www.gnu.org/software/libc/ Packages for the 2.22 release may be downloaded from: http://ftpmirror.gnu.org/libc/ http://ftp.gnu.org/gnu/libc/ The mirror list is at http://www.gnu.org/order/ftp.html NEWS for version 2.22 ===================== * The following bugs are resolved with this release: 438, 4719, 6544, 6792, 11216, 12836, 13028, 13064, 13151, 13152, 14094, 14292, 14841, 14906, 14958, 15319, 15467, 15790, 15969, 16159, 16339, 16350, 16351, 16352, 16353, 16361, 16512, 16526, 16538, 16559, 16560, 16704, 16783, 16850, 17053, 17090, 17195, 17269, 17293, 17322, 17403, 17475, 17523, 17542, 17569, 17581, 17588, 17596, 17620, 17621, 17628, 17631, 17692, 17711, 17715, 17776, 17779, 17792, 17833, 17836, 17841, 17912, 17916, 17930, 17932, 17944, 17949, 17964, 17965, 17967, 17969, 17977, 17978, 17987, 17991, 17996, 17998, 17999, 18007, 18019, 18020, 18029, 18030, 18032, 18034, 18036, 18038, 18039, 18042, 18043, 18046, 18047, 18049, 18068, 18080, 18093, 18100, 18104, 18110, 18111, 18116, 18125, 18128, 18134, 18138, 18185, 18196, 18197, 18206, 18210, 18211, 18217, 18219, 18220, 18221, 18234, 18244, 18245, 18247, 18287, 18319, 18324, 18333, 18346, 18371, 18383, 18397, 18400, 18409, 18410, 18412, 18418, 18422, 18434, 18444, 18457, 18468, 18469, 18470, 18479, 18483, 18495, 18496, 18497, 18498, 18502, 18507, 18508, 18512, 18513, 18519, 18520, 18522, 18527, 18528, 18529, 18530, 18532, 18533, 18534, 18536, 18539, 18540, 18542, 18544, 18545, 18546, 18547, 18549, 18553, 18557, 18558, 18569, 18583, 18585, 18586, 18592, 18593, 18594, 18602, 18612, 18613, 18619, 18633, 18641, 18643, 18648, 18657, 18676, 18694, 18696. * Cache information can be queried via sysconf() function on s390 e.g. with _SC_LEVEL1_ICACHE_SIZE as argument. * A buffer overflow in gethostbyname_r and related functions performing DNS requests has been fixed. If the NSS functions were called with a misaligned buffer, the buffer length change due to pointer alignment was not taken into account. This could result in application crashes or, potentially arbitrary code execution, using crafted, but syntactically valid DNS responses. (CVE-2015-1781) * The time zone file parser has been made more robust against crafted time zone files, avoiding heap buffer overflows related to the processing of the tzh_ttisstdcnt and tzh_ttisgmtcnt fields, and a stack overflow due to large time zone data files. Overly long time zone specifiers in the TZ variable no longer result in stack overflows and crashes. * A powerpc and powerpc64 optimization for TLS, similar to TLS descriptors for LD and GD on x86 and x86-64, has been implemented. You will need binutils-2.24 or later to enable this optimization. * Character encoding and ctype tables were updated to Unicode 7.0.0, using new generator scripts contributed by Pravin Satpute and Mike FABIAN (Red Hat). These updates cause user visible changes, such as the fix for bug 17998. * CVE-2014-8121 The NSS backends shared internal state between the getXXent and getXXbyYY NSS calls for the same database, causing a denial-of-service condition in some applications. * Added vector math library named libmvec with the following vectorized x86_64 implementations: cos, cosf, sin, sinf, sincos, sincosf, log, logf, exp, expf, pow, powf. The library can be disabled with --disable-mathvec. Use of the functions is enabled with -fopenmp -ffast-math starting from -O1 for GCC version >= 4.9.0. Shared library libmvec.so is linked in as needed when using -lm (no need to specify -lmvec explicitly for not static builds). Visit <https://sourceware.org/glibc/wiki/libmvec> for detailed information. * A new fmemopen implementation has been added with the goal of POSIX compliance. The new implementation fixes the following long-standing issues: BZ#6544, BZ#11216, BZ#12836, BZ#13151, BZ#13152, and BZ#14292. The old implementation is still present for use be by existing binaries. * The 32-bit sparc sigaction ABI was inadvertently broken in the 2.20 and 2.21 releases. It has been fixed to match 2.19 and older, but binaries built against 2.20 and 2.21 might need to be recompiled. See BZ#18694. * Port to Native Client running on ARMv7-A (--host=arm-nacl). Contributed by Roland McGrath (Google). Contributors ============ This release was made possible by the contributions of many people. The maintainers are grateful to everyone who has contributed changes or bug reports. These include: Adhemerval Zanella Alan Modra Alexandre Oliva Andreas Schwab Andrew Senkevich Andriy Rysin Arjun Shankar Aurelien Jarno Benno Schulenberg Brad Hubbard Carlos O'Donell Chris Metcalf Christian Schmidt Chung-Lin Tang Cong Wang Cyril Hrubis Daniel Marjamäki David S. Miller Dmitry V. Levin Eric Rannaud Evangelos Foutras Feng Gao Florian Weimer Gleb Fotengauer-Malinovskiy H.J. Lu Igor Zamyatin J William Piggott James Cowgill James Lemke John David Anglin Joseph Myers Kevin Easton Khem Raj Leonhard Holz Mark Wielaard Marko Myllynen Martin Galvan Martin Sebor Matthew Fortune Mel Gorman Mike Frysinger Miroslav Lichvar Nathan Lynch Ondřej Bílka Paul Eggert Paul Pluzhnikov Pavel Kopyl Pravin Satpute Rajalakshmi Srinivasaraghavan Rical Jasan Richard Henderson Roland McGrath Rüdiger Sonderfeld Samuel Thibault Siddhesh Poyarekar Stefan Liebler Steve Ellcey Szabolcs Nagy Torvald Riegel Tulio Magno Quites Machado Filho Vincent Bernat Wilco Dijkstra Yaakov Selkowitz Zack Weinberg