summary refs log tree commit diff
tag nameglibc-2.29 (e7c9e41bb2407b0150997b382b49a5f3bb579bf9)
tag date2019-01-31 22:24:07 +0530
tagged bySiddhesh Poyarekar <siddhesh@sourceware.org>
tagged objectcommit 56c86f5dd5...
downloadglibc-2.29.tar.gz
glibc-2.29.tar.xz
glibc-2.29.zip
The GNU C Library
=================

The GNU C Library version 2.29 is now available.

The GNU C Library is used as *the* C library in the GNU system and
in GNU/Linux systems, as well as many other systems that use Linux
as the kernel.

The GNU C Library is primarily designed to be a portable
and high performance C library.  It follows all relevant
standards including ISO C11 and POSIX.1-2008.  It is also
internationalized and has one of the most complete
internationalization interfaces known.

The GNU C Library webpage is at http://www.gnu.org/software/libc/

Packages for the 2.29 release may be downloaded from:
        http://ftpmirror.gnu.org/libc/
        http://ftp.gnu.org/gnu/libc/

The mirror list is at http://www.gnu.org/order/ftp.html

NEWS for version 2.29
====================

* The getcpu wrapper function has been added, which returns the currently
  used CPU and NUMA node.  This function is Linux-specific.

* A new convenience target has been added for distribution maintainers
  to build and install all locales as directories with files.  The new
  target is run by issuing the following command in your build tree:
  'make localedata/install-locale-files', with an optional DESTDIR
  to set the install root if you wish to install into a non-default
  configured location.

* Optimized generic exp, exp2, log, log2, pow, sinf, cosf, sincosf and tanf.

* The reallocarray function is now declared under _DEFAULT_SOURCE, not just
  for _GNU_SOURCE, to match BSD environments.

* For powercp64le ABI, Transactional Lock Elision is now enabled iff kernel
  indicates that it will abort the transaction prior to entering the kernel
  (PPC_FEATURE2_HTM_NOSC on hwcap2).  On older kernels the transaction is
  suspended, and this caused some undefined side-effects issues by aborting
  transactions manually.  Glibc avoided it by abort transactions manually on
  each syscall, but it lead to performance issues on newer kernels where the
  HTM state is saved and restore lazily (the state being saved even when the
  process actually does not use HTM).

* The functions posix_spawn_file_actions_addchdir_np and
  posix_spawn_file_actions_addfchdir_np have been added, enabling
  posix_spawn and posix_spawnp to run the new process in a different
  directory.  These functions are GNU extensions.  The function
  posix_spawn_file_actions_addchdir_np is similar to the Solaris function
  of the same name.

* The popen and system do not run atfork handlers anymore (BZ#17490).
  Although it is a possible POSIX violation, the POSIX rationale in
  pthread_atfork documentation regarding atfork handlers is to handle
  inconsistent mutex state after a fork call in a multi-threaded process.
  In both popen and system there is no direct access to user-defined mutexes.

* Support for the C-SKY ABIV2 running on Linux has been added.  This port
  requires at least binutils-2.32, gcc-9.0, and linux-4.20.  Two ABIs are
  supported:
    - C-SKY ABIV2 soft-float little-endian
    - C-SKY ABIV2 hard-float little-endian

* strftime's default formatting of a locale's alternative year (%Ey)
  has been changed to zero-pad the year to a minimum of two digits,
  like "%y".  This improves the display of Japanese era years during
  the first nine years of a new era, and is expected to be harmless
  for all other locales (only Japanese locales regularly have
  alternative year numbers less than 10).  Zero-padding can be
  overridden with the '_' or '-' flags (which are GNU extensions).

* As a GNU extension, the '_' and '-' flags can now be applied to
  "%EY" to control how the year number is formatted; they have the
  same effect that they would on "%Ey".

Deprecated and removed features, and other changes affecting compatibility:

* The glibc.tune tunable namespace has been renamed to glibc.cpu and the
  tunable glibc.tune.cpu has been renamed to glibc.cpu.name.

* The type of the pr_uid and pr_gid members of struct elf_prpsinfo, defined
  in <sys/procfs.h>, has been corrected to match the type actually used by
  the Linux kernel.  This affects the size and layout of that structure on
  MicroBlaze, MIPS (n64 ABI only), Nios II and RISC-V.

* For the MIPS n32 ABI, the type of the pr_sigpend and pr_sighold members of
  struct elf_prstatus, and the pr_flag member of struct elf_prpsinfo,
  defined in <sys/procfs.h>, has been corrected to match the type actually
  used by the Linux kernel.  This affects the size and layout of those
  structures.

* An archaic GNU extension to scanf, under which '%as', '%aS', and '%a[...]'
  meant to scan a string and allocate space for it with malloc, is now
  restricted to programs compiled in C89 or C++98 mode with _GNU_SOURCE
  defined.  This extension conflicts with C99's use of '%a' to scan a
  hexadecimal floating-point number, which is now available to programs
  compiled as C99 or C++11 or higher, regardless of _GNU_SOURCE.

  POSIX.1-2008 includes the feature of allocating a buffer for string input
  with malloc, using the modifier letter 'm' instead.  Programs using
  '%as', '%aS', or '%a[...]' with the old GNU meaning should change to
  '%ms', '%mS', or '%m[...]' respectively.  Programs that wish to use the
  C99 '%a' no longer need to avoid _GNU_SOURCE.

  GCC's -Wformat warnings can detect most uses of this extension, as long
  as all functions that call vscanf, vfscanf, or vsscanf are annotated with
  __attribute__ ((format (scanf, ...))).

Changes to build and runtime requirements:

* Python 3.4 or later is required to build the GNU C Library.

* On most architectures, GCC 5 or later is required to build the GNU C
  Library.  (On powerpc64le, GCC 6.2 or later is still required, as before.)

  Older GCC versions and non-GNU compilers are still supported when
  compiling programs that use the GNU C Library.

Security related changes:

  CVE-2018-19591: A file descriptor leak in if_nametoindex can lead to a
  denial of service due to resource exhaustion when processing getaddrinfo
  calls with crafted host names.  Reported by Guido Vranken.

  CVE-2019-6488: On x32, the size_t parameter may be passed in the lower
  32 bits of a 64-bit register with with non-zero upper 32 bit.  When it
  happened, accessing the 32-bit size_t value as the full 64-bit register
  in the assembly string/memory functions would cause a buffer overflow.
  Reported by H.J. Lu.

  CVE-2016-10739: The getaddrinfo function could successfully parse IPv4
  addresses with arbitrary trailing characters, potentially leading to data
  or command injection issues in applications.

Release Notes
=============

https://sourceware.org/glibc/wiki/Release/2.29

Contributors
============

This release was made possible by the contributions of many people.
The maintainers are grateful to everyone who has contributed
changes or bug reports.  These include:

Adhemerval Zanella
Albert ARIBAUD (3ADEV)
Alexandra Hájková
Andreas K. Hüttel
Andreas Schwab
Anton Youdkevitch
Arjun Shankar
Assaf Gordon
Aurelien Jarno
Carlos O'Donell
Charles-Antoine Couret
DJ Delorie
Darius Rad
David S. Miller
Dmitry V. Levin
Florian Weimer
Fredrik Noring
Gabriel F. T. Gomes
H.J. Lu
Ilya Leoshkevich
Ilya Yu. Malakhov
Istvan Kurucsai
Jim Wilson
Joseph Myers
Justus Winter
Kemi Wang
Leonardo Sandoval
Mao Han
Martin Jansa
Martin Kuchta
Martin Sebor
Mingli Yu
Moritz Eckert
PanderMusubi
Paul Clarke
Paul Eggert
Paul Pluzhnikov
Pochang Chen
Rafael Avila de Espindola
Rafael Ávila de Espíndola
Rafal Luzynski
Rajalakshmi Srinivasaraghavan
Rogerio Alves
Samuel Thibault
Sergi Almacellas Abellana
Siddhesh Poyarekar
Stefan Liebler
Steve Ellcey
Szabolcs Nagy
TAMUKI Shoichi
Tobias Klauser
Tulio Magno Quites Machado Filho
Uroš Bizjak
Wilco Dijkstra
Zack Weinberg
Zong Li
-----BEGIN PGP SIGNATURE-----

iQEcBAABAgAGBQJcUyg2AAoJEHnEPfvxzyGHauAIAJmbTi6IHhY18D0NwFH002a/
Z/4L4jTd9/I8kaR+qYMGDi1tO+cTWtxO3jdlIU7/1VRdnL1h+HnlYTJlc64DVP9t
3W4lhSJRbK8HWlV0emmNHnBCgV6SxOMaMPN286WKLDTYI3OrOs16qkKneDqhWEoG
BS1rvxdkd27hOds3CY4xsgCFgeyo/aS+sqV2nMNdcpGBb1ZLNET3O3AkP155BwOF
utMl2xbQ5Ue17mOrw1TiOUJqvvf6FhNHFLT1dgBmgAVP+sXhjgL00co4sHh5xu5x
vJ1ju3KgzIYtxbiAIUTppia/nRFX4K8z+VL7f4aDeUm6cxuikECcpCVgH7if4gc=
=Fcnu
-----END PGP SIGNATURE-----