tag name | glibc-2.39 (9609a435f3f9a07c1cf607ad5821b12f735abd69) |
tag date | 2024-01-31 01:46:40 +0100 |
tagged by | Andreas K. Hüttel <dilfridge@gentoo.org> |
tagged object | commit ef321e23c2... |
download | glibc-2.39.tar.gz glibc-2.39.tar.xz glibc-2.39.zip |
---|
The GNU C Library version 2.39 is now available
The GNU C Library ================= The GNU C Library version 2.39 is now available. The GNU C Library is used as *the* C library in the GNU system and in GNU/Linux systems, as well as many other systems that use Linux as the kernel. The GNU C Library is primarily designed to be a portable and high performance C library. It follows all relevant standards including ISO C11 and POSIX.1-2017. It is also internationalized and has one of the most complete internationalization interfaces known. The GNU C Library webpage is at http://www.gnu.org/software/libc/ Packages for the 2.39 release may be downloaded from: http://ftpmirror.gnu.org/libc/ http://ftp.gnu.org/gnu/libc/ The mirror list is at http://www.gnu.org/order/ftp.html Distributions are encouraged to track the release/* branches corresponding to the releases they are using. The release branches will be updated with conservative bug fixes and new features while retaining backwards compatibility. NEWS for version 2.39 ===================== Major new features: * A new tunable, glibc.cpu.plt_rewrite, can be used to enable PLT rewrite on x86-64. When enabled with non-lazy binding, the dynamic linker will rewrite indirect branches in PLT with direct branches. * Sync with Linux kernel 6.6 shadow stack interface. The --enable-cet configure option is only supported on x86-64. * struct statvfs now has an f_type member, equal to the f_type statfs member; on the Hurd this was always available under a reserved name, and under Linux a spare has been allocated: it was always zero in previous versions of glibc, and zero is not a valid result. * On Linux, the functions posix_spawnattr_getcgroup_np and posix_spawnattr_setcgroup_np have been added, along with the POSIX_SPAWN_SETCGROUP flag. They allow posix_spawn and posix_spawnp to set the cgroupv2 in the new process in a race-free manner. These functions are GNU extensions and require a kernel with clone3 support. * On Linux, the pidfd_spawn and pidfd_spawp functions have been added. They have a similar prototype and semantic as posix_spawn, but instead of returning a process ID, they return a file descriptor that can be used along other pidfd functions (like pidfd_send_signal, poll, or waitid). The pidfd functionality avoids the issue of PID reuse with the traditional posix_spawn interface. * On Linux, the pidfd_getpid function has been added. It allows retrieving the process ID associated with the process file descriptor created by pid_spawn, fork_np, or pidfd_open. * scanf-family functions now support the wN format length modifiers for arguments pointing to types intN_t, int_leastN_t, uintN_t or uint_leastN_t (for example, %w32d to read int32_t or int_least32_t in decimal, or %w32x to read uint32_t or uint_least32_t in hexadecimal) and the wfN format length modifiers for arguments pointing to types int_fastN_t or uint_fastN_t, as specified in draft ISO C2X. * A new tunable, glibc.mem.decorate_maps, can be used to add additional information on underlying memory allocated by the glibc (for instance, on thread stack created by pthread_create or memory allocated by malloc). * The <stdbit.h> header has been added from ISO C2X, with stdc_leading_zeros, stdc_leading_ones, stdc_trailing_zeros, stdc_trailing_ones, stdc_first_leading_zero, stdc_first_leading_one, stdc_first_trailing_zero, stdc_first_trailing_one, stdc_count_zeros, stdc_count_ones, stdc_has_single_bit, stdc_bit_width, stdc_bit_floor and stdc_bit_ceil function families, each having functions for unsigned char, unsigned short, unsigned int, unsigned long int and unsigned long long int, and a type-generic macro. * On AArch64 new symbols were added to libmvec and now math.h has annotations to allow GCC 9 or newer to auto-vectorize calls to the following scalar math functions when -ffast-math is specified: acos, acosf, asin, asinf, atan, atanf, atan2, atan2f, cos, cosf, exp, expf, exp10, exp10f, exp2, exp2f, expm1, expm1f, log, logf, log10, log10f, log1p, log1pf, log2, log2f, sin, sinf, tan, tanf. Deprecated and removed features, and other changes affecting compatibility: * The ldconfig program now skips file names containing ';' or ending in ".dpkg.tmp" or ".dpkg.new", to avoid examining temporary files created by the RPM and dpkg package managers. * libcrypt has been removed from the GNU C Library. The configure options "--enable-crypt" and "--enable-nss-crypt" are no longer available. <crypt.h>, libcrypt.a, and libcrypt.so.1 will not be installed. For now <unistd.h> continues to declare the crypt function by default, to avoid introducing vulnerabilities into existing applications due to a missing prototype. This declaration is deprecated and may be removed in a future glibc release. The replacement for libcrypt is libxcrypt, maintained separately from GNU libc, but available under compatible licensing terms, and providing binary backward compatibility with the former libcrypt. It is currently distributed from <https://github.com/besser82/libxcrypt/>. As a consequence of this removal, GNU libc no longer makes any use of the NSS cryptography library (Network Security Services; not to be confused with Name Service Switch). Distributors of binary packages of GNU libc are advised to check whether their build processes can be simplified. * The dynamic linker calls the malloc and free functions in more cases during TLS access if a shared object with dynamic TLS is loaded and unloaded. This can result in an infinite recursion if a malloc replacement library or its dependencies use dynamic TLS instead of initial-exec TLS. * The ia64*-*-linux-gnu configurations are no longer supported. Changes to build and runtime requirements: * Building on LoongArch requires at a minimum binutils 2.41 for vector instructions. Security related changes: The following CVEs were fixed in this release, details of which can be found in the advisories directory of the release tarball: GLIBC-SA-2023-0002: getaddrinfo: Stack read overflow in no-aaaa mode (CVE-2023-4527) GLIBC-SA-2023-0003: getaddrinfo: Potential use-after-free (CVE-2023-4806) GLIBC-SA-2023-0004: tunables: local privilege escalation through buffer overflow (CVE-2023-4911) GLIBC-SA-2024-0001: syslog: Heap buffer overflow in __vsyslog_internal (CVE-2023-6246) GLIBC-SA-2024-0002: syslog: Heap buffer overflow in __vsyslog_internal (CVE-2023-6779) GLIBC-SA-2024-0003: syslog: Integer overflow in __vsyslog_internal (CVE-2023-6780) The following bugs are resolved with this release: [14522] localedata: fy_DE: LC_IDENTIFICATION data looks weird [19305] libc: qsort() should return early if (nmemb <= 1) [19479] localedata: gbm_IN: new Garhwali Locale [19924] dynamic-link: TLS performance degradation after dlopen [19956] localedata: ssy_ER: rename from aa_ER@saaho [21719] libc: stdlib/msort : optimizing merge sort [22526] localedata: th_TH LC_COLLATE does not use copy "iso14651_t1" [23012] localedata: el_GR: Greece now uses the 24h format for time [23172] localedata: miq_NI: Provide actually abbreviated month names [24006] localedata: Cyclic dependencies via copy in locales [24013] localedata: am_pm definitions for es_ES [24386] localedata: crh_RU: new locale [24877] localedata: [Redundant Data] Remove redundant data between en_NZ and en_AU [25868] localedata: Incorrect trailing spaces in weekday names for nn_NO [26752] localedata: Please add the new locale zgh_MA [27069] dynamic-link: Need a way to tell if a tunable is set by user [27163] localedata: Error on test glk_IR with localedef [27312] localedata: su_ID: new Sundanese locale [27547] manual: "Summary of malloc-Related Functions" shows wrong argument order for `aligned_alloc` and `memalign` [27574] libc: glibc should probably not define __WORDSIZE=64 for __sparcv9 [27601] localedata: License information update in localedata/locales/ast_ES [28558] localedata: it_IT LC_MONETARY outdated p_cs_precedes and n_cs_precedes [28787] localedata: Add information for Occitan [29039] dynamic-link: Corrupt DTV after reuse of a TLS module ID following dlclose with unused TLS [29486] localedata: New Zealand locales (en_NZ & mi_NZ) first day of week should be Monday [29504] localedata: Incorrect/misleading Time Format For ms_MY (AM/PM) [29506] localedata: UTF-8 HANGUL SYLLABLE bugs [30349] libc: Support returning a pidfd from posix_spawn() [30412] localedata: d_t_fmt in id_ID uses %r placeholder but am_pm and t_fmt_ampm are undefined [30605] localedata: New locale for Komi language [30649] localedata: [PATCH] Add transliteration of common emojis to smileys [30694] locale: The iconv program no longer tells the user which given encoding name was wrong [30709] nscd: nscd fails to build with cleanup handler if built with -fexceptions [30737] libc: fdopendir() is not robust - returns bogus DIR* instead of flagging an error [30740] build: [m68k] undefined reference to `_wordcopy_fwd_dest_aligned' [30745] libc: Slight bug in cache info codes for x86 [30750] network: Unaligned accesses in resolver [30773] math: [m68k] busybox awk is broken (lshift.S related) [30789] libc: [2.38 Regression] sem_open will fail on multithreaded scenarios when semaphore file doesn't exist (O_CREAT) [30800] nscd: Improper assert in prune_cache triggers if clock jumps backwards [30804] libc: F_GETLK, F_SETLK, and F_SETLKW value change for powerpc64 with -D_FILE_OFFSET_BITS=64 [30842] network: Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) [30843] network: potential use-after-free in getcanonname (CVE-2023-4806) [30854] localedata: Update locale data to Unicode 15.1.0 [30884] network: Memory leak in getaddrinfo after fix for bug 30843 (CVE-2023-5156) [30932] libc: Fortify Source has false-positives when too many files are open [30945] malloc: Core affinity setting incurs lock contentions between threads [30960] math: signed integer overflow in glibc/sysdeps/s390/fpu/feenablxcpt.c [30964] locale: Number grouping check mishandles multibyte thousands separator [30981] dynamic-link: dlclose does not properly implement force-first handling [30988] math: fesetexcept raises floating-point exception traps on ppc, ppc64, ppc64le [30989] math: fesetexcept raises floating-point exception traps on i386 [30990] libc: fesetexceptflag raises floating-point exception traps on i386, x86_64 [30998] math: fesetexceptflag clears too many floating-point exception flags on alpha [31019] manual: The documentation of feenableexcept is incomplete [31022] math: feupdateenv (FE_DFL_ENV) crashes on riscv [31035] libc: Library search path terminates on relative non-directory name [31042] libc: [s390x] .init and .fini padding [31068] libc: sysdeps: sparc: invalid data access in memset due to regression [31078] manual: Code example in "Noncanonical Mode Example" has unused 'char *name;' [31086] localedata: Errors in Tibetan, Dzongkha data [31113] string: Wrong unwind information for rawmemchr on aarch64 [31151] libc: [RISC-V] missing support for profile/audit PLT setup [31163] nss: getaddrinfo returns EAI_NONAME in oom situation [31183] stdio: Wide stream buffer size reduced MB_LEN_MAX bytes after bug 17522 fix [31184] dynamic-link: FAIL: elf/tst-tlsgap [31185] dynamic-link: Incorrect thread point access in _dl_tlsdesc_undefweak and _dl_tlsdesc_dynamic [31187] dynamic-link: Some CET tests fail with GCC 14 [31204] localedata: Fix decimal point and thousands separator for uz_UZ [31205] localedata: Inconsistent (mon_)grouping formats [31218] dynamic-link: PLT rewrite overflows large displacement on x32 [31221] localedata: Add localedata for ISO code "tok" (Toki Pona) [31230] dynamic-link: PLT rewrite failed without SELinux [31239] localedata: anp_IN locale: abbreviated month names are the same as the full month names [31244] nptl: pthread_cancel hangs on sparc32 [31257] localedata: Sync with CLDR: “Turkey” -> “Türkiye” [31266] string: sparc: string/tst-memmove-overflow fails on 32-bit sparcv9 [31276] libc: Wrong condition for heap allocation in qsort_r Release Notes ============= https://sourceware.org/glibc/wiki/Release/2.39 Contributors ============ This release was made possible by the contributions of many people. The maintainers are grateful to everyone who has contributed changes or bug reports. These include: Adam Jackson Adhemerval Zanella Netto Amrita H S Andreas K. Hüttel Andreas Larsson Andreas Schwab Arjun Shankar Aurelien Jarno Bruno Haible Bruno Victal Carlos O'Donell Christoph Müllner Colin Leroy-Mira DJ Delorie Daniel Cederman Dennis Brendel Flavio Cruz Florian Weimer Frederic Cambus Gaël PORTAY Guy-Fleury Iteriteka H.J. Lu Hector Martin Jan Palus Janet Blackquill Joe Ramsay Joe Simmons-Talbott John David Anglin Joseph Myers Kir Kolyshkin Kuan-Wei Chiu Ludwig Rydberg MAHESH BODAPATI Mahesh Bodapati Manjunath Matti Mark Wielaard Matthew Sterrett Maxim Kuvyrkov Mike FABIAN Noah Goldstein Paul Eggert Qingqing Li Romain Geissler RushingAlien Sajan Karumanchi Sam James Samuel Thibault Sergei Trofimovich Sergey Bugaev Sergio Durigan Junior Siddhesh Poyarekar Simon Chopin Stefan Liebler Sunil K Pandey Szabolcs Nagy Tobias Klauser Valery Ushakov Volker Weißmann Wilco Dijkstra Xi Ruoyao Yang Yujie Yanzhang Wang Ying Huang caiyinyu dengjianbo lijianglin наб We would like to call out the following and thank them for their tireless patch review: Adhemerval Zanella Alejandro Colomar Andreas K. Hüttel Andreas Schwab Arjun Shankar Carlos O'Donell DJ Delorie Florian Weimer H.J. Lu Joe Simmons-Talbott Mike Fabian Noah Goldstein Paul E. Murphy Peter Bergner Premachandra Mallappa Rajalakshmi Srinivasaraghavan Samuel Thibault Siddhesh Poyarekar Stefan Liebler Sunil K Pandey Szabolcs Nagy -- Andreas K. Hüttel dilfridge@gentoo.org Gentoo Linux developer (council, toolchain, base-system, perl, releng) https://wiki.gentoo.org/wiki/User:Dilfridge https://www.akhuettel.de/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQKTBAABCgB9FiEE/Rnm0xsZLuTcY+rT3CsWIV7VQSoFAmW5mNNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZE MTlFNkQzMUIxOTJFRTREQzYzRUFEM0RDMkIxNjIxNUVENTQxMkEACgkQ3CsWIV7V QSo4Qw//QpiwbsMoQhB/6HeI3+7UUdiYDQWL8a3OVTZB2tNBrUQ7zrZMHpXJ4tR7 zTjRCAP0E5EA4pMElbqFEZxwI9DpRe5YEBaZsNvg09zHAPTJxNtKDK4mHSK4VQJ2 5KnedBcFvAyWJnUQ4DAB5HEHe2pPW2dqQaU2XtqnixYEfnH4+jlTS6pTInaAEN+H UcHtrRZ3m0kYU47hCU8qDFj9Sal5+I6MnFmIaAl/emYjiRVxwvH2cA8mTnlVK7T5 EL49vXU/CbKh3R24xDoYBbtjjXGQ9NT3OW8KXy/9njIM/nr25G/fwMsZHPUlxj86 2+I6JC0RILHCIHCrEX1uoDS+YELCh7AF/cMatU/n42mGK7jBAVgrOcPwtxWME/xH mOK7FnELTEzmIJ7EBJSW3FMLxvfeA1SO0GTIfXdEsnsdXSRQyaoDhJyubitT34kD B4k2rmyNRtB1Zgo+cuUSsMM0YuRJJwMBn4kAN3svkNxzsP5oIROm0/FysM8tuhK6 JrDioD24pnnG9w/eFCJUaLa5sSQ4iNw62zEW1wdw6pzRYkAU1g2Q0UPgnjVWQaoM BV/6GeAivWsGLy7T+ILvDTARzgS+enWRWixd8S7rqMJAVVfGZHCyVACfC41a7unR b+ti8/uXsmVT7H0rqapscYYF5oVgyQAtYxPwA9g/tp1YRKgfKHk= =e2a/ -----END PGP SIGNATURE-----