Please send GNU C library bug reports via <http://sourceware.org/bugzilla/>
using `glibc' in the "product" field.
\f
+Version 2.20.1
+
+* The following bugs are resolved with this release:
+
+ 17266, 17370, 17371, 17460.
+\f
Version 2.20
* The following bugs are resolved with this release:
6804, 9894, 12994, 13347, 13651, 14308, 14770, 15119, 15132, 15347, 15514,
- 15698, 15804, 15894, 15946, 16002, 16064, 16095, 16198, 16284, 16287,
- 16315, 16348, 16349, 16354, 16357, 16362, 16447, 16516, 16532, 16539,
- 16545, 16561, 16562, 16564, 16574, 16599, 16600, 16609, 16610, 16611,
- 16613, 16619, 16623, 16629, 16632, 16634, 16639, 16642, 16648, 16649,
- 16670, 16674, 16677, 16680, 16681, 16683, 16689, 16695, 16701, 16706,
- 16707, 16712, 16713, 16714, 16724, 16731, 16739, 16740, 16743, 16754,
- 16758, 16759, 16760, 16770, 16786, 16789, 16791, 16796, 16799, 16800,
- 16815, 16823, 16824, 16831, 16838, 16839, 16849, 16854, 16876, 16877,
- 16878, 16882, 16885, 16888, 16890, 16892, 16912, 16915, 16916, 16917,
- 16918, 16922, 16927, 16928, 16932, 16943, 16958, 16965, 16966, 16967,
- 16977, 16978, 16984, 16990, 16996, 17009, 17022, 17031, 17042, 17048,
- 17050, 17058, 17061, 17062, 17069, 17075, 17078, 17079, 17084, 17086,
- 17088, 17092, 17097, 17125, 17135, 17137, 17150, 17153, 17213, 17259,
- 17261, 17262, 17263.
+ 15698, 15804, 15894, 15946, 16002, 16064, 16095, 16194, 16198, 16275,
+ 16284, 16287, 16315, 16348, 16349, 16354, 16357, 16362, 16447, 16516,
+ 16532, 16539, 16545, 16561, 16562, 16564, 16574, 16599, 16600, 16609,
+ 16610, 16611, 16613, 16619, 16623, 16629, 16632, 16634, 16639, 16642,
+ 16648, 16649, 16670, 16674, 16677, 16680, 16681, 16683, 16689, 16695,
+ 16701, 16706, 16707, 16712, 16713, 16714, 16724, 16731, 16739, 16740,
+ 16743, 16754, 16758, 16759, 16760, 16770, 16786, 16789, 16791, 16796,
+ 16799, 16800, 16815, 16823, 16824, 16831, 16838, 16839, 16849, 16854,
+ 16876, 16877, 16878, 16882, 16885, 16888, 16890, 16892, 16912, 16915,
+ 16916, 16917, 16918, 16922, 16927, 16928, 16932, 16943, 16958, 16965,
+ 16966, 16967, 16977, 16978, 16984, 16990, 16996, 17009, 17022, 17031,
+ 17042, 17048, 17050, 17058, 17061, 17062, 17069, 17075, 17078, 17079,
+ 17084, 17086, 17088, 17092, 17097, 17125, 17135, 17137, 17150, 17153,
+ 17187, 17213, 17259, 17261, 17262, 17263, 17319, 17325, 17354.
* Reverted change of ABI data structures for s390 and s390x:
On s390 and s390x the size of struct ucontext and jmp_buf was increased in
2.19. This change is reverted in 2.20. The introduced 2.19 symbol versions
of getcontext, setjmp, _setjmp, __sigsetjmp, longjmp, _longjmp, siglongjmp
are preserved pointing straight to the same implementation as the old ones.
- Given that, new callers wil simply provide a too-big buffer to these
+ Given that, new callers will simply provide a too-big buffer to these
functions. Any applications/libraries out there that embed jmp_buf or
ucontext_t in an ABI-relevant data structure that have already been rebuilt
against 2.19 headers will have to rebuilt again. This is necessary in any
handle the new instruction encodings. This is known to affect Valgrind
versions up through 3.9 (but will be fixed in the forthcoming 3.10
release), and might affect other tools that do instruction emulation.
+
+* Support for loadable gconv transliteration modules has been removed.
+ The support for transliteration modules has been non-functional for
+ over a decade, and the removal is prompted by security defects. The
+ normal gconv conversion modules are still supported. Transliteration
+ with //TRANSLIT is still possible, and the //IGNORE specifier
+ continues to be supported. (CVE-2014-5119)
+
+* Decoding a crafted input sequence in the character sets IBM933, IBM935,
+ IBM937, IBM939, IBM1364 could result in an out-of-bounds array read,
+ resulting a denial-of-service security vulnerability in applications which
+ use functions related to iconv. (CVE-2014-6040)
\f
Version 2.19
projects / platform / upstream / linaro-glibc.git / blobdiff