Please send GNU C library bug reports via <http://sourceware.org/bugzilla/>
using `glibc' in the "product" field.
\f
+Version 2.20.1
+
+* The following bugs are resolved with this release:
+
+ 17266, 17370, 17371, 17460.
+\f
Version 2.20
* The following bugs are resolved with this release:
- 6804, 9894, 12994, 13347, 13651, 14308, 14770, 15119, 15132, 15347,
- 15514, 15698, 15804, 15894, 15946, 16002, 16064, 16095, 16198, 16284,
- 16287, 16315, 16348, 16349, 16354, 16357, 16362, 16447, 16516, 16532,
- 16539, 16545, 16561, 16562, 16564, 16574, 16599, 16600, 16609, 16610,
- 16611, 16613, 16619, 16623, 16629, 16632, 16634, 16639, 16642, 16648,
- 16649, 16670, 16674, 16677, 16680, 16681, 16683, 16689, 16695, 16701,
- 16706, 16707, 16712, 16713, 16714, 16724, 16731, 16739, 16740, 16743,
- 16754, 16758, 16759, 16760, 16770, 16786, 16789, 16791, 16796, 16799,
- 16800, 16815, 16823, 16824, 16831, 16838, 16839, 16849, 16854, 16876,
- 16877, 16878, 16882, 16885, 16888, 16890, 16892, 16912, 16915, 16916,
- 16917, 16918, 16922, 16927, 16928, 16932, 16943, 16958, 16965, 16966,
- 16967, 16977, 16978, 16984, 16990, 16996, 17009, 17022, 17031, 17042,
- 17048, 17050, 17058, 17061, 17062, 17069, 17075, 17078, 17079, 17084,
- 17086, 17088, 17092, 17097, 17125, 17135, 17137, 17150, 17153, 17213.
+ 6804, 9894, 12994, 13347, 13651, 14308, 14770, 15119, 15132, 15347, 15514,
+ 15698, 15804, 15894, 15946, 16002, 16064, 16095, 16194, 16198, 16275,
+ 16284, 16287, 16315, 16348, 16349, 16354, 16357, 16362, 16447, 16516,
+ 16532, 16539, 16545, 16561, 16562, 16564, 16574, 16599, 16600, 16609,
+ 16610, 16611, 16613, 16619, 16623, 16629, 16632, 16634, 16639, 16642,
+ 16648, 16649, 16670, 16674, 16677, 16680, 16681, 16683, 16689, 16695,
+ 16701, 16706, 16707, 16712, 16713, 16714, 16724, 16731, 16739, 16740,
+ 16743, 16754, 16758, 16759, 16760, 16770, 16786, 16789, 16791, 16796,
+ 16799, 16800, 16815, 16823, 16824, 16831, 16838, 16839, 16849, 16854,
+ 16876, 16877, 16878, 16882, 16885, 16888, 16890, 16892, 16912, 16915,
+ 16916, 16917, 16918, 16922, 16927, 16928, 16932, 16943, 16958, 16965,
+ 16966, 16967, 16977, 16978, 16984, 16990, 16996, 17009, 17022, 17031,
+ 17042, 17048, 17050, 17058, 17061, 17062, 17069, 17075, 17078, 17079,
+ 17084, 17086, 17088, 17092, 17097, 17125, 17135, 17137, 17150, 17153,
+ 17187, 17213, 17259, 17261, 17262, 17263, 17319, 17325, 17354.
* Reverted change of ABI data structures for s390 and s390x:
On s390 and s390x the size of struct ucontext and jmp_buf was increased in
2.19. This change is reverted in 2.20. The introduced 2.19 symbol versions
of getcontext, setjmp, _setjmp, __sigsetjmp, longjmp, _longjmp, siglongjmp
are preserved pointing straight to the same implementation as the old ones.
- Given that, new callers wil simply provide a too-big buffer to these
+ Given that, new callers will simply provide a too-big buffer to these
functions. Any applications/libraries out there that embed jmp_buf or
ucontext_t in an ABI-relevant data structure that have already been rebuilt
against 2.19 headers will have to rebuilt again. This is necessary in any
silently replaced with the "C" locale when running in AT_SECURE mode
(e.g., in a SUID program). This is no longer necessary because of the
additional checks.
+
+* On x86-64, the dynamic linker's lazy-binding support is now compatible
+ with application code using Intel MPX instructions. (With all previous
+ versions, the MPX register state could be clobbered when making calls
+ into or out of a shared library.) Note that while the new dynamic
+ linker is compatible with all known x86 hardware whether or not it
+ supports Intel MPX, some x86 instruction-set emulators might fail to
+ handle the new instruction encodings. This is known to affect Valgrind
+ versions up through 3.9 (but will be fixed in the forthcoming 3.10
+ release), and might affect other tools that do instruction emulation.
+
+* Support for loadable gconv transliteration modules has been removed.
+ The support for transliteration modules has been non-functional for
+ over a decade, and the removal is prompted by security defects. The
+ normal gconv conversion modules are still supported. Transliteration
+ with //TRANSLIT is still possible, and the //IGNORE specifier
+ continues to be supported. (CVE-2014-5119)
+
+* Decoding a crafted input sequence in the character sets IBM933, IBM935,
+ IBM937, IBM939, IBM1364 could result in an out-of-bounds array read,
+ resulting a denial-of-service security vulnerability in applications which
+ use functions related to iconv. (CVE-2014-6040)
\f
Version 2.19