GNU C Library NEWS -- history of user-visible changes.
-Copyright (C) 1992-2019 Free Software Foundation, Inc.
+Copyright (C) 1992-2021 Free Software Foundation, Inc.
See the end for copying conditions.
Please send GNU C library bug reports via <https://sourceware.org/bugzilla/>
using `glibc' in the "product" field.
\f
+Version 2.34
+
+Major new features:
+
+* Add _SC_MINSIGSTKSZ and _SC_SIGSTKSZ. When _SC_SIGSTKSZ_SOURCE or
+ _GNU_SOURCE are defined, MINSIGSTKSZ and SIGSTKSZ are no longer
+ constant on Linux. MINSIGSTKSZ is redefined to sysconf(_SC_MINSIGSTKSZ)
+ and SIGSTKSZ is redefined to sysconf (_SC_SIGSTKSZ).
+
+* The dynamic linker implements the --list-diagnostics option, printing
+ a dump of information related to IFUNC resolver operation and
+ glibc-hwcaps subdirectory selection.
+
+* On Linux, the function execveat has been added. It operates similar to
+ execve and it is is already used to implement fexecve without requiring
+ /proc to be mounted. However, different than fexecve, if the syscall is not
+ supported by the kernel an error is returned instead of trying a fallback.
+
+* The ISO C2X function timespec_getres has been added.
+
+* The feature test macro __STDC_WANT_IEC_60559_EXT__, from draft ISO
+ C2X, is supported to enable declarations of functions defined in Annex F
+ of C2X. Those declarations are also enabled when
+ __STDC_WANT_IEC_60559_BFP_EXT__, as specified in TS 18661-1, is
+ defined, and when _GNU_SOURCE is defined.
+
+* On powerpc64*, glibc can now be compiled without scv support using the
+ --disable-scv configure option.
+
+Deprecated and removed features, and other changes affecting compatibility:
+
+* The function pthread_mutex_consistent_np has been deprecated; programs
+ should use the equivalent standard function pthread_mutex_consistent
+ instead.
+
+* The function pthread_mutexattr_getrobust_np has been deprecated;
+ programs should use the equivalent standard function
+ pthread_mutexattr_getrobust instead.
+
+* The function pthread_mutexattr_setrobust_np has been deprecated;
+ programs should use the equivalent standard function
+ pthread_mutexattr_setrobust instead.
+
+* The function pthread_yield has been deprecated; programs should use
+ the equivalent standard function sched_yield instead.
+
+Changes to build and runtime requirements:
+
+* On Linux, the shm_open, sem_open, and related functions now expect the
+ file shared memory file system to be mounted at /dev/shm. These functions
+ no longer search among the system's mount points for a suitable
+ replacement if /dev/shm is not available.
+
+Security related changes:
+
+ CVE-2021-27645: The nameserver caching daemon (nscd), when processing
+ a request for netgroup lookup, may crash due to a double-free,
+ potentially resulting in degraded service or Denial of Service on the
+ local system. Reported by Chris Schanzle.
+
+ CVE-2021-33574: The mq_notify function has a potential use-after-free
+ issue when using a notification type of SIGEV_THREAD and a thread
+ attribute with a non-default affinity mask.
+
+The following bugs are resolved with this release:
+
+ [The release manager will add the list generated by
+ scripts/list-fixed-bugs.py just before the release.]
+
+\f
+Version 2.33
+
+Major new features:
+
+* The dynamic linker accepts the --list-tunables argument which prints
+ all the supported tunables. This option is disable if glibc is
+ configured with tunables disabled (--enable-tunables=no).
+
+* The dynamic linker accepts the --argv0 argument and provides opportunity
+ to change argv[0] string.
+
+* The dynamic linker loads optimized implementations of shared objects
+ from subdirectories under the glibc-hwcaps directory on the library
+ search path if the system's capabilities meet the requirements for
+ that subdirectory. Initially supported subdirectories include
+ "power9" and "power10" for the powerpc64le-linux-gnu architecture,
+ "z13", "z14", "z15" for s390x-linux-gnu, and "x86-64-v2", "x86-64-v3",
+ "x86-64-v4" for x86_64-linux-gnu. In the x86_64-linux-gnu case, the
+ subdirectory names correspond to the vendor-independent x86-64
+ microarchitecture levels defined in the x86-64 psABI supplement.
+
+* The new --help option of the dynamic linker provides usage and
+ information and library search path diagnostics.
+
+* The mallinfo2 function is added to report statistics as per mallinfo,
+ but with larger field widths to accurately report values that are
+ larger than fit in an integer.
+
+* Add <sys/platform/x86.h> to provide query macros for x86 CPU features.
+
+* Support for the RISC-V ISA running on Linux has been expanded to run on
+ 32-bit hardware. This is supported for the following ISA and ABI pairs:
+
+ - rv32imac ilp32
+ - rv32imafdc ilp32
+ - rv32imafdc ilp32d
+
+ The 32-bit RISC-V port requires at least Linux 5.4, GCC 7.1 and binutils
+ 2.28.
+
+* A new fortification level _FORTIFY_SOURCE=3 is available. At this level,
+ glibc may use additional checks that may have an additional performance
+ overhead. At present these checks are available only on LLVM 9 and later.
+ The latest GCC available at this time (10.2) does not support this level of
+ fortification.
+
+Deprecated and removed features, and other changes affecting compatibility:
+
+* The mallinfo function is marked deprecated. Callers should call
+ mallinfo2 instead.
+
+* When dlopen is used in statically linked programs, alternative library
+ implementations from HWCAP subdirectories are no longer loaded.
+ Instead, the default implementation is used.
+
+* The deprecated <sys/vtimes.h> header and the function vtimes have been
+ removed. To support old binaries, the vtimes function continues to exist
+ as a compatibility symbol. Applications should use the getrlimit or
+ prlimit.
+
+* Following a change in the tzdata 2018a release upstream, the zdump
+ program is now installed in the /usr/bin subdirectory. Previously,
+ the /usr/sbin subdirectory was used.
+
+* On s390(x), the type float_t is now derived from the macro
+ __FLT_EVAL_METHOD__ that is defined by the compiler, instead of being
+ hardcoded to double. This does not affect the ABI of any libraries
+ that are part of the GNU C Library, but may affect the ABI of other
+ libraries that use this type in their interfaces. The new definition
+ improves consistency with compiler behavior in many scenarios.
+
+* A future version of glibc will stop loading shared objects from the
+ "tls" subdirectories on the library search path, the subdirectory that
+ corresponds to the AT_PLATFORM system name, and also stop employing
+ the legacy AT_HWCAP search mechanism. Applications should switch to
+ the new glibc-hwcaps mechanism instead; if they do not do that, only
+ the baseline version (directly from the search path directory) will be
+ loaded.
+
+Changes to build and runtime requirements:
+
+* On Linux, the system administrator needs to configure /dev/pts with
+ the intended access modes for pseudo-terminals. glibc no longer
+ attemps to adjust permissions of terminal devices. The previous glibc
+ defaults ("tty" group, user read/write and group write) already
+ corresponded to what most systems used, so that grantpt did not
+ perform any adjustments.
+
+* On Linux, the posix_openpt and getpt functions no longer attempt to
+ use legacy (BSD) pseudo-terminals and assume that if /dev/ptmx exists
+ (and pseudo-terminals are supported), a devpts file system is mounted
+ on /dev/pts. Current systems already meet these requirements.
+
+* s390x requires GCC 7.1 or newer. See gcc Bug 98269.
+
+Security related changes:
+
+ CVE-2021-3326: An assertion failure during conversion from the
+ ISO-20220-JP-3 character set using the iconv function has been fixed.
+ This assertion was triggered by certain valid inputs in which the
+ converted output contains a combined sequence of two wide characters
+ crossing a buffer boundary. Reported by Tavis Ormandy.
+
+ CVE-2020-27618: An infinite loop has been fixed in the iconv program when
+ invoked with input containing redundant shift sequences in the IBM1364,
+ IBM1371, IBM1388, IBM1390, or IBM1399 character sets.
+
+ CVE-2020-29562: An assertion failure has been fixed in the iconv function
+ when invoked with UCS4 input containing an invalid character.
+
+ CVE-2019-25013: A buffer overflow has been fixed in the iconv function when
+ invoked with EUC-KR input containing invalid multibyte input sequences.
+
+The following bugs are resolved with this release:
+
+ [10635] libc: realpath portability patches
+ [16124] dynamic-link: ld.so should allow to change argv[0]
+ [17924] malloc: 'free' should not set errno
+ [18683] libc: Linux faccessat implementation can incorrectly ignore
+ AT_EACCESS
+ [22899] libc: Use 64-bit readdir() in generic POSIX getcwd()
+ [23091] hurd: missing waitid support
+ [23249] libc: Epyc and other current AMD CPUs do not select the
+ "haswell" platform subdirectory
+ [24080] dynamic-link: Definition of "haswell" platform is inconsistent
+ with GCC
+ [24202] libc: m68k setjmp() saves incorrect 'a5' register in --enable-
+ stack-protector=all
+ [24941] libc: Make grantpt usable after multi-threaded fork in more
+ cases
+ [24970] libc: realpath mishandles EOVERFLOW; stat not needed anyway
+ [24973] locale: iconv encounters segmentation fault when converting
+ 0x00 0xfe in EUC-KR to UTF-8 (CVE-2019-25013)
+ [25399] string: undefined reference to `__warn_memset_zero_len' when
+ changing gnuc version
+ [25859] libc: glibc parser for /sys/devices/system/cpu/online is
+ incorrect
+ [25938] dynamic-link: ld.so.cache should store meaning of hwcap mask
+ bits
+ [25971] libc: s390 bits/hwcap.h out of sync with kernel
+ [26053] libc: unlockpt fails with ENOTTY for non-ptmx descriptors
+ [26100] libc: Race in syslog(3) with regards to tag printing.
+ [26124] libc: Export <cpu-features.h>
+ [26130] nscd: Inconsistent nscd cache during pruning
+ [26203] libc: GLRO(dl_x86_cpu_features) may not be intialized
+ [26224] locale: iconv hangs when converting some invalid inputs from
+ several IBM character sets (CVE-2020-27618)
+ [26341] libc: realpath cyclically call __alloca(path_max) to consume
+ too much stack space
+ [26343] manual: invalid documented return type for strerrorname_np(),
+ strerrordesc_np(), sigdescr_np(), sigabbrev_np()
+ [26376] libc: Namespace violation in stdio.h and sys/stat.h if build
+ with optimization.
+ [26383] locale: bind_textdomain_codeset doesn't accept //TRANSLIT
+ anymore
+ [26394] time: [2.33 Regression] FAIL: nptl/tst-join14
+ [26534] math: libm.so 2.32 SIGILL in pow() due to FMA4 instruction on
+ non-FMA4 system
+ [26552] dynamic-link: CPU_FEATURE_USABLE_P should be more conservative
+ [26553] libc: mtx_init allows type set to "mtx_recursive" only
+ [26555] string: strerrorname_np does not return the documented value
+ [26592] libc: pointer arithmetic overflows in realpath
+ [26600] network: Transaction ID collisions cause slow DNS lookups in
+ getaddrinfo
+ [26606] libc: [2.33 Regression] pselect is broken on x32
+ [26615] libc: powerpc: libc segfaults when LD_PRELOADed with libgcc
+ [26620] glob: fnmatch with collating symbols results in segmentation
+ fault
+ [26625] libc: [2.33 Regression] CET is disabled
+ [26636] libc: 32-bit shmctl(IPC_INFO) crashes when shminfo struct is
+ at the end of a memory mapping
+ [26637] libc: semctl SEM_STAT_ANY fails to pass the buffer specified
+ by the caller to the kernel
+ [26639] libc: msgctl IPC_INFO and MSG_INFO return garbage
+ [26647] build: [-Werror=array-parameter=] due to different
+ declarations for __sigsetjmp
+ [26648] libc: mkstemp is likely to fail on systems with non-stricly-
+ monotonic clocks
+ [26649] stdio: printf should handle non-normal x86 long double numbers
+ gracefully (CVE-2020-29573)
+ [26686] build: -Warray-parameter instances building with GCC 11
+ [26687] build: -Warray-bounds instances building with GCC 11
+ [26690] stdio: Aliasing violation in __vfscanf_internal
+ [26691] nptl: Use a minimum guard size of 64 KiB on aarch64
+ [26726] build: GCC warning calling new_composite_name with an array of
+ one element
+ [26736] libc: FAIL: misc/tst-sysvshm-linux
+ [26737] libc: Random FAIL: rt/tst-shm
+ [26791] libc: Missing O_CLOEXEC in sysconf.c
+ [26798] dynamic-link: aarch64: variant PCS symbols may be incorrectly
+ lazy bound
+ [26801] nptl: pthread_mutex_clocklock with CLOCK_MONOTONIC can fail on
+ PI mutexes
+ [26818] string: aarch64: string tests may run ifunc variants that are
+ not safe
+ [26821] libc: Memory leak test failures on Fedora 33
+ [26824] libc: FAIL: elf/tst-cpu-features-supports with recent trunk:
+ FSGSBASE/LM/RDRAND check failure
+ [26833] time: adjtime() with delta == NULL segfaults on armv7 32bit
+ platform
+ [26853] libc: aarch64: Missing unwind information in statically linked
+ startup code
+ [26923] locale: Assertion failure in iconv when converting invalid
+ UCS4 (CVE-2020-29562)
+ [26926] dynamic-link: aarch64: library dependencies are not bti
+ protected
+ [26932] libc: sh: Multiple floating point functions defined as stubs
+ only since 2.31
+ [26964] nptl: pthread_mutex_timedlock returning EAGAIN after futex is
+ locked
+ [26988] dynamic-link: aarch64: BTI mprotect address is not page
+ aligned
+ [27002] build: libc_freeres_fn build failure with GCC 11
+ [27004] dynamic-link: ld.so is miscompiled by GCC 11
+ [27008] dynamic-link: ld.so.cache should have endianness markup
+ [27042] libc: [alpha] anonymous union in struct stat confuses
+ detection logic
+ [27053] libc: Conformance regression in system(3) (and probably also
+ pclose(3))
+ [27072] dynamic-link: static pie ifunc resolvers run before hwcap is
+ setup
+ [27077] network: Do not reload /etc/nsswitch.conf from chroot
+ [27083] libc: Unsafe unbounded alloca in addmntent
+ [27104] dynamic-link: The COMMON_CPUID_INDEX_MAX handshake does not
+ work
+ [27130] string: "rep movsb" performance issue
+ [27150] libc: alpha: wait4() is unavailable in static linking
+ [27177] dynamic-link:
+ GLIBC_TUNABLES=glibc.cpu.x86_ibt=on:glibc.cpu.x86_shstk=on doesn't
+ work
+ [27222] dynamic-link: Incorrect sysdeps/x86/tst-cpu-features-cpuinfo.c
+ [27237] malloc: deadlock in malloc/tst-malloc-stats-cancellation
+ [27256] locale: Assertion failure in ISO-2022-JP-3 gconv module
+ related to combining characters (CVE-2021-3326)
+
+\f
+Version 2.32
+
+Major new features:
+
+* Unicode 13.0.0 Support: Character encoding, character type info, and
+ transliteration tables are all updated to Unicode 13.0.0, using
+ generator scripts contributed by Mike FABIAN (Red Hat).
+
+* New locale added: ckb_IQ (Kurdish/Sorani spoken in Iraq)
+
+* Support for Synopsys ARC HS cores (ARCv2 ISA) running Linux has been
+ added. This port requires at least binutils-2.32, gcc-8.3 and Linux-5.1.
+ Three ABIs are supported:
+
+ - arc-linux-gnu
+ - arc-linux-gnuhf
+ - arceb-linux-gnu
+
+ The arc* ABIs are little-endian while arceb is big-endian. All ABIs use
+ 64-bit time (y2038 safe) and 64-bit file offsets (LFS default).
+
+* The GNU C Library now loads audit modules listed in the DT_AUDIT and
+ DT_DEPAUDIT dynamic section entries of the main executable.
+
+* powerpc64le supports IEEE128 long double libm/libc redirects when
+ using -mabi=ieeelongdouble to compile C code on supported GCC
+ toolchains. It is recommended to use GCC 8 or newer when testing
+ this option.
+
+* To help detect buffer overflows and other out-of-bounds accesses
+ several APIs have been annotated with GCC 'access' attribute. This
+ should help GCC 10 issue better warnings.
+
+* On Linux, functions pthread_attr_setsigmask_np and
+ pthread_attr_getsigmask_np have been added. They allow applications
+ to specify the signal mask of a thread created with pthread_create.
+
+* The GNU C Library now provides the header file <sys/single_threaded.h>
+ which declares the variable __libc_single_threaded. Applications are
+ encouraged to use this variable for single-thread optimizations,
+ instead of weak references to symbols historically defined in
+ libpthread.
+
+* The functions sigabbrev_np and sigdescr_np have been added. The
+ sigabbrev_np function returns the abbreviated signal name (e.g. "HUP" for
+ SIGHUP) while sigdescr_np returns a string describing the signal number
+ (e.g "Hangup" for SIGHUP). Different than strsignal, sigdescr_np does not
+ attempt to translate the return description, both functions return
+ NULL for an invalid signal number.
+
+ They should be used instead of sys_siglist or sys_sigabbrev and they
+ are both thread and async-signal safe. These functions are GNU extensions.
+
+* The functions strerrorname_np and strerrordesc_np have been added. The
+ strerroname_np function returns error number name (e.g. "EINVAL" for EINVAL)
+ while strerrordesc_np returns a string describing the error number
+ (e.g "Invalid argument" for EINVAL). Different than strerror,
+ strerrordesc_np does not attempt to translate the return description, both
+ functions return NULL for an invalid error number.
+
+ They should be used instead of sys_errlist and sys_nerr, both are
+ thread and async-signal safe. These functions are GNU extensions.
+
+* AArch64 now supports standard branch protection security hardening
+ in glibc when it is built with a GCC that is configured with
+ --enable-standard-branch-protection (or if -mbranch-protection=standard
+ flag is passed when building both GCC target libraries and glibc,
+ in either case a custom GCC is needed). This includes branch target
+ identification (BTI) and pointer authentication for return addresses
+ (PAC-RET). They require armv8.5-a and armv8.3-a architecture
+ extensions respectively for the protection to be effective,
+ otherwise the used instructions are nops. User code can use PAC-RET
+ without libc support, but BTI requires a libc that is built with BTI
+ support, otherwise runtime objects linked into user code will not be
+ BTI compatible.
+
+Deprecated and removed features, and other changes affecting compatibility:
+
+* Remove configure option --enable-obsolete-rpc. Sun RPC is removed
+ from glibc. This includes the rpcgen program, librpcsvc, and the Sun
+ RPC header files. Backward compatibility for old programs is kept
+ only for architectures and ABIs that have been added in or before
+ glibc 2.31. New programs need to use TI-RPC
+ <http://git.linux-nfs.org/?p=steved/libtirpc.git;a=summary> and
+ rpcsvc-proto <https://github.com/thkukuk/rpcsvc-proto>.
+
+* Remove configure option --enable-obsolete-nsl. libnsl is only built
+ as shared library for backward compatibility and the NSS modules "nis"
+ and "nisplus" are not built at all and libnsl's headers aren't
+ installed. This compatibility is kept only for architectures and ABIs
+ that have been added in or before version 2.28. Replacement
+ implementations based on TI-RPC, which additionally support IPv6, are
+ available from <https://github.com/thkukuk/>. This change does not
+ affect the "compat" NSS module, which does not depend on libnsl
+ since 2.27 and thus can be used without NIS.
+
+* The deprecated <sys/sysctl.h> header and the sysctl function have been
+ removed. To support old binaries, the sysctl function continues to
+ exist as a compatibility symbol (on those architectures which had it),
+ but always fails with ENOSYS. This reflects the removal of the system
+ call from all architectures, starting with Linux 5.5.
+
+* The sstk function is no longer available to newly linked binaries.
+ Its implementation always returned with a failure, and the function
+ was not declared in any header file.
+
+* The legacy signal handling functions siginterrupt, sigpause, sighold,
+ sigrelse, sigignore and sigset, and the sigmask macro have been
+ deprecated. Applications should use the sigsuspend, sigprocmask and
+ sigaction functions instead.
+
+* ldconfig now defaults to the new format for ld.so.cache. glibc has
+ already supported this format for almost 20 years.
+
+* The deprecated arrays sys_siglist, _sys_siglist, and sys_sigabbrev
+ are no longer available to newly linked binaries, and their declarations
+ have been removed from <string.h>. They are exported solely as
+ compatibility symbols to support old binaries. All programs should use
+ strsignal instead.
+
+* The deprecated symbols sys_errlist, _sys_errlist, sys_nerr, and _sys_nerr
+ are no longer available to newly linked binaries, and their declarations
+ have been removed from <stdio.h>. They are exported solely as
+ compatibility symbols to support old binaries. All programs should use
+ strerror or strerror_r instead.
+
+* Both strerror and strerror_l now share the same internal buffer in the
+ calling thread, meaning that the returned string pointer may be invalided
+ or contents might be overwritten on subsequent calls in the same thread or
+ if the thread is terminated. It makes strerror MT-safe.
+
+* Using weak references to libpthread functions such as pthread_create
+ or pthread_key_create to detect the singled-threaded nature of a
+ program is an obsolescent feature. Future versions of glibc will
+ define pthread_create within libc.so.6 itself, so such checks will
+ always flag the program as multi-threaded. Applications should check
+ the __libc_single_threaded variable declared in
+ <sys/single_threaded.h> instead.
+
+* The "files" NSS module no longer supports the "key" database (used for
+ secure RPC). The contents of the /etc/publickey file will be ignored,
+ regardless of the settings in /etc/nsswitch.conf. (This method of
+ storing RPC keys only supported the obsolete and insecure AUTH_DES
+ flavor of secure RPC.)
+
+* The __morecore and __after_morecore_hook malloc hooks and the default
+ implementation __default_morecore have been deprecated. Applications
+ should use malloc interposition to change malloc behavior, and mmap to
+ allocate anonymous memory. A future version of glibc may require that
+ applications which use the malloc hooks must preload a special shared
+ object, to enable the hooks.
+
+* The hesiod NSS module has been deprecated and will be removed in a
+ future version of glibc. System administrators are encouraged to
+ switch to other approaches for networked account databases, such as
+ LDAP.
+
+Changes to build and runtime requirements:
+
+* powerpc64le requires GCC 7.4 or newer. This is required for supporting
+ long double redirects.
+
+Security related changes:
+
+ CVE-2016-10228: An infinite loop has been fixed in the iconv program when
+ invoked with the -c option and when processing invalid multi-byte input
+ sequences. Reported by Jan Engelhardt.
+
+ CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
+ corruption when they were passed a pseudo-zero argument. Reported by Guido
+ Vranken / ForAllSecure Mayhem.
+
+ CVE-2020-1752: A use-after-free vulnerability in the glob function when
+ expanding ~user has been fixed.
+
+ CVE-2020-6096: A signed comparison vulnerability in the ARMv7 memcpy and
+ memmove functions has been fixed. Discovered by Jason Royes and Samual
+ Dytrych of the Cisco Security Assessment and Penetration Team (See
+ TALOS-2020-1019).
+
+The following bugs are resolved with this release:
+
+ [9809] localedata: ckb_IQ: new Kurdish Sorani locale
+ [10441] manual: Backtraces code example lacks error checking
+ [10815] librt: [timer_create / SIGEV_THREAD] signalmask of
+ timer_sigev_thread dangerous
+ [14231] stdio: stdio-common tests memory requirements
+ [14578] libc: /proc-based emulation for lchmod, fchmodat
+ [16272] dynamic-link: dlopen()ing a DT_FILTER library crashes if
+ filtee has constructor
+ [19519] locale: iconv(1) with -c option hangs on illegal multi-byte
+ sequences (CVE-2016-10228)
+ [19737] admin: Doc page “20.5.2 Infinity and NaN” has incorrect HTML
+ character entities for infinity & pi
+ [20338] libc: Parsing of /etc/gshadow can return bad pointers causing
+ segfaults in applications
+ [20543] libc: Please move from .gnu.linkonce to comdat
+ [22489] network: gcc warns about implicit convertion in
+ ICMP6_FILTER_SETPASS with -Wsign-conversion
+ [22525] localedata: or_IN LC_COLLATE does not use copy "iso14651_t1"
+ [23294] math: Complex _FloatN functions are redirected to the wrong
+ function with -mlong-double-64
+ [23296] libc: Data race in setting function descriptor during lazy
+ binding
+ [23668] dynamic-link: ldconfig: Default to the new format for
+ ld.so.cache
+ [23819] hurd: hurd: Add C11 thread support
+ [23990] build: test-container error out on failure to exec child.
+ [23991] build: shell-container typo in run_command_array
+ [24638] manual: Error in example of parsing a template string
+ [24654] manual: Wrong declaration of wcschr in libc manual
+ [24943] dynamic-link: Support DT_AUDIT, DT_DEPAUDIT in the dynamic
+ linker
+ [25051] dynamic-link: aarch64, powerpc64 uses surplus static tls for
+ dynamically loaded dsos
+ [25098] nptl: nptl: ctype classification functions are not AS-Safe
+ [25219] libc: improve out-of-bounds checking with GCC 10 attribute
+ access
+ [25262] libc: getcontext/setcontext/swapcontext unnecessarily save and
+ restore EAX, ECX and EDX
+ [25397] dynamic-link: Legacy bitmap doesn't cover jitted code
+ [25414] glob: 'glob' use-after-free bug (CVE-2020-1752)
+ [25420] network: Race condition in resolv_conf.c can result in caching
+ stale configuration forever
+ [25487] math: sinl() stack corruption from crafted input
+ (CVE-2020-10029)
+ [25506] build: configure: broken detection of STT_GNU_IFUNC when GCC
+ defaults to PIE
+ [25523] libc: MIPS/Linux inline syscall template is miscompiled
+ [25620] libc: Signed comparison vulnerability in the ARMv7 memcpy()
+ (CVE-2020-6096)
+ [25623] libc: test-sysvmsg, test-sysvsem, test-sysvshm fail with 2.31
+ on 32 bit and old kernel
+ [25635] libc: arm: Wrong sysdep order selection for soft-fp
+ [25639] localedata: Some names of days and months wrongly spelt in
+ Occitan
+ [25657] libc: sigprocmask() and sigisemptyset() manipulate different
+ amount of sigset_t bytes
+ [25691] stdio: printf: memory leak when printing long multibyte
+ strings
+ [25715] libc: system() returns wrong errors when posix_spawn fails
+ [25733] malloc: mallopt(M_MXFAST) can set global_max_fast to 0
+ [25734] locale: mbrtowc with Big5-HKSCS fails to reset conversion
+ state for conversions that produce two Unicode code points
+ [25765] nptl: Incorrect futex syscall in __pthread_disable_asynccancel
+ for linux x86_64 leads to livelock
+ [25788] dynamic-link: [i386] -fno-omit-frame-pointer in CFLAGS causes
+ test failures, invalid instruction in ld.so
+ [25790] glob: Typo in tst-fnmatch.input
+ [25810] libc: x32: Incorrect syscall entries with pointer, off_t and
+ size_t
+ [25819] localedata: Update locale data to Unicode 13.0.0
+ [25824] libc: Abnormal function of strnlen in aarch64
+ [25887] dynamic-link: Wasted space in _dl_x86_feature_1[1]
+ [25896] libc: Incorrect prctl
+ [25902] libc: Bad LOADARGS_N
+ [25905] dynamic-link: VSX registers are corrupted during PLT
+ resolution when glibc is built with --disable-multi-arch and --with-
+ cpu=power9
+ [25933] string: Off by one error in __strncmp_avx2 when
+ length=VEC_SIZE*4 and strings are at page boundaries can cause a
+ segfault
+ [25942] nptl: Deadlock on stack_cache_lock between __nptl_setxid and
+ exiting detached thread
+ [25966] libc: Incorrect access of __x86_shared_non_temporal_threshold
+ for x32
+ [25976] nss: internal_end*ent in nss_compat may clobber errno, hiding
+ ERANGE
+ [25999] nptl: Use-after-free issue in pthread_getaddr_default_np
+ [26073] math: getpayload() has wrong return value
+ [26076] dynamic-link: dlmopen crashes after failing to load
+ dependencies in audit mode
+ [26120] localedata: column width of of some Korean
+ JUNGSEONG/JONGSEONG characters wrong (should be 0)
+ [26128] libc: Incorrect bit_cpu_CLFLUSHOPT
+ [26133] libc: Incorrect need_arch_feature_F16C
+ [26137] libc: strtod() triggers exception FE_INEXACT on reasonable
+ input
+ [26149] libc: PKU is usable only if OSPKE is set
+ [26173] libc: powerpc64*: Add @notoc to calls to functions that do not
+ preserve r2
+ [26208] libc: Incorrect bit_cpu_CLFSH
+ [26210] network: Incorrect use of hidden symbols for global sunrpc
+ variables
+ [26211] stdio: printf integer overflow calculating allocation size
+ [26214] stdio: printf_fp double free
+ [26215] stdio: printf_fp memory leak
+ [26232] time: FAIL: support/tst-timespec for 32-bit targets
+ [26258] nss: nss_compat should not read input files with mmap
+ [26332] string: Incorrect cache line size load causes memory
+ corruption in memset
+
+\f
Version 2.31
Major new features:
18661-1:2014 and TS 18661-3:2015 as amended by the resolution of
Clarification Request 13 to TS 18661-3.
-* The gettimeofday function will no longer report information about a
- system-wide time zone, expect for aarch64, powerpc, and x86 on Linux
- which still uses the vDSO symbol (when available).
+* The function pthread_clockjoin_np has been added, enabling join with a
+ terminated thread with a specific clock. It allows waiting against
+ CLOCK_MONOTONIC and CLOCK_REALTIME. This function is a GNU extension.
- This 4.2-BSD-era feature has been deprecated for many years, as it cannot
- handle the full complexity of the world's timezones, but hitherto we have
- supported it on a best-effort basis. Changes required to support 64-bit
- time_t on 32-bit architectures have made this no longer practical.
+* New locale added: mnw_MM (Mon language spoken in Myanmar).
- As of this release, callers of gettimeofday with a non-null 'tzp' argument
- will always receive a 'struct timezone' whose tz_minuteswest and
- tz_dsttime fields are zero.
+* The DNS stub resolver will optionally send the AD (authenticated data) bit
+ in queries if the trust-ad option is set via the options directive in
+ /etc/resolv.conf (or if RES_TRUSTAD is set in _res.options). In this
+ mode, the AD bit, as provided by the name server, is available to
+ applications which call res_search and related functions. In the default
+ mode, the AD bit is not set in queries, and it is automatically cleared in
+ responses, indicating a lack of DNSSEC validation. (Therefore, the name
+ servers and the network path to them are treated as untrusted.)
Deprecated and removed features, and other changes affecting compatibility:
floating-point arguments directly will continue to work.
* The obsolete function stime is no longer available to newly linked
- binaries and it has been removed from <time.h> header. This function
- has been deprecated in favor of clock_settime.
+ binaries, and its declaration has been removed from <time.h>.
+ Programs that set the system time should use clock_settime instead.
+
+* We plan to remove the obsolete function ftime, and the header <sys/timeb.h>,
+ in a future version of glibc. In this release, the header still exists
+ but calling ftime will cause a compiler warning. All programs should use
+ gettimeofday or clock_gettime instead.
+
+* The gettimeofday function no longer reports information about a
+ system-wide time zone. This 4.2-BSD-era feature has been deprecated for
+ many years, as it cannot handle the full complexity of the world's
+ timezones, but hitherto we have supported it on a best-effort basis.
+ Changes required to support 64-bit time_t on 32-bit architectures have
+ made this no longer practical.
+
+ As of this release, callers of gettimeofday with a non-null 'tzp' argument
+ should expect to receive a 'struct timezone' whose tz_minuteswest and
+ tz_dsttime fields are zero. (For efficiency reasons, this does not always
+ happen on a few Linux-based ports. This will be corrected in a future
+ release.)
+
+ All callers should supply a null pointer for the 'tzp' argument to
+ gettimeofday. For accurate information about the time zone associated
+ with the current time, use the localtime function.
+
+ gettimeofday itself is obsolescent according to POSIX. We have no plans
+ to remove access to this function, but portable programs should consider
+ using clock_gettime instead.
* The settimeofday function can still be used to set a system-wide time
zone when the operating system supports it. This is because the Linux
becomes available, we will change settimeofday to fail with ENOSYS on all
platforms when its 'tzp' argument is not a null pointer.
- Note that settimeofday itself is obsolescent according to POSIX.
- Programs that set the system time should use clock_settime and/or
- the adjtime family of functions instead. We may also cease to make
- settimeofday available to newly linked binaries after there is a
- replacement for Linux's time-zone-like offset API.
-
-* The obsolete functions ftime has been deprecated and will be removed from
- a future version of glibc. Application should use clock_gettime instead.
+ settimeofday itself is obsolescent according to POSIX. Programs that set
+ the system time should use clock_settime and/or the adjtime family of
+ functions instead. We may cease to make settimeofday available to newly
+ linked binaries after there is a replacement for Linux's time-zone-like
+ offset API.
+
+* SPARC ISA v7 is no longer supported. v8 is still supported, but only if
+ the optional CAS instruction is implemented (for instance, LEON processors
+ are still supported, but SuperSPARC processors are not).
+
+ As the oldest 64-bit SPARC ISA is v9, this only affects 32-bit
+ configurations.
+
+* If a lazy binding failure happens during dlopen, during the execution of
+ an ELF constructor, the process is now terminated. Previously, the
+ dynamic loader would return NULL from dlopen, with the lazy binding error
+ captured in a dlerror message. In general, this is unsafe because
+ resetting the stack in an arbitrary function call is not possible.
+
+* For MIPS hard-float ABIs, the GNU C Library will be configured to need an
+ executable stack unless explicitly configured at build time to require
+ minimum kernel version 4.8 or newer. This is because executing
+ floating-point branches on a non-executable stack on Linux kernels prior to
+ 4.8 can lead to application crashes for some MIPS configurations. While
+ currently PT_GNU_STACK is not widely used on MIPS, future releases of GCC are
+ expected to enable non-executable stack by default with PT_GNU_STACK by
+ default and is thus likely to trigger a crash on older kernels.
+
+ The GNU C Library can be built with --enable-kernel=4.8.0 in order to keep a
+ non-executable stack while dropping support for older kernels.
+
+* System call wrappers for time system calls now use the new time64 system
+ calls when available. On 32-bit targets, these wrappers attempt to call
+ the new system calls first and fall back to the older 32-bit time system
+ calls if they are not present. This may cause issues in environments
+ that cannot handle unsupported system calls gracefully by returning
+ -ENOSYS. Seccomp sandboxes are affected by this issue.
Changes to build and runtime requirements:
- [Add changes to build and runtime requirements here]
+* It is no longer necessary to have recent Linux kernel headers to build
+ working (non-stub) system call wrappers on all architectures except 64-bit
+ RISC-V. 64-bit RISC-V requires a minimum kernel headers version of 5.0.
+
+* The ChangeLog file is no longer present in the toplevel directory of the
+ source tree. ChangeLog files are located in the ChangeLog.old directory as
+ ChangeLog.N where the highest N has the latest entries.
Security related changes:
- [Add security related changes here]
+ CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
+ out-of-bounds write when executed in a signal frame context.
+
+ CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
+ environment variable during program execution after a security
+ transition, allowing local attackers to restrict the possible mapping
+ addresses for loaded libraries and thus bypass ASLR for a setuid
+ program. Reported by Marcin Kościelnicki.
The following bugs are resolved with this release:
- [The release manager will add the list generated by
- scripts/list-fixed-bugs.py just before the release.]
+ [12031] localedata: iconv -t ascii//translit with Greek characters
+ [15813] libc: Multiple issues in __gen_tempname
+ [17726] libc: [arm, sparc] profil_counter should be compat symbol
+ [18231] libc: ipc_perm struct's mode member has wrong type in sys/ipc.h
+ [19767] libc: vdso is not used with static linking
+ [19903] hurd: Shared mappings not being inherited by children processes
+ [20358] network: RES_USE_DNSSEC sets DO; should also have a way to set AD
+ [20839] dynamic-link: Incomplete rollback of dynamic linker state on
+ linking failure
+ [23132] localedata: Missing transliterations in Miscellaneous Mathematical
+ Symbols-A/B Unicode blocks
+ [23518] libc: Eliminate __libc_utmp_jump_table
+ [24026] malloc: malloc_info() returns wrong numbers
+ [24054] localedata: Many locales are missing date_fmt
+ [24214] dynamic-link: user defined ifunc resolvers may run in ldd mode
+ [24304] dynamic-link: Lazy binding failure during ELF
+ constructors/destructors is not fatal
+ [24376] libc: RISC-V symbol size confusion with _start
+ [24682] localedata: zh_CN first weekday should be Monday per GB/T
+ 7408-2005
+ [24824] libc: test-in-container does not install charmap files compatible
+ with localedef
+ [24844] regex: regex bad pointer / leakage if malloc fails
+ [24867] malloc: Unintended malloc_info formatting changes
+ [24879] libc: login: utmp alarm timer can arrive after lock acquisition
+ [24880] libc: login: utmp implementation uses struct flock with fcntl64
+ [24882] libc: login: pututline uses potentially outdated cache
+ [24899] libc: Missing nonstring attributes in <utmp.h>, <utmpx.h>
+ [24902] libc: login: Repeating pututxline on EINTR/EAGAIN causes stale
+ utmp entries
+ [24916] dynamic-link: [MIPS] Highest EI_ABIVERSION value not raised to
+ ABSOLUTE ABI
+ [24930] dynamic-link: dlopen of PIE executable can result in
+ _dl_allocate_tls_init assertion failure
+ [24950] localedata: Top-of-tree glibc does not build with top-of-tree GCC
+ (stringop-overflow error)
+ [24959] time: librt IFUNC resolvers for clock_gettime and clock_*
+ functions other can lead to crashes
+ [24967] libc: jemalloc static linking causes runtime failure
+ [24986] libc: alpha: new getegid, geteuid and getppid syscalls used
+ unconditionally
+ [25035] libc: sbrk() failure handled poorly in tunables_strdup
+ [25087] dynamic-link: ldconfig mishandles unusual .dynstr placement
+ [25097] libc: new -Warray-bounds with GCC 10
+ [25112] dynamic-link: dlopen must not make new objects accessible when it
+ still can fail with an error
+ [25139] localedata: Please add the new mnw_MM locale
+ [25149] regex: Array bounds violation in proceed_next_node
+ [25157] dynamic-link: Audit cookie for the dynamic loader is not
+ initialized correctly
+ [25189] libc: glibc's __glibc_has_include causes issues with clang
+ -frewrite-includes
+ [25194] malloc: malloc.c: do_set_mxfast incorrectly casts the mallopt
+ value to an unsigned
+ [25204] dynamic-link: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid
+ binaries (CVE-2019-19126)
+ [25225] libc: ld.so fails to link on x86 if GCC defaults to -fcf-
+ protection
+ [25226] string: strstr: Invalid result if needle crosses page on s390-z15
+ ifunc variant.
+ [25232] string: <string.h> does not enable const correctness for strchr et
+ al. for Clang++
+ [25233] localedata: Consider "." as the thousands separator for sl_SI
+ (Slovenian)
+ [25241] nptl: __SIZEOF_PTHREAD_MUTEX_T defined twice for x86
+ [25251] build: Failure to run tests when CFLAGS contains -DNDEBUG.
+ [25271] libc: undeclared identifier PTHREAD_MUTEX_DEFAULT when compiling
+ with -std=c11
+ [25323] localedata: km_KH: d_t_fmt contains "m" instead of "%M"
+ [25324] localedata: lv_LV: d_t_fmt contains suspicious words in the time
+ part
+ [25396] dynamic-link: Failing dlopen can leave behind dangling GL
+ (dl_initfirst) link map pointer
+ [25401] malloc: pvalloc must not have __attribute_alloc_size__
+ [25423] libc: Array overflow in backtrace on powerpc
+ [25425] network: Missing call to __resolv_context_put in
+ getaddrinfo.c:gethosts
\f
Version 2.30
[24040] libc: riscv64: unterminated call chain in __thread_start
[24047] network: libresolv should use IP_RECVERR/IPV6_RECVERR to avoid
long timeouts
- [24051] stdio: puts and putchar ouput to _IO_stdout instead of stdout
+ [24051] stdio: puts and putchar output to _IO_stdout instead of stdout
[24059] nss: nss_files: get_next_alias calls fgets_unlocked without
checking for NULL.
[24114] regex: regexec buffer read overrun in "grep -i
[22111] malloc: malloc: per thread cache is not returned when thread exits
[22112] localedata: Fix LC_TELEPHONE/LC_NAME for az_AZ
[22134] libc: [linux] implement fexecve with execveat
- [22142] libc: [powerpc] printf oupts a wrong value of DBL_MAX on ppc64 and
+ [22142] libc: [powerpc] printf outputs a wrong value of DBL_MAX on ppc64 and
ppc64le
[22145] libc: ttyname() gives up too early in the face of namespaces
[22146] math: C++ build issue with float128 on x86_64
The following bugs are resolved with this release:
- [4099] stdio: Overly agressive caching by stream i/o functions.
+ [4099] stdio: Overly aggressive caching by stream i/o functions.
[7065] build: Support building glibc with -fstack-protector or -fstack-
protector-all
[9842] localedata: en_CA: incorrect date format
* Support for the x32 ABI on x86-64 added. The x32 target is selected by
configuring glibc with:
BUILD_CC='gcc' CC='gcc -mx32' CXX='g++ -mx32'
- Visit <http://sites.google.com/site/x32abi/> for more x32 ABI info.
+ Visit <https://sites.google.com/site/x32abi/> for more x32 ABI info.
Implemented by H.J. Lu.
* ISO C11 support:
* The following bugs are resolved with this release:
- 3406, 5209, 5210, 5381, 5794, 5814, 5911, 6428, 6438, 6442, 6447, 6461,
- 6472, 6505, 6544, 6589, 6612, 6634, 6653, 6654, 6657, 6698, 6712, 6713,
- 6719, 6723, 6724, 6740, 6763, 6771, 6790, 6791, 6817, 6824, 6839, 6843,
- 6845, 6856, 6857, 6860, 6867, 6875, 6919, 6920, 6942, 6947, 6955, 6966,
- 6968, 6974, 6980, 6995, 7008, 7009, 7029
+ 2447, 3406, 5209, 5210, 5381, 5794, 5814, 5911, 6428, 6438, 6442, 6447,
+ 6461, 6472, 6505, 6544, 6589, 6612, 6634, 6653, 6654, 6657, 6698, 6712,
+ 6713, 6719, 6723, 6724, 6740, 6763, 6771, 6790, 6791, 6817, 6824, 6839,
+ 6843, 6845, 6856, 6857, 6860, 6867, 6875, 6919, 6920, 6942, 6947, 6955,
+ 6966, 6968, 6974, 6980, 6995, 7008, 7009, 7029
* Unified lookup for getaddrinfo: IPv4 and IPv6 addresses are now looked
up at the same time. Implemented by Ulrich Drepper.
latest files released from Berkeley.
\f
----------------------------------------------------------------------
-Copyright information:
-
-Copyright (C) 1992-2019 Free Software Foundation, Inc.
+Copying conditions:
Permission is granted to anyone to make or distribute verbatim copies
of this document as received, in any medium, provided that the
\f
Local variables:
version-control: never
-fill-column: 76
+fill-column: 72
End: