GNU C Library NEWS -- history of user-visible changes.
-Copyright (C) 1992-2020 Free Software Foundation, Inc.
+Copyright (C) 1992-2021 Free Software Foundation, Inc.
See the end for copying conditions.
Please send GNU C library bug reports via <https://sourceware.org/bugzilla/>
using `glibc' in the "product" field.
\f
+Version 2.34
+
+Major new features:
+
+* Add _SC_MINSIGSTKSZ and _SC_SIGSTKSZ. When _SC_SIGSTKSZ_SOURCE or
+ _GNU_SOURCE are defined, MINSIGSTKSZ and SIGSTKSZ are no longer
+ constant on Linux. MINSIGSTKSZ is redefined to sysconf(_SC_MINSIGSTKSZ)
+ and SIGSTKSZ is redefined to sysconf (_SC_SIGSTKSZ).
+
+* The dynamic linker implements the --list-diagnostics option, printing
+ a dump of information related to IFUNC resolver operation and
+ glibc-hwcaps subdirectory selection.
+
+* On Linux, the function execveat has been added. It operates similar to
+ execve and it is is already used to implement fexecve without requiring
+ /proc to be mounted. However, different than fexecve, if the syscall is not
+ supported by the kernel an error is returned instead of trying a fallback.
+
+* The ISO C2X function timespec_getres has been added.
+
+* The feature test macro __STDC_WANT_IEC_60559_EXT__, from draft ISO
+ C2X, is supported to enable declarations of functions defined in Annex F
+ of C2X. Those declarations are also enabled when
+ __STDC_WANT_IEC_60559_BFP_EXT__, as specified in TS 18661-1, is
+ defined, and when _GNU_SOURCE is defined.
+
+* On powerpc64*, glibc can now be compiled without scv support using the
+ --disable-scv configure option.
+
+Deprecated and removed features, and other changes affecting compatibility:
+
+* The function pthread_mutex_consistent_np has been deprecated; programs
+ should use the equivalent standard function pthread_mutex_consistent
+ instead.
+
+* The function pthread_mutexattr_getrobust_np has been deprecated;
+ programs should use the equivalent standard function
+ pthread_mutexattr_getrobust instead.
+
+* The function pthread_mutexattr_setrobust_np has been deprecated;
+ programs should use the equivalent standard function
+ pthread_mutexattr_setrobust instead.
+
+* The function pthread_yield has been deprecated; programs should use
+ the equivalent standard function sched_yield instead.
+
+Changes to build and runtime requirements:
+
+* On Linux, the shm_open, sem_open, and related functions now expect the
+ file shared memory file system to be mounted at /dev/shm. These functions
+ no longer search among the system's mount points for a suitable
+ replacement if /dev/shm is not available.
+
+Security related changes:
+
+ CVE-2021-27645: The nameserver caching daemon (nscd), when processing
+ a request for netgroup lookup, may crash due to a double-free,
+ potentially resulting in degraded service or Denial of Service on the
+ local system. Reported by Chris Schanzle.
+
+ CVE-2021-33574: The mq_notify function has a potential use-after-free
+ issue when using a notification type of SIGEV_THREAD and a thread
+ attribute with a non-default affinity mask.
+
+The following bugs are resolved with this release:
+
+ [The release manager will add the list generated by
+ scripts/list-fixed-bugs.py just before the release.]
+
+\f
+Version 2.33
+
+Major new features:
+
+* The dynamic linker accepts the --list-tunables argument which prints
+ all the supported tunables. This option is disable if glibc is
+ configured with tunables disabled (--enable-tunables=no).
+
+* The dynamic linker accepts the --argv0 argument and provides opportunity
+ to change argv[0] string.
+
+* The dynamic linker loads optimized implementations of shared objects
+ from subdirectories under the glibc-hwcaps directory on the library
+ search path if the system's capabilities meet the requirements for
+ that subdirectory. Initially supported subdirectories include
+ "power9" and "power10" for the powerpc64le-linux-gnu architecture,
+ "z13", "z14", "z15" for s390x-linux-gnu, and "x86-64-v2", "x86-64-v3",
+ "x86-64-v4" for x86_64-linux-gnu. In the x86_64-linux-gnu case, the
+ subdirectory names correspond to the vendor-independent x86-64
+ microarchitecture levels defined in the x86-64 psABI supplement.
+
+* The new --help option of the dynamic linker provides usage and
+ information and library search path diagnostics.
+
+* The mallinfo2 function is added to report statistics as per mallinfo,
+ but with larger field widths to accurately report values that are
+ larger than fit in an integer.
+
+* Add <sys/platform/x86.h> to provide query macros for x86 CPU features.
+
+* Support for the RISC-V ISA running on Linux has been expanded to run on
+ 32-bit hardware. This is supported for the following ISA and ABI pairs:
+
+ - rv32imac ilp32
+ - rv32imafdc ilp32
+ - rv32imafdc ilp32d
+
+ The 32-bit RISC-V port requires at least Linux 5.4, GCC 7.1 and binutils
+ 2.28.
+
+* A new fortification level _FORTIFY_SOURCE=3 is available. At this level,
+ glibc may use additional checks that may have an additional performance
+ overhead. At present these checks are available only on LLVM 9 and later.
+ The latest GCC available at this time (10.2) does not support this level of
+ fortification.
+
+Deprecated and removed features, and other changes affecting compatibility:
+
+* The mallinfo function is marked deprecated. Callers should call
+ mallinfo2 instead.
+
+* When dlopen is used in statically linked programs, alternative library
+ implementations from HWCAP subdirectories are no longer loaded.
+ Instead, the default implementation is used.
+
+* The deprecated <sys/vtimes.h> header and the function vtimes have been
+ removed. To support old binaries, the vtimes function continues to exist
+ as a compatibility symbol. Applications should use the getrlimit or
+ prlimit.
+
+* Following a change in the tzdata 2018a release upstream, the zdump
+ program is now installed in the /usr/bin subdirectory. Previously,
+ the /usr/sbin subdirectory was used.
+
+* On s390(x), the type float_t is now derived from the macro
+ __FLT_EVAL_METHOD__ that is defined by the compiler, instead of being
+ hardcoded to double. This does not affect the ABI of any libraries
+ that are part of the GNU C Library, but may affect the ABI of other
+ libraries that use this type in their interfaces. The new definition
+ improves consistency with compiler behavior in many scenarios.
+
+* A future version of glibc will stop loading shared objects from the
+ "tls" subdirectories on the library search path, the subdirectory that
+ corresponds to the AT_PLATFORM system name, and also stop employing
+ the legacy AT_HWCAP search mechanism. Applications should switch to
+ the new glibc-hwcaps mechanism instead; if they do not do that, only
+ the baseline version (directly from the search path directory) will be
+ loaded.
+
+Changes to build and runtime requirements:
+
+* On Linux, the system administrator needs to configure /dev/pts with
+ the intended access modes for pseudo-terminals. glibc no longer
+ attemps to adjust permissions of terminal devices. The previous glibc
+ defaults ("tty" group, user read/write and group write) already
+ corresponded to what most systems used, so that grantpt did not
+ perform any adjustments.
+
+* On Linux, the posix_openpt and getpt functions no longer attempt to
+ use legacy (BSD) pseudo-terminals and assume that if /dev/ptmx exists
+ (and pseudo-terminals are supported), a devpts file system is mounted
+ on /dev/pts. Current systems already meet these requirements.
+
+* s390x requires GCC 7.1 or newer. See gcc Bug 98269.
+
+Security related changes:
+
+ CVE-2021-3326: An assertion failure during conversion from the
+ ISO-20220-JP-3 character set using the iconv function has been fixed.
+ This assertion was triggered by certain valid inputs in which the
+ converted output contains a combined sequence of two wide characters
+ crossing a buffer boundary. Reported by Tavis Ormandy.
+
+ CVE-2020-27618: An infinite loop has been fixed in the iconv program when
+ invoked with input containing redundant shift sequences in the IBM1364,
+ IBM1371, IBM1388, IBM1390, or IBM1399 character sets.
+
+ CVE-2020-29562: An assertion failure has been fixed in the iconv function
+ when invoked with UCS4 input containing an invalid character.
+
+ CVE-2019-25013: A buffer overflow has been fixed in the iconv function when
+ invoked with EUC-KR input containing invalid multibyte input sequences.
+
+The following bugs are resolved with this release:
+
+ [10635] libc: realpath portability patches
+ [16124] dynamic-link: ld.so should allow to change argv[0]
+ [17924] malloc: 'free' should not set errno
+ [18683] libc: Linux faccessat implementation can incorrectly ignore
+ AT_EACCESS
+ [22899] libc: Use 64-bit readdir() in generic POSIX getcwd()
+ [23091] hurd: missing waitid support
+ [23249] libc: Epyc and other current AMD CPUs do not select the
+ "haswell" platform subdirectory
+ [24080] dynamic-link: Definition of "haswell" platform is inconsistent
+ with GCC
+ [24202] libc: m68k setjmp() saves incorrect 'a5' register in --enable-
+ stack-protector=all
+ [24941] libc: Make grantpt usable after multi-threaded fork in more
+ cases
+ [24970] libc: realpath mishandles EOVERFLOW; stat not needed anyway
+ [24973] locale: iconv encounters segmentation fault when converting
+ 0x00 0xfe in EUC-KR to UTF-8 (CVE-2019-25013)
+ [25399] string: undefined reference to `__warn_memset_zero_len' when
+ changing gnuc version
+ [25859] libc: glibc parser for /sys/devices/system/cpu/online is
+ incorrect
+ [25938] dynamic-link: ld.so.cache should store meaning of hwcap mask
+ bits
+ [25971] libc: s390 bits/hwcap.h out of sync with kernel
+ [26053] libc: unlockpt fails with ENOTTY for non-ptmx descriptors
+ [26100] libc: Race in syslog(3) with regards to tag printing.
+ [26124] libc: Export <cpu-features.h>
+ [26130] nscd: Inconsistent nscd cache during pruning
+ [26203] libc: GLRO(dl_x86_cpu_features) may not be intialized
+ [26224] locale: iconv hangs when converting some invalid inputs from
+ several IBM character sets (CVE-2020-27618)
+ [26341] libc: realpath cyclically call __alloca(path_max) to consume
+ too much stack space
+ [26343] manual: invalid documented return type for strerrorname_np(),
+ strerrordesc_np(), sigdescr_np(), sigabbrev_np()
+ [26376] libc: Namespace violation in stdio.h and sys/stat.h if build
+ with optimization.
+ [26383] locale: bind_textdomain_codeset doesn't accept //TRANSLIT
+ anymore
+ [26394] time: [2.33 Regression] FAIL: nptl/tst-join14
+ [26534] math: libm.so 2.32 SIGILL in pow() due to FMA4 instruction on
+ non-FMA4 system
+ [26552] dynamic-link: CPU_FEATURE_USABLE_P should be more conservative
+ [26553] libc: mtx_init allows type set to "mtx_recursive" only
+ [26555] string: strerrorname_np does not return the documented value
+ [26592] libc: pointer arithmetic overflows in realpath
+ [26600] network: Transaction ID collisions cause slow DNS lookups in
+ getaddrinfo
+ [26606] libc: [2.33 Regression] pselect is broken on x32
+ [26615] libc: powerpc: libc segfaults when LD_PRELOADed with libgcc
+ [26620] glob: fnmatch with collating symbols results in segmentation
+ fault
+ [26625] libc: [2.33 Regression] CET is disabled
+ [26636] libc: 32-bit shmctl(IPC_INFO) crashes when shminfo struct is
+ at the end of a memory mapping
+ [26637] libc: semctl SEM_STAT_ANY fails to pass the buffer specified
+ by the caller to the kernel
+ [26639] libc: msgctl IPC_INFO and MSG_INFO return garbage
+ [26647] build: [-Werror=array-parameter=] due to different
+ declarations for __sigsetjmp
+ [26648] libc: mkstemp is likely to fail on systems with non-stricly-
+ monotonic clocks
+ [26649] stdio: printf should handle non-normal x86 long double numbers
+ gracefully (CVE-2020-29573)
+ [26686] build: -Warray-parameter instances building with GCC 11
+ [26687] build: -Warray-bounds instances building with GCC 11
+ [26690] stdio: Aliasing violation in __vfscanf_internal
+ [26691] nptl: Use a minimum guard size of 64 KiB on aarch64
+ [26726] build: GCC warning calling new_composite_name with an array of
+ one element
+ [26736] libc: FAIL: misc/tst-sysvshm-linux
+ [26737] libc: Random FAIL: rt/tst-shm
+ [26791] libc: Missing O_CLOEXEC in sysconf.c
+ [26798] dynamic-link: aarch64: variant PCS symbols may be incorrectly
+ lazy bound
+ [26801] nptl: pthread_mutex_clocklock with CLOCK_MONOTONIC can fail on
+ PI mutexes
+ [26818] string: aarch64: string tests may run ifunc variants that are
+ not safe
+ [26821] libc: Memory leak test failures on Fedora 33
+ [26824] libc: FAIL: elf/tst-cpu-features-supports with recent trunk:
+ FSGSBASE/LM/RDRAND check failure
+ [26833] time: adjtime() with delta == NULL segfaults on armv7 32bit
+ platform
+ [26853] libc: aarch64: Missing unwind information in statically linked
+ startup code
+ [26923] locale: Assertion failure in iconv when converting invalid
+ UCS4 (CVE-2020-29562)
+ [26926] dynamic-link: aarch64: library dependencies are not bti
+ protected
+ [26932] libc: sh: Multiple floating point functions defined as stubs
+ only since 2.31
+ [26964] nptl: pthread_mutex_timedlock returning EAGAIN after futex is
+ locked
+ [26988] dynamic-link: aarch64: BTI mprotect address is not page
+ aligned
+ [27002] build: libc_freeres_fn build failure with GCC 11
+ [27004] dynamic-link: ld.so is miscompiled by GCC 11
+ [27008] dynamic-link: ld.so.cache should have endianness markup
+ [27042] libc: [alpha] anonymous union in struct stat confuses
+ detection logic
+ [27053] libc: Conformance regression in system(3) (and probably also
+ pclose(3))
+ [27072] dynamic-link: static pie ifunc resolvers run before hwcap is
+ setup
+ [27077] network: Do not reload /etc/nsswitch.conf from chroot
+ [27083] libc: Unsafe unbounded alloca in addmntent
+ [27104] dynamic-link: The COMMON_CPUID_INDEX_MAX handshake does not
+ work
+ [27130] string: "rep movsb" performance issue
+ [27150] libc: alpha: wait4() is unavailable in static linking
+ [27177] dynamic-link:
+ GLIBC_TUNABLES=glibc.cpu.x86_ibt=on:glibc.cpu.x86_shstk=on doesn't
+ work
+ [27222] dynamic-link: Incorrect sysdeps/x86/tst-cpu-features-cpuinfo.c
+ [27237] malloc: deadlock in malloc/tst-malloc-stats-cancellation
+ [27256] locale: Assertion failure in ISO-2022-JP-3 gconv module
+ related to combining characters (CVE-2021-3326)
+
+\f
Version 2.32
Major new features:
-* Unicode 12.1.0 Support: Character encoding, character type info, and
- transliteration tables are all updated to Unicode 12.1.0, using
+* Unicode 13.0.0 Support: Character encoding, character type info, and
+ transliteration tables are all updated to Unicode 13.0.0, using
generator scripts contributed by Mike FABIAN (Red Hat).
* New locale added: ckb_IQ (Kurdish/Sorani spoken in Iraq)
+* Support for Synopsys ARC HS cores (ARCv2 ISA) running Linux has been
+ added. This port requires at least binutils-2.32, gcc-8.3 and Linux-5.1.
+ Three ABIs are supported:
+
+ - arc-linux-gnu
+ - arc-linux-gnuhf
+ - arceb-linux-gnu
+
+ The arc* ABIs are little-endian while arceb is big-endian. All ABIs use
+ 64-bit time (y2038 safe) and 64-bit file offsets (LFS default).
+
* The GNU C Library now loads audit modules listed in the DT_AUDIT and
DT_DEPAUDIT dynamic section entries of the main executable.
* powerpc64le supports IEEE128 long double libm/libc redirects when
- using the -mabi=ieeelongdouble to compile C code on supported GCC
+ using -mabi=ieeelongdouble to compile C code on supported GCC
toolchains. It is recommended to use GCC 8 or newer when testing
this option.
several APIs have been annotated with GCC 'access' attribute. This
should help GCC 10 issue better warnings.
+* On Linux, functions pthread_attr_setsigmask_np and
+ pthread_attr_getsigmask_np have been added. They allow applications
+ to specify the signal mask of a thread created with pthread_create.
+
+* The GNU C Library now provides the header file <sys/single_threaded.h>
+ which declares the variable __libc_single_threaded. Applications are
+ encouraged to use this variable for single-thread optimizations,
+ instead of weak references to symbols historically defined in
+ libpthread.
+
+* The functions sigabbrev_np and sigdescr_np have been added. The
+ sigabbrev_np function returns the abbreviated signal name (e.g. "HUP" for
+ SIGHUP) while sigdescr_np returns a string describing the signal number
+ (e.g "Hangup" for SIGHUP). Different than strsignal, sigdescr_np does not
+ attempt to translate the return description, both functions return
+ NULL for an invalid signal number.
+
+ They should be used instead of sys_siglist or sys_sigabbrev and they
+ are both thread and async-signal safe. These functions are GNU extensions.
+
+* The functions strerrorname_np and strerrordesc_np have been added. The
+ strerroname_np function returns error number name (e.g. "EINVAL" for EINVAL)
+ while strerrordesc_np returns a string describing the error number
+ (e.g "Invalid argument" for EINVAL). Different than strerror,
+ strerrordesc_np does not attempt to translate the return description, both
+ functions return NULL for an invalid error number.
+
+ They should be used instead of sys_errlist and sys_nerr, both are
+ thread and async-signal safe. These functions are GNU extensions.
+
+* AArch64 now supports standard branch protection security hardening
+ in glibc when it is built with a GCC that is configured with
+ --enable-standard-branch-protection (or if -mbranch-protection=standard
+ flag is passed when building both GCC target libraries and glibc,
+ in either case a custom GCC is needed). This includes branch target
+ identification (BTI) and pointer authentication for return addresses
+ (PAC-RET). They require armv8.5-a and armv8.3-a architecture
+ extensions respectively for the protection to be effective,
+ otherwise the used instructions are nops. User code can use PAC-RET
+ without libc support, but BTI requires a libc that is built with BTI
+ support, otherwise runtime objects linked into user code will not be
+ BTI compatible.
+
Deprecated and removed features, and other changes affecting compatibility:
+* Remove configure option --enable-obsolete-rpc. Sun RPC is removed
+ from glibc. This includes the rpcgen program, librpcsvc, and the Sun
+ RPC header files. Backward compatibility for old programs is kept
+ only for architectures and ABIs that have been added in or before
+ glibc 2.31. New programs need to use TI-RPC
+ <http://git.linux-nfs.org/?p=steved/libtirpc.git;a=summary> and
+ rpcsvc-proto <https://github.com/thkukuk/rpcsvc-proto>.
+
+* Remove configure option --enable-obsolete-nsl. libnsl is only built
+ as shared library for backward compatibility and the NSS modules "nis"
+ and "nisplus" are not built at all and libnsl's headers aren't
+ installed. This compatibility is kept only for architectures and ABIs
+ that have been added in or before version 2.28. Replacement
+ implementations based on TI-RPC, which additionally support IPv6, are
+ available from <https://github.com/thkukuk/>. This change does not
+ affect the "compat" NSS module, which does not depend on libnsl
+ since 2.27 and thus can be used without NIS.
+
* The deprecated <sys/sysctl.h> header and the sysctl function have been
removed. To support old binaries, the sysctl function continues to
exist as a compatibility symbol (on those architectures which had it),
Its implementation always returned with a failure, and the function
was not declared in any header file.
+* The legacy signal handling functions siginterrupt, sigpause, sighold,
+ sigrelse, sigignore and sigset, and the sigmask macro have been
+ deprecated. Applications should use the sigsuspend, sigprocmask and
+ sigaction functions instead.
+
* ldconfig now defaults to the new format for ld.so.cache. glibc has
already supported this format for almost 20 years.
+* The deprecated arrays sys_siglist, _sys_siglist, and sys_sigabbrev
+ are no longer available to newly linked binaries, and their declarations
+ have been removed from <string.h>. They are exported solely as
+ compatibility symbols to support old binaries. All programs should use
+ strsignal instead.
+
+* The deprecated symbols sys_errlist, _sys_errlist, sys_nerr, and _sys_nerr
+ are no longer available to newly linked binaries, and their declarations
+ have been removed from <stdio.h>. They are exported solely as
+ compatibility symbols to support old binaries. All programs should use
+ strerror or strerror_r instead.
+
+* Both strerror and strerror_l now share the same internal buffer in the
+ calling thread, meaning that the returned string pointer may be invalided
+ or contents might be overwritten on subsequent calls in the same thread or
+ if the thread is terminated. It makes strerror MT-safe.
+
+* Using weak references to libpthread functions such as pthread_create
+ or pthread_key_create to detect the singled-threaded nature of a
+ program is an obsolescent feature. Future versions of glibc will
+ define pthread_create within libc.so.6 itself, so such checks will
+ always flag the program as multi-threaded. Applications should check
+ the __libc_single_threaded variable declared in
+ <sys/single_threaded.h> instead.
+
+* The "files" NSS module no longer supports the "key" database (used for
+ secure RPC). The contents of the /etc/publickey file will be ignored,
+ regardless of the settings in /etc/nsswitch.conf. (This method of
+ storing RPC keys only supported the obsolete and insecure AUTH_DES
+ flavor of secure RPC.)
+
+* The __morecore and __after_morecore_hook malloc hooks and the default
+ implementation __default_morecore have been deprecated. Applications
+ should use malloc interposition to change malloc behavior, and mmap to
+ allocate anonymous memory. A future version of glibc may require that
+ applications which use the malloc hooks must preload a special shared
+ object, to enable the hooks.
+
+* The hesiod NSS module has been deprecated and will be removed in a
+ future version of glibc. System administrators are encouraged to
+ switch to other approaches for networked account databases, such as
+ LDAP.
+
Changes to build and runtime requirements:
* powerpc64le requires GCC 7.4 or newer. This is required for supporting
Security related changes:
+ CVE-2016-10228: An infinite loop has been fixed in the iconv program when
+ invoked with the -c option and when processing invalid multi-byte input
+ sequences. Reported by Jan Engelhardt.
+
CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
corruption when they were passed a pseudo-zero argument. Reported by Guido
Vranken / ForAllSecure Mayhem.
- CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
- out-of-bounds write when executed in a signal frame context.
-
CVE-2020-1752: A use-after-free vulnerability in the glob function when
expanding ~user has been fixed.
+ CVE-2020-6096: A signed comparison vulnerability in the ARMv7 memcpy and
+ memmove functions has been fixed. Discovered by Jason Royes and Samual
+ Dytrych of the Cisco Security Assessment and Penetration Team (See
+ TALOS-2020-1019).
+
The following bugs are resolved with this release:
- [The release manager will add the list generated by
- scripts/list-fixed-bugs.py just before the release.]
+ [9809] localedata: ckb_IQ: new Kurdish Sorani locale
+ [10441] manual: Backtraces code example lacks error checking
+ [10815] librt: [timer_create / SIGEV_THREAD] signalmask of
+ timer_sigev_thread dangerous
+ [14231] stdio: stdio-common tests memory requirements
+ [14578] libc: /proc-based emulation for lchmod, fchmodat
+ [16272] dynamic-link: dlopen()ing a DT_FILTER library crashes if
+ filtee has constructor
+ [19519] locale: iconv(1) with -c option hangs on illegal multi-byte
+ sequences (CVE-2016-10228)
+ [19737] admin: Doc page “20.5.2 Infinity and NaN” has incorrect HTML
+ character entities for infinity & pi
+ [20338] libc: Parsing of /etc/gshadow can return bad pointers causing
+ segfaults in applications
+ [20543] libc: Please move from .gnu.linkonce to comdat
+ [22489] network: gcc warns about implicit convertion in
+ ICMP6_FILTER_SETPASS with -Wsign-conversion
+ [22525] localedata: or_IN LC_COLLATE does not use copy "iso14651_t1"
+ [23294] math: Complex _FloatN functions are redirected to the wrong
+ function with -mlong-double-64
+ [23296] libc: Data race in setting function descriptor during lazy
+ binding
+ [23668] dynamic-link: ldconfig: Default to the new format for
+ ld.so.cache
+ [23819] hurd: hurd: Add C11 thread support
+ [23990] build: test-container error out on failure to exec child.
+ [23991] build: shell-container typo in run_command_array
+ [24638] manual: Error in example of parsing a template string
+ [24654] manual: Wrong declaration of wcschr in libc manual
+ [24943] dynamic-link: Support DT_AUDIT, DT_DEPAUDIT in the dynamic
+ linker
+ [25051] dynamic-link: aarch64, powerpc64 uses surplus static tls for
+ dynamically loaded dsos
+ [25098] nptl: nptl: ctype classification functions are not AS-Safe
+ [25219] libc: improve out-of-bounds checking with GCC 10 attribute
+ access
+ [25262] libc: getcontext/setcontext/swapcontext unnecessarily save and
+ restore EAX, ECX and EDX
+ [25397] dynamic-link: Legacy bitmap doesn't cover jitted code
+ [25414] glob: 'glob' use-after-free bug (CVE-2020-1752)
+ [25420] network: Race condition in resolv_conf.c can result in caching
+ stale configuration forever
+ [25487] math: sinl() stack corruption from crafted input
+ (CVE-2020-10029)
+ [25506] build: configure: broken detection of STT_GNU_IFUNC when GCC
+ defaults to PIE
+ [25523] libc: MIPS/Linux inline syscall template is miscompiled
+ [25620] libc: Signed comparison vulnerability in the ARMv7 memcpy()
+ (CVE-2020-6096)
+ [25623] libc: test-sysvmsg, test-sysvsem, test-sysvshm fail with 2.31
+ on 32 bit and old kernel
+ [25635] libc: arm: Wrong sysdep order selection for soft-fp
+ [25639] localedata: Some names of days and months wrongly spelt in
+ Occitan
+ [25657] libc: sigprocmask() and sigisemptyset() manipulate different
+ amount of sigset_t bytes
+ [25691] stdio: printf: memory leak when printing long multibyte
+ strings
+ [25715] libc: system() returns wrong errors when posix_spawn fails
+ [25733] malloc: mallopt(M_MXFAST) can set global_max_fast to 0
+ [25734] locale: mbrtowc with Big5-HKSCS fails to reset conversion
+ state for conversions that produce two Unicode code points
+ [25765] nptl: Incorrect futex syscall in __pthread_disable_asynccancel
+ for linux x86_64 leads to livelock
+ [25788] dynamic-link: [i386] -fno-omit-frame-pointer in CFLAGS causes
+ test failures, invalid instruction in ld.so
+ [25790] glob: Typo in tst-fnmatch.input
+ [25810] libc: x32: Incorrect syscall entries with pointer, off_t and
+ size_t
+ [25819] localedata: Update locale data to Unicode 13.0.0
+ [25824] libc: Abnormal function of strnlen in aarch64
+ [25887] dynamic-link: Wasted space in _dl_x86_feature_1[1]
+ [25896] libc: Incorrect prctl
+ [25902] libc: Bad LOADARGS_N
+ [25905] dynamic-link: VSX registers are corrupted during PLT
+ resolution when glibc is built with --disable-multi-arch and --with-
+ cpu=power9
+ [25933] string: Off by one error in __strncmp_avx2 when
+ length=VEC_SIZE*4 and strings are at page boundaries can cause a
+ segfault
+ [25942] nptl: Deadlock on stack_cache_lock between __nptl_setxid and
+ exiting detached thread
+ [25966] libc: Incorrect access of __x86_shared_non_temporal_threshold
+ for x32
+ [25976] nss: internal_end*ent in nss_compat may clobber errno, hiding
+ ERANGE
+ [25999] nptl: Use-after-free issue in pthread_getaddr_default_np
+ [26073] math: getpayload() has wrong return value
+ [26076] dynamic-link: dlmopen crashes after failing to load
+ dependencies in audit mode
+ [26120] localedata: column width of of some Korean
+ JUNGSEONG/JONGSEONG characters wrong (should be 0)
+ [26128] libc: Incorrect bit_cpu_CLFLUSHOPT
+ [26133] libc: Incorrect need_arch_feature_F16C
+ [26137] libc: strtod() triggers exception FE_INEXACT on reasonable
+ input
+ [26149] libc: PKU is usable only if OSPKE is set
+ [26173] libc: powerpc64*: Add @notoc to calls to functions that do not
+ preserve r2
+ [26208] libc: Incorrect bit_cpu_CLFSH
+ [26210] network: Incorrect use of hidden symbols for global sunrpc
+ variables
+ [26211] stdio: printf integer overflow calculating allocation size
+ [26214] stdio: printf_fp double free
+ [26215] stdio: printf_fp memory leak
+ [26232] time: FAIL: support/tst-timespec for 32-bit targets
+ [26258] nss: nss_compat should not read input files with mmap
+ [26332] string: Incorrect cache line size load causes memory
+ corruption in memset
+
\f
Version 2.31
Security related changes:
+ CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
+ out-of-bounds write when executed in a signal frame context.
+
CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
environment variable during program execution after a security
transition, allowing local attackers to restrict the possible mapping
[24040] libc: riscv64: unterminated call chain in __thread_start
[24047] network: libresolv should use IP_RECVERR/IPV6_RECVERR to avoid
long timeouts
- [24051] stdio: puts and putchar ouput to _IO_stdout instead of stdout
+ [24051] stdio: puts and putchar output to _IO_stdout instead of stdout
[24059] nss: nss_files: get_next_alias calls fgets_unlocked without
checking for NULL.
[24114] regex: regexec buffer read overrun in "grep -i
[22111] malloc: malloc: per thread cache is not returned when thread exits
[22112] localedata: Fix LC_TELEPHONE/LC_NAME for az_AZ
[22134] libc: [linux] implement fexecve with execveat
- [22142] libc: [powerpc] printf oupts a wrong value of DBL_MAX on ppc64 and
+ [22142] libc: [powerpc] printf outputs a wrong value of DBL_MAX on ppc64 and
ppc64le
[22145] libc: ttyname() gives up too early in the face of namespaces
[22146] math: C++ build issue with float128 on x86_64
The following bugs are resolved with this release:
- [4099] stdio: Overly agressive caching by stream i/o functions.
+ [4099] stdio: Overly aggressive caching by stream i/o functions.
[7065] build: Support building glibc with -fstack-protector or -fstack-
protector-all
[9842] localedata: en_CA: incorrect date format
* The following bugs are resolved with this release:
- 3406, 5209, 5210, 5381, 5794, 5814, 5911, 6428, 6438, 6442, 6447, 6461,
- 6472, 6505, 6544, 6589, 6612, 6634, 6653, 6654, 6657, 6698, 6712, 6713,
- 6719, 6723, 6724, 6740, 6763, 6771, 6790, 6791, 6817, 6824, 6839, 6843,
- 6845, 6856, 6857, 6860, 6867, 6875, 6919, 6920, 6942, 6947, 6955, 6966,
- 6968, 6974, 6980, 6995, 7008, 7009, 7029
+ 2447, 3406, 5209, 5210, 5381, 5794, 5814, 5911, 6428, 6438, 6442, 6447,
+ 6461, 6472, 6505, 6544, 6589, 6612, 6634, 6653, 6654, 6657, 6698, 6712,
+ 6713, 6719, 6723, 6724, 6740, 6763, 6771, 6790, 6791, 6817, 6824, 6839,
+ 6843, 6845, 6856, 6857, 6860, 6867, 6875, 6919, 6920, 6942, 6947, 6955,
+ 6966, 6968, 6974, 6980, 6995, 7008, 7009, 7029
* Unified lookup for getaddrinfo: IPv4 and IPv6 addresses are now looked
up at the same time. Implemented by Ulrich Drepper.
latest files released from Berkeley.
\f
----------------------------------------------------------------------
-Copyright information:
-
-Copyright (C) 1992-2020 Free Software Foundation, Inc.
+Copying conditions:
Permission is granted to anyone to make or distribute verbatim copies
of this document as received, in any medium, provided that the