|
The GNU C Library
=================
The GNU C Library version 2.23 is now available.
The GNU C Library is used as *the* C library in the GNU system and
in GNU/Linux systems, as well as many other systems that use Linux
as the kernel.
The GNU C Library is primarily designed to be a portable
and high performance C library. It follows all relevant
standards including ISO C11 and POSIX.1-2008. It is also
internationalized and has one of the most complete
internationalization interfaces known.
The GNU C Library webpage is at http://www.gnu.org/software/libc/
Packages for the 2.23 release may be downloaded from:
http://ftpmirror.gnu.org/libc/
http://ftp.gnu.org/gnu/libc/
The mirror list is at http://www.gnu.org/order/ftp.html
NEWS for version 2.23
=====================
* Unicode 8.0.0 Support: Character encoding, character type info, and
transliteration tables are all updated to Unicode 8.0.0, using new
and/or improved generator scripts contributed by Mike FABIAN (Red Hat).
These updates cause user visible changes, such as the fixes for bugs
89, 16061, and 18568.
* sched_setaffinity, pthread_setaffinity_np no longer attempt to guess the
kernel-internal CPU set size. This means that requests that change the
CPU affinity which failed before (for example, an all-ones CPU mask) will
now succeed. Applications that need to determine the effective CPU
affinities need to call sched_getaffinity or pthread_getaffinity_np after
setting it because the kernel can adjust it (and the previous size check
would not detect this in the majority of cases).
* The fts.h header can now be used with -D_FILE_OFFSET_BITS=64. With LFS
the following new symbols are used: fts64_children, fts64_close,
fts64_open, fts64_read and fts64_set.
* getaddrinfo now detects certain invalid responses on an internal netlink
socket. If such responses are received, an affected process will
terminate with an error message of "Unexpected error <number> on netlink
descriptor <number>" or "Unexpected netlink response of size <number> on
descriptor <number>". The most likely cause for these errors is a
multi-threaded application which erroneously closes and reuses the netlink
file descriptor while it is used by getaddrinfo.
* A defect in the malloc implementation, present since glibc 2.15 (2012) or
glibc 2.10 via --enable-experimental-malloc (2009), could result in the
unnecessary serialization of memory allocation requests across threads.
The defect is now corrected. Users should see a substantial increase in
the concurent throughput of allocation requests for applications which
trigger this bug. Affected applications typically create create and
destroy threads frequently. (Bug 19048 was reported and analyzed by
Ericsson.)
* There is now a --disable-timezone-tools configure option for disabling the
building and installing of the timezone related utilities (zic, zdump, and
tzselect). This is useful for people who build the timezone data and code
independent of the GNU C Library.
* The obsolete header <regexp.h> has been removed. Programs that require
this header must be updated to use <regex.h> instead.
* The obsolete functions bdflush, create_module, get_kernel_syms,
query_module and uselib are no longer available to newly linked binaries;
the header <sys/kdaemon.h> has been removed. These functions and header
were specific to systems using the Linux kernel and could not usefully be
used with the GNU C Library on systems with version 2.6 or later of the
Linux kernel.
* Optimized string, wcsmbs and memory functions for IBM z13.
Implemented by Stefan Liebler.
* Newly linked programs that define a variable called signgam will no longer
have it set by the lgamma, lgammaf and lgammal functions. Programs that
require signgam to be set by those functions must ensure that they use the
variable provided by the GNU C Library and declared in <math.h>, without
defining their own copy.
* The minimum GCC version that can be used to build this version of the GNU
C Library is GCC 4.7. Older GCC versions, and non-GNU compilers, can
still be used to compile programs using the GNU C Library.
Security related changes:
* An out-of-bounds value in a broken-out struct tm argument to strftime no
longer causes a crash. Reported by Adam Nielsen. (CVE-2015-8776)
* The LD_POINTER_GUARD environment variable can no longer be used to disable
the pointer guard feature. It is always enabled. Previously,
LD_POINTER_GUARD could be used to disable security hardening in binaries
running in privileged AT_SECURE mode. Reported by Hector Marco-Gisbert.
(CVE-2015-8777)
* An integer overflow in hcreate and hcreate_r could lead to an
out-of-bounds memory access. Reported by Szabolcs Nagy. (CVE-2015-8778)
* The catopen function no longer has unbounded stack usage. Reported by
Max. (CVE-2015-8779)
* The nan, nanf and nanl functions no longer have unbounded stack usage
depending on the length of the string passed as an argument to the
functions. Reported by Joseph Myers. (CVE-2014-9761)
* A stack-based buffer overflow was found in libresolv when invoked from
libnss_dns, allowing specially crafted DNS responses to seize control
of execution flow in the DNS client. The buffer overflow occurs in
the functions send_dg (send datagram) and send_vc (send TCP) for the
NSS module libnss_dns.so.2 when calling getaddrinfo with AF_UNSPEC
family. The use of AF_UNSPEC triggers the low-level resolver code to
send out two parallel queries for A and AAAA. A mismanagement of the
buffers used for those queries could result in the response of a query
writing beyond the alloca allocated buffer created by
_nss_dns_gethostbyname4_r. Buffer management is simplified to remove
the overflow. Thanks to the Google Security Team and Red Hat for
reporting the security impact of this issue, and Robert Holiday of
Ciena for reporting the related bug 18665. (CVE-2015-7547)
The following bugs are resolved with this release:
[89] localedata: Locales nb_NO and nn_NO should transliterate æøå
[887] math: Math library function "logb" and "nextafter" inconsistent
[2542] math: Incorrect return from float gamma (-0X1.FA471547C2FE5P+1)
[2543] math: Incorrect return from float gamma (-0X1.9260DCP+1)
[2558] math: Incorrect return from double gamma (-0X1.FA471547C2FE5P+1)
[2898] libc: [improve] warning: the use of `mktemp' is dangerous, better
use `mkstemp'
[4404] localedata: German translation of "Alarm clock" is misleading
[6799] math: nextafter() and nexttoward() doen't set errno on
overflow/underflow errors
[6803] math: scalb(), scalbln(), scalbn() do not set errno on
overflow/underflow
[10432] nis: _nss_nis_setnetgrent assertion failure
[11460] libc: fts has no LFS support
[12926] network: getaddrinfo()/make_request() may spin forever
[13065] nptl: Race condition in pthread barriers
[13690] nptl: pthread_mutex_unlock potentially cause invalid access
[14341] dynamic-link: Dynamic linker crash when DT_JMPREL and DT_REL{,A}
are not contiguous
[14551] math: [ldbl-128ibm] strtold overflow handling for IBM long double
[14912] libc: Rename non-installed bits/*.h headers
[15002] libc: Avoid undefined behavior in posix_fallocate overflow check
[15367] math: Let gcc use __builtin_isinf
[15384] math: One constant fewer in ieee754/dbl-64/wordsize-64/s_finite.c
[15421] math: lgamma wrongly sets signgam for ISO C
[15470] math: [arm] On ARM llrintl() and llroundl() do not raise
FE_INVALID with argument out of range
[15491] math: [i386/x86_64] x86 nearbyint implementations wrongly clear
all exceptions
[15786] dynamic-link: ifunc resolver functions can smash function
arguments
[15918] math: Unnecessary check for equality in hypotf()
[16061] localedata: Review / update transliteration data
[16068] math: [i386/x86_64] x86 and x86_64 fesetenv exclude state they
should include
[16141] time: strptime %z offset restriction
[16171] math: drem should be alias of remainder
[16296] math: fegetround is pure?
[16347] math: [ldbl-128ibm] ldbl-128/e_lgammal_r.c may not be suitable.
[16364] libc: sleep may leave SIGCHLD blocked on sync cancellation on
GNU/Linux
[16399] math: [mips] lrint / llrint / lround / llround missing exceptions
[16415] math: Clean up ldbl-128 / ldbl-128ibm expm1l for large positive
arguments
[16422] math: [powerpc] math-float, math-double failing llrint tests with
"Exception "Inexact" set" on ppc32
[16495] localedata: nl_NL: date_fmt: shuffle year/month around
[16517] math: Missing underflow exception from tanf/tan/tanl
[16519] math: Missing underflow exception from sinhf
[16520] math: Missing underflow exception from tanhf
[16521] math: Missing underflow exception from exp2
[16620] math: [ldbl-128ibm] exp10l spurious overflows / bad directed
rounding results
[16734] stdio: fopen calls mmap to allocate its buffer
[16961] math: nan function incorrect handling of bad sequences
[16962] math: nan function unbounded stack allocation (CVE-2014-9761)
[16973] localedata: Fix lang_lib/lang_term as per ISO 639-2
[16985] locale: localedef: confusing error message when opening output
fails
[17118] math: ctanh(INFINITY + 2 * I) returns incorrect value
[17197] locale: Redundant shift character in iconv conversion output at
block boundary
[17243] libc: trunk/posix/execl.c:53: va_args problem ?
[17244] libc: trunk/sysdeps/unix/sysv/linux/semctl.c:116: va_args muxup ?
[17250] dynamic-link: static linking breaks nss loading
(getaddrinfo/getpwnam/etc...)
[17404] libc: atomic_exchange_rel lacking a barrier on MIPS16, GCC before
4.7?
[17441] math: isnan() should use __builtin_isnan() in GCC
[17514] nptl: Assert failure unlocking ERRORCHECK mutex after timedlock
(related to lock elision)
[17787] manual: Exponent on page 324 of the PDF ends prematurely
[17886] time: strptime should be able to parse "Z" as a timezone with %z
[17887] time: strptime should be able to parse "+01:00" style timezones
[17905] libc: catopen() Multiple unbounded stack allocations
(CVE-2015-8779)
[18084] libc: backtrace (..., 0) dumps core on x86
[18086] libc: nice() sets errno to 0 on success
[18240] libc: hcreate, hcreate_r should fail with ENOMEM if element count
is too large (CVE-2015-8778)
[18251] dynamic-link: SONAME missing when audit modules provides path
[18265] libc: add attributes for wchar string and memory functions
[18370] math: csqrt missing underflows
[18421] libc: [hppa] read-only segment has dynamic relocations
[18472] libc: Obsolete syscall wrappers should be compat symbols
[18480] libc: hppa glibc miscompilation in sched_setaffinity()
[18491] localedata: Update tr_TR LC_CTYPE as part of Unicode updates
[18525] localedata: Remove locale timezone information
[18560] libc: [powerpc] spurious bits/ipc.h definitions
[18568] localedata: Update locale data to Unicode 8.0
[18589] locale: sort-test.sh fails at random
[18595] math: ctan, ctanh missing underflows
[18604] libc: assert macro-expands its argument
[18610] math: S390: fetestexcept() reports any exception if DXC-code
contains a vector instruction exception.
[18611] math: j1, jn missing errno setting on underflow
[18618] localedata: sync Chechen locale definitions with other *_RU
locales
[18647] math: powf(-0x1.000002p0, 0x1p30) returns 0 instead of +inf
[18661] libc: Some x86-64 assembly codes don't align stack to 16 bytes
[18665] network: In send_dg, the recvfrom function is NOT always using the
buffer size of a newly created buffer (CVE-2015-7547)
[18674] libc: [i386] trunk/sysdeps/i386/tst-auditmod3b.c:84: possible
missing break ?
[18675] libc: fpathconf(_PC_NAME_MAX) fails against large filesystems for
32bit processes
[18681] libc: regexp.h is obsolete and buggy, and should be desupported
[18699] math: tilegx cproj() for various complex infinities does not yield
infinity
[18724] libc: Harden put*ent functions against data injection
[18743] nptl: PowerPC: findutils testcase fails with --enable-lock-elision
[18755] build: build errors with -DNDEBUG
[18757] stdio: fmemopen fails to set errno on failure
[18778] dynamic-link: ld.so crashes if failed dlopen causes libpthread to
be forced unloaded
[18781] libc: openat64 lacks O_LARGEFILE
[18787] libc: [hppa] sysdeps/unix/sysv/linux/hppa/bits/atomic.h:71:6:
error: can’t find a register in class ‘R1_REGS’ while reloading ‘asm’
[18789] math: [ldbl-128ibm] sinhl inaccurate near 0
[18790] math: [ldbl-128ibm] tanhl inaccurate
[18795] libc: stpncpy fortification misses buffer lengths that are
statically too large
[18796] build: build fails for --disable-mathvec
[18803] math: hypot missing underflows
[18820] stdio: fmemopen may leak memory on failure
[18823] math: csqrt spurious underflows
[18824] math: fma spurious underflows
[18825] math: pow missing underflows
[18857] math: [ldbl-128ibm] nearbyintl wrongly uses signaling comparisons
[18868] nptl: pthread_barrier_init typo has in-theory-undefined behavior
[18870] build: sem_open.c fails to compile with missing symbol
FUTEX_SHARED
[18872] stdio: Fix memory leak in printf_positional
[18873] libc: posix_fallocate overflow check ineffective
[18875] math: Excess precision leads incorrect libm
[18877] libc: arm: mmap offset regression
[18887] libc: memory corruption when using getmntent on blank lines
[18918] localedata: hu_HU: change time to HH:MM:SS format
[18921] libc: Regression: extraneous stat() and fstat() performed by
opendir()
[18928] dynamic-link: LD_POINTER_GUARD is not ignored for privileged
binaries (CVE-2015-8777)
[18951] math: tgamma missing underflows
[18952] math: [ldbl-128/ldbl-128ibm] lgammal spurious "invalid", incorrect
signgam
[18953] localedata: lt_LT: change currency symbol to the euro
[18956] math: powf inaccuracy
[18961] math: [i386] exp missing underflows
[18966] math: [i386] exp10 missing underflows
[18967] math: math.h XSI POSIX namespace (gamma, isnan, scalb)
[18969] build: multiple string test failures due to missing locale
dependencies
[18970] libc: Reference of pthread_setcancelstate in libc.a
[18977] math: float / long double Bessel functions not in XSI POSIX
[18980] math: i386 libm functions return with excess range and precision
[18981] math: i386 scalb*, ldexp return with excess range and precision
[18982] stdio: va_list and vprintf
[18985] time: Passing out of range data to strftime() causes a segfault
(CVE-2015-8776)
[19003] math: [x86_64] fma4 version of pow inappropriate contraction
[19007] libc: FAIL: elf/check-localplt with -z now and binutils 2.26
[19012] locale: iconv_open leaks memory on error path
[19016] math: clog, clog10 inaccuracy
[19018] nptl: Mangle function pointers in tls_dtor_list
[19032] math: [i386] acosh (-qNaN) spurious "invalid" exception
[19046] math: ldbl-128 / ldbl-128ibm lgamma bad overflow handling
[19048] malloc: malloc: arena free list can become cyclic, increasing
contention
[19049] math: [powerpc] erfc incorrect zero sign
[19050] math: [powerpc] log* incorrect zero sign
[19058] math: [x86_64] Link fail with -fopenmp and -flto
[19059] math: nexttoward overflow incorrect in non-default rounding modes
[19071] math: ldbl-96 lroundl incorrect just below powers of 2
[19074] network: Data race in _res_hconf_reorder_addrs
[19076] math: [ldbl-128ibm] log1pl (-1) wrong sign of infinity
[19077] math: [ldbl-128ibm] logl (1) incorrect sign of zero result
[19078] math: [ldbl-128ibm] expl overflow incorrect in non-default
rounding modes
[19079] math: dbl-64/wordsize-64 lround based on llround incorrect for
ILP32
[19085] math: ldbl-128 lrintl, lroundl missing exceptions for 32-bit long
[19086] manual: posix_fallocate64 documented argument order is wrong.
[19088] math: lround, llround missing exceptions close to overflow
threshold
[19094] math: lrint, llrint missing exceptions close to overflow threshold
[19095] math: dbl-64 lrint incorrect for 64-bit long
[19122] dynamic-link: Unnecessary PLT relocations in librtld.os
[19124] dynamic-link: ld.so failed to build with older assmebler
[19125] math: [powerpc32] llroundf, llround incorrect exceptions
[19129] dynamic-link: [arm] Concurrent lazy TLSDESC resolution can crash
[19134] math: [powerpc32] lround, lroundf spurious exceptions
[19137] libc: i386/epoll_pwait.S doesn't support cancellation
[19143] nptl: Remove CPU set size checking from sched_setaffinity,
pthread_setaffinity_np
[19156] math: [ldbl-128] j0l spurious underflows
[19164] nptl: tst-getcpu fails with many possible CPUs
[19168] math: math/test-ildoubl and math/test-ldouble failure
[19174] nptl: PowerPC: TLE enabled pthread mutex performs poorly.
[19178] dynamic-link: ELF_RTYPE_CLASS_EXTERN_PROTECTED_DATA confuses
prelink
[19181] math: [i386/x86_64] fesetenv (FE_DFL_ENV), fesetenv
(FE_NOMASK_ENV) do not clear SSE exceptions
[19182] malloc: malloc deadlock between ptmalloc_lock_all and
_int_new_arena/reused_arena
[19189] math: [ldbl-128] log1pl (-qNaN) spurious "invalid" exception
[19201] math: dbl-64 remainder incorrect sign of zero result
[19205] math: bits/math-finite.h conditions do not match math.h and
bits/mathcalls.h
[19209] math: bits/math-finite.h wrongly maps ldexp to scalbn
[19211] math: lgamma functions do not set signgam for -ffinite-math-only
for C99-based standards
[19212] libc: features.h not -Wundef clean
[19213] math: [i386/x86_64] log* (1) incorrect zero sign for -ffinite-
math-only
[19214] libc: Family and model identification for AMD CPU's are incorrect.
[19219] libc: GLIBC build fails for ia64 with missing __nearbyintl
[19228] math: [powerpc] nearbyint wrongly clears "inexact", leaves traps
disabled
[19235] math: [powerpc64] lround, lroundf, llround, llroundf spurious
"inexact" exceptions
[19238] math: [powerpc] round, roundf spurious "inexact" for integer
arguments
[19242] libc: strtol incorrect in Turkish locales
[19243] malloc: reused_arena can pick an arena on the free list, leading
to an assertion failure and reference count corruption
[19253] time: tzset() ineffective when temporary TZ did not include DST
rules
[19266] math: strtod ("NAN(I)") incorrect in Turkish locales
[19270] math: [hppa] Shared libm missing __isnanl
[19285] libc: [hppa] sysdeps/unix/sysv/linux/hppa/bits/mman.h: missing
MAP_HUGETLB and MAP_STACK defines
[19313] nptl: Wrong __cpu_mask for x32
[19347] libc: grantpt: try to force a specific gid even without pt_chown
[19349] math: [ldbl-128ibm] tanhl inaccurate for small arguments
[19350] math: [ldbl-128ibm] sinhl spurious overflows
[19351] math: [ldbl-128ibm] logl inaccurate near 1
[19363] time: x32: times() return value wrongly truncates/sign extends
from 32bit
[19367] dynamic-link: Improve branch prediction on Silvermont
[19369] network: Default domain name not reset by res_ninit when "search"
/ "domain" entry is removed from resolv.conf
[19375] math: powerpc: incorrect results for POWER7 logb with negative
subnormals
[19385] localedata: bg_BG: time separator should be colon, not comma
[19408] libc: linux personality syscall wrapper may erroneously return an
error on 32-bit architectures
[19415] libc: dladdr returns wrong names on hppa
[19432] libc: iconv rejects redundant escape sequences in IBM900, IBM903,
IBM905, IBM907, and IBM909
[19439] math: Unix98 isinf and isnan functions conflict with C++11
[19443] build: build failures with -DDEBUG
[19451] build: Make check fails on test-double-vlen2
[19462] libc: Glibc failed to build with -Os
[19465] math: Wrong code with -Os
[19466] time: time/tst-mktime2.c is compiled into an infinite loop with
-Os
[19467] string: Fast_Unaligned_Load needs to be enabled for Excavator core
CPU's.
[19475] libc: Glibc 2.22 doesn't build on sparc [PATCH]
[19486] math: S390: Math tests fail with "Exception Inexact set".
[19529] libc: [ARM]: FAIL: stdlib/tst-makecontext
[19550] libc: [mips] mmap negative offset handling inconsistent with other
architectures
[19590] math: Fail to build shared objects that use libmvec.so functions.
Contributors
============
This release was made possible by the contributions of many people.
The maintainers are grateful to everyone who has contributed
changes or bug reports. These include:
Adhemerval Zanella
Alan Modra
Amit Pawar
Andreas Schwab
Andrew Bennett
Andrew Senkevich
Andrew Stubbs
Anton Blanchard
Arjun Shankar
Arslanbek Astemirov
Aurelien Jarno
Brett Neumeier
Carlos Eduardo Seo
Carlos O'Donell
Chris Metcalf
Chung-Lin Tang
Damyan Ivanov
Daniel Marjamäki
David Kastrup
David Lamparter
David S. Miller
Dmitry V. Levin
Egmont Koblinger
Evert
Flavio Cruz
Florian Weimer
Gabriel F. T. Gomes
Geoffrey Thomas
Gleb Fotengauer-Malinovskiy
Gunnar Hjalmarsson
H.J. Lu
Helge Deller
James Perkins
John David Anglin
Joseph Myers
Justus Winter
Khem Raj
Ludovic Courtès
Maciej W. Rozycki
Manolis Ragkousis
Marcin Kościelnicki
Mark Wielaard
Marko Myllynen
Martin Sebor
Maxim Ostapenko
Mike FABIAN
Mike Frysinger
Namhyung Kim
Ondrej Bilka
Ondřej Bílka
Paul E. Murphy
Paul Eggert
Paul Murphy
Paul Pluzhnikov
Petar Jovanovic
Phil Blundell
Rajalakshmi Srinivasaraghavan
Rasmus Villemoes
Richard Henderson
Rob Wu
Roland McGrath
Samuel Thibault
Siddhesh Poyarekar
Stan Shebs
Stefan Liebler
Steve Ellcey
Szabolcs Nagy
Thomas Schwinge
Torvald Riegel
Tulio Magno Quites Machado Filho
Vincent Bernat
Wilco Dijkstra
Zack Weinberg
|
|
The GNU C Library
=================
The GNU C Library version 2.22 is now available.
The GNU C Library is used as *the* C library in the GNU system and
in GNU/Linux systems, as well as many other systems that use Linux
as the kernel.
The GNU C Library is primarily designed to be a portable
and high performance C library. It follows all relevant
standards including ISO C11 and POSIX.1-2008. It is also
internationalized and has one of the most complete
internationalization interfaces known.
The GNU C Library webpage is at http://www.gnu.org/software/libc/
Packages for the 2.22 release may be downloaded from:
http://ftpmirror.gnu.org/libc/
http://ftp.gnu.org/gnu/libc/
The mirror list is at http://www.gnu.org/order/ftp.html
NEWS for version 2.22
=====================
* The following bugs are resolved with this release:
438, 4719, 6544, 6792, 11216, 12836, 13028, 13064, 13151, 13152, 14094,
14292, 14841, 14906, 14958, 15319, 15467, 15790, 15969, 16159, 16339,
16350, 16351, 16352, 16353, 16361, 16512, 16526, 16538, 16559, 16560,
16704, 16783, 16850, 17053, 17090, 17195, 17269, 17293, 17322, 17403,
17475, 17523, 17542, 17569, 17581, 17588, 17596, 17620, 17621, 17628,
17631, 17692, 17711, 17715, 17776, 17779, 17792, 17833, 17836, 17841,
17912, 17916, 17930, 17932, 17944, 17949, 17964, 17965, 17967, 17969,
17977, 17978, 17987, 17991, 17996, 17998, 17999, 18007, 18019, 18020,
18029, 18030, 18032, 18034, 18036, 18038, 18039, 18042, 18043, 18046,
18047, 18049, 18068, 18080, 18093, 18100, 18104, 18110, 18111, 18116,
18125, 18128, 18134, 18138, 18185, 18196, 18197, 18206, 18210, 18211,
18217, 18219, 18220, 18221, 18234, 18244, 18245, 18247, 18287, 18319,
18324, 18333, 18346, 18371, 18383, 18397, 18400, 18409, 18410, 18412,
18418, 18422, 18434, 18444, 18457, 18468, 18469, 18470, 18479, 18483,
18495, 18496, 18497, 18498, 18502, 18507, 18508, 18512, 18513, 18519,
18520, 18522, 18527, 18528, 18529, 18530, 18532, 18533, 18534, 18536,
18539, 18540, 18542, 18544, 18545, 18546, 18547, 18549, 18553, 18557,
18558, 18569, 18583, 18585, 18586, 18592, 18593, 18594, 18602, 18612,
18613, 18619, 18633, 18641, 18643, 18648, 18657, 18676, 18694, 18696.
* Cache information can be queried via sysconf() function on s390 e.g. with
_SC_LEVEL1_ICACHE_SIZE as argument.
* A buffer overflow in gethostbyname_r and related functions performing DNS
requests has been fixed. If the NSS functions were called with a
misaligned buffer, the buffer length change due to pointer alignment was
not taken into account. This could result in application crashes or,
potentially arbitrary code execution, using crafted, but syntactically
valid DNS responses. (CVE-2015-1781)
* The time zone file parser has been made more robust against crafted time
zone files, avoiding heap buffer overflows related to the processing of
the tzh_ttisstdcnt and tzh_ttisgmtcnt fields, and a stack overflow due to
large time zone data files. Overly long time zone specifiers in the TZ
variable no longer result in stack overflows and crashes.
* A powerpc and powerpc64 optimization for TLS, similar to TLS descriptors
for LD and GD on x86 and x86-64, has been implemented. You will need
binutils-2.24 or later to enable this optimization.
* Character encoding and ctype tables were updated to Unicode 7.0.0, using
new generator scripts contributed by Pravin Satpute and Mike FABIAN (Red
Hat). These updates cause user visible changes, such as the fix for bug
17998.
* CVE-2014-8121 The NSS backends shared internal state between the getXXent
and getXXbyYY NSS calls for the same database, causing a denial-of-service
condition in some applications.
* Added vector math library named libmvec with the following vectorized x86_64
implementations: cos, cosf, sin, sinf, sincos, sincosf, log, logf, exp, expf,
pow, powf.
The library can be disabled with --disable-mathvec. Use of the functions is
enabled with -fopenmp -ffast-math starting from -O1 for GCC version >= 4.9.0.
Shared library libmvec.so is linked in as needed when using -lm (no need to
specify -lmvec explicitly for not static builds).
Visit <https://sourceware.org/glibc/wiki/libmvec> for detailed information.
* A new fmemopen implementation has been added with the goal of POSIX
compliance. The new implementation fixes the following long-standing
issues: BZ#6544, BZ#11216, BZ#12836, BZ#13151, BZ#13152, and BZ#14292. The
old implementation is still present for use be by existing binaries.
* The 32-bit sparc sigaction ABI was inadvertently broken in the 2.20 and 2.21
releases. It has been fixed to match 2.19 and older, but binaries built
against 2.20 and 2.21 might need to be recompiled. See BZ#18694.
* Port to Native Client running on ARMv7-A (--host=arm-nacl).
Contributed by Roland McGrath (Google).
Contributors
============
This release was made possible by the contributions of many people.
The maintainers are grateful to everyone who has contributed
changes or bug reports. These include:
Adhemerval Zanella
Alan Modra
Alexandre Oliva
Andreas Schwab
Andrew Senkevich
Andriy Rysin
Arjun Shankar
Aurelien Jarno
Benno Schulenberg
Brad Hubbard
Carlos O'Donell
Chris Metcalf
Christian Schmidt
Chung-Lin Tang
Cong Wang
Cyril Hrubis
Daniel Marjamäki
David S. Miller
Dmitry V. Levin
Eric Rannaud
Evangelos Foutras
Feng Gao
Florian Weimer
Gleb Fotengauer-Malinovskiy
H.J. Lu
Igor Zamyatin
J William Piggott
James Cowgill
James Lemke
John David Anglin
Joseph Myers
Kevin Easton
Khem Raj
Leonhard Holz
Mark Wielaard
Marko Myllynen
Martin Galvan
Martin Sebor
Matthew Fortune
Mel Gorman
Mike Frysinger
Miroslav Lichvar
Nathan Lynch
Ondřej Bílka
Paul Eggert
Paul Pluzhnikov
Pavel Kopyl
Pravin Satpute
Rajalakshmi Srinivasaraghavan
Rical Jasan
Richard Henderson
Roland McGrath
Rüdiger Sonderfeld
Samuel Thibault
Siddhesh Poyarekar
Stefan Liebler
Steve Ellcey
Szabolcs Nagy
Torvald Riegel
Tulio Magno Quites Machado Filho
Vincent Bernat
Wilco Dijkstra
Yaakov Selkowitz
Zack Weinberg
|
