The GNU C Library version 2.35 is now available
The GNU C Library version 2.35 is now available.
The GNU C Library is used as the C library in the GNU system and
in GNU/Linux systems, as well as many other systems that use Linux
as the kernel.
The GNU C Library is primarily designed to be a portable
and high performance C library. It follows all relevant
standards including ISO C11 and POSIX.1-2017. It is also
internationalized and has one of the most complete
internationalization interfaces known.
The GNU C Library webpage is at http://www.gnu.org/software/libc/
Packages for the 2.35 release may be downloaded from:
http://ftpmirror.gnu.org/libc/
http://ftp.gnu.org/gnu/libc/
The mirror list is at http://www.gnu.org/order/ftp.html
Major new features:
Unicode 14.0.0 Support: Character encoding, character type info, and
transliteration tables are all updated to Unicode 14.0.0, using
generator scripts contributed by Mike FABIAN (Red Hat).
Bump r_version in the debugger interface to 2 and add a new field,
r_next, support multiple namespaces.
Support for the C.UTF-8 locale has been added to glibc. The locale
supports full code-point sorting for all valid Unicode code points. A
limitation in the framework for fnmatch, regexec, and regcomp requires
a compromise to save space and only ASCII-based range expressions are
supported for now (see bug 28255). The full size of the locale is
only ~400KiB, with 346KiB coming from LC_CTYPE information for
Unicode. This locale harmonizes downstream C.UTF-8 already shipping
in various downstream distributions. The locale is not built into
glibc, and must be installed.
<math.h> functions that round their results to a narrower type, and
corresponding <tgmath.h> macros, are added from TS 18661-1:2014, TS
18661-3:2015 and draft ISO C2X:
fsqrt, fsqrtl, dsqrtl and corresponding fMsqrtfN, fMsqrtfNx,
fMxsqrtfN and fMxsqrtfNx functions.
ffma, ffmal, dfmal and corresponding fMfmafN, fMfmafNx, fMxfmafN and
fMxfmafNx functions.
<math.h> functions for floating-point maximum and minimum,
corresponding to new operations in IEEE 754-2019, and corresponding
<tgmath.h> macros, are added from draft ISO C2X: fmaximum,
fmaximum_num, fmaximum_mag, fmaximum_mag_num, fminimum, fminimum_num,
fminimum_mag, fminimum_mag_num and corresponding functions for float,
long double, _FloatN and _FloatNx.
<math.h> macros for single-precision float constants are added as a
GNU extension: M_Ef, M_LOG2Ef, M_LOG10Ef, M_LN2f, M_LN10f, M_PIf,
M_PI_2f, M_PI_4f, M_1_PIf, M_2_PIf, M_2_SQRTPIf, M_SQRT2f and
M_SQRT1_2f.
The STDC_IEC_60559_BFP and STDC_IEC_60559_COMPLEX macros are
predefined as specified in TS 18661-1:2014.
The exp10 functions in <math.h> now have a corresponding type-generic
macro in <tgmath.h>.
The ISO C2X macro _PRINTF_NAN_LEN_MAX has been added to <stdio.h>.
printf-family functions now support the %b format for output of
integers in binary, as specified in draft ISO C2X, and the %B variant
of that format recommended by draft ISO C2X.
A new DSO sorting algorithm has been added in the dynamic linker that uses
topological sorting by depth-first search (DFS), solving performance issues
of the existing sorting algorithm when encountering particular circular
object dependency cases.
A new tunable, glibc.rtld.dynamic_sort, can be used to select between
the two DSO sorting algorithms. The default setting of '2' uses the
new DFS-based algorithm. The setting '1' switches to the old
algorithm used in glibc 2.33 and earlier.
ABI support for a new function '__memcmpeq'. '__memcmpeq' is meant
to be used by compilers for optimizing usage of 'memcmp' when its
return value is only used for its boolean status.
Support for automatically registering threads with the Linux rseq
system call has been added. This system call is implemented starting
from Linux 4.18. The Restartable Sequences ABI accelerates user-space
operations on per-cpu data. It allows user-space to perform updates
on per-cpu data without requiring heavy-weight atomic operations.
Automatically registering threads allows all libraries, including
libc, to make immediate use of the rseq support by using the
documented ABI, via the __rseq_flags, __rseq_offset, and __rseq_size
variables. The GNU C Library manual has details on integration of
Restartable Sequences.
A symbolic link to the dynamic linker is now installed under
/usr/bin/ld.so (or more precisely, '${bindir}/ld.so').
All programs and the testsuite in glibc are now built as position independent
executables (PIE) by default on toolchains and architectures that support it.
Further, if the toolchain and architecture supports it, even static programs
are built as PIE and the resultant glibc can be used to build static PIE
executables. A new option --disable-default-pie has been added to disable
this behavior and get a non-PIE build. This option replaces
--enable-static-pie, which no longer has any effect on the build
configuration.
On Linux, a new tunable, glibc.malloc.hugetlb, can be used to
either make malloc issue madvise plus MADV_HUGEPAGE on mmap and sbrk
or to use huge pages directly with mmap calls with the MAP_HUGETLB
flags). The former can improve performance when Transparent Huge Pages
is set to 'madvise' mode while the latter uses the system reserved
huge pages.
The printf family of functions now handles the flagged %#m conversion
specifier, printing errno as an error constant (similar to strerrorname_np).
The function _dl_find_object has been added. In-process unwinders
can use it to efficiently locate unwinding information for a code
address.
Support for OpenRISC running on Linux has been added. This port requires
as least binutils 2.35, GCC 11, and Linux 5.4. Currently only soft-float
ABI is supported:
The OpenRISC ABI is 32-bit big-endian and uses 64-bit time (y2038 safe) and
64-bit file offsets (LFS default).
A new configure option, --with-rtld-early-cflags, can be used to
specify additional compiler flags for building the early startup code
of the dynamic linker. On targets which have CPU compatibility
checks, this can help to ensure that proper diagnostics are printed if
the dynamic loader runs on an incompatible CPU.
On Linux, the epoll_pwait2 function has been added. It is similar to
epoll_wait with the difference the timeout has nanoseconds resolution.
The function posix_spawn_file_actions_addtcsetpgrp_np has been added,
enabling posix_spawn and posix_spawnp to set the controlling terminal in
the new process in a race free manner. This function is a GNU extension.
Source fortification (_FORTIFY_SOURCE) level 3 is now available for
applications compiling with glibc and gcc 12 and later. Level 3 leverages
the __builtin_dynamic_object_size function to deliver additional
fortification balanced against additional runtime cost (checking non-constant
bounds).
Deprecated and removed features, and other changes affecting compatibility:
On x86-64, the LD_PREFER_MAP_32BIT_EXEC environment variable support
has been removed since the first PT_LOAD segment is no longer executable
due to defaulting to -z separate-code.
The r_version update in the debugger interface makes the glibc binary
incompatible with GDB binaries built without the following commits:
c0154a4a21a gdb: Don't assume r_ldsomap when r_version > 1 on Linux
4eb629d50d4 gdbserver: Check r_version < 1 for Linux debugger interface
when audit modules or dlmopen are used.
Intel MPX support (lazy PLT, ld.so profile, and LD_AUDIT) has been removed.
The --enable-static-pie option is no longer available. The glibc build
configuration script now automatically detects static-pie support in the
toolchain and architecture and enables it if available.
The catchsegv script and associated libSegFault.so shared object have
been removed. There are widely-deployed out-of-process alternatives for
catching coredumps and backtraces.
Support for prelink will be removed in the next release; this includes
removal of the LD_TRACE_PRELINKING, and LD_USE_LOAD_BIAS, environment
variables and their functionality in the dynamic loader.
Changes to build and runtime requirements:
The audit module interface version LAV_CURRENT is increased to enable
proper bind-now support. The loader now advertises via the la_symbind
flags that PLT trace is not possible. New audit modules require the
new dynamic loader supporing the latest LAV_CURRENT version. Old audit
modules are still loaded for all targets except aarch64.
The audit interface on aarch64 is extended to support both the indirect
result location register (x8) and NEON Q register. Old audit modules are
rejected by the loader. Audit modules must be rebuilt to use the newer
structure sizes and the latest module interface version for LAV_CURRENT.
Security related changes:
CVE-2022-23219: Passing an overlong file name to the clnt_create
legacy function could result in a stack-based buffer overflow when
using the "unix" protocol. Reported by Martin Sebor.
CVE-2022-23218: Passing an overlong file name to the svcunix_create
legacy function could result in a stack-based buffer overflow.
CVE-2021-3998: Passing a path longer than PATH_MAX to the realpath
function could result in a memory leak and potential access of
uninitialized memory. Reported by Qualys.
CVE-2021-3999: Passing a buffer of size exactly 1 byte to the getcwd
function may result in an off-by-one buffer underflow and overflow
when the current working directory is longer than PATH_MAX and also
corresponds to the / directory through an unprivileged mount
namespace. Reported by Qualys.
The following bugs are resolved with this release:
[12889] nptl: Race condition in pthread_kill
[14232] nptl: tst-cancel7 and tst-cancelx7 race condition
[14913] libc: [mips] Clean up MIPS 64-bit register-dump.h output
[15310] dynamic-link: _dl_sort_fini is O(n^3) causing slow exit when
many dsos
[15333] libc: Use 64-bit stat functions in installed programs
[15533] dynamic-link: LD_AUDIT introduces an avoidable performance
degradation
[15971] dynamic-link: No interface for debugger access to libraries
loaded with dlmopen
[17318] locale: [RFE] Provide a C.UTF-8 locale by default
[17645] dynamic-link: RFE: Improve performance of dynamic loader for
deeply nested DSO dependencies.
[19193] nptl: pthread_kill, pthread_cancel return ESRCH for a thread
ID whose lifetime has not ended
[22542] network: buffer overflow in sunrpc clnt_create
(CVE-2022-23219)
[22716] malloc: [PATCH] mtrace.pl: use TRACE_PRELINKING instead of
TRACE_LOADED_OBJECTS
[25947] malloc: memory leak in muntrace
[26045] math: fmaxf(inf, nan) does not always work
[26108] math: exp10() has problems with <tgmath.h>
[26779] build: benign use after realloc at localealias.c:329
[27609] dynamic-link: [2.32/2.33/2.34 Regression] In elf/dl-open.c
(_dl_open) we might use __LM_ID_CALLER to index GL(dl_ns)[]
[27945] build: build-many-glibcs.py doesn't configure GCC with
--enable-initfini-array
[27991] build: x86: sysdeps/x86/configure.ac breaks when
libc_cv_include_x86_isa_level is loaded from cache
[28036] nptl: Incorrect types for pthread_mutexattr_set/getrobust_np
in __REDIRECT_NTH macro
[28061] dynamic-link: A failing dlmopen called by an auditor crashed
[28062] dynamic-link: Suppress audit calls when a (new) namespace is
empty
[28126] libc: nftw aborts for paths longer than PATH_MAX
[28129] dynamic-link: Unnecessary check DT_DEBUG in ld.so
[28153] libc: [test] gmon/tst-gmon-gprof* may have a f3 line when
built with ld.lld
[28182] libc: TIME_BITS=64 in C++ has issues with fcntl, ioctl, prctl
[28185] math: Inaccurate j0f function (again)
[28199] locale: iconvconfig prefix flag behaves differently in glibc
2.34
[28203] dynamic-link: aarch64: elf_machine{load_address,dynamic}
should drop GLOBAL_OFFSET_TABLE[0] in favor of __ehdr_start for
robustness
[28213] librt: NULL pointer dereference in mq_notify (CVE-2021-38604)
[28223] libc: mips: clone does not align stack
[28253] dynamic-link: Missing colon in LD_SHOW_AUXV output after
AT_MINSIGSTKSZ
[28256] malloc: Conditional jump or move depends on uninitialised
value(s) in __GI___tunables_init
[28260] build: io/tst-closefrom, misc/tst-close_range, posix/tst-
spawn5 fail if stray fds are open
[28310] libc: Do not use affinity mask for sysconf
(_SC_NPROCESSORS_CONF)
[28338] time: undefined behavior in __tzfile_compute with oddball TZif
file
[28340] dynamic-link: ld.so crashes while loading a DSO with a read-
only dynamic section
[28349] libc: Segfault for ping -R on qemux86 caused by recvmsg()
[28350] libc: ping receives SIGABRT on lib32-qemux86-64 caused by
recvmsg()
[28353] network: Race condition on __opensock
[28357] dynamic-link: deadlock between pthread_create and ctors
[28358] math: f64xdivf128 and f64xmulf128 spurious underflows
[28361] nptl: Fix for bug 12889 causes setxid deadlock
[28368] build: -Waddress instances in stdio-common/vfprintf-internal.c
[28390] localedata: Update locale data to Unicode 14.0.0
[28397] math: tgmath.h should not define fmaxmag, fminmag macros for
C2X
[28400] libc: [2.35 Regression] string/test-strncasecmp: cannot set
locale "en_US.UTF-8"
[28407] nptl: pthread_kill assumes that kill (getpid ()) is equivalent
to tgkill (getpid (), gettid())
[28455] dynamic-link: -Wl,--enable-new-dtags doesn't work
[28457] dynamic-link: Missing reldepmod4.so dependency for
globalmod1.so
[28469] time: linux: struct timex is not correctly set for 32-bit
systems with TIMESIZE=64
[28470] regex: Buffer read overrun in regular expression searching
[28475] string: Incorrect access attribute on memfrob
[28524] libc: Conversion from ISO-2022-JP-3 with iconv may emit
spurious NUL character on state reset
[28532] libc: powerpc64[le]: CFI for assembly templated syscalls is
incorrect
[28550] dynamic-link: FAIL: tst-dso-
ordering9_112-ecbda(GLIBC_TUNABLES=glibc.rtld.dynamic_sort=1)
execution test
[28554] build: Undefined generate-md5
[28572] libc: Misaligned accesses in test-memcpy and test-mempcpy on
hppa
[28607] nptl: Masked signals are delivered on thread exit
[28624] libc: openjdk 8/9 assume uni processor and gets stuck due to
lack of cpu counting /proc fallback with glibc 2.34
[28646] string: [2.35 Regression] mock -r fedora-36-x86_64
/tmp/java-1.8.0-openjdk-1.8.0.312.b07-2.fc36.src.rpm& fails to build
[28648] dynamic-link: Running ld.so on statically linked binaries
crashes
[28656] dynamic-link: LD_PREFER_MAP_32BIT_EXEC no longer works due to
binutils changes
[28676] dynamic-link: p_align on PT_LOAD segment in DSO isn't honored
[28678] nptl: nptl/tst-create1 hangs sporadically
[28688] dynamic-link: PT_LOAD p_align check is too strict
[28700] nss: "dns [!UNAVAIL=return] files" default for hosts database
is not useful
[28707] time: assert in tzfile.c __tzfile_read striking with truncated
timezones generated by tzcode-2021d and later
[28713] math: GCC 12 miscompiles libm
[28732] dynamic-link: FAIL: elf/tst-dl_find_object
[28738] build: LIBC_LINKER_FEATURE doesn't work on linker -z option
[28745] dynamic-link: _dl_find_object miscompilation on powerpc64le
[28746] libc: _FORTIFY_SOURCE does not work for stpcpy
[28749] libc: Inconsistency detected by ld.so: rtld.c: 1632: dl_main:
Assertion `GL(dl_rtld_map).l_libname' failed!
[28755] string: overflow bug in wcsncmp_avx2 and wcsncmp_evex
[28757] nptl: GDB printer tests failed with new GDB
[28765] math: x86_64 libmvec atan2 accuracy
[28766] manual: Document libmvec accuracy
[28768] network: Buffer overflow in svcunix_create with long pathnames
(CVE-2022-23218)
[28769] libc: Off-by-one buffer overflow/underflow in getcwd()
(CVE-2021-3999)
[28770] libc: Unexpected return value from realpath() for too long
results (CVE-2021-3998)
[28771] libc: %ebx optimization macros are incompatible with .altmacro
in Systemtap probes
[28780] build: --disable-default-pie doesn't work on static programs
[28782] libc: x86-64 ISA level for glibc itself is always
x86-64-baseline
[28792] glob: possible wrong behaviour with patterns with double [
with no closing ]
[28837] libc: FAIL: socket/tst-socket-timestamp-compat
[28847] locale: Empty mon_decimal_point in LC_MONETARY results in non-
empty mon_decimal_point_wc
https://sourceware.org/glibc/wiki/Release/2.35
This release was made possible by the contributions of many people.
The maintainers are grateful to everyone who has contributed
changes or bug reports. These include:
Adhemerval Zanella
Akila Welihinda
Alexandra Hájková
Andrea Monaco
Andreas Schwab
Anton Blanchard
Arjun Shankar
Aurelien Jarno
Ben Woodard
Carlos O'Donell
Chung-Lin Tang
Cristian Rodríguez
DJ Delorie
Fangrui Song
Florian Weimer
H.J. Lu
Hans-Peter Nilsson
Jangwoong Kim
Jiaxun Yang
John David Anglin
Jonathan Wakely
Joseph Myers
Khem Raj
Kurt Kanzenbach
Luca Boccassi
Mark Wielaard
Martin Sebor
Matheus Castanho
Matt Whitlock
Maxim Kuvyrkov
Michael Kerrisk
Mike FABIAN
Naohiro Tamura
Naohiro Tamura via Libc-alpha
Nart Tlisha
Nikita Popov
Noah Goldstein
Patrick McGehearty
Paul A. Clarke
Paul E. Murphy
Paul Eggert
Paul Zimmermann
Robbie Harwood
Romain GEISSLER
Rongwei Wang
Samuel Thibault
Sergey Bugaev
Siddhesh Poyarekar
Stafford Horne
Stefan Liebler
Sunil K Pandey
Szabolcs Nagy
Thomas Petazzoni
Tulio Magno Quites Machado Filho
Wilco Dijkstra
Xi Ruoyao
maminjie
The GNU C Library version 2.34 is now available
The GNU C Library version 2.34 is now available.
The GNU C Library is used as the C library in the GNU system and
in GNU/Linux systems, as well as many other systems that use Linux
as the kernel.
The GNU C Library is primarily designed to be a portable
and high performance C library. It follows all relevant
standards including ISO C11 and POSIX.1-2017. It is also
internationalized and has one of the most complete
internationalization interfaces known.
The GNU C Library webpage is at http://www.gnu.org/software/libc/
Packages for the X.Y release may be downloaded from:
http://ftpmirror.gnu.org/libc/
http://ftp.gnu.org/gnu/libc/
The mirror list is at http://www.gnu.org/order/ftp.html
Major new features:
In order to support smoother in-place-upgrades and to simplify
the implementation of the runtime all functionality formerly
implemented in the libraries libpthread, libdl, libutil, libanl has
been integrated into libc. New applications do not need to link with
-lpthread, -ldl, -lutil, -lanl anymore. For backwards compatibility,
empty static archives libpthread.a, libdl.a, libutil.a, libanl.a are
provided, so that the linker options keep working. Applications which
have been linked against glibc 2.33 or earlier continue to load the
corresponding shared objects (which are now empty). The integration
of those libraries into libc means that additional symbols become
available by default. This can cause applications that contain weak
references to take unexpected code paths that would only have been
used in previous glibc versions when e.g. preloading libpthread.so.0,
potentially exposing application bugs.
When _DYNAMIC_STACK_SIZE_SOURCE or _GNU_SOURCE are defined,
PTHREAD_STACK_MIN is no longer constant and is redefined to
sysconf(_SC_THREAD_STACK_MIN). This supports dynamic sized register
sets for modern architectural features like Arm SVE.
Add _SC_MINSIGSTKSZ and _SC_SIGSTKSZ. When _DYNAMIC_STACK_SIZE_SOURCE
or _GNU_SOURCE are defined, MINSIGSTKSZ and SIGSTKSZ are no longer
constant on Linux. MINSIGSTKSZ is redefined to sysconf(_SC_MINSIGSTKSZ)
and SIGSTKSZ is redefined to sysconf (_SC_SIGSTKSZ). This supports
dynamic sized register sets for modern architectural features like
Arm SVE.
The dynamic linker implements the --list-diagnostics option, printing
a dump of information related to IFUNC resolver operation and
glibc-hwcaps subdirectory selection.
On Linux, the function execveat has been added. It operates similar to
execve and it is is already used to implement fexecve without requiring
/proc to be mounted. However, different than fexecve, if the syscall is not
supported by the kernel an error is returned instead of trying a fallback.
The ISO C2X function timespec_getres has been added.
The feature test macro STDC_WANT_IEC_60559_EXT, from draft ISO
C2X, is supported to enable declarations of functions defined in Annex F
of C2X. Those declarations are also enabled when
STDC_WANT_IEC_60559_BFP_EXT, as specified in TS 18661-1, is
defined, and when _GNU_SOURCE is defined.
On powerpc64*, glibc can now be compiled without scv support using the
--disable-scv configure option.
Add support for 64-bit time_t on configurations like x86 where time_t
is traditionally 32-bit. Although time_t still defaults to 32-bit on
these configurations, this default may change in future versions.
This is enabled with the _TIME_BITS preprocessor macro set to 64 and is
only supported when LFS (_FILE_OFFSET_BITS=64) is also enabled. It is
only enabled for Linux and the full support requires a minimum kernel
version of 5.1.
The main gconv-modules file in glibc now contains only a small set of
essential converter modules and the rest have been moved into a supplementary
configuration file gconv-modules-extra.conf in the gconv-modules.d directory
in the same GCONV_PATH. Similarly, external converter modules directories
may have supplementary configuration files in a gconv-modules.d directory
with names ending with .conf to logically classify the converter modules in
that directory.
On Linux, a new tunable, glibc.pthread.stack_cache_size, can be used
to configure the size of the thread stack cache.
The function _Fork has been added as an async-signal-safe fork replacement
since Austin Group issue 62 droped the async-signal-safe requirement for
fork (and it will be included in the future POSIX standard). The new _Fork
function does not run any atfork function neither resets any internal state
or lock (such as the malloc one), and only sets up a minimal state required
to call async-signal-safe functions (such as raise or execve). This function
is currently a GNU extension.
On Linux, the close_range function has been added. It allows efficiently
closing a range of file descriptors on recent kernels (version 5.9).
The function closefrom has been added. It closes all file descriptors
greater than or equal to a given integer. This function is a GNU extension,
although it is also present in other systems.
The posix_spawn_file_actions_addclosefrom_np function has been added,
enabling posix_spawn and posix_spawnp to close all file descriptors greater
than or equal to a given integer. This function is a GNU extension,
although Solaris also provides a similar function.
Deprecated and removed features, and other changes affecting compatibility:
The function pthread_mutex_consistent_np has been deprecated; programs
should use the equivalent standard function pthread_mutex_consistent
instead.
The function pthread_mutexattr_getrobust_np has been deprecated;
programs should use the equivalent standard function
pthread_mutexattr_getrobust instead.
The function pthread_mutexattr_setrobust_np has been deprecated;
programs should use the equivalent standard function
pthread_mutexattr_setrobust instead.
The function pthread_yield has been deprecated; programs should use
the equivalent standard function sched_yield instead.
The function inet_neta declared in <arpa/inet.h> has been deprecated.
Various rarely-used functions declared in <resolv.h> and
<arpa/nameser.h> have been deprecated. Applications are encouraged to
use dedicated DNS processing libraries if applicable. For <resolv.h>,
this affects the functions dn_count_labels, fp_nquery, fp_query,
fp_resstat, hostalias, loc_aton, loc_ntoa, p_cdname, p_cdnname,
p_class, p_fqname, p_fqnname, p_option, p_query, p_rcode, p_time,
p_type, putlong, putshort, res_hostalias, res_isourserver,
res_nameinquery, res_queriesmatch, res_randomid, sym_ntop, sym_ntos,
sym_ston. For <arpa/nameser.h>, the functions ns_datetosecs,
ns_format_ttl, ns_makecanon, ns_parse_ttl, ns_samedomain, ns_samename,
ns_sprintrr, ns_sprintrrf, ns_subdomain have been deprecated.
Various symbols previously defined in libresolv have been moved to libc
in order to prepare for libresolv moving entirely into libc (see earlier
entry for merging libraries into libc). The symbols __dn_comp,
__dn_expand, __dn_skipname, __res_dnok, __res_hnok, __res_mailok,
__res_mkquery, __res_nmkquery, __res_nquery, __res_nquerydomain,
__res_nsearch, __res_nsend, __res_ownok, __res_query, __res_querydomain,
__res_search, __res_send formerly in libresolv have been renamed and no
longer have a __ prefix. They are now available in libc.
The pthread cancellation handler is now installed with SA_RESTART and
pthread_cancel will always send the internal SIGCANCEL on a cancellation
request. It should not be visible to applications since the cancellation
handler should either act upon cancellation (if asynchronous cancellation
is enabled) or ignore the cancellation internal signal. However there are
buggy kernel interfaces (for instance some CIFS versions) that could still
see a spurious EINTR error when cancellation interrupts a blocking syscall.
Previously, glibc installed its various shared objects under versioned
file names such as libc-2.33.so. The ABI sonames (e.g., libc.so.6)
were provided as symbolic links. Starting with glibc 2.34, the shared
objects are installed under their ABI sonames directly, without
symbolic links. This increases compatibility with distribution
package managers that delete removed files late during the package
upgrade or downgrade process.
The symbols mallwatch and tr_break are now deprecated and no longer used in
mtrace. Similar functionality can be achieved by using conditional
breakpoints within mtrace functions from within gdb.
The __morecore and __after_morecore_hook malloc hooks and the default
implementation __default_morecore have been removed from the API. Existing
applications will continue to link against these symbols but the interfaces
no longer have any effect on malloc.
Debugging features in malloc such as the MALLOC_CHECK_ environment variable
(or the glibc.malloc.check tunable), mtrace() and mcheck() have now been
disabled by default in the main C library. Users looking to use these
features now need to preload a new debugging DSO libc_malloc_debug.so to get
this functionality back.
The deprecated functions malloc_get_state and malloc_set_state have been
moved from the core C library into libc_malloc_debug.so. Legacy applications
that still use these functions will now need to preload libc_malloc_debug.so
in their environment using the LD_PRELOAD environment variable.
The deprecated memory allocation hooks __malloc_hook, __realloc_hook,
__memalign_hook and __free_hook are now removed from the API. Compatibility
symbols are present to support legacy programs but new applications can no
longer link to these symbols. These hooks no longer have any effect on glibc
functionality. The malloc debugging DSO libc_malloc_debug.so currently
supports hooks and can be preloaded to get this functionality back for older
programs. However this is a transitional measure and may be removed in a
future release of the GNU C Library. Users may port away from these hooks by
writing and preloading their own malloc interposition library.
Changes to build and runtime requirements:
Security related changes:
CVE-2021-27645: The nameserver caching daemon (nscd), when processing
a request for netgroup lookup, may crash due to a double-free,
potentially resulting in degraded service or Denial of Service on the
local system. Reported by Chris Schanzle.
CVE-2021-33574: The mq_notify function has a potential use-after-free
issue when using a notification type of SIGEV_THREAD and a thread
attribute with a non-default affinity mask.
CVE-2021-35942: The wordexp function may overflow the positional
parameter number when processing the expansion resulting in a crash.
Reported by Philippe Antoine.
The following bugs are resolved with this release:
[4737] libc: fork is not async-signal-safe
[5781] math: Slow dbl-64 sin/cos/sincos for special values
[10353] libc: Methods for deleting all file descriptors greater than
given integer (closefrom)
[14185] glob: fnmatch() fails when '' wildcard is applied on the file
name containing multi-byte character(s)
[14469] math: Inaccurate j0f function
[14470] math: Inaccurate j1f function
[14471] math: Inaccurate y0f function
[14472] math: Inaccurate y1f function
[14744] nptl: kill -32 $pid or kill -33 $pid on a process cancels a
random thread
[15271] dynamic-link: dlmopen()ed shared library with LM_ID_NEWLM
crashes if it fails dlsym() twice
[15648] nptl: multiple definition of `__lll_lock_wait_private'
[16063] nptl: Provide a pthread_once variant in libc directly
[17144] libc: syslog is not thread-safe if NO_SIGPIPE is not defined
[17145] libc: syslog with LOG_CONS leaks console file descriptor
[17183] manual: description of ENTRY struct in <search.h> in glibc
manual is incorrect
[18435] nptl: pthread_once hangs when init routine throws an exception
[18524] nptl: Missing calloc error checking in
__cxa_thread_atexit_impl
[19329] dynamic-link: dl-tls.c assert failure at concurrent
pthread_create and dlopen
[19366] nptl: returning from a thread should disable cancellation
[19511] nptl: 8MB memory leak in pthread_create in case of failure
when non-root user changes priority
[20802] dynamic-link: getauxval NULL pointer dereference after static
dlopen
[20813] nptl: pthread_exit is inconsistent between libc and libpthread
[22057] malloc: malloc_usable_size is broken with mcheck
[22668] locale: LC_COLLATE: the last character of ellipsis is not
ordered correctly
[23323] libc: [RFE] CSU startup hardening.
[23328] malloc: Remove malloc hooks and ensure related APIs return no
data.
[23462] dynamic-link: Static binary with dynamic string tokens ($LIB,
$PLATFORM, $ORIGIN) crashes
[23489] libc: "gcc -lmcheck" aborts on free when using posix_memalign
[23554] nptl: pthread_getattr_np reports wrong stack size with
MULTI_PAGE_ALIASING
[24106] libc: Bash interpreter in ldd script is taken from host
[24773] dynamic-link: dlerror in an secondary namespace does not use
the right free implementation
[25036] localedata: Update collation order for Swedish
[25383] libc: where_is_shmfs/__shm_directory/SHM_GET_NAME may cause
shm_open to pick wrong directory
[25680] dynamic-link: ifuncmain9picstatic and ifuncmain9picstatic
crash in IFUNC resolver due to stack canary (--enable-stack-
protector=all)
[26874] build: -Warray-bounds in _IO_wdefault_doallocate
[26983] math: [x86_64] x86_64 tgamma has too large ULP error
[27111] dynamic-link: pthread_create and tls access use link_map
objects that may be concurrently freed by dlclose
[27132] malloc: memusagestat is linked to system librt, leading to
undefined symbols on major version upgrade
[27136] dynamic-link: dtv setup at thread creation may leave an entry
uninitialized
[27249] libc: libSegFault.so does not output signal number properly
[27304] nptl: pthread_cond_destroy does not pass private flag to futex
system calls
[27318] dynamic-link: glibc fails to load binaries when built with
-march=sandybridge: CPU ISA level is lower than required
[27343] nss: initgroups() SIGSEGVs when called on a system without
nsswich.conf (in a chroot)
[27346] dynamic-link: x86: PTWRITE feature check is missing
[27389] network: NSS chroot hardening causes regressions in chroot
deployments
[27403] dynamic-link: aarch64: tlsdesc htab is not freed on dlclose
[27444] libc: sysconf reports unsupported option (-1) for
_SC_LEVEL1_ICACHE_LINESIZE on X86 since v2.33
[27462] nscd: double-free in nscd (CVE-2021-27645)
[27468] malloc: aarch64: realloc crash with heap tagging: FAIL:
malloc/tst-malloc-thread-fail
[27498] dynamic-link: __dl_iterate_phdr lacks unwinding information
[27511] libc: S390 memmove assumes Vector Facility when MIE Facility 3
is present
[27522] glob: glob, glob64 incorrectly marked as _THROW
[27555] dynamic-link: Static tests fail with --enable-stack-
protector=all
[27559] libc: fstat(AT_FDCWD) succeeds (it shouldn't) and returns
information for the current directory
[27577] dynamic-link: elf/ld.so --help doesn't work
[27605] libc: tunables can't control xsave/xsavec selection in
dl_runtime_resolve
[27623] libc: powerpc: Missing registers in sc[v] clobbers list
[27645] libc: [linux] sysconf(_SC_NPROCESSOR...) breaks down on
containers
[27646] dynamic-link: Linker error for non-existing NSS symbols (e.g.
_nss_files_getcanonname_r) from within a dlmopen namespace.
[27648] libc: FAIL: misc/tst-select
[27650] stdio: vfscanf returns too early if a match is longer than
INT_MAX
[27651] libc: Performance regression after updating to 2.33
[27655] string: Wrong size calculation in string/test-strnlen.c
[27706] libc: select fails to update timeout on error
[27709] libc: arm: FAIL: debug/tst-longjmp_chk2
[27721] dynamic-link: x86: ld_audit ignores bind now for TLSDESC and
tries resolving them lazily
[27744] nptl: Support different libpthread/ld.so load orders in
libthread_db
[27749] libc: Data race _run_exit_handlers
[27761] libc: getconf: Segmentation fault when passing '-vq' as
argument
[27832] nss: makedb.c:797:7: error: 'writev' specified size 4294967295
exceeds maximum object size 2147483647
[27870] malloc: MALLOC_CHECK causes realloc(valid_ptr, TOO_LARGE) to
not set ENOMEM
[27872] build: Obsolete configure option --enable-stackguard-
randomization
[27873] build: tst-cpu-features-cpuinfo fail when building on AMD cpu
[27882] localedata: Use U+00AF MACRON in more EBCDIC charsets
[27892] libc: powerpc: scv ABI error handling fails to check
IS_ERR_VALUE
[27896] nptl: mq_notify does not handle separately allocated thread
attributes (CVE-2021-33574)
[27901] libc: TEST_STACK_ALIGN doesn't work
[27902] libc: The x86-64 clone wrapper fails to align child stack
[27914] nptl: Install SIGSETXID handler with SA_ONSTACK
[27939] libc: aarch64: clone does not align the stack
[27968] libc: s390x: clone does not align the stack
[28011] libc: Wild read in wordexp (parse_param) (CVE-2021-35942)
[28024] string: s390(31bit): Wrong result of memchr (MEMCHR_Z900_G5)
with n >= 0x80000000
[28028] malloc: malloc: tcache shutdown sequence does not work if the
thread never allocated anything
[28033] libc: Need to check RTM_ALWAYS_ABORT for RTM
[28064] string: x86_64:wcslen implementation list has wcsnlen
[28067] libc: FAIL: posix/tst-spawn5
[28068] malloc: FAIL: malloc/tst-mallocalign1-mcheck
[28071] time: clock_gettime, gettimeofday, time lost vDSO acceleration
on older kernels
[28075] nis: Out-of-bounds static buffer read in nis_local_domain
[28089] build: tst-tls20 fails when linker defaults to --as-needed
[28090] build: elf/tst-cpu-features-cpuinfo-static fails on certain
AMD64 cpus
[28091] network: ns_name_skip may return 0 for domain names without
terminator
https://sourceware.org/glibc/wiki/Release/2.34
This release was made possible by the contributions of many people.
The maintainers are grateful to everyone who has contributed
changes or bug reports. These include:
Adhemerval Zanella
Alejandro Colomar (man-pages)
Alexandra Hájková
Alice Xu
Alyssa Ross
Andreas Roeseler
Andreas Schwab
Anton Blanchard
Arjun Shankar
Armin Brauns
Bruno Haible
Carlos O'Donell
Cooper Qu
DJ Delorie
Dan Raymond
Darius Rad
David Hughes
Fangrui Song
Florian Weimer
H.J. Lu
Hanataka Shinya
Hugo Gabriel Eyherabide
Jakub Jelinek
JeffyChen
John David Anglin
Joseph Myers
Khem Raj
Lirong Yuan
Lucas A. M. Magalhaes
Lukasz Majewski
Maninder Singh
Mark Harris
Martin Sebor
Matheus Castanho
Michal Nazarewicz
Mike Hommey
Naohiro Tamura
Nicholas Piggin
Noah Goldstein
Paul Eggert
Paul Zimmermann
Pedro Franco de Carvalho
Raoni Fassina Firmino
Raphael Moreira Zinsly
Romain GEISSLER
Sajan Karumanchi
Samuel Thibault
Sebastian Rasmussen
Sergei Trofimovich
Shen-Ta Hsieh
Siddhesh Poyarekar
Stafford Horne
Stefan Liebler
Sunil K Pandey
Szabolcs Nagy
Tulio Magno Quites Machado Filho
Vineet Gupta
Vitaly Buka
Vitaly Chikunov
Wilco Dijkstra
Xeonacid
Xiaoming Ni
Yang Xu
liuhongt
noah
Érico Nogueira
The GNU C Library version 2.33 is now available.
The GNU C Library is used as the C library in the GNU system and
in GNU/Linux systems, as well as many other systems that use Linux
as the kernel.
The GNU C Library is primarily designed to be a portable
and high performance C library. It follows all relevant
standards including ISO C11 and POSIX.1-2017. It is also
internationalized and has one of the most complete
internationalization interfaces known.
The GNU C Library webpage is at http://www.gnu.org/software/libc/
Packages for the 2.32 release may be downloaded from:
http://ftpmirror.gnu.org/libc/
http://ftp.gnu.org/gnu/libc/
The mirror list is at http://www.gnu.org/order/ftp.html
Major new features:
The dynamic linker accepts the --list-tunables argument which prints
all the supported tunables. This option is disable if glibc is
configured with tunables disabled (--enable-tunables=no).
The dynamic linker accepts the --argv0 argument and provides opportunity
to change argv[0] string.
The dynamic linker loads optimized implementations of shared objects
from subdirectories under the glibc-hwcaps directory on the library
search path if the system's capabilities meet the requirements for
that subdirectory. Initially supported subdirectories include
"power9" and "power10" for the powerpc64le-linux-gnu architecture,
"z13", "z14", "z15" for s390x-linux-gnu, and "x86-64-v2", "x86-64-v3",
"x86-64-v4" for x86_64-linux-gnu. In the x86_64-linux-gnu case, the
subdirectory names correspond to the vendor-independent x86-64
microarchitecture levels defined in the x86-64 psABI supplement.
The new --help option of the dynamic linker provides usage and
information and library search path diagnostics.
The mallinfo2 function is added to report statistics as per mallinfo,
but with larger field widths to accurately report values that are
larger than fit in an integer.
Add <sys/platform/x86.h> to provide query macros for x86 CPU features.
Support for the RISC-V ISA running on Linux has been expanded to run on
32-bit hardware. This is supported for the following ISA and ABI pairs:
The 32-bit RISC-V port requires at least Linux 5.4, GCC 7.1 and binutils
2.28.
A new fortification level _FORTIFY_SOURCE=3 is available. At this level,
glibc may use additional checks that may have an additional performance
overhead. At present these checks are available only on LLVM 9 and later.
The latest GCC available at this time (10.2) does not support this level of
fortification.
Deprecated and removed features, and other changes affecting compatibility:
The mallinfo function is marked deprecated. Callers should call
mallinfo2 instead.
When dlopen is used in statically linked programs, alternative library
implementations from HWCAP subdirectories are no longer loaded.
Instead, the default implementation is used.
The deprecated <sys/vtimes.h> header and the function vtimes have been
removed. To support old binaries, the vtimes function continues to exist
as a compatibility symbol. Applications should use the getrlimit or
prlimit.
Following a change in the tzdata 2018a release upstream, the zdump
program is now installed in the /usr/bin subdirectory. Previously,
the /usr/sbin subdirectory was used.
On s390(x), the type float_t is now derived from the macro
FLT_EVAL_METHOD that is defined by the compiler, instead of being
hardcoded to double. This does not affect the ABI of any libraries
that are part of the GNU C Library, but may affect the ABI of other
libraries that use this type in their interfaces. The new definition
improves consistency with compiler behavior in many scenarios.
A future version of glibc will stop loading shared objects from the
"tls" subdirectories on the library search path, the subdirectory that
corresponds to the AT_PLATFORM system name, and also stop employing
the legacy AT_HWCAP search mechanism. Applications should switch to
the new glibc-hwcaps mechanism instead; if they do not do that, only
the baseline version (directly from the search path directory) will be
loaded.
Changes to build and runtime requirements:
On Linux, the system administrator needs to configure /dev/pts with
the intended access modes for pseudo-terminals. glibc no longer
attemps to adjust permissions of terminal devices. The previous glibc
defaults ("tty" group, user read/write and group write) already
corresponded to what most systems used, so that grantpt did not
perform any adjustments.
On Linux, the posix_openpt and getpt functions no longer attempt to
use legacy (BSD) pseudo-terminals and assume that if /dev/ptmx exists
(and pseudo-terminals are supported), a devpts file system is mounted
on /dev/pts. Current systems already meet these requirements.
s390x requires GCC 7.1 or newer. See gcc Bug 98269.
Security related changes:
CVE-2021-3326: An assertion failure during conversion from the
ISO-20220-JP-3 character set using the iconv function has been fixed.
This assertion was triggered by certain valid inputs in which the
converted output contains a combined sequence of two wide characters
crossing a buffer boundary. Reported by Tavis Ormandy.
CVE-2020-27618: An infinite loop has been fixed in the iconv program when
invoked with input containing redundant shift sequences in the IBM1364,
IBM1371, IBM1388, IBM1390, or IBM1399 character sets.
CVE-2020-29562: An assertion failure has been fixed in the iconv function
when invoked with UCS4 input containing an invalid character.
CVE-2019-25013: A buffer overflow has been fixed in the iconv function when
invoked with EUC-KR input containing invalid multibyte input sequences.
The following bugs are resolved with this release:
[10635] libc: realpath portability patches
[16124] dynamic-link: ld.so should allow to change argv[0]
[17924] malloc: 'free' should not set errno
[18683] libc: Linux faccessat implementation can incorrectly ignore
AT_EACCESS
[22899] libc: Use 64-bit readdir() in generic POSIX getcwd()
[23249] libc: Epyc and other current AMD CPUs do not select the
"haswell" platform subdirectory
[24080] dynamic-link: Definition of "haswell" platform is inconsistent
with GCC
[24202] libc: m68k setjmp() saves incorrect 'a5' register in --enable-
stack-protector=all
[24941] libc: Make grantpt usable after multi-threaded fork in more
cases
[24970] libc: realpath mishandles EOVERFLOW; stat not needed anyway
[24973] locale: iconv encounters segmentation fault when converting
0x00 0xfe in EUC-KR to UTF-8 (CVE-2019-25013)
[25399] string: undefined reference to `__warn_memset_zero_len' when
changing gnuc version
[25859] libc: glibc parser for /sys/devices/system/cpu/online is
incorrect
[25938] dynamic-link: ld.so.cache should store meaning of hwcap mask
bits
[25971] libc: s390 bits/hwcap.h out of sync with kernel
[26053] libc: unlockpt fails with ENOTTY for non-ptmx descriptors
[26100] libc: Race in syslog(3) with regards to tag printing.
[26124] libc: Export <cpu-features.h>
[26130] nscd: Inconsistent nscd cache during pruning
[26203] libc: GLRO(dl_x86_cpu_features) may not be intialized
[26224] locale: iconv hangs when converting some invalid inputs from
several IBM character sets (CVE-2020-27618)
[26341] libc: realpath cyclically call __alloca(path_max) to consume
too much stack space
[26343] manual: invalid documented return type for strerrorname_np(),
strerrordesc_np(), sigdescr_np(), sigabbrev_np()
[26376] libc: Namespace violation in stdio.h and sys/stat.h if build
with optimization.
[26383] locale: bind_textdomain_codeset doesn't accept //TRANSLIT
anymore
[26394] time: [2.33 Regression] FAIL: nptl/tst-join14
[26534] math: libm.so 2.32 SIGILL in pow() due to FMA4 instruction on
non-FMA4 system
[26552] dynamic-link: CPU_FEATURE_USABLE_P should be more conservative
[26553] libc: mtx_init allows type set to "mtx_recursive" only
[26555] string: strerrorname_np does not return the documented value
[26592] libc: pointer arithmetic overflows in realpath
[26600] network: Transaction ID collisions cause slow DNS lookups in
getaddrinfo
[26606] libc: [2.33 Regression] pselect is broken on x32
[26615] libc: powerpc: libc segfaults when LD_PRELOADed with libgcc
[26620] glob: fnmatch with collating symbols results in segmentation
fault
[26625] libc: [2.33 Regression] CET is disabled
[26636] libc: 32-bit shmctl(IPC_INFO) crashes when shminfo struct is
at the end of a memory mapping
[26637] libc: semctl SEM_STAT_ANY fails to pass the buffer specified
by the caller to the kernel
[26639] libc: msgctl IPC_INFO and MSG_INFO return garbage
[26647] build: [-Werror=array-parameter=] due to different
declarations for __sigsetjmp
[26648] libc: mkstemp is likely to fail on systems with non-stricly-
monotonic clocks
[26649] stdio: printf should handle non-normal x86 long double numbers
gracefully (CVE-2020-29573)
[26686] build: -Warray-parameter instances building with GCC 11
[26687] build: -Warray-bounds instances building with GCC 11
[26690] stdio: Aliasing violation in __vfscanf_internal
[26691] nptl: Use a minimum guard size of 64 KiB on aarch64
[26726] build: GCC warning calling new_composite_name with an array of
one element
[26736] libc: FAIL: misc/tst-sysvshm-linux
[26737] libc: Random FAIL: rt/tst-shm
[26791] libc: Missing O_CLOEXEC in sysconf.c
[26798] dynamic-link: aarch64: variant PCS symbols may be incorrectly
lazy bound
[26801] nptl: pthread_mutex_clocklock with CLOCK_MONOTONIC can fail on
PI mutexes
[26818] string: aarch64: string tests may run ifunc variants that are
not safe
[26821] libc: Memory leak test failures on Fedora 33
[26824] libc: FAIL: elf/tst-cpu-features-supports with recent trunk:
FSGSBASE/LM/RDRAND check failure
[26833] time: adjtime() with delta == NULL segfaults on armv7 32bit
platform
[26853] libc: aarch64: Missing unwind information in statically linked
startup code
[26923] locale: Assertion failure in iconv when converting invalid
UCS4 (CVE-2020-29562)
[26926] dynamic-link: aarch64: library dependencies are not bti
protected
[26932] libc: sh: Multiple floating point functions defined as stubs
only since 2.31
[26964] nptl: pthread_mutex_timedlock returning EAGAIN after futex is
locked
[26988] dynamic-link: aarch64: BTI mprotect address is not page
aligned
[27002] build: libc_freeres_fn build failure with GCC 11
[27004] dynamic-link: ld.so is miscompiled by GCC 11
[27008] dynamic-link: ld.so.cache should have endianness markup
[27042] libc: [alpha] anonymous union in struct stat confuses
detection logic
[27053] libc: Conformance regression in system(3) (and probably also
pclose(3))
[27072] dynamic-link: static pie ifunc resolvers run before hwcap is
setup
[27077] network: Do not reload /etc/nsswitch.conf from chroot
[27083] libc: Unsafe unbounded alloca in addmntent
[27104] dynamic-link: The COMMON_CPUID_INDEX_MAX handshake does not
work
[27130] string: "rep movsb" performance issue
[27150] libc: alpha: wait4() is unavailable in static linking
[27177] dynamic-link:
GLIBC_TUNABLES=glibc.cpu.x86_ibt=on:glibc.cpu.x86_shstk=on doesn't
work
[27222] dynamic-link: Incorrect sysdeps/x86/tst-cpu-features-cpuinfo.c
[27237] malloc: deadlock in malloc/tst-malloc-stats-cancellation
[27256] locale: Assertion failure in ISO-2022-JP-3 gconv module
related to combining characters (CVE-2021-3326)
https://sourceware.org/glibc/wiki/Release/2.33
This release was made possible by the contributions of many people.
The maintainers are grateful to everyone who has contributed
changes or bug reports. These include:
Adhemerval Zanella
Alexandra Hájková
Alistair Francis
Andreas Schwab
Anssi Hannula
Arjun Shankar
Benno Schulenberg
Carlos O'Donell
Chen Li
Cooper Qu
Corinna Vinschen
DJ Delorie
Dmitry V. Levin
Fangrui Song
Florian Weimer
Guillaume Gardet
H.J. Lu
Jakub Jelinek
Jangwoong Kim
Jeremie Koenig
Jim Wilson
John David Anglin
John McCabe
Jonathan Wakely
Jonny Grant
Joseph Myers
Lode Willems
Lucas A. M. Magalhaes
Lukasz Majewski
Maciej W. Rozycki
Mao Han
Marc Aurèle La France
Marius Hillenbrand
Mark Wielaard
Martin Liska
Martin Sebor
Matheus Castanho
Matt Turner
Maximilian Krüger
Michael Colavita
Ondřej Hošek
Patrick McGehearty
Patsy Griffin
Paul E. Murphy
Paul Eggert
Paul Zimmermann
Prasanth R
Raoni Fassina Firmino
Raphael M Zinsly
Raphael Moreira Zinsly
Richard Braun
Richard Earnshaw
Rolf Eike Beer
Sajan Karumanchi
Samuel Thibault
Sergei Trofimovich
Shuo Wang
Siddhesh Poyarekar
Stafford Horne
Stefan Liebler
Szabolcs Nagy
Thorsten Kukuk
Tulio Magno Quites Machado Filho
Vincent Chen
Vincent Mihalkovic
Vineet Gupta
W. Hashimoto
Wilco Dijkstra
Xiaoming Ni
Zong Li
liqingqing
Érico Rolim
The GNU C Library version 2.32 is now available.
The GNU C Library is used as the C library in the GNU system and
in GNU/Linux systems, as well as many other systems that use Linux
as the kernel.
The GNU C Library is primarily designed to be a portable
and high performance C library. It follows all relevant
standards including ISO C11 and POSIX.1-2017. It is also
internationalized and has one of the most complete
internationalization interfaces known.
The GNU C Library webpage is at http://www.gnu.org/software/libc/
Packages for the 2.32 release may be downloaded from:
http://ftpmirror.gnu.org/libc/
http://ftp.gnu.org/gnu/libc/
The mirror list is at http://www.gnu.org/order/ftp.html
Major new features:
Unicode 13.0.0 Support: Character encoding, character type info, and
transliteration tables are all updated to Unicode 13.0.0, using
generator scripts contributed by Mike FABIAN (Red Hat).
New locale added: ckb_IQ (Kurdish/Sorani spoken in Iraq)
Support for Synopsys ARC HS cores (ARCv2 ISA) running Linux has been
added. This port requires at least binutils-2.32, gcc-8.3 and Linux-5.1.
Three ABIs are supported:
The arc* ABI is little-endian while arceb is big-endian. All ABIs use
64-bit time (y2038 safe) and 64-bit file offsets (LFS default).
The GNU C Library now loads audit modules listed in the DT_AUDIT and
DT_DEPAUDIT dynamic section entries of the main executable.
powerpc64le supports IEEE128 long double libm/libc redirects when
using the -mabi=ieeelongdouble to compile C code on supported GCC
toolchains. It is recommended to use GCC 8 or newer when testing
this option.
To help detect buffer overflows and other out-of-bounds accesses
several APIs have been annotated with GCC 'access' attribute. This
should help GCC 10 issue better warnings.
On Linux, functions the pthread_attr_setsigmask_np and
pthread_attr_getsigmask_np have been added. They allow applications
to specify the signal mask of a thread created with pthread_create.
The GNU C Library now provides the header file <sys/single_threaded.h>
which declares the variable __libc_single_threaded. Applications are
encouraged to use this variable for single-thread optimizations,
instead of weak references to symbols historically defined in
libpthread.
The functions sigabbrev_np and sigdescr_np have been added. The
sigabbrev_np returns the abbreviated signal name (e.g. "HUP" for SIGHUP)
while sigdescr_np returns a string describing the signal number (e.g
"Hangup" for SIGHUP). Different than strsignal, sigdescr_np does not
attempt to translate the return description, both functions return
NULL for an invalid signal number.
They should be used instead of sys_siglist or sys_sigabbrev and they
are both thread and async-signal safe. These functions are GNU extensions.
The functions strerrorname_np and strerrordesc_np have been added. The
strerroname_np returns error number name (e.g. "EINVAL" for EINVAL) while
strerrordesc_np returns string describing error number
(e.g "Invalid argument" for EINVAL). Different than strerror,
strerrordesc_np does not attempt to translate the return description, both
functions return NULL for an invalid error number.
They should be used instead of sys_errlist and sys_nerr, both are
thread and async-signal safe. These functions are GNU extensions.
AArch64 now supports standard branch protection security hardening
in glibc when it is built with a GCC that is configured with
--enable-standard-branch-protection (or if -mbranch-protection=standard
flag is passed when building both GCC target libraries and glibc,
in either case a custom GCC is needed). This includes branch target
identification (BTI) and pointer authentication for return addresses
(PAC-RET). They require armv8.5-a and armv8.3-a architecture
extensions respectively for the protection to be effective,
otherwise the used instructions are nops. User code can use PAC-RET
without libc support, but BTI requires a libc that is built with BTI
support, otherwise runtime objects linked into user code will not be
BTI compatible.
Deprecated and removed features, and other changes affecting compatibility:
Remove configure option --enable-obsolete-rpc. Sun RPC is removed
from glibc. This includes the rpcgen program, librpcsvc, and the Sun
RPC header files. Backward compatibility for old programs is kept
only for architectures and ABIs that have been added in or before
glibc 2.31. New programs need to use TI-RPC
http://git.linux-nfs.org/?p=steved/libtirpc.git;a=summary and
rpcsvc-proto https://github.com/thkukuk/rpcsvc-proto.
Remove configure option --enable-obsolete-nsl. libnsl is only built
as shared library for backward compatibility and the NSS modules "nis"
and "nisplus" are not built at all and libnsl's headers aren't
installed. This compatibility is kept only for architectures and ABIs
that have been added in or before version 2.28. Replacement
implementations based on TI-RPC, which additionally support IPv6, are
available from https://github.com/thkukuk/. This change does not
affect the "compat" NSS module, which does not depended on libnsl
since 2.27 and thus can be used without NIS.
The deprecated <sys/sysctl.h> header and the sysctl function have been
removed. To support old binaries, the sysctl function continues to
exist as a compatibility symbol (on those architectures which had it),
but always fails with ENOSYS. This reflects the removal of the system
call from all architectures, starting with Linux 5.5.
The sstk function is no longer available to newly linked binaries.
Its implementation always returned with a failure, and the function
was not declared in any header file.
The legacy signal handling functions siginterrupt, sigpause, sighold,
sigrelse, sigignore and sigset, and the sigmask macro have been
deprecated. Applications should use the sigsuspend, sigprocmask and
sigaction functions instead.
ldconfig now defaults to the new format for ld.so.cache. glibc has
already supported this format for almost 20 years.
The deprecated arrays sys_siglist, _sys_siglist, and sys_sigabbrev
are no longer available to newly linked binaries, and their declarations
have been removed from <string.h>. They are exported solely as
compatibility symbols to support old binaries. All programs should use
strsignal instead.
The deprecated symbols sys_errlist, _sys_errlist, sys_nerr, and _sys_nerr
are no longer available to newly linked binaries, and their declarations
have been removed from from <stdio.h>. They are exported solely as
compatibility symbols to support old binaries. All programs should use
strerror or strerror_r instead.
Both strerror and strerror_l now share the same internal buffer in the
calling thread, meaning that the returned string pointer may be invalided
or contents might be overwritten on subsequent calls in the same thread or
if the thread is terminated. It makes strerror MT-safe.
Using weak references to libpthread functions such as pthread_create
or pthread_key_create to detect the singled-threaded nature of a
program is an obsolescent feature. Future versions of glibc will
define pthread_create within libc.so.6 itself, so such checks will
always flag the program as multi-threaded. Applications should check
the __libc_single_threaded variable declared in
<sys/single_threaded.h> instead.
The "files" NSS module no longer supports the "key" database (used for
secure RPC). The contents of the /etc/publickey file will be ignored,
regardless of the settings in /etc/nsswitch.conf. (This method of
storing RPC keys only supported the obsolete and insecure AUTH_DES
flavor of secure RPC.)
The __morecore and __after_morecore_hook malloc hooks and the default
implementation __default_morecore have been deprecated. Applications
should use malloc interposition to change malloc behavior, and mmap to
allocate anonymous memory. A future version of glibc may require that
applications which use the malloc hooks must preload a special shared
object, to enable the hooks.
The hesiod NSS module has been deprecated and will be removed in a
future version of glibc. System administrators are encouraged to
switch to other approaches for networked account databases, such as
LDAP.
Changes to build and runtime requirements:
Security related changes:
CVE-2016-10228: An infinite loop has been fixed in the iconv program when
invoked with the -c option and when processing invalid multi-byte input
sequences. Reported by Jan Engelhardt.
CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
corruption when they were passed a pseudo-zero argument. Reported by Guido
Vranken / ForAllSecure Mayhem.
CVE-2020-1752: A use-after-free vulnerability in the glob function when
expanding ~user has been fixed.
CVE-2020-6096: A signed comparison vulnerability in the ARMv7 memcpy and
memmove functions has been fixed. Discovered by Jason Royes and Samual
Dytrych of the Cisco Security Assessment and Penetration Team (See
TALOS-2020-1019).
The following bugs are resolved with this release:
[9809] localedata: ckb_IQ: new Kurdish Sorani locale
[10441] manual: Backtraces code example lacks error checking
[10815] librt: [timer_create / SIGEV_THREAD] signalmask of
timer_sigev_thread dangerous
[14231] stdio: stdio-common tests memory requirements
[14578] libc: /proc-based emulation for lchmod, fchmodat
[16272] dynamic-link: dlopen()ing a DT_FILTER library crashes if
filtee has constructor
[19519] locale: iconv(1) with -c option hangs on illegal multi-byte
sequences (CVE-2016-10228)
[19737] admin: Doc page “20.5.2 Infinity and NaN” has incorrect HTML
character entities for infinity & pi
[20338] libc: Parsing of /etc/gshadow can return bad pointers causing
segfaults in applications
[20543] libc: Please move from .gnu.linkonce to comdat
[22489] network: gcc warns about implicit convertion in
ICMP6_FILTER_SETPASS with -Wsign-conversion
[22525] localedata: or_IN LC_COLLATE does not use copy "iso14651_t1"
[23294] math: Complex _FloatN functions are redirected to the wrong
function with -mlong-double-64
[23296] libc: Data race in setting function descriptor during lazy
binding
[23668] dynamic-link: ldconfig: Default to the new format for
ld.so.cache
[23819] hurd: hurd: Add C11 thread support
[23990] build: test-container error out on failure to exec child.
[23991] build: shell-container typo in run_command_array
[24638] manual: Error in example of parsing a template string
[24654] manual: Wrong declaration of wcschr in libc manual
[24943] dynamic-link: Support DT_AUDIT, DT_DEPAUDIT in the dynamic
linker
[25051] dynamic-link: aarch64, powerpc64 uses surplus static tls for
dynamically loaded dsos
[25098] nptl: nptl: ctype classification functions are not AS-Safe
[25219] libc: improve out-of-bounds checking with GCC 10 attribute
access
[25262] libc: getcontext/setcontext/swapcontext unnecessarily save and
restore EAX, ECX and EDX
[25397] dynamic-link: Legacy bitmap doesn't cover jitted code
[25414] glob: 'glob' use-after-free bug (CVE-2020-1752)
[25420] network: Race condition in resolv_conf.c can result in caching
stale configuration forever
[25487] math: sinl() stack corruption from crafted input
(CVE-2020-10029)
[25506] build: configure: broken detection of STT_GNU_IFUNC when GCC
defaults to PIE
[25523] libc: MIPS/Linux inline syscall template is miscompiled
[25620] libc: Signed comparison vulnerability in the ARMv7 memcpy()
(CVE-2020-6096)
[25623] libc: test-sysvmsg, test-sysvsem, test-sysvshm fail with 2.31
on 32 bit and old kernel
[25635] libc: arm: Wrong sysdep order selection for soft-fp
[25639] localedata: Some names of days and months wrongly spelt in
Occitan
[25657] libc: sigprocmask() and sigisemptyset() manipulate different
amount of sigset_t bytes
[25691] stdio: printf: memory leak when printing long multibyte
strings
[25715] libc: system() returns wrong errors when posix_spawn fails
[25733] malloc: mallopt(M_MXFAST) can set global_max_fast to 0
[25734] locale: mbrtowc with Big5-HKSCS fails to reset conversion
state for conversions that produce two Unicode code points
[25765] nptl: Incorrect futex syscall in __pthread_disable_asynccancel
for linux x86_64 leads to livelock
[25788] dynamic-link: [i386] -fno-omit-frame-pointer in CFLAGS causes
test failures, invalid instruction in ld.so
[25790] glob: Typo in tst-fnmatch.input
[25810] libc: x32: Incorrect syscall entries with pointer, off_t and
size_t
[25819] localedata: Update locale data to Unicode 13.0.0
[25824] libc: Abnormal function of strnlen in aarch64
[25887] dynamic-link: Wasted space in _dl_x86_feature_1[1]
[25896] libc: Incorrect prctl
[25902] libc: Bad LOADARGS_N
[25905] dynamic-link: VSX registers are corrupted during PLT
resolution when glibc is built with --disable-multi-arch and --with-
cpu=power9
[25933] string: Off by one error in __strncmp_avx2 when
length=VEC_SIZE4 and strings are at page boundaries can cause a
segfault
[25942] nptl: Deadlock on stack_cache_lock between __nptl_setxid and
exiting detached thread
[25966] libc: Incorrect access of __x86_shared_non_temporal_threshold
for x32
[25976] nss: internal_endent in nss_compat may clobber errno, hiding
ERANGE
[25999] nptl: Use-after-free issue in pthread_getaddr_default_np
[26073] math: getpayload() has wrong return value
[26076] dynamic-link: dlmopen crashes after failing to load
dependencies in audit mode
[26120] localedata: column width of of some Korean
JUNGSEONG/JONGSEONG characters wrong (should be 0)
[26128] libc: Incorrect bit_cpu_CLFLUSHOPT
[26133] libc: Incorrect need_arch_feature_F16C
[26137] libc: strtod() triggers exception FE_INEXACT on reasonable
input
[26149] libc: PKU is usable only if OSPKE is set
[26173] libc: powerpc64*: Add @notoc to calls to functions that do not
preserve r2
[26208] libc: Incorrect bit_cpu_CLFSH
[26210] network: Incorrect use of hidden symbols for global sunrpc
variables
[26211] stdio: printf integer overflow calculating allocation size
[26214] stdio: printf_fp double free
[26215] stdio: printf_fp memory leak
[26232] time: FAIL: support/tst-timespec for 32-bit targets
[26258] nss: nss_compat should not read input files with mmap
[26332] string: Incorrect cache line size load causes memory
corruption in memset
https://sourceware.org/glibc/wiki/Release/2.32
This release was made possible by the contributions of many people.
The maintainers are grateful to everyone who has contributed
changes or bug reports. These include:
Adhemerval Zanella
Alan Modra
Alex Butler
Alexander Anisimov
Alistair Francis
Andrea Corallo
Andreas K. Hüttel
Andreas Schwab
Anton Blanchard
Anton Blanchard via Libc-alpha
Arjun Shankar
Aurelien Jarno
Aurélien Aptel
Carlos O'Donell
Chung-Lin Tang
DJ Delorie
David Kilroy
Evgeny Eremin
Eyal Itkin
Fangrui Song
Florian Weimer
Gabriel F. T. Gomes
Girish Joshi
H.J. Lu
John David Anglin
John Marshall
Jonathan Wakely
Joseph Myers
Josh Triplett
Jwtiyar Nariman
Krzysztof Koch
Lexi Shao
Lucas A. M. Magalhaes
Lukasz Majewski
Maciej W. Rozycki
Martin Sebor
Matheus Castanho
Mathieu Desnoyers
Michael Hudson-Doyle
Mike FABIAN
Patsy Franklin
Paul E. Murphy
Paul Eggert
Paul Zimmermann
Petr Vorel
Rafał Lużyński
Rajalakshmi Srinivasaraghavan
Raphael Moreira Zinsly
Rogerio Alves
Samuel Thibault
Sergey
Shen-Ta Hsieh
Siddhesh Poyarekar
Simon Marchi
Stefan Liebler
Sudakshina Das
Sunil K Pandey
Szabolcs Nagy
Tulio Magno Quites Machado Filho
Vineet Gupta
WANG Xuerui
Wilco Dijkstra
guojinhui
kokoye2007
mayshao
mayshao-oc
The GNU C Library version 2.31 is now available.
The GNU C Library is used as the C library in the GNU system and
in GNU/Linux systems, as well as many other systems that use Linux
as the kernel.
The GNU C Library is primarily designed to be a portable
and high performance C library. It follows all relevant
standards including ISO C11 and POSIX.1-2017. It is also
internationalized and has one of the most complete
internationalization interfaces known.
The GNU C Library webpage is at http://www.gnu.org/software/libc/
Packages for the 2.31 release may be downloaded from:
http://ftpmirror.gnu.org/libc/
http://ftp.gnu.org/gnu/libc/
The mirror list is at http://www.gnu.org/order/ftp.html
Major new features:
The GNU C Library now supports a feature test macro _ISOC2X_SOURCE to
enable features from the draft ISO C2X standard. Only some features from
this draft standard are supported by the GNU C Library, and as the draft
is under active development, the set of features enabled by this macro is
liable to change. Features from C2X are also enabled by _GNU_SOURCE, or
by compiling with "gcc -std=gnu2x".
The <math.h> functions that round their results to a narrower type now
have corresponding type-generic macros in <tgmath.h>, as defined in TS
18661-1:2014 and TS 18661-3:2015 as amended by the resolution of
Clarification Request 13 to TS 18661-3.
The function pthread_clockjoin_np has been added, enabling join with a
terminated thread with a specific clock. It allows waiting against
CLOCK_MONOTONIC and CLOCK_REALTIME. This function is a GNU extension.
New locale added: mnw_MM (Mon language spoken in Myanmar).
The DNS stub resolver will optionally send the AD (authenticated data) bit
in queries if the trust-ad option is set via the options directive in
/etc/resolv.conf (or if RES_TRUSTAD is set in _res.options). In this
mode, the AD bit, as provided by the name server, is available to
applications which call res_search and related functions. In the default
mode, the AD bit is not set in queries, and it is automatically cleared in
responses, indicating a lack of DNSSEC validation. (Therefore, the name
servers and the network path to them are treated as untrusted.)
Deprecated and removed features, and other changes affecting compatibility:
The totalorder and totalordermag functions, and the corresponding
functions for other floating-point types, now take pointer arguments to
avoid signaling NaNs possibly being converted to quiet NaNs in argument
passing. This is in accordance with the resolution of Clarification
Request 25 to TS 18661-1, as applied for C2X. Existing binaries that pass
floating-point arguments directly will continue to work.
The obsolete function stime is no longer available to newly linked
binaries, and its declaration has been removed from <time.h>.
Programs that set the system time should use clock_settime instead.
We plan to remove the obsolete function ftime, and the header <sys/timeb.h>,
in a future version of glibc. In this release, the header still exists
but calling ftime will cause a compiler warning. All programs should use
gettimeofday or clock_gettime instead.
The gettimeofday function no longer reports information about a
system-wide time zone. This 4.2-BSD-era feature has been deprecated for
many years, as it cannot handle the full complexity of the world's
timezones, but hitherto we have supported it on a best-effort basis.
Changes required to support 64-bit time_t on 32-bit architectures have
made this no longer practical.
As of this release, callers of gettimeofday with a non-null 'tzp' argument
should expect to receive a 'struct timezone' whose tz_minuteswest and
tz_dsttime fields are zero. (For efficiency reasons, this does not always
happen on a few Linux-based ports. This will be corrected in a future
release.)
All callers should supply a null pointer for the 'tzp' argument to
gettimeofday. For accurate information about the time zone associated
with the current time, use the localtime function.
gettimeofday itself is obsolescent according to POSIX. We have no plans
to remove access to this function, but portable programs should consider
using clock_gettime instead.
The settimeofday function can still be used to set a system-wide time
zone when the operating system supports it. This is because the Linux
kernel reused the API, on some architectures, to describe a system-wide
time-zone-like offset between the software clock maintained by the kernel,
and the "RTC" clock that keeps time when the system is shut down.
However, to reduce the odds of this offset being set by accident,
settimeofday can no longer be used to set the time and the offset
simultaneously. If both of its two arguments are non-null, the call
will fail (setting errno to EINVAL).
Callers attempting to set this offset should also be prepared for the call
to fail and set errno to ENOSYS; this already happens on the Hurd and on
some Linux architectures. The Linux kernel maintainers are discussing a
more principled replacement for the reused API. After a replacement
becomes available, we will change settimeofday to fail with ENOSYS on all
platforms when its 'tzp' argument is not a null pointer.
settimeofday itself is obsolescent according to POSIX. Programs that set
the system time should use clock_settime and/or the adjtime family of
functions instead. We may cease to make settimeofday available to newly
linked binaries after there is a replacement for Linux's time-zone-like
offset API.
SPARC ISA v7 is no longer supported. v8 is still supported, but only if
the optional CAS instruction is implemented (for instance, LEON processors
are still supported, but SuperSPARC processors are not).
As the oldest 64-bit SPARC ISA is v9, this only affects 32-bit
configurations.
If a lazy binding failure happens during dlopen, during the execution of
an ELF constructor, the process is now terminated. Previously, the
dynamic loader would return NULL from dlopen, with the lazy binding error
captured in a dlerror message. In general, this is unsafe because
resetting the stack in an arbitrary function call is not possible.
For MIPS hard-float ABIs, the GNU C Library will be configured to need an
executable stack unless explicitly configured at build time to require
minimum kernel version 4.8 or newer. This is because executing
floating-point branches on a non-executable stack on Linux kernels prior to
4.8 can lead to application crashes for some MIPS configurations. While
currently PT_GNU_STACK is not widely used on MIPS, future releases of GCC are
expected to enable non-executable stack by default with PT_GNU_STACK by
default and is thus likely to trigger a crash on older kernels.
The GNU C Library can be built with --enable-kernel=4.8.0 in order to keep a
non-executable stack while dropping support for older kernels.
System call wrappers for time system calls now use the new time64 system
calls when available. On 32-bit targets, these wrappers attempt to call
the new system calls first and fall back to the older 32-bit time system
calls if they are not present. This may cause issues in environments
that cannot handle unsupported system calls gracefully by returning
-ENOSYS. Seccomp sandboxes are affected by this issue.
Changes to build and runtime requirements:
It is no longer necessary to have recent Linux kernel headers to build
working (non-stub) system call wrappers on all architectures except 64-bit
RISC-V. 64-bit RISC-V requires a minimum kernel headers version of 5.0.
The ChangeLog file is no longer present in the toplevel directory of the
source tree. ChangeLog files are located in the ChangeLog.old directory as
ChangeLog.N where the highest N has the latest entries.
Security related changes:
CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
environment variable during program execution after a security
transition, allowing local attackers to restrict the possible mapping
addresses for loaded libraries and thus bypass ASLR for a setuid
program. Reported by Marcin Kościelnicki.
The following bugs are resolved with this release:
[12031] localedata: iconv -t ascii//translit with Greek characters
[15813] libc: Multiple issues in __gen_tempname
[17726] libc: [arm, sparc] profil_counter should be compat symbol
[18231] libc: ipc_perm struct's mode member has wrong type in sys/ipc.h
[19767] libc: vdso is not used with static linking
[19903] hurd: Shared mappings not being inherited by children processes
[20358] network: RES_USE_DNSSEC sets DO; should also have a way to set AD
[20839] dynamic-link: Incomplete rollback of dynamic linker state on
linking failure
[23132] localedata: Missing transliterations in Miscellaneous Mathematical
Symbols-A/B Unicode blocks
[23518] libc: Eliminate __libc_utmp_jump_table
[24026] malloc: malloc_info() returns wrong numbers
[24054] localedata: Many locales are missing date_fmt
[24214] dynamic-link: user defined ifunc resolvers may run in ldd mode
[24304] dynamic-link: Lazy binding failure during ELF
constructors/destructors is not fatal
[24376] libc: RISC-V symbol size confusion with _start
[24682] localedata: zh_CN first weekday should be Monday per GB/T
7408-2005
[24824] libc: test-in-container does not install charmap files compatible
with localedef
[24844] regex: regex bad pointer / leakage if malloc fails
[24867] malloc: Unintended malloc_info formatting changes
[24879] libc: login: utmp alarm timer can arrive after lock acquisition
[24880] libc: login: utmp implementation uses struct flock with fcntl64
[24882] libc: login: pututline uses potentially outdated cache
[24899] libc: Missing nonstring attributes in <utmp.h>, <utmpx.h>
[24902] libc: login: Repeating pututxline on EINTR/EAGAIN causes stale
utmp entries
[24916] dynamic-link: [MIPS] Highest EI_ABIVERSION value not raised to
ABSOLUTE ABI
[24930] dynamic-link: dlopen of PIE executable can result in
dl_allocate_tls_init assertion failure
[24950] localedata: Top-of-tree glibc does not build with top-of-tree GCC
(stringop-overflow error)
[24959] time: librt IFUNC resolvers for clock_gettime and clock*
functions other can lead to crashes
[24967] libc: jemalloc static linking causes runtime failure
[24986] libc: alpha: new getegid, geteuid and getppid syscalls used
unconditionally
[25035] libc: sbrk() failure handled poorly in tunables_strdup
[25087] dynamic-link: ldconfig mishandles unusual .dynstr placement
[25097] libc: new -Warray-bounds with GCC 10
[25112] dynamic-link: dlopen must not make new objects accessible when it
still can fail with an error
[25139] localedata: Please add the new mnw_MM locale
[25149] regex: Array bounds violation in proceed_next_node
[25157] dynamic-link: Audit cookie for the dynamic loader is not
initialized correctly
[25189] libc: glibc's __glibc_has_include causes issues with clang
-frewrite-includes
[25194] malloc: malloc.c: do_set_mxfast incorrectly casts the mallopt
value to an unsigned
[25204] dynamic-link: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid
binaries (CVE-2019-19126)
[25225] libc: ld.so fails to link on x86 if GCC defaults to -fcf-
protection
[25226] string: strstr: Invalid result if needle crosses page on s390-z15
ifunc variant.
[25232] string: <string.h> does not enable const correctness for strchr et
al. for Clang++
[25233] localedata: Consider "." as the thousands separator for sl_SI
(Slovenian)
[25241] nptl: __SIZEOF_PTHREAD_MUTEX_T defined twice for x86
[25251] build: Failure to run tests when CFLAGS contains -DNDEBUG.
[25271] libc: undeclared identifier PTHREAD_MUTEX_DEFAULT when compiling
with -std=c11
[25323] localedata: km_KH: d_t_fmt contains "m" instead of "%M"
[25324] localedata: lv_LV: d_t_fmt contains suspicious words in the time
part
[25396] dynamic-link: Failing dlopen can leave behind dangling GL
(dl_initfirst) link map pointer
[25401] malloc: pvalloc must not have attribute_alloc_size
[25423] libc: Array overflow in backtrace on powerpc
[25425] network: Missing call to __resolv_context_put in
getaddrinfo.c:gethosts
https://sourceware.org/glibc/wiki/Release/2.31
This release was made possible by the contributions of many people.
The maintainers are grateful to everyone who has contributed
changes or bug reports. These include:
Adhemerval Zanella
Alexandra Hájková
Alistair Francis
Andreas Schwab
Andrew Eggenberger
Arjun Shankar
Aurelien Jarno
Carlos O'Donell
Chung-Lin Tang
DJ Delorie
Dmitry V. Levin
Dragan Mladjenovic
Egor Kobylkin
Emilio Cobos Álvarez
Emilio Pozuelo Monfort
Feng Xue
Florian Weimer
Gabriel F. T. Gomes
Gustavo Romero
H.J. Lu
Ian Kent
James Clarke
Jeremie Koenig
John David Anglin
Joseph Myers
Kamlesh Kumar
Krzysztof Koch
Leandro Pereira
Lucas A. M. Magalhaes
Lukasz Majewski
Marcin Kościelnicki
Matheus Castanho
Mihailo Stojanovic
Mike Crowe
Mike FABIAN
Niklas Hambüchen
Paul A. Clarke
Paul Eggert
Petr Vorel
Rafal Luzynski
Rafał Lużyński
Rajalakshmi Srinivasaraghavan
Raoni Fassina Firmino
Richard Braun
Samuel Thibault
Sandra Loosemore
Siddhesh Poyarekar
Stefan Liebler
Svante Signell
Szabolcs Nagy
Talachan Mon
Thomas Schwinge
Tim Rühsen
Tulio Magno Quites Machado Filho
Wilco Dijkstra
Xuelei Zhang
Zack Weinberg
liqingqing
The GNU C Library version 2.30 is now available.
The GNU C Library is used as the C library in the GNU system and
in GNU/Linux systems, as well as many other systems that use Linux
as the kernel.
The GNU C Library is primarily designed to be a portable
and high performance C library. It follows all relevant
standards including ISO C11 and POSIX.1-2017. It is also
internationalized and has one of the most complete
internationalization interfaces known.
The GNU C Library webpage is at http://www.gnu.org/software/libc/
Packages for the 2.30 release may be downloaded from:
http://ftpmirror.gnu.org/libc/
http://ftp.gnu.org/gnu/libc/
The mirror list is at http://www.gnu.org/order/ftp.html
Major new features:
Unicode 12.1.0 Support: Character encoding, character type info, and
transliteration tables are all updated to Unicode 12.1.0, using
generator scripts contributed by Mike FABIAN (Red Hat).
The dynamic linker accepts the --preload argument to preload shared
objects, in addition to the LD_PRELOAD environment variable.
The twalk_r function has been added. It is similar to the existing
twalk function, but it passes an additional caller-supplied argument
to the callback function.
On Linux, the getdents64, gettid, and tgkill functions have been added.
Minguo (Republic of China) calendar support has been added as an
alternative calendar for the following locales: zh_TW, cmn_TW, hak_TW,
nan_TW, lzh_TW.
The entry for the new Japanese era has been added for ja_JP locale.
Memory allocation functions malloc, calloc, realloc, reallocarray, valloc,
pvalloc, memalign, and posix_memalign fail now with total object size
larger than PTRDIFF_MAX. This is to avoid potential undefined behavior with
pointer subtraction within the allocated object, where results might
overflow the ptrdiff_t type.
The dynamic linker no longer refuses to load objects which reference
versioned symbols whose implementation has moved to a different soname
since the object has been linked. The old error message, symbol
FUNCTION-NAME, version SYMBOL-VERSION not defined in file DSO-NAME with
link time reference, is gone.
Add new POSIX-proposed pthread_cond_clockwait, pthread_mutex_clocklock,
pthread_rwlock_clockrdlock, pthread_rwlock_clockwrlock and sem_clockwait
functions. These behave similarly to their "timed" equivalents, but also
accept a clockid_t parameter to determine which clock their timeout should
be measured against. All functions allow waiting against CLOCK_MONOTONIC
and CLOCK_REALTIME. The decision of which clock to be used is made at the
time of the wait (unlike with pthread_condattr_setclock, which requires
the clock choice at initialization time).
On AArch64 the GNU IFUNC resolver call ABI changed: old resolvers still
work, new resolvers can use a second argument which can be extended in
the future, currently it contains the AT_HWCAP2 value.
Deprecated and removed features, and other changes affecting compatibility:
The copy_file_range function fails with ENOSYS if the kernel does not
support the system call of the same name. Previously, user space
emulation was performed, but its behavior did not match the kernel
behavior, which was deemed too confusing. Applications which use the
copy_file_range function can no longer rely on glibc to provide a fallback
on kernels that do not support the copy_file_range system call, and if
this function returns ENOSYS, they will need to use their own fallback.
Support for copy_file_range for most architectures was added in version
4.5 of the mainline Linux kernel.
The functions clock_gettime, clock_getres, clock_settime,
clock_getcpuclockid, clock_nanosleep were removed from the librt library
for new applications (on architectures which had them). Instead, the
definitions in libc will be used automatically, which have been available
since glibc 2.17.
The obsolete and never-implemented XSI STREAMS header files <stropts.h>
and <sys/stropts.h> have been removed.
Support for the "inet6" option in /etc/resolv.conf and the RES_USE_INET6
resolver flag (deprecated in glibc 2.25) have been removed.
The obsolete RES_INSECURE1 and RES_INSECURE2 option flags for the DNS stub
resolver have been removed from <resolv.h>.
With --enable-bind-now, installed programs are now linked with the
BIND_NOW flag.
Support for the PowerPC SPE ISA extension (powerpc-*-gnuspe
configurations) has been removed, following the deprecation of this
subarchitecture in version 8 of GCC, and its removal in version 9.
On 32-bit Arm, support for the port-based I/O emulation and the <sys/io.h>
header have been removed.
The Linux-specific <sys/sysctl.h> header and the sysctl function have been
deprecated and will be removed from a future version of glibc.
Application should directly access /proc instead. For obtaining random
bits, the getentropy function can be used.
Changes to build and runtime requirements:
GCC 6.2 or later is required to build the GNU C Library.
Older GCC versions and non-GNU compilers are still supported when
compiling programs that use the GNU C Library.
Security related changes:
CVE-2019-7309: x86-64 memcmp used signed Jcc instructions to check
size. For x86-64, memcmp on an object size larger than SSIZE_MAX
has undefined behavior. On x32, the size_t argument may be passed
in the lower 32 bits of the 64-bit RDX register with non-zero upper
32 bits. When it happened with the sign bit of RDX register set,
memcmp gave the wrong result since it treated the size argument as
zero. Reported by H.J. Lu.
CVE-2019-9169: Attempted case-insensitive regular-expression match
via proceed_next_node in posix/regexec.c leads to heap-based buffer
over-read. Reported by Hongxu Chen.
The following bugs are resolved with this release:
[2872] locale: Transliteration Cyrillic -> ASCII fails
[6399] libc: gettid() should have a wrapper
[16573] malloc: mtrace hangs when MALLOC_TRACE is defined
[16976] glob: fnmatch unbounded stack VLA for collating symbols
[17396] localedata: globbing for locale by [[.collating-element.]]
[18035] dynamic-link: pldd does no longer work, enters infinite loop
[18465] malloc: memusagestat is built using system C library
[18830] locale: iconv -c -f ascii with >buffer size worth of input before
invalid input drops valid char
[20188] nptl: libpthread IFUNC resolver for vfork can lead to crash
[20568] locale: Segfault with wide characters and setlocale/fgetwc/UTF-8
[21897] localedata: Afar locales: Fix mon, abmon, and abday
[22964] localedata: The Japanese Era name will be changed on May 1, 2019
[23352] malloc: __malloc_check_init still defined in public header
malloc.h.
[23403] nptl: Wrong alignment of TLS variables
[23501] libc: nftw() doesn't return dangling symlink's inode
[23733] malloc: Check the count before calling tcache_get()
[23741] malloc: Missing attribute_alloc_size in many allocation
functions
[23831] localedata: nl_NL missing LC_NUMERIC thousands_sep
[23844] nptl: pthread_rwlock_trywrlock results in hang
[23983] argparse: Missing compat versions of argp_failure and argp_error
for long double = double
[23984] libc: Missing compat versions of err.h and error.h functions for
long double = double
[23996] localedata: Dutch salutations
[24040] libc: riscv64: unterminated call chain in __thread_start
[24047] network: libresolv should use IP_RECVERR/IPV6_RECVERR to avoid
long timeouts
[24051] stdio: puts and putchar ouput to _IO_stdout instead of stdout
[24059] nss: nss_files: get_next_alias calls fgets_unlocked without
checking for NULL.
[24114] regex: regexec buffer read overrun in "grep -i
'(().)()()\1'"
[24122] libc: Segfaults if 0 returned from la_version
[24153] stdio: Some input functions do not react to stdin assignment
[24155] string: x32 memcmp can treat positive length as 0 (if sign bit in
RDX is set) (CVE-2019-7309)
[24161] nptl: __run_fork_handlers self-deadlocks in malloc/tst-mallocfork2
[24164] libc: Systemtap probes need to use "nr" constraint on 32-bit Arm,
not the default "nor"
[24166] dynamic-link: Dl_serinfo.dls_serpath[1] in dlfcn.h causes UBSAN
false positives, change to modern flexible array
[24180] nptl: pthread_mutex_trylock does not use the correct order of
instructions while maintaining the robust mutex list due to missing
compiler barriers.
[24194] librt: Non-compatibility symbols for clock_gettime etc. cause
unnecessary librt dependencies
[24200] localedata: Revert first_weekday removal in en_IE locale
[24211] nptl: Use-after-free in Systemtap probe in pthread_join
[24215] nptl: pthread_timedjoin_np should be a cancellation point
[24216] malloc: Check for large bin list corruption when inserting
unsorted chunk
[24228] stdio: old x86 applications that use legacy libio crash on exit
[24231] dynamic-link: [sparc64] R_SPARC_H34 implementation falls through
to R_SPARC_H44
[24293] localedata: Missing Minguo calendar support for TW locales
[24296] localedata: Orthographic mistakes in 'day' and 'abday' sections in
tt_RU (Tatar) locale
[24307] localedata: Update locale data to Unicode 12.0.0
[24323] dynamic-link: dlopen should not be able open PIE objects
[24335] build: "Obsolete types detected" with Linux 5.0 headers
[24369] localedata: Orthographic mistakes in 'mon' and 'abmon' sections in
tt_RU (Tatar) locale
[24370] localedata: Add lang_name for tt_RU locale
[24372] locale: Binary locale files are not architecture independent
[24394] time: strptime %Ey mis-parses final year of era
[24476] dynamic-link: __libc_freeres triggers bad free in libdl if dlerror
was not used
[24506] dynamic-link: FAIL: elf/tst-pldd with --enable-hardcoded-path-in-
tests
[24531] malloc: Malloc tunables give tcache assertion failures
[24532] libc: conform/arpa/inet.h failures due to linux kernel 64-bit
time_t changes
[24535] localedata: Update locale data to Unicode 12.1.0
[24537] build: nptl/tst-eintr1 test case can hit task limits on some
kernels and break testing
[24544] build: elf/tst-pldd doesn't work if you install with a --prefix
[24556] build: [GCC 9] error: ‘%s’ directive argument is null
[-Werror=format-overflow=]
[24570] libc: alpha: compat msgctl uses __IPC_64
[24584] locale: Data race in __wcsmbs_clone_conv
[24588] stdio: Remove codecvt vtables from libio
[24603] math: sysdeps/ieee754/dbl-64/branred.c is slow when compiled with
-O3 -march=skylake
[24614] localedata: nl_NL LC_MONETARY doesn't match CLDR 35
[24632] stdio: Old binaries which use freopen with default stdio handles
crash
[24640] libc: __ppc_get_timebase_freq() always return 0 when using static
linked glibc
[24652] localedata: szl_PL spelling correction
[24695] nss: nss_db: calling getpwent after endpwent crashes
[24696] nss: endgrent() clobbers errno=ERRNO for 'group: db files' entry
in /etc/nsswitch.conf
[24699] libc: mmap64 with very large offset broken on MIPS64 n32
[24740] libc: getdents64 type confusion
[24741] dynamic-link: ld.so should not require that a versioned symbol is
always implemented in the same library
[24744] libc: Remove copy_file_range emulation
[24757] malloc: memusagestat is linked against system libpthread
[24794] libc: Partial test suite run builds corrupt test-in-container
testroot
https://sourceware.org/glibc/wiki/Release/2.30
This release was made possible by the contributions of many people.
The maintainers are grateful to everyone who has contributed
changes or bug reports. These include:
Adam Maris
Adhemerval Zanella
Alexandra Hájková
Andreas K. Hüttel
Andreas Schwab
Anton Youdkevitch
Aurelien Jarno
Carlos O'Donell
DJ Delorie
Daniil Zhilin
David Abdurachmanov
David Newall
Dmitry V. Levin
Egor Kobylkin
Felix Yan
Feng Xue
Florian Weimer
Gabriel F. T. Gomes
Grzegorz Kulik
H.J. Lu
Jan Kratochvil
Jim Wilson
Joseph Myers
Maciej W. Rozycki
Mao Han
Mark Wielaard
Matthew Malcomson
Mike Crowe
Mike FABIAN
Mike Frysinger
Mike Gerow
PanderMusubi
Patsy Franklin
Paul A. Clarke
Paul Clarke
Paul Eggert
Paul Pluzhnikov
Rafal Luzynski
Richard Henderson
Samuel Thibault
Siddhesh Poyarekar
Stan Shebs
Stefan Liebler
Szabolcs Nagy
TAMUKI Shoichi
Tobias Klauser
Tulio Magno Quites Machado Filho
Uros Bizjak
Vincent Chen
Vineet Gupta
Wilco Dijkstra
Wolfram Sang
Yann Droneaud
Zack Weinberg
mansayk
marxin
The GNU C Library version 2.29 is now available.
The GNU C Library is used as the C library in the GNU system and
in GNU/Linux systems, as well as many other systems that use Linux
as the kernel.
The GNU C Library is primarily designed to be a portable
and high performance C library. It follows all relevant
standards including ISO C11 and POSIX.1-2008. It is also
internationalized and has one of the most complete
internationalization interfaces known.
The GNU C Library webpage is at http://www.gnu.org/software/libc/
Packages for the 2.29 release may be downloaded from:
http://ftpmirror.gnu.org/libc/
http://ftp.gnu.org/gnu/libc/
The mirror list is at http://www.gnu.org/order/ftp.html
The getcpu wrapper function has been added, which returns the currently
used CPU and NUMA node. This function is Linux-specific.
A new convenience target has been added for distribution maintainers
to build and install all locales as directories with files. The new
target is run by issuing the following command in your build tree:
'make localedata/install-locale-files', with an optional DESTDIR
to set the install root if you wish to install into a non-default
configured location.
Optimized generic exp, exp2, log, log2, pow, sinf, cosf, sincosf and tanf.
The reallocarray function is now declared under _DEFAULT_SOURCE, not just
for _GNU_SOURCE, to match BSD environments.
For powercp64le ABI, Transactional Lock Elision is now enabled iff kernel
indicates that it will abort the transaction prior to entering the kernel
(PPC_FEATURE2_HTM_NOSC on hwcap2). On older kernels the transaction is
suspended, and this caused some undefined side-effects issues by aborting
transactions manually. Glibc avoided it by abort transactions manually on
each syscall, but it lead to performance issues on newer kernels where the
HTM state is saved and restore lazily (the state being saved even when the
process actually does not use HTM).
The functions posix_spawn_file_actions_addchdir_np and
posix_spawn_file_actions_addfchdir_np have been added, enabling
posix_spawn and posix_spawnp to run the new process in a different
directory. These functions are GNU extensions. The function
posix_spawn_file_actions_addchdir_np is similar to the Solaris function
of the same name.
The popen and system do not run atfork handlers anymore (BZ#17490).
Although it is a possible POSIX violation, the POSIX rationale in
pthread_atfork documentation regarding atfork handlers is to handle
inconsistent mutex state after a fork call in a multi-threaded process.
In both popen and system there is no direct access to user-defined mutexes.
Support for the C-SKY ABIV2 running on Linux has been added. This port
requires at least binutils-2.32, gcc-9.0, and linux-4.20. Two ABIs are
supported:
strftime's default formatting of a locale's alternative year (%Ey)
has been changed to zero-pad the year to a minimum of two digits,
like "%y". This improves the display of Japanese era years during
the first nine years of a new era, and is expected to be harmless
for all other locales (only Japanese locales regularly have
alternative year numbers less than 10). Zero-padding can be
overridden with the '_' or '-' flags (which are GNU extensions).
As a GNU extension, the '_' and '-' flags can now be applied to
"%EY" to control how the year number is formatted; they have the
same effect that they would on "%Ey".
Deprecated and removed features, and other changes affecting compatibility:
The glibc.tune tunable namespace has been renamed to glibc.cpu and the
tunable glibc.tune.cpu has been renamed to glibc.cpu.name.
The type of the pr_uid and pr_gid members of struct elf_prpsinfo, defined
in <sys/procfs.h>, has been corrected to match the type actually used by
the Linux kernel. This affects the size and layout of that structure on
MicroBlaze, MIPS (n64 ABI only), Nios II and RISC-V.
For the MIPS n32 ABI, the type of the pr_sigpend and pr_sighold members of
struct elf_prstatus, and the pr_flag member of struct elf_prpsinfo,
defined in <sys/procfs.h>, has been corrected to match the type actually
used by the Linux kernel. This affects the size and layout of those
structures.
An archaic GNU extension to scanf, under which '%as', '%aS', and '%a[...]'
meant to scan a string and allocate space for it with malloc, is now
restricted to programs compiled in C89 or C++98 mode with _GNU_SOURCE
defined. This extension conflicts with C99's use of '%a' to scan a
hexadecimal floating-point number, which is now available to programs
compiled as C99 or C++11 or higher, regardless of _GNU_SOURCE.
POSIX.1-2008 includes the feature of allocating a buffer for string input
with malloc, using the modifier letter 'm' instead. Programs using
'%as', '%aS', or '%a[...]' with the old GNU meaning should change to
'%ms', '%mS', or '%m[...]' respectively. Programs that wish to use the
C99 '%a' no longer need to avoid _GNU_SOURCE.
GCC's -Wformat warnings can detect most uses of this extension, as long
as all functions that call vscanf, vfscanf, or vsscanf are annotated with
attribute ((format (scanf, ...))).
Changes to build and runtime requirements:
Python 3.4 or later is required to build the GNU C Library.
On most architectures, GCC 5 or later is required to build the GNU C
Library. (On powerpc64le, GCC 6.2 or later is still required, as before.)
Older GCC versions and non-GNU compilers are still supported when
compiling programs that use the GNU C Library.
Security related changes:
CVE-2018-19591: A file descriptor leak in if_nametoindex can lead to a
denial of service due to resource exhaustion when processing getaddrinfo
calls with crafted host names. Reported by Guido Vranken.
CVE-2019-6488: On x32, the size_t parameter may be passed in the lower
32 bits of a 64-bit register with with non-zero upper 32 bit. When it
happened, accessing the 32-bit size_t value as the full 64-bit register
in the assembly string/memory functions would cause a buffer overflow.
Reported by H.J. Lu.
CVE-2016-10739: The getaddrinfo function could successfully parse IPv4
addresses with arbitrary trailing characters, potentially leading to data
or command injection issues in applications.
https://sourceware.org/glibc/wiki/Release/2.29
This release was made possible by the contributions of many people.
The maintainers are grateful to everyone who has contributed
changes or bug reports. These include:
Adhemerval Zanella
Albert ARIBAUD (3ADEV)
Alexandra Hájková
Andreas K. Hüttel
Andreas Schwab
Anton Youdkevitch
Arjun Shankar
Assaf Gordon
Aurelien Jarno
Carlos O'Donell
Charles-Antoine Couret
DJ Delorie
Darius Rad
David S. Miller
Dmitry V. Levin
Florian Weimer
Fredrik Noring
Gabriel F. T. Gomes
H.J. Lu
Ilya Leoshkevich
Ilya Yu. Malakhov
Istvan Kurucsai
Jim Wilson
Joseph Myers
Justus Winter
Kemi Wang
Leonardo Sandoval
Mao Han
Martin Jansa
Martin Kuchta
Martin Sebor
Mingli Yu
Moritz Eckert
PanderMusubi
Paul Clarke
Paul Eggert
Paul Pluzhnikov
Pochang Chen
Rafael Avila de Espindola
Rafael Ávila de Espíndola
Rafal Luzynski
Rajalakshmi Srinivasaraghavan
Rogerio Alves
Samuel Thibault
Sergi Almacellas Abellana
Siddhesh Poyarekar
Stefan Liebler
Steve Ellcey
Szabolcs Nagy
TAMUKI Shoichi
Tobias Klauser
Tulio Magno Quites Machado Filho
Uroš Bizjak
Wilco Dijkstra
Zack Weinberg
Zong Li
The GNU C Library version 2.28 is now available.
The GNU C Library is used as the C library in the GNU system and
in GNU/Linux systems, as well as many other systems that use Linux
as the kernel.
The GNU C Library is primarily designed to be a portable
and high performance C library. It follows all relevant
standards including ISO C11 and POSIX.1-2008. It is also
internationalized and has one of the most complete
internationalization interfaces known.
The GNU C Library webpage is at http://www.gnu.org/software/libc/
Packages for the 2.28 release may be downloaded from:
http://ftpmirror.gnu.org/libc/
http://ftp.gnu.org/gnu/libc/
The mirror list is at http://www.gnu.org/order/ftp.html
Major new features:
The localization data for ISO 14651 is updated to match the 2016
Edition 4 release of the standard, this matches data provided by
Unicode 9.0.0. This update introduces significant improvements to the
collation of Unicode characters. This release deviates slightly from
the standard in that the collation element ordering for lowercase and
uppercase LATIN script characters is adjusted to ensure that regular
expressions with ranges like [a-z] and [A-Z] don't interleave e.g. A
is not matched by [a-z]. With the update many locales have been
updated to take advantage of the new collation information. The new
collation information has increased the size of the compiled locale
archive or binary locales.
The GNU C Library can now be compiled with support for Intel CET, AKA
Intel Control-flow Enforcement Technology. When the library is built
with --enable-cet, the resulting glibc is protected with indirect
branch tracking (IBT) and shadow stack (SHSTK). CET-enabled glibc is
compatible with all existing executables and shared libraries. This
feature is currently supported on i386, x86_64 and x32 with GCC 8 and
binutils 2.29 or later. Note that CET-enabled glibc requires CPUs
capable of multi-byte NOPs, like x86-64 processors as well as Intel
Pentium Pro or newer. NOTE: --enable-cet has been tested for i686,
x86_64 and x32 on non-CET processors. --enable-cet has been tested
for x86_64 and x32 on CET SDVs, but Intel CET support hasn't been
validated for i686.
The GNU C Library now has correct support for ABSOLUTE symbols
(SHN_ABS-relative symbols). Previously such ABSOLUTE symbols were
relocated incorrectly or in some cases discarded. The GNU linker can
make use of the newer semantics, but it must communicate it to the
dynamic loader by setting the ELF file's identification (EI_ABIVERSION
field) to indicate such support is required.
Unicode 11.0.0 Support: Character encoding, character type info, and
transliteration tables are all updated to Unicode 11.0.0, using
generator scripts contributed by Mike FABIAN (Red Hat).
<math.h> functions that round their results to a narrower type are added
from TS 18661-1:2014 and TS 18661-3:2015:
fadd, faddl, daddl and corresponding fMaddfN, fMaddfNx, fMxaddfN and
fMxaddfNx functions.
fsub, fsubl, dsubl and corresponding fMsubfN, fMsubfNx, fMxsubfN and
fMxsubfNx functions.
fmul, fmull, dmull and corresponding fMmulfN, fMmulfNx, fMxmulfN and
fMxmulfNx functions.
fdiv, fdivl, ddivl and corresponding fMdivfN, fMdivfNx, fMxdivfN and
fMxdivfNx functions.
Two grammatical forms of month names are now supported for the following
languages: Armenian, Asturian, Catalan, Czech, Kashubian, Occitan, Ossetian,
Scottish Gaelic, Upper Sorbian, and Walloon. The following languages now
support two grammatical forms in abbreviated month names: Catalan, Greek,
and Kashubian.
Newly added locales: Lower Sorbian (dsb_DE) and Yakut (sah_RU) also
include the support for two grammatical forms of month names.
Building and running on GNU/Hurd systems now works without out-of-tree
patches.
The renameat2 function has been added, a variant of the renameat function
which has a flags argument. If the flags are zero, the renameat2 function
acts like renameat. If the flag is not zero and there is no kernel
support for renameat2, the function will fail with an errno value of
EINVAL. This is different from the existing gnulib function renameatu,
which performs a plain rename operation in case of a RENAME_NOREPLACE
flags and a non-existing destination (and therefore has a race condition
that can clobber the destination inadvertently).
The statx function has been added, a variant of the fstatat64
function with an additional flags argument. If there is no direct
kernel support for statx, glibc provides basic stat support based on
the fstatat64 function.
IDN domain names in getaddrinfo and getnameinfo now use the system libidn2
library if installed. libidn2 version 2.0.5 or later is recommended. If
libidn2 is not available, internationalized domain names are not encoded
or decoded even if the AI_IDN or NI_IDN flags are passed to getaddrinfo or
getnameinfo. (getaddrinfo calls with non-ASCII names and AI_IDN will fail
with an encoding error.) Flags which used to change the IDN encoding and
decoding behavior (AI_IDN_ALLOW_UNASSIGNED, AI_IDN_USE_STD3_ASCII_RULES,
NI_IDN_ALLOW_UNASSIGNED, NI_IDN_USE_STD3_ASCII_RULES) have been
deprecated. They no longer have any effect.
Parsing of dynamic string tokens in DT_RPATH, DT_RUNPATH, DT_NEEDED,
DT_AUXILIARY, and DT_FILTER has been expanded to support the full
range of ELF gABI expressions including such constructs as
'$ORIGIN$ORIGIN' (if valid). For SUID/GUID applications the rules
have been further restricted, and where in the past a dynamic string
token sequence may have been interpreted as a literal string it will
now cause a load failure. These load failures were always considered
unspecified behaviour from the perspective of the dynamic loader, and
for safety are now load errors e.g. /foo/${ORIGIN}.so in DT_NEEDED
results in a load failure now.
Support for ISO C threads (ISO/IEC 9899:2011) has been added. The
implementation includes all the standard functions provided by
<threads.h>:
thrd_current, thrd_equal, thrd_sleep, thrd_yield, thrd_create,
thrd_detach, thrd_exit, and thrd_join for thread management.
mtx_init, mtx_lock, mtx_timedlock, mtx_trylock, mtx_unlock, and
mtx_destroy for mutual exclusion.
call_once for function call synchronization.
cnd_broadcast, cnd_destroy, cnd_init, cnd_signal, cnd_timedwait, and
cnd_wait for conditional variables.
tss_create, tss_delete, tss_get, and tss_set for thread-local storage.
Application developers must link against libpthread to use ISO C threads.
Deprecated and removed features, and other changes affecting compatibility:
The nonstandard header files <libio.h> and <_G_config.h> are no longer
installed. Software that was using either header should be updated to
use standard <stdio.h> interfaces instead.
The stdio functions 'getc' and 'putc' are no longer defined as macros.
This was never required by the C standard, and the macros just expanded
to call alternative names for the same functions. If you hoped getc and
putc would provide performance improvements over fgetc and fputc, instead
investigate using (f)getc_unlocked and (f)putc_unlocked, and, if
necessary, flockfile and funlockfile.
All stdio functions now treat end-of-file as a sticky condition. If you
read from a file until EOF, and then the file is enlarged by another
process, you must call clearerr or another function with the same effect
(e.g. fseek, rewind) before you can read the additional data. This
corrects a longstanding C99 conformance bug. It is most likely to affect
programs that use stdio to read interactive input from a terminal.
(Bug #1190.)
The macros 'major', 'minor', and 'makedev' are now only available from
the header <sys/sysmacros.h>; not from <sys/types.h> or various other
headers that happen to include <sys/types.h>. These macros are rarely
used, not part of POSIX nor XSI, and their names frequently collide with
user code; see https://sourceware.org/bugzilla/show_bug.cgi?id=19239 for
further explanation.
<sys/sysmacros.h> is a GNU extension. Portable programs that require
these macros should first include <sys/types.h>, and then include
<sys/sysmacros.h> if GNU_LIBRARY is defined.
The tilegx*-*-linux-gnu configurations are no longer supported.
The obsolete function ustat is no longer available to newly linked
binaries; the headers <ustat.h> and <sys/ustat.h> have been removed. This
function has been deprecated in favor of fstatfs and statfs.
The obsolete function nfsservctl is no longer available to newly linked
binaries. This function was specific to systems using the Linux kernel
and could not usefully be used with the GNU C Library on systems with
version 3.1 or later of the Linux kernel.
The obsolete function name llseek is no longer available to newly linked
binaries. This function was specific to systems using the Linux kernel
and was not declared in a header. Programs should use the lseek64 name
for this function instead.
The AI_IDN_ALLOW_UNASSIGNED and NI_IDN_ALLOW_UNASSIGNED flags for the
getaddrinfo and getnameinfo functions have been deprecated. The behavior
previously selected by them is now always enabled.
The AI_IDN_USE_STD3_ASCII_RULES and NI_IDN_USE_STD3_ASCII_RULES flags for
the getaddrinfo and getnameinfo functions have been deprecated. The STD3
restriction (rejecting '_' in host names, among other things) has been
removed, for increased compatibility with non-IDN name resolution.
The fcntl function now have a Long File Support variant named fcntl64. It
is added to fix some Linux Open File Description (OFD) locks usage on non
LFS mode. As for others *64 functions, fcntl64 semantics are analogous with
fcntl and LFS support is handled transparently. Also for Linux, the OFD
locks act as a cancellation entrypoint.
The obsolete functions encrypt, encrypt_r, setkey, setkey_r, cbc_crypt,
ecb_crypt, and des_setparity are no longer available to newly linked
binaries, and the headers <rpc/des_crypt.h> and <rpc/rpc_des.h> are no
longer installed. These functions encrypted and decrypted data with the
DES block cipher, which is no longer considered secure. Software that
still uses these functions should switch to a modern cryptography library,
such as libgcrypt.
Reflecting the removal of the encrypt and setkey functions above, the
macro _XOPEN_CRYPT is no longer defined. As a consequence, the crypt
function is no longer declared unless _DEFAULT_SOURCE or _GNU_SOURCE is
enabled.
The obsolete function fcrypt is no longer available to newly linked
binaries. It was just another name for the standard function crypt,
and it has not appeared in any header file in many years.
We have tentative plans to hand off maintenance of the passphrase-hashing
library, libcrypt, to a separate development project that will, we hope,
keep up better with new passphrase-hashing algorithms. We will continue
to declare 'crypt' in <unistd.h>, and programs that use 'crypt' or
'crypt_r' should not need to change at all; however, distributions will
need to install <crypt.h> and libcrypt from a separate project.
In this release, if the configure option --disable-crypt is used, glibc
will not install <crypt.h> or libcrypt, making room for the separate
project's versions of these files. The plan is to make this the default
behavior in a future release.
Changes to build and runtime requirements:
GNU make 4.0 or later is now required to build glibc.
Security related changes:
CVE-2016-6261, CVE-2016-6263, CVE-2017-14062: Various vulnerabilities have
been fixed by removing the glibc-internal IDNA implementation and using
the system-provided libidn2 library instead. Originally reported by Hanno
Böck and Christian Weisgerber.
CVE-2017-18269: An SSE2-based memmove implementation for the i386
architecture could corrupt memory. Reported by Max Horn.
CVE-2018-11236: Very long pathname arguments to realpath function could
result in an integer overflow and buffer overflow. Reported by Alexey
Izbyshev.
CVE-2018-11237: The mempcpy implementation for the Intel Xeon Phi
architecture could write beyond the target buffer, resulting in a buffer
overflow. Reported by Andreas Schwab.
The following bugs are resolved with this release:
[1190] stdio: fgetc()/fread() behaviour is not POSIX compliant
[6889] manual: 'PWD' mentioned but not specified
[13575] libc: SSIZE_MAX defined as LONG_MAX is inconsistent with ssize_t,
when __WORDSIZE != 64
[13762] regex: re_search etc. should return -2 on memory exhaustion
[13888] build: /tmp usage during testing
[13932] math: dbl-64 pow unexpectedly slow for some inputs
[14092] nptl: Support C11 threads
[14095] localedata: Review / update collation data from Unicode / ISO
14651
[14508] libc: -Wformat warnings
[14553] libc: Namespace pollution loff_t in sys/types.h
[14890] libc: Make NT_PRFPREG canonical.
[15105] libc: Extra PLT references with -Os
[15512] libc: __bswap_constant_16 not compiled when -Werror -Wsign-
conversion is given
[16335] manual: Feature test macro documentation incomplete and out of
date
[16552] libc: Unify umount implementations in terms of umount2
[17082] libc: htons et al.: statement-expressions prevent use on global
scope with -O1 and higher
[17343] libc: Signed integer overflow in /stdlib/random_r.c
[17438] localedata: pt_BR: wrong d_fmt delimiter
[17662] libc: please implement binding for the new renameat2 syscall
[17721] libc: __restrict defined as /* Ignore / even in c11
[17979] libc: inconsistency between uchar.h and stdint.h
[18018] dynamic-link: Additional $ORIGIN handling issues (CVE-2011-0536)
[18023] libc: extend_alloca is broken (questionable pointer comparison,
horrible machine code)
[18124] libc: hppa: setcontext erroneously returns -1 as exit code for
last constant.
[18471] libc: llseek should be a compat symbol
[18473] soft-fp: [powerpc-nofpu] __sqrtsf2, __sqrtdf2 should be compat
symbols
[18991] nss: nss_files skips large entry in database
[19239] libc: Including stdlib.h ends up with macros major and minor being
defined
[19463] libc: linknamespace failures when compiled with -Os
[19485] localedata: csb_PL: Update month translations + add yesstr/nostr
[19527] locale: Normalized charset name not recognized by setlocale
[19667] string: Missing Sanity Check for malloc calls in file 'testcopy.c'
[19668] libc: Missing Sanity Check for malloc() in file 'tst-setcontext-
fpscr.c'
[19728] network: out of bounds stack read in libidn function
idna_to_ascii_4i (CVE-2016-6261)
[19729] network: out of bounds heap read on invalid utf-8 inputs in
stringprep_utf8_nfkc_normalize (CVE-2016-6263)
[19818] dynamic-link: Absolute (SHN_ABS) symbols incorrectly relocated by
the base address
[20079] libc: Add SHT_X86_64_UNWIND to elf.h
[20251] libc: 32bit programs pass garbage in struct flock for OFD locks
[20419] dynamic-link: files with large allocated notes crash in
open_verify
[20530] libc: bswap_16 should use __builtin_bswap16() when available
[20890] dynamic-link: ldconfig: fsync the files before atomic rename
[20980] manual: CFLAGS environment variable replaces vital options
[21163] regex: Assertion failure in pop_fail_stack when executing a
malformed regexp (CVE-2015-8985)
[21234] manual: use of CFLAGS makes glibc detect no optimization
[21269] dynamic-link: i386 sigaction sa_restorer handling is wrong
[21313] build: Compile Error GCC 5.4.0 MIPS with -0S
[21314] build: Compile Error GCC 5.2.0 MIPS with -0s
[21508] locale: intl/tst-gettext failure with latest msgfmt
[21547] localedata: Tibetan script collation broken (Dzongkha and Tibetan)
[21812] network: getifaddrs() returns entries with ifa_name == NULL
[21895] libc: ppc64 setjmp/longjmp not fully interoperable with static
dlopen
[21942] dynamic-link: dl_dst_substitute incorrectly handles $ORIGIN: with
AT_SECURE=1
[22241] localedata: New locale: Yakut (Sakha) locale for Russia (sah_RU)
[22247] network: Integer overflow in the decode_digit function in
puny_decode.c in libidn (CVE-2017-14062)
[22342] nscd: NSCD not properly caching netgroup
[22391] nptl: Signal function clear NPTL internal symbols inconsistently
[22550] localedata: es_ES locale (and other es locales): collation
should treat ñ as a primary different character, sync the collation
for Spanish with CLDR
[22638] dynamic-link: sparc: static binaries are broken if glibc is built
by gcc configured with --enable-default-pie
[22639] time: year 2039 bug for localtime etc. on 64-bit platforms
[22644] string: memmove-sse2-unaligned on 32bit x86 produces garbage when
crossing 2GB threshold (CVE-2017-18269)
[22646] localedata: redundant data (LC_TIME) for es_CL, es_CU, es_EC and
es_BO
[22735] time: Misleading typo in time.h source comment regarding
CLOCKS_PER_SECOND
[22753] libc: preadv2/pwritev2 fallback code should handle offset=-1
[22761] libc: No trailing %n' conversion specifier in FMT passed from
__assert_perror_fail ()' to __assert_fail_base ()' [22766] libc: all glibc internal dlopen should use RTLD_NOW for robust dlopen failures [22786] libc: Stack buffer overflow in realpath() if input size is close to SSIZE_MAX (CVE-2018-11236) [22787] dynamic-link: _dl_check_caller returns false when libc is linked through an absolute DT_NEEDED path [22792] build: tcb-offsets.h dependency dropped [22797] libc: pkey_get() uses non-reserved name of argument [22807] libc: PTRACE_* constants missing for powerpc [22818] glob: posix/tst-glob_lstat_compat failure on alpha [22827] dynamic-link: RISC-V ELF64 parser mis-reads flag in ldconfig [22830] malloc: malloc_stats doesn't restore cancellation state on stderr [22848] localedata: ca_ES: update date definitions from CLDR [22862] build: _DEFAULT_SOURCE is defined even when _ISOC11_SOURCE is [22884] math: RISCV fmax/fmin handle signalling NANs incorrectly [22896] localedata: Update locale data for an_ES [22902] math: float128 test failures with GCC 8 [22918] libc: multiple common of
__nss_shadow_database'
[22919] libc: sparc32: backtrace yields infinite backtrace with
makecontext
[22926] libc: FTBFS on powerpcspe
[22932] localedata: lt_LT: Update of abbreviated month names from CLDR
required
[22937] localedata: Greek (el_GR, el_CY) locales actually need ab_alt_mon
[22947] libc: FAIL: misc/tst-preadvwritev2
[22963] localedata: cs_CZ: Add alternative month names
[22987] math: [powerpc/sparc] fdim inlines errno, exceptions handling
[22996] localedata: change LC_PAPER to en_US in es_BO locale
[22998] dynamic-link: execstack tests are disabled when SELinux is
disabled
[23005] network: Crash in __res_context_send after memory allocation
failure
[23007] math: strtod cannot handle -nan
[23024] nss: getlogin_r is performing NSS lookups when loginid isn't set
[23036] regex: regex equivalence class regression
[23037] libc: initialize msg_flags to zero for sendmmsg() calls
[23069] libc: sigaction broken on riscv64-linux-gnu
[23094] localedata: hr_HR: wrong thousands_sep and mon_thousands_sep
[23102] dynamic-link: Incorrect parsing of multiple consecutive $variable
patterns in runpath entries (e.g. $ORIGIN$ORIGIN)
[23137] nptl: s390: pthread_join sometimes block indefinitely (on 31bit
and libc build with -Os)
[23140] localedata: More languages need two forms of month names
[23145] libc: _init/_fini aren't marked as hidden
[23152] localedata: gd_GB: Fix typo in "May" (abbreviated)
[23171] math: C++ iseqsig for long double converts arguments to double
[23178] nscd: sudo will fail when it is run in concurrent with commands
that changes /etc/passwd
[23196] string: __mempcpy_avx512_no_vzeroupper mishandles large copies
(CVE-2018-11237)
[23206] dynamic-link: static-pie + dlopen breaks debugger interaction
[23208] localedata: New locale - Lower Sorbian (dsb)
[23233] regex: Memory leak in build_charclass_op function in file
posix/regcomp.c
[23236] stdio: Harden function pointers in _IO_str_fields
[23250] nptl: Offset of __private_ss differs from GCC
[23253] math: tgamma test suite failures on i686 with -march=x86-64
-mtune=generic -mfpmath=sse
[23259] dynamic-link: Unsubstituted ${ORIGIN} remains in DT_NEEDED for
AT_SECURE
[23264] libc: posix_spawnp wrongly executes ENOEXEC in non compat mode
[23266] nis: stringop-truncation warning with new gcc8.1 in nisplus-
parser.c
[23272] math: fma(INFINITY,INFIITY,0.0) should be INFINITY
[23277] math: nan function should not have const attribute
[23279] math: scanf and strtod wrong for some hex floating-point
[23280] math: wscanf rounds wrong; wcstod is ok for negative numbers and
directed rounding
[23290] localedata: IBM273 is not equivalent to ISO-8859-1
[23303] build: undefined reference to symbol
'__parse_hwcap_and_convert_at_platform@@GLIBC_2.23'
[23307] dynamic-link: Absolute symbols whose value is zero ignored in
lookup
[23313] stdio: libio vtables validation and standard file object
interposition
[23329] libc: The __libc_freeres infrastructure is not properly run across
DSO boundaries.
[23349] libc: Various glibc headers no longer compatible with
<linux/time.h>
[23351] malloc: Remove unused code related to heap dumps and malloc
checking
[23363] stdio: stdio-common/tst-printf.c has non-free license
[23396] regex: Regex equivalence regression in single-byte locales
[23422] localedata: oc_FR: More updates of locale data
[23442] build: New warning with GCC 8
[23448] libc: Out of bounds access in IBM-1390 converter
[23456] libc: Wrong index_cpu_LZCNT
[23458] build: tst-get-cpu-features-static isn't added to tests
[23459] libc: COMMON_CPUID_INDEX_80000001 isn't populated for Intel
processors
[23467] dynamic-link: x86/CET: A property note parser bug
https://sourceware.org/glibc/wiki/Release/2.28
This release was made possible by the contributions of many people.
The maintainers are grateful to everyone who has contributed
changes or bug reports. These include:
Adhemerval Zanella
Agustina Arzille
Alan Modra
Alexandre Oliva
Amit Pawar
Andreas Schwab
Andrew Senkevich
Andrew Waterman
Aurelien Jarno
Carlos O'Donell
Chung-Lin Tang
DJ Delorie
Daniel Alvarez
David Michael
Dmitry V. Levin
Dragan Stanojevic - Nevidljivi
Florian Weimer
Flávio Cruz
Francois Goichon
Gabriel F. T. Gomes
H.J. Lu
Herman ten Brugge
Hongbo Zhang
Igor Gnatenko
Jesse Hathaway
John David Anglin
Joseph Myers
Leonardo Sandoval
Maciej W. Rozycki
Mark Wielaard
Martin Sebor
Michael Wolf
Mike FABIAN
Patrick McGehearty
Patsy Franklin
Paul Pluzhnikov
Quentin PAGÈS
Rafal Luzynski
Rajalakshmi Srinivasaraghavan
Raymond Nicholson
Rical Jasan
Richard Braun
Robert Buj
Rogerio Alves
Samuel Thibault
Sean McKean
Siddhesh Poyarekar
Stefan Liebler
Steve Ellcey
Sylvain Lesage
Szabolcs Nagy
Thomas Schwinge
Tulio Magno Quites Machado Filho
Valery Timiriliyev
Vincent Chen
Wilco Dijkstra
Zack Weinberg
Zong Li
The GNU C Library version 2.27 is now available.
The GNU C Library is used as the C library in the GNU system and
in GNU/Linux systems, as well as many other systems that use Linux
as the kernel.
The GNU C Library is primarily designed to be a portable
and high performance C library. It follows all relevant
standards including ISO C11 and POSIX.1-2008. It is also
internationalized and has one of the most complete
internationalization interfaces known.
The GNU C Library webpage is at https://www.gnu.org/software/libc/
Packages for the 2.27 release may be downloaded from:
https://ftpmirror.gnu.org/libc/
https://ftp.gnu.org/gnu/libc/
The mirror list is at https://www.gnu.org/order/ftp.html
Major new features:
The GNU C Library can now be compiled with support for building static
PIE executables (See --enable-static-pie in INSTALL). These static PIE
executables are like static executables but can be loaded at any address
and provide additional security hardening benefits at the cost of some
memory and performance. When the library is built with --enable-static-pie
the resulting libc.a is usable with GCC 8 and above to create static PIE
executables using the GCC option '-static-pie'. This feature is currently
supported on i386, x86_64 and x32 with binutils 2.29 or later, and on
aarch64 with binutils 2.30 or later.
Optimized x86-64 asin, atan2, exp, expf, log, pow, atan, sin, cosf,
sinf, sincosf and tan with FMA, contributed by Arjan van de Ven and
H.J. Lu from Intel.
Optimized x86-64 trunc and truncf for processors with SSE4.1.
Optimized generic expf, exp2f, logf, log2f, powf, sinf, cosf and sincosf.
In order to support faster and safer process termination the malloc API
family of functions will no longer print a failure address and stack
backtrace after detecting heap corruption. The goal is to minimize the
amount of work done after corruption is detected and to avoid potential
security issues in continued process execution. Reducing shutdown time
leads to lower overall process restart latency, so there is benefit both
from a security and performance perspective.
The abort function terminates the process immediately, without flushing
stdio streams. Previous glibc versions used to flush streams, resulting
in deadlocks and further data corruption. This change also affects
process aborts as the result of assertion failures.
On platforms where long double has the IEEE binary128 format (aarch64,
alpha, mips64, riscv, s390 and sparc), the math library now implements
_Float128 interfaces for that type, as defined by ISO/IEC TS 18661-3:2015.
These are the same interfaces added in version 2.26 for some platforms where
this format is supported but is not the format of long double.
On platforms with support for _Float64x (aarch64, alpha, i386, ia64,
mips64, powerpc64le, riscv, s390, sparc and x86_64), the math library now
implements interfaces for that type, as defined by ISO/IEC TS
18661-3:2015. These are corresponding interfaces to those supported for
_Float128.
The math library now implements interfaces for the _Float32, _Float64 and
_Float32x types, as defined by ISO/IEC TS 18661-3:2015. These are
corresponding interfaces to those supported for _Float128.
glibc now implements the memfd_create and mlock2 functions on Linux.
Support for memory protection keys was added. The <sys/mman.h> header now
declares the functions pkey_alloc, pkey_free, pkey_mprotect, pkey_set,
pkey_get.
The copy_file_range function was added.
Optimized memcpy, mempcpy, memmove, and memset for sparc M7.
The ldconfig utility now processes `include' directives using the C/POSIX
collation ordering. Previous glibc versions used locale-specific
ordering, the change might break systems that relied on that.
Support for two grammatical forms of month names has been added.
In a call to strftime, the "%B" and "%b" format specifiers will now
produce the grammatical form required when the month is used as part
of a complete date. New "%OB" and "%Ob" specifiers produce the form
required when the month is named by itself. For instance, in Greek
and in many Slavic and Baltic languages, "%B" will produce the month
in genitive case, and "%OB" will produce the month in nominative case.
In a call to strptime, "%B", "%b", "%h", "%OB", "%Ob", and "%Oh"
are all valid and will all accept any known form of month
name---standalone or complete, abbreviated or full. In a call to
nl_langinfo, the query constants MON_1..12 and ABMON_1..12 return
the strings used by "%B" and "%b", respectively. New query
constants ALTMON_1..12 and _NL_ABALTMON_1..12 return the strings
used by "%OB" and "%Ob", respectively.
In a locale definition file, use "alt_mon" and "ab_alt_mon" to
define the strings for %OB and %Ob, respectively; these have the
same syntax as "mon" and "abmon". These arrays are optional; if they
are not provided then they have the same content as "mon" and "abmon",
respectively.
These features are provided for locales which define "alt_mon" and/or
"ab_alt_mon" in their locale source data. This release includes such
alternative month name data for the following languages: Belarusian,
Croatian, Greek, Lithuanian, Polish, Russian, and Ukrainian.
This feature is currently a GNU extension, but it is expected to
be added to the next revision of POSIX, and it is also already
available on some BSD-derived operating systems.
This feature will cause existing statically compiled applications
to fail to load locales and fall back to the builtin C/POSIX locales.
See notes below for other changes affecting compatibility.
Support for the RISC-V ISA running on Linux has been added. This port
requires at least binutils-2.30, gcc-7.3.0, and linux-4.15; and is supported
for the following ISA and ABI pairs:
Deprecated and removed features, and other changes affecting compatibility:
Statically compiled applications attempting to load locales compiled for the
GNU C Library version 2.27 will fail and fall back to the builtin C/POSIX
locale. The reason for this is that the addition of the new "%OB" and "%Ob",
support for two grammatical forms of the month names, also extends the locale
data binary format. Static applications needing locale support must be
recompiled to match the runtime and data they are deployed with. In some
distributions there is an upgrade window where dynamically linked applications
may use a new library but the old locale data and also fall back to the
builtin C/POSIX locales; restarting the application process is sufficient to
fix this.
Support for statically linked applications which call dlopen is deprecated
and will be removed in a future version of glibc. Applications which call
dlopen need to be linked dynamically instead.
Support for old programs which use internal stdio data structures and
functions is deprecated. This includes programs which use the C++ streams
provided by libstdc++ in GCC 2.95. Programs which use the internal
symbols _IO_adjust_wcolumn, _IO_default_doallocate, _IO_default_finish,
_IO_default_pbackfail, _IO_default_uflow, _IO_default_xsgetn,
_IO_default_xsputn, _IO_doallocbuf, _IO_do_write, _IO_file_attach,
_IO_file_close, _IO_file_close_it, _IO_file_doallocate, _IO_file_fopen,
_IO_file_init, _IO_file_jumps, _IO_fileno, _IO_file_open,
_IO_file_overflow, _IO_file_read, _IO_file_seek, _IO_file_seekoff,
_IO_file_setbuf, _IO_file_stat, _IO_file_sync, _IO_file_underflow,
_IO_file_write, _IO_file_xsputn, _IO_flockfile, _IO_flush_all,
_IO_flush_all_linebuffered, _IO_free_backup_area, _IO_free_wbackup_area,
_IO_init, _IO_init_marker, _IO_init_wmarker, _IO_iter_begin, _IO_iter_end,
_IO_iter_file, _IO_iter_next, _IO_least_wmarker, _IO_link_in,
_IO_list_all, _IO_list_lock, _IO_list_resetlock, _IO_list_unlock,
_IO_marker_delta, _IO_marker_difference, _IO_remove_marker, _IO_seekmark,
_IO_seekwmark, _IO_str_init_readonly, _IO_str_init_static,
_IO_str_overflow, _IO_str_pbackfail, _IO_str_seekoff, _IO_str_underflow,
_IO_switch_to_main_wget_area, _IO_switch_to_wget_mode,
_IO_unsave_wmarkers, _IO_wdefault_doallocate, _IO_wdefault_finish,
_IO_wdefault_pbackfail, _IO_wdefault_setbuf, _IO_wdefault_uflow,
_IO_wdefault_xsgetn, _IO_wdefault_xsputn, _IO_wdoallocbuf, _IO_wdo_write,
_IO_wfile_jumps, _IO_wfile_overflow, _IO_wfile_sync, _IO_wfile_underflow,
_IO_wfile_xsputn, _IO_wmarker_delta, or _IO_wsetb may stop working with a
future version of glibc. Unlike other symbol removals, these old
applications will not be supported using compatibility symbols.
On GNU/Linux, the obsolete Linux constant PTRACE_SEIZE_DEVEL is no longer
defined by <sys/ptrace.h>.
libm no longer supports SVID error handling (calling a user-provided
matherr function on error) or the _LIB_VERSION variable to control error
handling. (SVID error handling and the _LIB_VERSION variable still work
for binaries linked against older versions of the GNU C Library.) The
libieee.a library is no longer provided. math.h no longer defines struct
exception, or the macros X_TLOSS, DOMAIN, SING, OVERFLOW, UNDERFLOW,
TLOSS, PLOSS and HUGE.
The libm functions pow10, pow10f and pow10l are no longer supported for
new programs. Programs should use the standard names exp10, exp10f and
exp10l for these functions instead.
The mcontext_t type is no longer the same as struct sigcontext. On
platforms where it was previously the same, this changes the C++ name
mangling for interfaces involving this type.
The add-ons mechanism for building additional packages at the same time as
glibc has been removed. The --enable-add-ons configure option is now
ignored.
The --without-fp configure option is now ignored. Whether hardware
floating-point instructions are used is now configured based on whether
the compiler used at configure time (without any options implied by a
--with-cpu= configure option) uses such instructions.
The res_hnok, res_dnok, res_mailok and res_ownok functions now check that
the specified string can be parsed as a domain name.
In the malloc_info output, the element may contain another
element, "subheaps", which contains the number of sub-heaps.
The libresolv function p_secstodate is no longer supported for new
programs.
The tilepro-*-linux-gnu configuration is no longer supported.
The nonstandard header files <libio.h> and <_G_config.h> are deprecated
and will be removed in a future release. Software that is still using
either header should be updated to use standard <stdio.h> interfaces
instead.
libio.h was originally the header for a set of supported GNU extensions,
but they have not been maintained as such in many years, they are now
standing in the way of improvements to stdio, and we don't think there are
any remaining external users. _G_config.h was never intended for public
use, but predates the bits convention.
Changes to build and runtime requirements:
Security related changes:
CVE-2009-5064: The ldd script would sometimes run the program under
examination directly, without preventing code execution through the
dynamic linker. (The glibc project disputes that this is a security
vulnerability; only trusted binaries must be examined using the ldd
script.)
CVE-2017-15670: The glob function, when invoked with GLOB_TILDE,
suffered from a one-byte overflow during ~ operator processing (either
on the stack or the heap, depending on the length of the user name).
Reported by Tim Rühsen.
CVE-2017-15671: The glob function, when invoked with GLOB_TILDE,
would sometimes fail to free memory allocated during ~ operator
processing, leading to a memory leak and, potentially, to a denial
of service.
CVE-2017-15804: The glob function, when invoked with GLOB_TILDE and
without GLOB_NOESCAPE, could write past the end of a buffer while
unescaping user names. Reported by Tim Rühsen.
CVE-2017-17426: The malloc function, when called with an object size near
the value SIZE_MAX, would return a pointer to a buffer which is too small,
instead of NULL. This was a regression introduced with the new malloc
thread cache in glibc 2.26. Reported by Iain Buclaw.
CVE-2017-1000408: Incorrect array size computation in _dl_init_paths leads
to the allocation of too much memory. (This is not a security bug per se,
it is mentioned here only because of the CVE assignment.) Reported by
Qualys.
CVE-2017-1000409: Buffer overflow in _dl_init_paths due to miscomputation
of the number of search path components. (This is not a security
vulnerability per se because no trust boundary is crossed if the fix for
CVE-2017-1000366 has been applied, but it is mentioned here only because
of the CVE assignment.) Reported by Qualys.
CVE-2017-16997: Incorrect handling of RPATH or RUNPATH containing $ORIGIN
for AT_SECURE or SUID binaries could be used to load libraries from the
current directory.
CVE-2018-1000001: Buffer underflow in realpath function when getcwd function
succeeds without returning an absolute path due to unexpected behaviour
of the Linux kernel getcwd syscall. Reported by halfdog.
CVE-2018-6485: The posix_memalign and memalign functions, when called with
an object size near the value of SIZE_MAX, would return a pointer to a
buffer which is too small, instead of NULL. Reported by Jakub Wilk.
https://sourceware.org/glibc/wiki/Release/2.27
This release was made possible by the contributions of many people.
The maintainers are grateful to everyone who has contributed
changes or bug reports. These include:
Adhemerval Zanella
Akhilesh Kumar
Alan Hayward
Alan Modra
Alexandre Oliva
Alexey Makhalov
Andreas Schwab
Arjun Shankar
Arnold Robbins
Aurelien Jarno
Bernd Edlinger
Carlos O'Donell
Chris Metcalf
Christian Brauner
Claude Paroz
DJ Delorie
David S. Miller
Dmitry V. Levin
Dragan Stanojević - Nevidljivi
Egmont Koblinger
Eric Blake
Florian Weimer
Gabriel F. T. Gomes
Guido Trentalancia
Gustavo Romero
H.J. Lu
Il'ya Malakhov
Istvan Kurucsai
James Clarke
John David Anglin
Jonathan Wakely
Jose E. Marchesi
Joseph Myers
Julen Ruiz Aizpuru
Juro Bystricky
Luke Shumaker
Markus Trippelsdorf
Martin Sebor
Michael Collison
Mike FABIAN
Palmer Dabbelt
Patrick McGehearty
Patsy Franklin
Paul Clarke
Paul Eggert
Paul Pluzhnikov
Peter Zelezny
Rafal Luzynski
Rajalakshmi Srinivasaraghavan
Rical Jasan
Richard Henderson
Rogerio Alves
Romain Naour
Samuel Thibault
Sergei Trofimovich
Siddhesh Poyarekar
Stanislav Brabec
Stefan Liebler
Steve Ellcey
Szabolcs Nagy
Thierry Vignaud
Thomas Schwinge
Thorsten Glaser
Tobias Klauser
Tulio Magno Quites Machado Filho
Victor Rodriguez
Wang Boshi
Wei-Lun Chao
Wilco Dijkstra
Will Hawkins
Yury Norov
Zack Weinberg