-
Notifications
You must be signed in to change notification settings - Fork 12
/
Copy pathNEWS
7492 lines (6259 loc) · 346 KB
/
NEWS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
GNU C Library NEWS -- history of user-visible changes.
Copyright (C) 1992-2023 Free Software Foundation, Inc.
See the end for copying conditions.
Please send GNU C library bug reports via <https://sourceware.org/bugzilla/>
using `glibc' in the "product" field.
Version 2.38
Major new features:
* When C2X features are enabled and the base argument is 0 or 2, the
following functions support binary integers prefixed by 0b or 0B as
input: strtol, strtoll, strtoul, strtoull, strtol_l, strtoll_l,
strtoul_l, strtoull_l, strtoimax, strtoumax, strtoq, strtouq, wcstol,
wcstoll, wcstoul, wcstoull, wcstol_l, wcstoll_l, wcstoul_l,
wcstoull_l, wcstoimax, wcstoumax, wcstoq, wcstouq. Similarly, the
following functions support binary integers prefixed by 0b or 0B as
input to the %i format: fscanf, scanf, sscanf, vscanf, vsscanf,
vfscanf, fwscanf, wscanf, swscanf, vfwscanf, vwscanf, vswscanf; those
functions also support the %b format for binary integers, with or
without such a prefix and independent of standards mode.
* PRIb*, PRIB* and SCNb* macros from C2X have been added to
<inttypes.h>.
* printf-family functions now support the wN format length modifiers for
arguments of type intN_t, int_leastN_t, uintN_t or uint_leastN_t (for
example, %w32d to print int32_t or int_least32_t in decimal, or %w32x
to print uint32_t or uint_least32_t in hexadecimal) and the wfN format
length modifiers for arguments of type int_fastN_t or uint_fastN_t, as
specified in draft ISO C2X.
* A new tunable, glibc.pthread.stack_hugetlb, can be used to disable
Transparent Huge Pages (THP) in stack allocation at pthread_create.
* Support for x86_64 running on Hurd has been added. This port requires
as least binutils 2.40 and GCC 13:
- x86_64-gnu
* Vector math library libmvec support has been added to AArch64. It
requires GCC version >= 10.1.0. It can be disabled via
"--disable-mathvec", however that is not a supported configuration as
it changes the ABI. The symbol names follow the AArch64 vector ABI,
they are declared in math.h and have to be called manually at this point.
* The strlcpy and strlcat functions have been added. They are derived
from OpenBSD, and are expected to be added to a future POSIX version.
* A new configure option, "--enable-fortify-source", can be used to build the
GNU C Library with _FORTIFY_SOURCE. The level of fortification can either be
provided, or is set to the highest value supported by the compiler. If not
explicitly enabled, then fortify source is forcibly disabled so to keep
original behavior unchanged.
Deprecated and removed features, and other changes affecting compatibility:
* libcrypt is no longer built by default; one may use the "--enable-crypt"
option to build libcrypt. libcrypt is likely to be removed from the
GNU C Library in a future release, so it is recommended that
applications port away from it to an alternative such as libxcrypt.
* In the Linux kernel for the hppa/parisc architecture some of the
MADV_XXX constants were changed to have the same values as the other
architectures. New programs compiled with this glibc version and which
use the madvise call will require at least Linux kernel version 6.2,
alternatively stable kernels from versions 6.1.6, 5.15.87, 5.10.163,
5.4.228, 4.19.270 or 4.14.303.
* The "--disable-experimental-malloc" option is no longer available. The
per-thread cache can still be disabled per-application using tunables
(glibc.malloc.tcache_count set to zero).
* The configure option "--enable-tunables" has been removed. The tunable
feature is now always enabled.
Changes to build and runtime requirements:
* Building libmvec on AArch64 requires at a minimum GCC 10.1.0 for SVE
ACLE.
Security related changes:
CVE-2023-25139: When the printf family of functions is called with a
format specifier that uses an <apostrophe> (enable grouping) and a
minimum width specifier, the resulting output could be larger than
reasonably expected by a caller that computed a tight bound on the
buffer size. The resulting larger than expected output could result
in a buffer overflow in the printf family of functions.
The following bugs are resolved with this release:
[178] string: Please add strlcpy and strlcat (attached)
[14697] nptl: Behavior of exit is nonconformant with respect to
threads and stdio
[15142] stdio: Missing locking in _IO_cleanup
[18096] glob: null deref in wordexp/parse_dollars/parse_arith
[18906] stdio: fopen: ccs value may affect open mode
[24466] stdio: Feature request: provide special printf formats for
intXX_t
[25457] nss: hosts lookup fails for ipv4mapped ipv6 addresses
[28519] libc: system and popen should pass "--" between /bin/sh and
argument
[29016] stdio: popen() sets errno to ENOMEM when shell does not exist
[29591] string: wcsnlen length can overflow in page cross case.
[30053] time: strftime %s returns -1 after 2038 on 32 bits systems
[30068] stdio: incorrect printf output for integers with thousands
separator and width field (CVE-2023-25139)
[30111] time: support_descriptors_list fails after 2038 on 32 bits
systems
[30125] dynamic-link: [regression, bisected] glibc-2.37 creates new
symlink for libraries without soname
[30130] math: [s390] The _FPU_SETCW macro yields compile error with
Clang
[30156] time: Potential ntp_gettime abi break
[30235] libc: Missing fallback in getlogin if loginuid is unset
[30258] dynamic-link: sprof cannot read and display shared object
profiling data correctly
[30263] libc: Add test coverage for abs(), labs(), and llabs().
[30305] math: Incorrect asm constraint in feraiseexcept on x86-64
[30402] libc: FAIL: elf/tst-glibcelf
[30425] dynamic-link: Symbol lookup during dlclose may fail
unnecessarily
[30435] dynamic-link: Root dir wrongly marked as nonexist in open_path
[30477] libc: [RISCV]: time64 does not work on riscv32
[30515] dynamic-link: _dl_find_object incorrectly returns 1 during
early startup
[30527] network: resolv_conf lock not unlocked on allocation failure
[30550] math: powerpc64le: GCC-specific code for isinf() is being used
on clang
[30555] string: strerror can incorrectly return NULL
[30579] malloc: trim_threshold in realloc lead to high memory usage
[30662] nscd: Group and password cache use errno in place of errval
Version 2.37
Major new features:
* The getent tool now supports the --no-addrconfig option. The output of
getent with --no-addrconfig may contain addresses of families not
configured on the current host i.e. as-if you had not passed
AI_ADDRCONFIG to getaddrinfo calls.
Deprecated and removed features, and other changes affecting compatibility:
* The dynamic linker no longer loads shared objects from the "tls"
subdirectories on the library search path or the subdirectory that
corresponds to the AT_PLATFORM system name, or employs the legacy AT_HWCAP
search mechanism, which was deprecated in version 2.33.
Security related changes:
CVE-2022-39046: When the syslog function is passed a crafted input
string larger than 1024 bytes, it reads uninitialized memory from the
heap and prints it to the target log file, potentially revealing a
portion of the contents of the heap.
The following bugs are resolved with this release:
[12154] network: Cannot resolve hosts which have wildcard aliases
[12165] libc: readdir: Do not skip entries with zero d_ino values
[19444] build: build failures with -O1 due to -Wmaybe-uninitialized
[24774] nptl: pthread_rwlock_timedwrlock stalls on ARM
[24816] nss: nss/tst-nss-files-hosts-long fails when no interface has
AF_INET6 address (ie docker)
[27087] stdio: PowerPC: Redefinition error with Clang from IEEE
redirection headers
[28846] network: CMSG_NXTHDR may trigger -Wstrict-overflow warning
[28937] dynamic-link: New DSO dependency sorter does not put new map
first if in a cycle
[29249] libc: csu/libc-tls.c:202: undefined reference to
`_startup_fatal_not_constant'
[29305] network: Inefficient buffer space usage in nss_dns for
gethostbyname and other functions
[29375] libc: don't hide MAP_ANONYMOUS behind _GNU_SOURCE
[29402] nscd: nscd: No such file or directory
[29415] nscd: getaddrinfo with AI_ADDRCONFIG returns addresses with
wrong family
[29427] dynamic-link: Inconsistency detected by ld.so: dl-printf.c:
200: _dl_debug_vdprintf: Assertion `! "invalid format specifier"'
failed!
[29463] math: math/test-float128-y1 fails on x86_64
[29485] build: Make hangs when the test misc/tst-pidfile returns
FAIL_UNSUPPORTED
[29490] dynamic-link: [bisected] new __brk_call causes dynamic loader
segfault on alpha
[29499] build: Check failed on misc/tst-glibcsyscalls while building
for RISCV64 on a unmatched hardware
[29501] build: Check failed on stdlib/tst-strfrom while building for
RISCV64 on a unmatched hardware
[29502] libc: alpha sys/acct.h out of date
[29514] build: Need to use -fPIE not -fpie
[29528] dynamic-link: __libc_early_init not called after dlmopen that
reuses namespace
[29536] libc: syslog fail to create large messages (CVE-2022-39046)
[29537] libc: [2.34 regression]: Alignment issue on m68k when using
futexes on qemu-user
[29539] libc: LD_TRACE_LOADED_OBJECTS changed how vDSO library are
printed
[29544] libc: Regression in syslog(3) calls breaks RFC due to extra
whitespace
[29564] build: Incorrect way to change MAKEFLAGS in Makerules
[29576] build: librtld.os: in function `_dl_start_profile':
(.text+0x9444): undefined reference to `strcpy'
[29578] libc: Definition of SUN_LEN() is wrong
[29583] build: iconv failures on 32bit platform due to missing large
file support
[29600] dynamic-link: dlmopen hangs after loading certain libraries
[29604] localedata: Update locale data to Unicode 15.0.0
[29605] nscd: Regression in NSCD backend of getaddrinfo
[29607] nscd: nscd repeatably crashes calling __strlen_avx2 when hosts
cache is enabled
[29611] string: Optimized AVX2 string functions unconditionally use
BMI2 instructions
[29624] malloc: errno is not cleared when entering main
[29638] libc: stdlib: arc4random fallback is never used
[29657] libc: Incorrect struct stat for 64-bit time on linux/generic
platforms
[29698] build: Configuring for AArch32 on ARMv8+ disables
optimizations
[29727] locale: __strtol_internal out-of-bounds read when parsing
thousands grouping
[29730] libc: broken y2038 support in fstatat on MIPS N64
[29746] libc: ppoll() does not switch to __ppoll64 when
-D_TIME_BITS=64 and -D_FORTIFY_SOURCE=2 is given on 32bit
[29771] libc: Restore IPC_64 support in sysvipc *ctl functions
[29780] build: possible parallel make issue in glibc-2.36 (siglist-
aux.S: No such file or directory)
[29864] libc: __libc_start_main() should obtain program headers
address (_dl_phdr) from the auxv, not the ELF header.
[29951] time: daylight variable not set correctly if last DST change
coincides with offset change
[30039] stdio: __vsprintf_internal does not handle unspecified buffer
length in fortify mode
Version 2.36
Major new features:
* Support for DT_RELR relative relocation format has been added to
glibc. This is a new ELF dynamic tag that improves the size of
relative relocations in shared object files and position independent
executables (PIE). DT_RELR generation requires linker support for
-z pack-relative-relocs option, which is supported for some targets
in recent binutils versions. Lazy binding doesn't apply to DT_RELR.
* On Linux, the pidfd_open, pidfd_getfd, and pidfd_send_signal functions
have been added. The pidfd functionality provides access to a process
while avoiding the issue of PID reuse on traditional Unix systems.
* On Linux, the process_madvise function has been added. It has the
same functionality as madvise but alters the target process identified
by the pidfd.
* On Linux, the process_mrelease function has been added. It allows a
caller to release the memory of a dying process. The release of the
memory is carried out in the context of the caller, using the caller's
CPU affinity, and priority with CPU usage accounted to the caller.
* The “no-aaaa” DNS stub resolver option has been added. System
administrators can use it to suppress AAAA queries made by the stub
resolver, including AAAA lookups triggered by NSS-based interfaces
such as getaddrinfo. Only DNS lookups are affected: IPv6 data in
/etc/hosts is still used, getaddrinfo with AI_PASSIVE will still
produce IPv6 addresses, and configured IPv6 name servers are still
used. To produce correct Name Error (NXDOMAIN) results, AAAA queries
are translated to A queries. The new resolver option is intended
primarily for diagnostic purposes, to rule out that AAAA DNS queries
have adverse impact. It is incompatible with EDNS0 usage and DNSSEC
validation by applications.
* On Linux, the fsopen, fsmount, move_mount, fsconfig, fspick, open_tree,
and mount_setattr have been added. They are part of the new Linux kernel
mount APIs that allow applications to more flexibly configure and operate
on filesystem mounts. The new mount APIs are specifically designed to work
with namespaces.
* localedef now accepts locale definition files encoded in UTF-8.
Previously, input bytes not within the ASCII range resulted in
unpredictable output.
* Support for the mbrtoc8 and c8rtomb multibyte/UTF-8 character conversion
functions has been added per the ISO C2X N2653 and C++20 P0482R6 proposals.
Support for the char8_t typedef has been added per the ISO C2X N2653
proposal. The functions are declared in uchar.h in C2X mode or when the
_GNU_SOURCE macro or C++20 __cpp_char8_t feature test macro is defined.
The char8_t typedef is declared in uchar.h in C2X mode or when the
_GNU_SOURCE macro is defined and the C++20 __cpp_char8_t feature test macro
is not defined (if __cpp_char8_t is defined, then char8_t is a builtin type).
* The functions arc4random, arc4random_buf, and arc4random_uniform have been
added. The functions wrap getrandom and/or /dev/urandom to return high-
quality randomness from the kernel.
* Support for LoongArch running on Linux has been added. This port requires
as least binutils 2.38, GCC 12, and Linux 5.19. Currently only hard-float
ABI is supported:
- loongarch64-linux-gnu
The LoongArch ABI is 64-bit little-endian.
Deprecated and removed features, and other changes affecting compatibility:
* Support for prelink will be removed in the next release; this includes
removal of the LD_TRACE_PRELINKING, and LD_USE_LOAD_BIAS, environment
variables and their functionality in the dynamic loader.
* The Linux kernel version check has been removed along with the
LD_ASSUME_KERNEL environment variable. The minimum kernel used to built
glibc is still provided through NT_GNU_ABI_TAG ELF note and also printed
when libc.so is issued directly.
* On Linux, The LD_LIBRARY_VERSION environment variable has been removed.
The following bugs are resolved with this release:
[14932] dynamic-link: dlsym(handle, "foo") and dlsym(RTLD_NEXT, "foo")
return different result with versioned "foo"
[16355] libc: syslog.h's SYSLOG_NAMES namespace violation and utter
mess
[23293] dynamic-link: aarch64: getauxval is broken when run as ld.so
./exe and ld.so adjusts argv on the stack
[24595] nptl: [2.28 Regression]: Deadlock in atfork handler which
calls dlclose
[25744] locale: mbrtowc with Big5-HKSCS returns 2 instead of 1 when
consuming the second byte of certain double byte characters
[25812] stdio: Libio vtable protection is sometimes only partially
enforced
[27054] libc: pthread_atfork handlers that call pthread_atfork
deadlock
[27924] dynamic-link: ld.so: Support DT_RELR relative relocation
format
[28128] build: declare_symbol_alias doesn't work for assembly codes
[28566] network: getnameinfo with NI_NOFQDN is not thread safe
[28752] nss: Segfault in getpwuid when stat fails
[28815] libc: realpath should not copy to resolved buffer on error
[28828] stdio: fputwc crashes
[28838] libc: FAIL: elf/tst-p_align3
[28845] locale: ld-monetary.c should be updated to match ISO C and
other standards.
[28850] libc: linux: __get_nprocs_sched reads uninitialized memory
from the stack
[28852] libc: getaddrinfo leaks memory with AI_ALL
[28853] libc: tst-spawn6 changes current foreground process group
(breaks test isolation)
[28857] libc: FAIL: elf/tst-audit24a
[28860] build: --enable-kernel=5.1.0 build fails because of missing
__convert_scm_timestamps
[28865] libc: linux: _SC_NPROCESSORS_CONF and _SC_NPROCESSORS_ONLN are
inaccurate without /sys and /proc
[28868] dynamic-link: Dynamic loader DFS algorithm segfaults on
missing libraries
[28880] libc: Program crashes if date beyond 2038
[28883] libc: sysdeps/unix/sysv/linux/select.c: __select64
!__ASSUME_TIME64_SYSCALLS && !__ASSUME_PSELECT fails on Microblaze
[28896] string: strncmp-avx2-rtm and wcsncmp-avx2-rtm fallback on non-
rtm variants when avoiding overflow
[28922] build: The .d dependency files aren't always generated
[28931] libc: hosts lookup broken for SUCCESS=CONTINUE and
SUCCESS=MERGE
[28936] build: nm: No such file
[28950] localedata: Add locale for ISO code "tok" (Toki Pona)
[28953] nss: NSS lookup result can be incorrect if function lookup
clobbers errno
[28970] math: benchtest: libmvec benchmark doesn't build with make
bench.
[28991] libc: sysconf(_SC_NPROCESSORS_CONF) should read
/sys/devices/system/cpu/possible
[28993] libc: closefrom() iterates until max int if no access to
/proc/self/fd/
[28996] libc: realpath fails to copy partial result to resolved buffer
on ENOENT and EACCES
[29027] math: [ia64] fabs fails with sNAN input
[29029] nptl: poll() spuriously returns EINTR during thread
cancellation and with cancellation disabled
[29030] string: GLIBC 2.35 regression - Fortify crash on certain valid
uses of mbsrtowcs (*** buffer overflow detected ***: terminated)
[29062] dynamic-link: Memory leak in _dl_find_object_update if object
is promoted to global scope
[29069] libc: fstatat64_time64_statx wrapper broken on MIPS N32 with
-D_FILE_OFFSET_BITS=64 and -D_TIME_BITS=64
[29071] dynamic-link: m68k: Removal of ELF_DURING_STARTUP optimization
broke ld.so
[29097] time: fchmodat does not handle 64 bit time_t for
AT_SYMLINK_NOFOLLOW
[29109] libc: posix_spawn() always returns 1 (EPERM) on clone()
failure
[29141] libc: _FORTIFY_SOURCE=3 fail for gcc 12/glibc 2.35
[29162] string: [PATCH] string.h syntactic error:
include/bits/string_fortified.h:110: error: expected ',' or ';'
before '__fortified_attr_access'
[29165] libc: [Regression] broken argv adjustment
[29187] dynamic-link: [regression] broken argv adjustment for nios2
[29193] math: sincos produces a different output than sin/cos
[29197] string: __strncpy_power9() uses uninitialised register vs18
value for filling after \0
[29203] libc: daemon is not y2038 aware
[29204] libc: getusershell is not 2038 aware
[29207] libc: posix_fallocate fallback implementation is not y2038
aware
[29208] libc: fpathconf(_PC_ASYNC_IO) is not y2038 aware
[29209] libc: isfdtype is not y2038 aware
[29210] network: ruserpass is not y2038 aware
[29211] libc: __open_catalog is not y2038 aware
[29213] libc: gconv_parseconfdir is not y2038 aware
[29214] nptl: pthread_setcanceltype fails to set type
[29225] network: Mistyped define statement in socket/sys/socket.h in
line 184
[29274] nptl: __read_chk is not a cancellation point
[29279] libc: undefined reference to `mbstowcs_chk' after
464d189b9622932a75302290625de84931656ec0
[29304] libc: mq_timedreceive does not handle 64 bit syscall return
correct for !__ASSUME_TIME64_SYSCALLS
[29403] libc: st_atim, st_mtim, st_ctim stat struct members are
missing on microblaze with largefile
Version 2.35
Major new features:
* Unicode 14.0.0 Support: Character encoding, character type info, and
transliteration tables are all updated to Unicode 14.0.0, using
generator scripts contributed by Mike FABIAN (Red Hat).
* Bump r_version in the debugger interface to 2 and add a new field,
r_next, support multiple namespaces.
* Support for the C.UTF-8 locale has been added to glibc. The locale
supports full code-point sorting for all valid Unicode code points. A
limitation in the framework for fnmatch, regexec, and regcomp requires
a compromise to save space and only ASCII-based range expressions are
supported for now (see bug 28255). The full size of the locale is
only ~400KiB, with 346KiB coming from LC_CTYPE information for
Unicode. This locale harmonizes downstream C.UTF-8 already shipping
in various downstream distributions. The locale is not built into
glibc, and must be installed.
* <math.h> functions that round their results to a narrower type, and
corresponding <tgmath.h> macros, are added from TS 18661-1:2014, TS
18661-3:2015 and draft ISO C2X:
- fsqrt, fsqrtl, dsqrtl and corresponding fMsqrtfN, fMsqrtfNx,
fMxsqrtfN and fMxsqrtfNx functions.
- ffma, ffmal, dfmal and corresponding fMfmafN, fMfmafNx, fMxfmafN and
fMxfmafNx functions.
* <math.h> functions for floating-point maximum and minimum,
corresponding to new operations in IEEE 754-2019, and corresponding
<tgmath.h> macros, are added from draft ISO C2X: fmaximum,
fmaximum_num, fmaximum_mag, fmaximum_mag_num, fminimum, fminimum_num,
fminimum_mag, fminimum_mag_num and corresponding functions for float,
long double, _FloatN and _FloatNx.
* <math.h> macros for single-precision float constants are added as a
GNU extension: M_Ef, M_LOG2Ef, M_LOG10Ef, M_LN2f, M_LN10f, M_PIf,
M_PI_2f, M_PI_4f, M_1_PIf, M_2_PIf, M_2_SQRTPIf, M_SQRT2f and
M_SQRT1_2f.
* The __STDC_IEC_60559_BFP__ and __STDC_IEC_60559_COMPLEX__ macros are
predefined as specified in TS 18661-1:2014.
* The exp10 functions in <math.h> now have a corresponding type-generic
macro in <tgmath.h>.
* The ISO C2X macro _PRINTF_NAN_LEN_MAX has been added to <stdio.h>.
* printf-family functions now support the %b format for output of
integers in binary, as specified in draft ISO C2X, and the %B variant
of that format recommended by draft ISO C2X.
* A new DSO sorting algorithm has been added in the dynamic linker that uses
topological sorting by depth-first search (DFS), solving performance issues
of the existing sorting algorithm when encountering particular circular
object dependency cases.
* A new tunable, glibc.rtld.dynamic_sort, can be used to select between
the two DSO sorting algorithms. The default setting of '2' uses the
new DFS-based algorithm. The setting '1' switches to the old
algorithm used in glibc 2.33 and earlier.
* ABI support for a new function '__memcmpeq'. '__memcmpeq' is meant
to be used by compilers for optimizing usage of 'memcmp' when its
return value is only used for its boolean status.
* Support for automatically registering threads with the Linux rseq
system call has been added. This system call is implemented starting
from Linux 4.18. The Restartable Sequences ABI accelerates user-space
operations on per-cpu data. It allows user-space to perform updates
on per-cpu data without requiring heavy-weight atomic operations.
Automatically registering threads allows all libraries, including
libc, to make immediate use of the rseq support by using the
documented ABI, via the __rseq_flags, __rseq_offset, and __rseq_size
variables. The GNU C Library manual has details on integration of
Restartable Sequences.
* A symbolic link to the dynamic linker is now installed under
/usr/bin/ld.so (or more precisely, '${bindir}/ld.so').
* All programs and the testsuite in glibc are now built as position independent
executables (PIE) by default on toolchains and architectures that support it.
Further, if the toolchain and architecture supports it, even static programs
are built as PIE and the resultant glibc can be used to build static PIE
executables. A new option --disable-default-pie has been added to disable
this behavior and get a non-PIE build. This option replaces
--enable-static-pie, which no longer has any effect on the build
configuration.
* On Linux, a new tunable, glibc.malloc.hugetlb, can be used to
either make malloc issue madvise plus MADV_HUGEPAGE on mmap and sbrk
or to use huge pages directly with mmap calls with the MAP_HUGETLB
flags). The former can improve performance when Transparent Huge Pages
is set to 'madvise' mode while the latter uses the system reserved
huge pages.
* The printf family of functions now handles the flagged %#m conversion
specifier, printing errno as an error constant (similar to strerrorname_np).
* The function _dl_find_object has been added. In-process unwinders
can use it to efficiently locate unwinding information for a code
address.
* Support for OpenRISC running on Linux has been added. This port requires
as least binutils 2.35, GCC 11, and Linux 5.4. Currently only soft-float
ABI is supported:
- or1k-linux-gnu
The OpenRISC ABI is 32-bit big-endian and uses 64-bit time (y2038 safe) and
64-bit file offsets (LFS default).
* A new configure option, --with-rtld-early-cflags, can be used to
specify additional compiler flags for building the early startup code
of the dynamic linker. On targets which have CPU compatibility
checks, this can help to ensure that proper diagnostics are printed if
the dynamic loader runs on an incompatible CPU.
* On Linux, the epoll_pwait2 function has been added. It is similar to
epoll_wait with the difference the timeout has nanoseconds resolution.
* The function posix_spawn_file_actions_addtcsetpgrp_np has been added,
enabling posix_spawn and posix_spawnp to set the controlling terminal in
the new process in a race free manner. This function is a GNU extension.
* Source fortification (_FORTIFY_SOURCE) level 3 is now available for
applications compiling with glibc and gcc 12 and later. Level 3 leverages
the __builtin_dynamic_object_size function to deliver additional
fortification balanced against additional runtime cost (checking non-constant
bounds).
* The audit libraries will avoid unnecessary slowdown if it is not required
PLT tracking (by not implementing the la_pltenter or la_pltexit callbacks).
Deprecated and removed features, and other changes affecting compatibility:
* On x86-64, the LD_PREFER_MAP_32BIT_EXEC environment variable support
has been removed since the first PT_LOAD segment is no longer executable
due to defaulting to -z separate-code.
* The r_version update in the debugger interface makes the glibc binary
incompatible with GDB binaries built without the following commits:
c0154a4a21a gdb: Don't assume r_ldsomap when r_version > 1 on Linux
4eb629d50d4 gdbserver: Check r_version < 1 for Linux debugger interface
when audit modules or dlmopen are used.
* Intel MPX support (lazy PLT, ld.so profile, and LD_AUDIT) has been removed.
* The --enable-static-pie option is no longer available. The glibc build
configuration script now automatically detects static-pie support in the
toolchain and architecture and enables it if available.
* The catchsegv script and associated libSegFault.so shared object have
been removed. There are widely-deployed out-of-process alternatives for
catching coredumps and backtraces.
* Support for prelink will be removed in the next release; this includes
removal of the LD_TRACE_PRELINKING, and LD_USE_LOAD_BIAS, environment
variables and their functionality in the dynamic loader.
* The LD_TRACE_PRELINKING environment variable has been removed. Similar
functionality to obtain the program mapping address can be achieved by
using LD_TRACE_LOADED_OBJECTS to value of 2.
* The LD_USE_LOAD_BIAS has been removed. The variable was mainly used to
support prelink PIE binaries.
Changes to build and runtime requirements:
* The audit module interface version LAV_CURRENT is increased to enable
proper bind-now support. The loader now advertises via the la_symbind
flags that PLT trace is not possible. New audit modules require the
new dynamic loader supporting the latest LAV_CURRENT version. Old audit
modules are still loaded for all targets except aarch64.
* The audit interface on aarch64 is extended to support both the indirect
result location register (x8) and NEON Q register. Old audit modules are
rejected by the loader. Audit modules must be rebuilt to use the newer
structure sizes and the latest module interface version for LAV_CURRENT.
Security related changes:
CVE-2022-23219: Passing an overlong file name to the clnt_create
legacy function could result in a stack-based buffer overflow when
using the "unix" protocol. Reported by Martin Sebor.
CVE-2022-23218: Passing an overlong file name to the svcunix_create
legacy function could result in a stack-based buffer overflow.
CVE-2021-3998: Passing a path longer than PATH_MAX to the realpath
function could result in a memory leak and potential access of
uninitialized memory. Reported by Qualys.
CVE-2021-3999: Passing a buffer of size exactly 1 byte to the getcwd
function may result in an off-by-one buffer underflow and overflow
when the current working directory is longer than PATH_MAX and also
corresponds to the / directory through an unprivileged mount
namespace. Reported by Qualys.
The following bugs are resolved with this release:
[12889] nptl: Race condition in pthread_kill
[14232] nptl: tst-cancel7 and tst-cancelx7 race condition
[14913] libc: [mips] Clean up MIPS 64-bit register-dump.h output
[15310] dynamic-link: _dl_sort_fini is O(n^3) causing slow exit when
many dsos
[15333] libc: Use 64-bit stat functions in installed programs
[15533] dynamic-link: LD_AUDIT introduces an avoidable performance
degradation
[15971] dynamic-link: No interface for debugger access to libraries
loaded with dlmopen
[17318] locale: [RFE] Provide a C.UTF-8 locale by default
[17645] dynamic-link: RFE: Improve performance of dynamic loader for
deeply nested DSO dependencies.
[19193] nptl: pthread_kill, pthread_cancel return ESRCH for a thread
ID whose lifetime has not ended
[22542] network: buffer overflow in sunrpc clnt_create
(CVE-2022-23219)
[22716] malloc: [PATCH] mtrace.pl: use TRACE_PRELINKING instead of
TRACE_LOADED_OBJECTS
[25947] malloc: memory leak in muntrace
[26045] math: fmaxf(inf, nan) does not always work
[26108] math: exp10() has problems with <tgmath.h>
[26779] build: benign use after realloc at localealias.c:329
[27609] dynamic-link: [2.32/2.33/2.34 Regression] In elf/dl-open.c
(_dl_open) we might use __LM_ID_CALLER to index GL(dl_ns)[]
[27945] build: build-many-glibcs.py doesn't configure GCC with
--enable-initfini-array
[27991] build: x86: sysdeps/x86/configure.ac breaks when
libc_cv_include_x86_isa_level is loaded from cache
[28036] nptl: Incorrect types for pthread_mutexattr_set/getrobust_np
in __REDIRECT_NTH macro
[28061] dynamic-link: A failing dlmopen called by an auditor crashed
[28062] dynamic-link: Suppress audit calls when a (new) namespace is
empty
[28126] libc: nftw aborts for paths longer than PATH_MAX
[28129] dynamic-link: Unnecessary check DT_DEBUG in ld.so
[28153] libc: [test] gmon/tst-gmon-gprof* may have a f3 line when
built with ld.lld
[28182] libc: _TIME_BITS=64 in C++ has issues with fcntl, ioctl, prctl
[28185] math: Inaccurate j0f function (again)
[28199] locale: iconvconfig prefix flag behaves differently in glibc
2.34
[28203] dynamic-link: aarch64: elf_machine_{load_address,dynamic}
should drop _GLOBAL_OFFSET_TABLE_[0] in favor of __ehdr_start for
robustness
[28213] librt: NULL pointer dereference in mq_notify (CVE-2021-38604)
[28223] libc: mips: clone does not align stack
[28253] dynamic-link: Missing colon in LD_SHOW_AUXV output after
AT_MINSIGSTKSZ
[28256] malloc: Conditional jump or move depends on uninitialised
value(s) in __GI___tunables_init
[28260] build: io/tst-closefrom, misc/tst-close_range, posix/tst-
spawn5 fail if stray fds are open
[28310] libc: Do not use affinity mask for sysconf
(_SC_NPROCESSORS_CONF)
[28338] time: undefined behavior in __tzfile_compute with oddball TZif
file
[28340] dynamic-link: ld.so crashes while loading a DSO with a read-
only dynamic section
[28349] libc: Segfault for ping -R on qemux86 caused by recvmsg()
[28350] libc: ping receives SIGABRT on lib32-qemux86-64 caused by
recvmsg()
[28353] network: Race condition on __opensock
[28357] dynamic-link: deadlock between pthread_create and ctors
[28358] math: f64xdivf128 and f64xmulf128 spurious underflows
[28361] nptl: Fix for bug 12889 causes setxid deadlock
[28368] build: -Waddress instances in stdio-common/vfprintf-internal.c
[28390] localedata: Update locale data to Unicode 14.0.0
[28397] math: tgmath.h should not define fmaxmag, fminmag macros for
C2X
[28400] libc: [2.35 Regression] string/test-strncasecmp: cannot set
locale "en_US.UTF-8"
[28407] nptl: pthread_kill assumes that kill (getpid ()) is equivalent
to tgkill (getpid (), gettid())
[28455] dynamic-link: -Wl,--enable-new-dtags doesn't work
[28457] dynamic-link: Missing reldepmod4.so dependency for
globalmod1.so
[28469] time: linux: struct timex is not correctly set for 32-bit
systems with TIMESIZE=64
[28470] regex: Buffer read overrun in regular expression searching
[28475] string: Incorrect access attribute on memfrob
[28524] libc: Conversion from ISO-2022-JP-3 with iconv may emit
spurious NUL character on state reset
[28532] libc: powerpc64[le]: CFI for assembly templated syscalls is
incorrect
[28550] dynamic-link: FAIL: tst-dso-
ordering9_112-ecbda(GLIBC_TUNABLES=glibc.rtld.dynamic_sort=1)
execution test
[28554] build: Undefined generate-md5
[28572] libc: Misaligned accesses in test-memcpy and test-mempcpy on
hppa
[28607] nptl: Masked signals are delivered on thread exit
[28624] libc: openjdk 8/9 assume uni processor and gets stuck due to
lack of cpu counting /proc fallback with glibc 2.34
[28646] string: [2.35 Regression] mock -r fedora-36-x86_64
/tmp/java-1.8.0-openjdk-1.8.0.312.b07-2.fc36.src.rpm& fails to build
[28648] dynamic-link: Running ld.so on statically linked binaries
crashes
[28656] dynamic-link: LD_PREFER_MAP_32BIT_EXEC no longer works due to
binutils changes
[28676] dynamic-link: p_align on PT_LOAD segment in DSO isn't honored
[28678] nptl: nptl/tst-create1 hangs sporadically
[28688] dynamic-link: PT_LOAD p_align check is too strict
[28700] nss: "dns [!UNAVAIL=return] files" default for hosts database
is not useful
[28707] time: assert in tzfile.c __tzfile_read striking with truncated
timezones generated by tzcode-2021d and later
[28713] math: GCC 12 miscompiles libm
[28732] dynamic-link: FAIL: elf/tst-dl_find_object
[28738] build: LIBC_LINKER_FEATURE doesn't work on linker -z option
[28745] dynamic-link: _dl_find_object miscompilation on powerpc64le
[28746] libc: _FORTIFY_SOURCE does not work for stpcpy
[28749] libc: Inconsistency detected by ld.so: rtld.c: 1632: dl_main:
Assertion `GL(dl_rtld_map).l_libname' failed!
[28755] string: overflow bug in wcsncmp_avx2 and wcsncmp_evex
[28757] nptl: GDB printer tests failed with new GDB
[28765] math: x86_64 libmvec atan2 accuracy
[28766] manual: Document libmvec accuracy
[28768] network: Buffer overflow in svcunix_create with long pathnames
(CVE-2022-23218)
[28769] libc: Off-by-one buffer overflow/underflow in getcwd()
(CVE-2021-3999)
[28770] libc: Unexpected return value from realpath() for too long
results (CVE-2021-3998)
[28771] libc: %ebx optimization macros are incompatible with .altmacro
in Systemtap probes
[28780] build: --disable-default-pie doesn't work on static programs
[28782] libc: x86-64 ISA level for glibc itself is always
x86-64-baseline
[28792] glob: possible wrong behaviour with patterns with double [
with no closing ]
[28837] libc: FAIL: socket/tst-socket-timestamp-compat
[28847] locale: Empty mon_decimal_point in LC_MONETARY results in non-
empty mon_decimal_point_wc
Version 2.34
Major new features:
* In order to support smoother in-place-upgrades and to simplify
the implementation of the runtime all functionality formerly
implemented in the libraries libpthread, libdl, libutil, libanl has
been integrated into libc. New applications do not need to link with
-lpthread, -ldl, -lutil, -lanl anymore. For backwards compatibility,
empty static archives libpthread.a, libdl.a, libutil.a, libanl.a are
provided, so that the linker options keep working. Applications which
have been linked against glibc 2.33 or earlier continue to load the
corresponding shared objects (which are now empty). The integration
of those libraries into libc means that additional symbols become
available by default. This can cause applications that contain weak
references to take unexpected code paths that would only have been
used in previous glibc versions when e.g. preloading libpthread.so.0,
potentially exposing application bugs.
* When _DYNAMIC_STACK_SIZE_SOURCE or _GNU_SOURCE are defined,
PTHREAD_STACK_MIN is no longer constant and is redefined to
sysconf(_SC_THREAD_STACK_MIN). This supports dynamic sized register
sets for modern architectural features like Arm SVE.
* Add _SC_MINSIGSTKSZ and _SC_SIGSTKSZ. When _DYNAMIC_STACK_SIZE_SOURCE
or _GNU_SOURCE are defined, MINSIGSTKSZ and SIGSTKSZ are no longer
constant on Linux. MINSIGSTKSZ is redefined to sysconf(_SC_MINSIGSTKSZ)
and SIGSTKSZ is redefined to sysconf (_SC_SIGSTKSZ). This supports
dynamic sized register sets for modern architectural features like
Arm SVE.
* The dynamic linker implements the --list-diagnostics option, printing
a dump of information related to IFUNC resolver operation and
glibc-hwcaps subdirectory selection.
* On Linux, the function execveat has been added. It operates similar to
execve and it is is already used to implement fexecve without requiring
/proc to be mounted. However, different than fexecve, if the syscall is not
supported by the kernel an error is returned instead of trying a fallback.
* The ISO C2X function timespec_getres has been added.
* The feature test macro __STDC_WANT_IEC_60559_EXT__, from draft ISO
C2X, is supported to enable declarations of functions defined in Annex F
of C2X. Those declarations are also enabled when
__STDC_WANT_IEC_60559_BFP_EXT__, as specified in TS 18661-1, is
defined, and when _GNU_SOURCE is defined.
* On powerpc64*, glibc can now be compiled without scv support using the
--disable-scv configure option.
* Add support for 64-bit time_t on configurations like x86 where time_t
is traditionally 32-bit. Although time_t still defaults to 32-bit on
these configurations, this default may change in future versions.
This is enabled with the _TIME_BITS preprocessor macro set to 64 and is
only supported when LFS (_FILE_OFFSET_BITS=64) is also enabled. It is
only enabled for Linux and the full support requires a minimum kernel
version of 5.1.
* The main gconv-modules file in glibc now contains only a small set of
essential converter modules and the rest have been moved into a supplementary
configuration file gconv-modules-extra.conf in the gconv-modules.d directory
in the same GCONV_PATH. Similarly, external converter modules directories
may have supplementary configuration files in a gconv-modules.d directory
with names ending with .conf to logically classify the converter modules in
that directory.
* On Linux, a new tunable, glibc.pthread.stack_cache_size, can be used
to configure the size of the thread stack cache.
* The function _Fork has been added as an async-signal-safe fork replacement
since Austin Group issue 62 dropped the async-signal-safe requirement for
fork (and it will be included in the future POSIX standard). The new _Fork
function does not run any atfork function neither resets any internal state
or lock (such as the malloc one), and only sets up a minimal state required
to call async-signal-safe functions (such as raise or execve). This function
is currently a GNU extension.
* On Linux, the close_range function has been added. It allows efficiently
closing a range of file descriptors on recent kernels (version 5.9).
* The function closefrom has been added. It closes all file descriptors
greater than or equal to a given integer. This function is a GNU extension,
although it is also present in other systems.
* The posix_spawn_file_actions_addclosefrom_np function has been added,
enabling posix_spawn and posix_spawnp to close all file descriptors greater
than or equal to a given integer. This function is a GNU extension,
although Solaris also provides a similar function.
* When invoked explicitly, the dynamic linker now uses the kernel to
execute programs that do not have any dynamic dependency (that is,
they are statically linked). This feature is Linux-specific.
Deprecated and removed features, and other changes affecting compatibility:
* The function pthread_mutex_consistent_np has been deprecated; programs
should use the equivalent standard function pthread_mutex_consistent
instead.
* The function pthread_mutexattr_getrobust_np has been deprecated;
programs should use the equivalent standard function
pthread_mutexattr_getrobust instead.
* The function pthread_mutexattr_setrobust_np has been deprecated;
programs should use the equivalent standard function
pthread_mutexattr_setrobust instead.
* The function pthread_yield has been deprecated; programs should use
the equivalent standard function sched_yield instead.
* The function inet_neta declared in <arpa/inet.h> has been deprecated.
* Various rarely-used functions declared in <resolv.h> and
<arpa/nameser.h> have been deprecated. Applications are encouraged to
use dedicated DNS processing libraries if applicable. For <resolv.h>,
this affects the functions dn_count_labels, fp_nquery, fp_query,
fp_resstat, hostalias, loc_aton, loc_ntoa, p_cdname, p_cdnname,
p_class, p_fqname, p_fqnname, p_option, p_query, p_rcode, p_time,
p_type, putlong, putshort, res_hostalias, res_isourserver,
res_nameinquery, res_queriesmatch, res_randomid, sym_ntop, sym_ntos,
sym_ston. For <arpa/nameser.h>, the functions ns_datetosecs,
ns_format_ttl, ns_makecanon, ns_parse_ttl, ns_samedomain, ns_samename,
ns_sprintrr, ns_sprintrrf, ns_subdomain have been deprecated.
* Various symbols previously defined in libresolv have been moved to libc
in order to prepare for libresolv moving entirely into libc (see earlier
entry for merging libraries into libc). The symbols __dn_comp,
__dn_expand, __dn_skipname, __res_dnok, __res_hnok, __res_mailok,
__res_mkquery, __res_nmkquery, __res_nquery, __res_nquerydomain,
__res_nsearch, __res_nsend, __res_ownok, __res_query, __res_querydomain,
__res_search, __res_send formerly in libresolv have been renamed and no
longer have a __ prefix. They are now available in libc.
* The pthread cancellation handler is now installed with SA_RESTART and
pthread_cancel will always send the internal SIGCANCEL on a cancellation
request. It should not be visible to applications since the cancellation
handler should either act upon cancellation (if asynchronous cancellation
is enabled) or ignore the cancellation internal signal. However there are
buggy kernel interfaces (for instance some CIFS versions) that could still
see a spurious EINTR error when cancellation interrupts a blocking syscall.
* Previously, glibc installed its various shared objects under versioned
file names such as libc-2.33.so. The ABI sonames (e.g., libc.so.6)
were provided as symbolic links. Starting with glibc 2.34, the shared
objects are installed under their ABI sonames directly, without
symbolic links. This increases compatibility with distribution
package managers that delete removed files late during the package
upgrade or downgrade process.
* The symbols mallwatch and tr_break are now deprecated and no longer used in
mtrace. Similar functionality can be achieved by using conditional
breakpoints within mtrace functions from within gdb.
* The __morecore and __after_morecore_hook malloc hooks and the default
implementation __default_morecore have been removed from the API. Existing
applications will continue to link against these symbols but the interfaces
no longer have any effect on malloc.
* Debugging features in malloc such as the MALLOC_CHECK_ environment variable
(or the glibc.malloc.check tunable), mtrace() and mcheck() have now been
disabled by default in the main C library. Users looking to use these
features now need to preload a new debugging DSO libc_malloc_debug.so to get
this functionality back.
* The deprecated functions malloc_get_state and malloc_set_state have been
moved from the core C library into libc_malloc_debug.so. Legacy applications
that still use these functions will now need to preload libc_malloc_debug.so
in their environment using the LD_PRELOAD environment variable.
* The deprecated memory allocation hooks __malloc_hook, __realloc_hook,
__memalign_hook and __free_hook are now removed from the API. Compatibility
symbols are present to support legacy programs but new applications can no
longer link to these symbols. These hooks no longer have any effect on glibc
functionality. The malloc debugging DSO libc_malloc_debug.so currently
supports hooks and can be preloaded to get this functionality back for older
programs. However this is a transitional measure and may be removed in a
future release of the GNU C Library. Users may port away from these hooks by
writing and preloading their own malloc interposition library.
Changes to build and runtime requirements:
* On Linux, the shm_open, sem_open, and related functions now expect the
file shared memory file system to be mounted at /dev/shm. These functions
no longer search among the system's mount points for a suitable
replacement if /dev/shm is not available.
Security related changes:
CVE-2021-27645: The nameserver caching daemon (nscd), when processing
a request for netgroup lookup, may crash due to a double-free,
potentially resulting in degraded service or Denial of Service on the
local system. Reported by Chris Schanzle.
CVE-2021-33574: The mq_notify function has a potential use-after-free
issue when using a notification type of SIGEV_THREAD and a thread
attribute with a non-default affinity mask.
CVE-2021-35942: The wordexp function may overflow the positional
parameter number when processing the expansion resulting in a crash.
Reported by Philippe Antoine.
The following bugs are resolved with this release:
[4737] libc: fork is not async-signal-safe
[5781] math: Slow dbl-64 sin/cos/sincos for special values
[10353] libc: Methods for deleting all file descriptors greater than
given integer (closefrom)
[14185] glob: fnmatch() fails when '*' wildcard is applied on the file
name containing multi-byte character(s)
[14469] math: Inaccurate j0f function
[14470] math: Inaccurate j1f function
[14471] math: Inaccurate y0f function
[14472] math: Inaccurate y1f function
[14744] nptl: kill -32 $pid or kill -33 $pid on a process cancels a
random thread
[15271] dynamic-link: dlmopen()ed shared library with LM_ID_NEWLM
crashes if it fails dlsym() twice
[15648] nptl: multiple definition of `__lll_lock_wait_private'
[16063] nptl: Provide a pthread_once variant in libc directly
[17144] libc: syslog is not thread-safe if NO_SIGPIPE is not defined
[17145] libc: syslog with LOG_CONS leaks console file descriptor
[17183] manual: description of ENTRY struct in <search.h> in glibc
manual is incorrect
[18435] nptl: pthread_once hangs when init routine throws an exception
[18524] nptl: Missing calloc error checking in
__cxa_thread_atexit_impl
[19329] dynamic-link: dl-tls.c assert failure at concurrent
pthread_create and dlopen
[19366] nptl: returning from a thread should disable cancellation
[19511] nptl: 8MB memory leak in pthread_create in case of failure
when non-root user changes priority
[20802] dynamic-link: getauxval NULL pointer dereference after static
dlopen
[20813] nptl: pthread_exit is inconsistent between libc and libpthread
[22057] malloc: malloc_usable_size is broken with mcheck
[22668] locale: LC_COLLATE: the last character of ellipsis is not
ordered correctly
[23323] libc: [RFE] CSU startup hardening.
[23328] malloc: Remove malloc hooks and ensure related APIs return no