|
|
|
|
Changelog for glibc-gconv-modules-extra-2.40-746.2.i586.rpm :
* Wed Sep 25 2024 Johannes Segitz - Add random.patch (bsc#1230965) * Mon Jul 29 2024 Andreas Schwab - Update to glibc 2.40 * The header type-generic macros have been changed when using GCC 14.1 or later to use __builtin_stdc_bit_ceil etc. built-in functions * The GNU C Library now supports a feature test macro _ISOC23_SOURCE to enable features from the ISO C23 standard * The ISO C23 function families introduced in TS 18661-4:2015 are now supported in * A new tunable, glibc.rtld.enable_secure, can be used to run a program as if it were a setuid process * On Linux, the epoll header was updated to include epoll ioctl definitions and the related structure added in Linux kernel 6.9 * The fortify functionality has been significantly enhanced for building programs with clang against the GNU C Library * Many functions have been added to the vector library for aarch64 * On x86, memset can now use non-temporal stores to improve the performance of large writes * Architectures which use a 32-bit seconds-since-epoch field in struct lastlog, struct utmp, struct utmpx (such as i386, powerpc64le, rv32, rv64, x86-64) switched from a signed to an unsigned type for that field * __rseq_size now denotes the size of the active rseq area (20 bytes initially), not the size of struct rseq (32 bytes initially).- arm-dl-start-user.patch, duplocale-global-locale.patch, elf-parse-tunables.patch, glibc-CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-n.patch, glibc-CVE-2024-33600-nscd-Avoid-null-pointer-crashes-after.patch, glibc-CVE-2024-33600-nscd-Do-not-send-missing-not-found-re.patch, glibc-CVE-2024-33601-CVE-2024-33602-nscd-netgroup-Use-two.patch, iconv-iso-2022-cn-ext.patch, nscd-netgroup-cache-timeout.patch, s390-clone-error-clobber-r7.patch, sigisemptyset.patch, stdbit-builtins.patch, utmp-time-bits.patch: Removed- glibc-2.3.90-langpackdir.diff: Rediff * Mon Jun 03 2024 Dominique Leuenberger - Also provide glibc-locale-base- from glibc-gconv-modules-extra-: the package was merged in the baselibs.conf case, so the capability is there. Steam for one has a requires on the symbol (boo#1225809). * Tue May 28 2024 Andreas Schwab - Obsolete glibc-locale-base- from glibc- * Tue May 21 2024 Andreas Schwab - Move essential (Latin-1 and UTF based) gconv modules to main glibc package, other modules to new package glibc-gconv-modules-extra * Mon May 13 2024 Andreas Schwab - glibc-CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-n.patch: nscd: Stack-based buffer overflow in netgroup cache (CVE-2024-33599, bsc#1223423, BZ #31677)- glibc-CVE-2024-33600-nscd-Avoid-null-pointer-crashes-after.patch: nscd: Avoid null pointer crashes after notfound response (CVE-2024-33600, bsc#1223424, BZ #31678)- glibc-CVE-2024-33600-nscd-Do-not-send-missing-not-found-re.patch: nscd: Do not send missing not-found response in addgetnetgrentX (CVE-2024-33600, bsc#1223424, BZ #31678)- glibc-CVE-2024-33601-CVE-2024-33602-nscd-netgroup-Use-two.patch: netgroup: Use two buffers in addgetnetgrentX (CVE-2024-33601, CVE-2024-33602, bsc#1223425, BZ #31680)- nscd-netgroup-cache-timeout.patch: Use time_t for return type of addgetnetgrentX (CVE-2024-33602, bsc#1223425)- glibc-fix-cve-2024-33599.patch: renamed * Wed May 08 2024 Giuliano Belinassi - ulp-prologue-into-asm-functions.patch: Avoid creating ULP prologue for _start routine (bsc#1221940) * Wed May 08 2024 Andreas Schwab - utmp-time-bits.patch: login: structs utmp, utmpx, lastlog _TIME_BITS independence (BZ #30701)- elf-parse-tunables.patch: elf: Only process multiple tunable once (BZ [#31686]) * Mon Apr 29 2024 Giuliano Belinassi - glibc-fix-cve-2024-33599.patch: nscd: Stack-based buffer overflow in netgroup cache (CVE-2024-33599, bsc#1223423) * Thu Apr 18 2024 Andreas Schwab - iconv-iso-2022-cn-ext.patch: iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961, bsc#1222992) * Wed Mar 13 2024 Andreas Schwab - stdbit-builtins.patch: Use gcc __builtin_stdc_ * builtins in stdbit.h if possible * Tue Mar 12 2024 Andreas Schwab - sigisemptyset.patch: linux/sigsetops: fix type confusion (BZ #31468) * Mon Mar 11 2024 Andreas Schwab - duplocale-global-locale.patch: duplocale: protect use of global locale (bsc#1220441, BZ #23970) * Tue Feb 27 2024 Ludwig Nussel - nsswitch.conf: Add systemd also for shadow lookups, use merge strategy for group lookups * Mon Feb 26 2024 Andreas Schwab - s390-clone-error-clobber-r7.patch: S390: Do not clobber r7 in clone (BZ [#31402]) * Wed Feb 07 2024 Andreas Schwab - Add libnsl1 to baselibs.conf (bsc#1219640) * Tue Feb 06 2024 Andreas Schwab - arm-dl-start-user.patch: arm: Remove wrong ldr from _dl_start_user (BZ [#31339]) * Thu Feb 01 2024 Andreas Schwab - Update to glibc 2.39 * A new tunable, glibc.cpu.plt_rewrite, can be used to enable PLT rewrite on x86-64 * Sync with Linux kernel 6.6 shadow stack interface * struct statvfs now has an f_type member, equal to the f_type statfs member * On Linux, the functions posix_spawnattr_getcgroup_np and posix_spawnattr_setcgroup_np have been added, along with the POSIX_SPAWN_SETCGROUP flag * On Linux, the pidfd_spawn and pidfd_spawp functions have been added * On Linux, the pidfd_getpid function has been added * scanf-family functions now support the wN format length modifiers for arguments pointing to types intN_t, int_leastN_t, uintN_t or uint_leastN_t * A new tunable, glibc.mem.decorate_maps, can be used to add additional information on underlying memory allocated by the glibc * The header has been added from ISO C2X * On AArch64 new symbols were added to libmvec * The ldconfig program now skips file names containing \';\' or ending in \".dpkg.tmp\" or \".dpkg.new\" * The dynamic linker calls the malloc and free functions in more cases during TLS access if a shared object with dynamic TLS is loaded and unloaded- aarch64-rawmemchr-unwind.patch, cache-amd-legacy.patch, cache-intel-shared.patch, call-init-proxy-objects.patch, fstat-implementation.patch, gb18030-2022.patch, getaddrinfo-eai-memory.patch, getaddrinfo-memory-leak.patch, getcanonname-use-after-free.patch, iconv-error-verbosity.patch, intl-c-utf-8-like-c-locale.patch, ldconfig-process-elf-file.patch, libio-io-vtables.patch, libio-wdo-write.patch, no-aaaa-read-overflow.patch, posix-memalign-fragmentation.patch, ppc64-flock-fob64.patch, qsort-invalid-cmp.patch, sem-open-o-creat.patch, setxid-propagate-glibc-tunables.patch, syslog-buffer-overflow.patch, tls-modid-reuse.patch, tunables-string-parsing.patch: Removed * Wed Jan 31 2024 Andreas Schwab - syslog-buffer-overflow.patch: syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6246, CVE-2023-6779, CVE-2023-6780, bsc#1218863, bsc#1218867, bsc#1218868)- qsort-invalid-cmp.patch: qsort: handle degenerated compare function (bsc#1218866) * Mon Jan 29 2024 Andreas Schwab - Change minimum GCC to 13 * Tue Jan 23 2024 Andreas Schwab - Split off libnsl.so.1 into a separate package * Tue Jan 02 2024 Andreas Schwab - sem-open-o-creat.patch: sem_open: Clear O_CREAT when semaphore file is expected to exist (BZ #30789)- ldconfig-process-elf-file.patch: elf: Fix wrong break removal from 8ee878592c- tls-modid-reuse.patch: elf: Fix TLS modid reuse generation assignment (BZ #29039)- getaddrinfo-eai-memory.patch: getaddrinfo: translate ENOMEM to EAI_MEMORY (bsc#1217589, BZ #31163)- libio-wdo-write.patch: libio: Check remaining buffer size in _IO_wdo_write (BZ #31183) * Tue Dec 05 2023 Andreas Schwab - aarch64-rawmemchr-unwind.patch: aarch64: correct CFI in rawmemchr (bsc#1217445, BZ #31113) * Mon Dec 04 2023 Andreas Schwab - Remove systemd from shadow and gshadow lookups (bsc#1217220) * Mon Oct 23 2023 Andreas Schwab - gb18030-2022.patch: add GB18030-2022 charmap (jsc#PED-4908, BZ #30243) * Wed Oct 18 2023 Andreas Schwab - dtors-reverse-ctor-order.patch: Remove, has been reverted * Tue Oct 17 2023 Andreas Schwab - Avoid use of SSE in i586 build * Mon Oct 09 2023 Andreas Schwab - Add systemd also to gshadow lookups (jsc#PED-5188)- For SLE continue to use nsswitch.conf without systemd * Wed Oct 04 2023 Andreas Schwab - setxid-propagate-glibc-tunables.patch: Propagate GLIBC_TUNABLES in setxid binaries- tunables-string-parsing.patch: tunables: Terminate if end of input is reached (CVE-2023-4911, bsc#1215501) * Wed Sep 27 2023 Andreas Schwab - fstat-implementation.patch: io: Do not implement fstat with fstatat * Mon Sep 25 2023 Andreas Schwab - getaddrinfo-memory-leak.patch: Fix leak in getaddrinfo introduced by the fix for CVE-2023-4806 (CVE-2023-5156, bsc#1215714, BZ #30884) * Mon Sep 18 2023 Andreas Schwab - getcanonname-use-after-free.patch: getaddrinfo: Fix use after free in getcanonname (CVE-2023-4806, bsc#1215281, BZ #30843)- Do not build any cross packages in SLES * Wed Sep 13 2023 Andreas Schwab - no-aaaa-read-overflow.patch: Stack read overflow with large TCP responses in no-aaaa mode (CVE-2023-4527, bsc#1215280, BZ #30842) * Tue Sep 12 2023 Andreas Schwab - Add systemd to passwd, group and shadow lookups (jsc#PED-5188) * Mon Sep 11 2023 Andreas Schwab - ppc64-flock-fob64.patch: io: Fix record locking contants for powerpc64 with __USE_FILE_OFFSET64 (BZ #30804)- libio-io-vtables.patch: libio: Fix oversized __io_vtables- call-init-proxy-objects.patch: elf: Do not run constructors for proxy objects- dtors-reverse-ctor-order.patch: elf: Always call destructors in reverse constructor order (BZ #30785) * Tue Sep 05 2023 Andreas Schwab - intl-c-utf-8-like-c-locale.patch: intl: Treat C.UTF-8 locale like C locale (BZ #16621)- glibc-disable-gettext-for-c-utf8.patch: Removed * Mon Aug 28 2023 Richard Biener - Add cross-ppc64le package * Tue Aug 22 2023 Andreas Schwab - posix-memalign-fragmentation.patch: malloc: Enable merging of remainders in memalign, remove bin scanning from memalign (BZ #30723)- Limit build counter sync to i686 flavor, to reduce needs for rebuilds * Tue Aug 22 2023 Richard Biener - Add cross-s390x package (bsc#1214460) * Mon Aug 14 2023 Andreas Schwab - Require that elf/check-localplt does not fail- glibc-2.3.90-langpackdir.diff: add hidden alias for __strcpy_chk- cache-amd-legacy.patch: x86: Fix for cache computation on AMD legacy cpus- cache-intel-shared.patch: x86: Fix incorrect scope of setting `shared_per_thread` (BZ# 30745) * Wed Aug 02 2023 Andreas Schwab - Update to glibc 2.38 * When C2X features are enabled and the base argument is 0 or 2, the following functions support binary integers prefixed by 0b or 0B as input * PRIb *, PRIB * and SCNb * macros from C2X have been added to . * printf-family functions now support the wN format length modifiers for arguments of type intN_t, int_leastN_t, uintN_t or uint_leastN_t and the wfN format length modifiers for arguments of type int_fastN_t or uint_fastN_t, as specified in draft ISO C2X * A new tunable, glibc.pthread.stack_hugetlb, can be used to disable Transparent Huge Pages (THP) in stack allocation at pthread_create * Vector math library libmvec support has been added to AArch64 * The strlcpy and strlcat functions have been added * CVE-2023-25139: When the printf family of functions is called with a format specifier that uses an (enable grouping) and a minimum width specifier, the resulting output could be larger than reasonably expected by a caller that computed a tight bound on the buffer size- Enable build with _FORTIFY_SOURCE- glibc-2.3.90-langpackdir.diff: avoid reference to __strcpy_chk- iconv-error-verbosity.patch: iconv: restore verbosity with unrecognized encoding names (BZ #30694)- printf-grouping.patch, strftime-time64.patch, getlogin-no-loginuid.patch, fix-locking-in-_IO_cleanup.patch, gshadow-erange-rhandling.patch, system-sigchld-block.patch, gmon-buffer-alloc.patch, check-pf-cancel-handler.patch, powerpc64-fcntl-lock.patch, realloc-limit-chunk-reuse.patch, dl-find-object-return.patch; Removed- bsc#1211828- bsc#1212819 * Mon Jul 10 2023 Andreas Schwab - gshadow-erange-rhandling.patch: gshadow: Matching sgetsgent, sgetsgent_r ERANGE handling (BZ #30151)- system-sigchld-block.patch: posix: Fix system blocks SIGCHLD erroneously (BZ #30163)- gmon-buffer-alloc.patch: gmon: Fix allocated buffer overflow (bsc#1207975, BZ #29444)- check-pf-cancel-handler.patch: __check_pf: Add a cancellation cleanup handler (BZ #20975)- powerpc64-fcntl-lock.patch: io: Fix F_GETLK, F_SETLK, and F_SETLKW for powerpc64- realloc-limit-chunk-reuse.patch: realloc: Limit chunk reuse to only growing requests (BZ #30579)- dl-find-object-return.patch: elf: _dl_find_object may return 1 during early startup (BZ #30515) * Mon Jul 03 2023 Andreas Schwab - Need to build with GCC 12 as minimum * Thu Jun 29 2023 Andreas Schwab - fix-locking-in-_IO_cleanup.patch: Update to final version * Fri Apr 28 2023 Giuliano Belinassi - ulp-prologue-into-asm-functions.patch: Add support for livepatches in ASM written functions (bsc#1210777, bsc#1211726) * Thu Mar 30 2023 Andreas Schwab - getlogin-no-loginuid.patch: getlogin_r: fix missing fallback if loginuid is unset (bsc#1209229, BZ #30235) * Thu Mar 16 2023 Andreas Schwab - Exclude static archives from preparation for live patching (bnc#1208721) * Wed Feb 01 2023 Andreas Schwab - Update to glibc 2.37 * The getent tool now supports the --no-addrconfig option * The dynamic linker no longer loads shared objects from the \"tls\" subdirectories on the library search path or the subdirectory that corresponds to the AT_PLATFORM system name, or employs the legacy AT_HWCAP search mechanism, which was deprecated in version 2.33- printf-grouping.patch: Account for grouping in printf width (BZ #30068)- strftime-time64.patch: Use 64-bit time_t interfaces in strftime and strptime (BZ #30053)- glibcextract-compile-c-snippet.patch, sys-mount-kernel-definition.patch, sys-mount-usage.patch, nscd-netlink-cache-invalidation.patch, syslog-large-messages.patch, dlmopen-libc-early-init.patch, ldd-vdso-dependency.patch, syslog-extra-whitespace.patch, errlist-edeadlock.patch, makeflags.patch, get-nscd-addresses.patch, x86-64-avx2-string-functions.patch, nscd-aicache.patch, dl-debug-bindings.patch, floatn.patch: Removed- bsc#1207957- bsc#1208358- bsc#1212910 * Tue Dec 27 2022 Ludwig Nussel - Remove reference to obsolete %usrmerged macro (boo#1206798) * Thu Dec 15 2022 Andreas Schwab - floatn.patch: Update _FloatN header support for C++ in GCC 13 * Thu Nov 10 2022 Callum Farmer - nscd: Convert to systemd-sysusers * Wed Oct 26 2022 Andreas Schwab - dl-debug-bindings.patch: elf: Reinstate on DL_DEBUG_BINDINGS _dl_lookup_symbol_x (bsc#1204710) * Wed Oct 05 2022 Andreas Schwab - get-nscd-addresses.patch: get_nscd_addresses: Fix subscript typos (BZ [#29605])- x86-64-avx2-string-functions.patch: check for required cpu features in AVX2 string functions (BZ #29611)- nscd-aicache.patch: nscd: Drop local address tuple variable (BZ #29607) * Wed Sep 21 2022 Andreas Schwab - makeflags.patch: Makerules: fix MAKEFLAGS assignment for upcoming make-4.4 (BZ# 29564) * Thu Sep 08 2022 Andreas Schwab - errlist-edeadlock.patch: errlist: add missing entry for EDEADLOCK (BZ [#29545]) * Tue Sep 06 2022 Andreas Schwab - syslog-large-messages.patch: syslog: Fix large messages (CVE-2022-39046, bsc#1203011, BZ #29536)- dlmopen-libc-early-init.patch: elf: Call __libc_early_init for reused namespaces (BZ #29528)- ldd-vdso-dependency.patch: elf: Restore how vDSO dependency is printed with LD_TRACE_LOADED_OBJECTS (BZ #29539)- syslog-extra-whitespace.patch: syslog: Remove extra whitespace between timestamp and message (BZ #29544) * Wed Aug 24 2022 Fabian Vogt - nscd-netlink-cache-invalidation.patch: nscd: Fix netlink cache invalidation if epoll is used (boo#1199964, BZ #29415) * Mon Aug 15 2022 Andreas Schwab - glibcextract-compile-c-snippet.patch: glibcextract.py: Add compile_c_snippet- sys-mount-kernel-definition.patch: linux: Mimic kernel definition for BLOCK_SIZE- sys-mount-usage.patch: linux: Fix sys/mount.h usage with kernel headers * Tue Aug 02 2022 Andreas Schwab - Update to glibc 2.36 Major new features: * Support for DT_RELR relative relocation format has been added to glibc * On Linux, the pidfd_open, pidfd_getfd, and pidfd_send_signal functions have been added * On Linux, the process_madvise function has been added * On Linux, the process_mrelease function has been added * The “no-aaaa” DNS stub resolver option has been added * On Linux, the fsopen, fsmount, move_mount, fsconfig, fspick, open_tree, and mount_setattr have been added * localedef now accepts locale definition files encoded in UTF-8 * Support for the mbrtoc8 and c8rtomb multibyte/UTF-8 character conversion functions has been added per the ISO C2X N2653 and C++20 P0482R6 proposals * The functions arc4random, arc4random_buf, and arc4random_uniform have been added Deprecated and removed features, and other changes affecting compatibility: * Support for prelink will be removed in the next release * The Linux kernel version check has been removed along with the LD_ASSUME_KERNEL environment variable * On Linux, The LD_LIBRARY_VERSION environment variable has been removed- get-nprocs-sched-uninit-read.patch, get-nprocs-inaccurate.patch, strcmp-rtm-fallback.path, pt-load-invalid-hole.patch, localedef-ld-monetary.patch, nptl-spurious-eintr.patch, strncpy-power9-vsx.patch, nptl-cleanup-async-restore.patch, read-chk-cancel.patch, wcrtomb-fortify.patch, nptl-cleanup-async-restore-2.patch: Removed- CVE-2023-4813, bsc#1215286- bsc#1198751- bsc#1200334 * Thu Jul 14 2022 Andreas Schwab - nptl-cleanup-async-restore-2.patch: nptl: Fix ___pthread_unregister_cancel_restore asynchronous restore (bsc#1200093, BZ #29214) * Thu Jun 23 2022 Andreas Schwab - read-chk-cancel.patch: debug: make __read_chk a cancellation point (bsc#1200682, BZ #29274)- wcrtomb-fortify.patch: wcrtomb: Make behavior POSIX compliant (bsc#1200688) * Thu Jun 09 2022 Andreas Schwab - Set SUSE_ZNOW=0 * Wed Jun 08 2022 Andreas Schwab - strncpy-power9-vsx.patch: powerpc: Fix VSX register number on __strncpy_power9 (BZ #29197)- nptl-cleanup-async-restore.patch: nptl: Fix __libc_cleanup_pop_restore asynchronous restore (bsc#1200093, BZ #29214) * Tue May 17 2022 Andreas Schwab - nptl-spurious-eintr.patch: nptl: Handle spurious EINTR when thread cancellation is disabled (BZ #29029) * Thu May 12 2022 Dominique Leuenberger - Follow the distro default gcc version to build the cross bootstrap packages. * Fri Apr 29 2022 Marcus Meissner - switched to https urls * Mon Feb 28 2022 Andreas Schwab - get-nprocs-sched-uninit-read.patch: linux: __get_nprocs_sched: do not feed CPU_COUNT_S with garbage (BZ #28850)- get-nprocs-inaccurate.patch: linux: fix accuracy of get_nprocs and get_nprocs_conf (BZ #28865)- strcmp-rtm-fallback.path: x86: Fallback {str|wcs}cmp RTM in the ncmp overflow case (BZ #28896)- pt-load-invalid-hole.patch: elf: Check invalid hole in PT_LOAD segments (BZ #28838)- localedef-ld-monetary.patch: localedef: Update LC_MONETARY handling (BZ [#28845]) * Thu Feb 03 2022 Andreas Schwab - Update to glibc 2.35 Major new features: * Unicode 14.0.0 Support * Bump r_version in the debugger interface to 2 * Support for the C.UTF-8 locale has been added to glibc * functions that round their results to a narrower type, and corresponding macros, are added from TS 18661-1:2014, TS 18661-3:2015 and draft ISO C2X * functions for floating-point maximum and minimum, corresponding to new operations in IEEE 754-2019, and corresponding macros, are added from draft ISO C2X * macros for single-precision float constants are added as a GNU extension * The __STDC_IEC_60559_BFP__ and __STDC_IEC_60559_COMPLEX__ macros are predefined as specified in TS 18661-1:2014 * The exp10 functions in now have a corresponding type-generic macro in * The ISO C2X macro _PRINTF_NAN_LEN_MAX has been added to * printf-family functions now support the %b format for output of integers in binary, as specified in draft ISO C2X, and the %B variant of that format recommended by draft ISO C2X * A new DSO sorting algorithm has been added in the dynamic linker that uses topological sorting by depth-first search (DFS), solving performance issues of the existing sorting algorithm when encountering particular circular object dependency cases * A new tunable, glibc.rtld.dynamic_sort, can be used to select between the two DSO sorting algorithms * ABI support for a new function \'__memcmpeq\'. \'__memcmpeq\' is meant to be used by compilers for optimizing usage of \'memcmp\' when its return value is only used for its boolean status * Support for automatically registering threads with the Linux rseq system call has been added * A symbolic link to the dynamic linker is now installed under /usr/bin/ld.so (or more precisely, \'${bindir}/ld.so\') * All programs and the testsuite in glibc are now built as position independent executables (PIE) by default on toolchains and architectures that support it * On Linux, a new tunable, glibc.malloc.hugetlb, can be used to either make malloc issue madvise plus MADV_HUGEPAGE on mmap and sbrk or to use huge pages directly with mmap calls with the MAP_HUGETLB flags) * The printf family of functions now handles the flagged %#m conversion specifier, printing errno as an error constant (similar to strerrorname_np) * The function _dl_find_object has been added * On Linux, the epoll_pwait2 function has been added * The function posix_spawn_file_actions_addtcsetpgrp_np has been added, enabling posix_spawn and posix_spawnp to set the controlling terminal in the new process in a race free manner * Source fortification (_FORTIFY_SOURCE) level 3 is now available for applications compiling with glibc and gcc 12 and later Deprecated and removed features, and other changes affecting compatibility: * On x86-64, the LD_PREFER_MAP_32BIT_EXEC environment variable support has been removed since the first PT_LOAD segment is no longer executable due to defaulting to -z separate-code * The r_version update in the debugger interface makes the glibc binary incompatible with GDB * Intel MPX support (lazy PLT, ld.so profile, and LD_AUDIT) has been removed * The catchsegv script and associated libSegFault.so shared object have been removed * Support for prelink will be removed in the next release; this includes removal of the LD_TRACE_PRELINKING, and LD_USE_LOAD_BIAS, environment variables and their functionality in the dynamic loader Changes to build and runtime requirements: * The audit module interface version LAV_CURRENT is increased to enable proper bind-now support * The audit interface on aarch64 is extended to support both the indirect result location register (x8) and NEON Q register Security related changes: * CVE-2022-23219: Passing an overlong file name to the clnt_create legacy function could result in a stack-based buffer overflow when using the \"unix\" protocol * CVE-2022-23218: Passing an overlong file name to the svcunix_create legacy function could result in a stack-based buffer overflow * CVE-2021-3998: Passing a path longer than PATH_MAX to the realpath function could result in a memory leak and potential access of uninitialized memory * CVE-2021-3999: Passing a buffer of size exactly 1 byte to the getcwd function may result in an off-by-one buffer underflow and overflow when the current working directory is longer than PATH_MAX and also corresponds to the / directory through an unprivileged mount namespace- copy-and-spawn-sgid-double-close.patch, fcntl-time-bits-64-redirect.patch, gaiconf-init-double-free.patch, gconv-parseconfdir-memory-leak.patch, getcwd-attribute-access.patch, glibc-c-utf8-locale.patch, iconv-charmap-close-output.patch, ld-show-auxv-colon.patch, ldconfig-leak-empty-paths.patch, librt-null-pointer.patch, pthread-kill-fail-after-exit.patch, pthread-kill-race-thread-exit.patch, pthread-kill-return-esrch.patch, pthread-kill-send-specific-thread.patch, pthread-mutexattr-getrobust-np-type.patch, setxid-deadlock-blocked-signals.patch, sysconf-nprocessors-affinity.patch, x86-string-control-test.patch: Removed.- bsc#1194640- bsc#1194768- bsc#1194770- bsc#1197718- bsc#1211829- bsc#1215891 * Fri Nov 26 2021 Michael Matz - Enable building the cross packages in rings. * Tue Nov 16 2021 Giuliano Belinassi - Add ExtraBuildFlags for build flags that cannot be passed to configure.- Add support for livepatches (jsc#SLE-20049).- Generate ipa-clones tarball artifact when livepatching is enabled. * Wed Nov 10 2021 Andreas Schwab - glibc.rpmlintrc: Update for rpmlint2 * Tue Oct 05 2021 Andreas Schwab - ld-show-auxv-colon.patch: elf: Fix missing colon in LD_SHOW_AUXV output (BZ #282539- x86-string-control-test.patch: x86-64: Use testl to check __x86_string_control- pthread-kill-fail-after-exit.patch: nptl: pthread_kill, pthread_cancel should not fail after exit (BZ #19193)- pthread-kill-race-thread-exit.patch: nptl: Fix race between pthread_kill and thread exit (BZ #12889)- getcwd-attribute-access.patch: posix: Fix attribute access mode on getcwd (BZ #27476)- pthread-kill-return-esrch.patch: nptl: pthread_kill needs to return ESRCH for old programs (BZ #19193)- pthread-mutexattr-getrobust-np-type.patch: nptl: Fix type of pthread_mutexattr_getrobust_np, pthread_mutexattr_setrobust_np (BZ [#28036])- setxid-deadlock-blocked-signals.patch: nptl: Avoid setxid deadlock with blocked signals in thread exit (BZ #28361)- pthread-kill-send-specific-thread.patch: nptl: pthread_kill must send signals to a specific thread (BZ #28407)- sysconf-nprocessors-affinity.patch: linux: Revert the use of sched_getaffinity on get_nproc (BZ #28310)- iconv-charmap-close-output.patch: renamed from icon-charmap-close-output.patch * Wed Aug 11 2021 Andreas Schwab - Don\'t create separate debuginfo packages for cross packages * Wed Aug 11 2021 Andreas Schwab - ldconfig-leak-empty-paths.patch: ldconfig: avoid leak on empty paths in config file- gconv-parseconfdir-memory-leak.patch: gconv_parseconfdir: Fix memory leak- gaiconf-init-double-free.patch: gaiconf_init: Avoid double-free in label and precedence lists- copy-and-spawn-sgid-double-close.patch: copy_and_spawn_sgid: Avoid double calls to close()- icon-charmap-close-output.patch: iconv_charmap: Close output file when done- fcntl-time-bits-64-redirect.patch: Linux: Fix fcntl, ioctl, prctl redirects for _TIME_BITS=64 (BZ #28182)- librt-null-pointer.patch: librt: fix NULL pointer dereference (BZ [#28213]) * Tue Aug 10 2021 Michael Matz - Add cross development packages for aarch64 and riscv64. * Mon Aug 02 2021 Andreas Schwab - Update to glibc 2.34 Major new features: * When _DYNAMIC_STACK_SIZE_SOURCE or _GNU_SOURCE are defined, PTHREAD_STACK_MIN is no longer constant and is redefined to sysconf(_SC_THREAD_STACK_MIN) * Add _SC_MINSIGSTKSZ and _SC_SIGSTKSZ * The dynamic linker implements the --list-diagnostics option, printing a dump of information related to IFUNC resolver operation and glibc-hwcaps subdirectory selection * On Linux, the function execveat has been added * The ISO C2X function timespec_getres has been added * The feature test macro __STDC_WANT_IEC_60559_EXT__, from draft ISO C2X, is supported to enable declarations of functions defined in Annex F of C2X * Add support for 64-bit time_t on configurations like x86 where time_t is traditionally 32-bit * The main gconv-modules file in glibc now contains only a small set of essential converter modules and the rest have been moved into a supplementary configuration file gconv-modules-extra.conf in the gconv-modules.d directory in the same GCONV_PATH * On Linux, a new tunable, glibc.pthread.stack_cache_size, can be used to configure the size of the thread stack cache * The function _Fork has been added as an async-signal-safe fork replacement since Austin Group issue 62 droped the async-signal-safe requirement for fork (and it will be included in the future POSIX standard) * On Linux, the close_range function has been added * The function closefrom has been added * The posix_spawn_file_actions_closefrom_np function has been added, enabling posix_spawn and posix_spawnp to close all file descriptors great than or equal to a giver integer Deprecated and removed features, and other changes affecting compatibility: * The function pthread_mutex_consistent_np has been deprecated * The function pthread_mutexattr_getrobust_np has been deprecated * The function pthread_mutexattr_setrobust_np has been deprecated * The function pthread_yield has been deprecated * The function inet_neta declared in has been deprecated * Various rarely-used functions declared in and have been deprecated * The pthread cancellation handler is now installed with SA_RESTART and pthread_cancel will always send the internal SIGCANCEL on a cancellation request * The symbols mallwatch and tr_break are now deprecated and no longer used in mtrace * The __morecore and __after_morecore_hook malloc hooks and the default implementation __default_morecore have been removed from the API * Debugging features in malloc such as the MALLOC_CHECK_ environment variable (or the glibc.malloc.check tunable), mtrace() and mcheck() have now been disabled by default in the main C library * The deprecated functions malloc_get_state and malloc_set_state have been moved from the core C library into libc_malloc_debug.so * The deprecated memory allocation hooks __malloc_hook, __realloc_hook, __memalign_hook and __free_hook are now removed from the API Changes to build and runtime requirements: * On Linux, the shm_open, sem_open, and related functions now expect the file shared memory file system to be mounted at /dev/shm Security related changes: CVE-2021-27645: The nameserver caching daemon (nscd), when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system CVE-2021-33574: The mq_notify function has a potential use-after-free issue when using a notification type of SIGEV_THREAD and a thread attribute with a non-default affinity mask CVE-2021-35942: The wordexp function may overflow the positional parameter number when processing the expansion resulting in a crash- nss-database-check-reload.patch, nss-load-chroot.patch, x86-isa-level.patch, nscd-netgroupcache.patch, nss-database-lookup.patch, select-modify-timeout.patch, nptl-db-libpthread-load-order.patch, rawmemchr-warning.patch, tst-cpu-features-amx.patch, mq-notify-use-after-free.patch: Removed- bsc#1181403- bsc#1184035- bsc#1187911- jsc#PED-987 * Fri Jun 11 2021 Ludwig Nussel - Enable usrmerge in Factory always as it\'s default there- Add conflict with pre-usrmerge filesystem package * Thu Jun 10 2021 Andreas Schwab - mq-notify-use-after-free.patch: Use __pthread_attr_copy in mq_notify (CVE-2021-33574, bsc#1186489, BZ #27896)- Drop glibc-usrmerge-bootstrap-helper package * Thu May 27 2021 Andreas Schwab - tst-cpu-features-amx.patch: x86: tst-cpu-features-supports.c: Update AMX check * Wed May 26 2021 Andreas Schwab - rawmemchr-warning.patch: string: Work around GCC PR 98512 in rawmemchr * Tue May 04 2021 Andreas Schwab - nptl-db-libpthread-load-order.patch: nptl_db: Support different libpthread/ld.so load orders (bsc#1184214, BZ #27744) * Tue Apr 13 2021 Andreas Schwab - Enable support for static PIE (bsc#1184646)- select-modify-timeout.patch: linux: always update select timeout (bsc#1184339, BZ #27706) * Tue Mar 23 2021 Andreas Schwab - Don\'t remove -f[asynchronous-]unwind-tables during configure run, no longer needed * Mon Mar 08 2021 Andreas Schwab - nss-database-check-reload.patch: nsswitch: return result when nss database is locked (BZ #27343)- nss-load-chroot.patch: nss: Re-enable NSS module loading after chroot (bsc#1182323, BZ #27389)- x86-isa-level.patch: x86: Set minimum x86-64 level marker (bsc#1182522, BZ #27318)- nss-database-lookup.patch: nss: fix nss_database_lookup2\'s alternate handling (bsc#1182247, BZ #27416)- nss-revert-api.patch: remove- nscd-netgroupcache.patch: nscd: Fix double free in netgroupcache (CVE-2021-27645, bsc#1182733, BZ #27462) * Tue Mar 02 2021 Andreas Schwab - Disable x86 ISA level for now (bsc#1182522, BZ #27318)- nss-revert-api.patch: Workaround for nss-compat brokeness (bsc#1182247, BZ #27416) * Mon Mar 01 2021 Andreas Schwab - Fix build of utils flavor for usrmerge * Thu Feb 18 2021 Andreas Schwab - Prepare for usrmerge (bsc#1029961) * Tue Feb 16 2021 Guillaume GARDET - Add --enable-memory-tagging for aarch64 * Tue Feb 02 2021 Andreas Schwab - Update to glibc 2.33 * The dynamic linker accepts the --list-tunables argument which prints all the supported tunables. * The dynamic linker accepts the --argv0 argument and provides opportunity to change argv[0] string. * The dynamic linker loads optimized implementations of shared objects from subdirectories under the glibc-hwcaps directory on the library search path if the system\'s capabilities meet the requirements for that subdirectory. * The new --help option of the dynamic linker provides usage and information and library search path diagnostics. * The mallinfo2 function is added to report statistics as per mallinfo, but with larger field widths to accurately report values that are larger than fit in an integer. * Add to provide query macros for x86 CPU features. * A new fortification level _FORTIFY_SOURCE=3 is available. * The mallinfo function is marked deprecated. * When dlopen is used in statically linked programs, alternative library implementations from HWCAP subdirectories are no longer loaded. * The deprecated header and the function vtimes have been removed. * On s390(x), the type float_t is now derived from the macro __FLT_EVAL_METHOD__ that is defined by the compiler, instead of being hardcoded to double. * A future version of glibc will stop loading shared objects from the \"tls\" subdirectories on the library search path, the subdirectory that corresponds to the AT_PLATFORM system name, and also stop employing the legacy AT_HWCAP search mechanism. * CVE-2021-3326: An assertion failure during conversion from the ISO-20220-JP-3 character set using the iconv function has been fixed.- Remove obsolete, unused /etc/default/nss- aarch64-static-pie.patch, euc-kr-overrun.patch, get-nprocs-cpu-online-parsing.patch, iconv-redundant-shift.patch, iconv-ucs4-loop-bounds.patch, ifunc-fma4.patch, intl-codeset-suffixes.patch, nscd-gc-cycle.patch, printf-long-double-non-normal.patch, strerrorname-np.patch, syslog-locking.patch, sysvipc.patch: Removed- bsc#1180557- bsc#1181505- bsc#1191592- bsc#1201942 * Tue Jan 19 2021 Andreas Schwab - Remove support for %optimize_power- Move to power4 baseline on ppc
|
|
|