https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=923adfcb588dabf6b8dee60b00e2de4e88afdb97 commit 923adfcb588dabf6b8dee60b00e2de4e88afdb97 Author: Carlos O'Donell Date: Tue Aug 4 20:39:09 2020 -0400 Update NEWS with bugs. Diff: --- NEWS | 112 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 110 insertions(+), 2 deletions(-) diff --git a/NEWS b/NEWS index e48d7438e2..485b8ddffa 100644 --- a/NEWS +++ b/NEWS @@ -187,8 +187,116 @@ Security related changes: The following bugs are resolved with this release: - [The release manager will add the list generated by - scripts/list-fixed-bugs.py just before the release.] + [9809] localedata: ckb_IQ: new Kurdish Sorani locale + [10441] manual: Backtraces code example lacks error checking + [10815] librt: [timer_create / SIGEV_THREAD] signalmask of + timer_sigev_thread dangerous + [14231] stdio: stdio-common tests memory requirements + [14578] libc: /proc-based emulation for lchmod, fchmodat + [16272] dynamic-link: dlopen()ing a DT_FILTER library crashes if + filtee has constructor + [19519] locale: iconv(1) with -c option hangs on illegal multi-byte + sequences (CVE-2016-10228) + [19737] admin: Doc page “20.5.2 Infinity and NaN” has incorrect HTML + character entities for infinity & pi + [20338] libc: Parsing of /etc/gshadow can return bad pointers causing + segfaults in applications + [20543] libc: Please move from .gnu.linkonce to comdat + [22489] network: gcc warns about implicit convertion in + ICMP6_FILTER_SETPASS with -Wsign-conversion + [22525] localedata: or_IN LC_COLLATE does not use copy "iso14651_t1" + [23294] math: Complex _FloatN functions are redirected to the wrong + function with -mlong-double-64 + [23296] libc: Data race in setting function descriptor during lazy + binding + [23668] dynamic-link: ldconfig: Default to the new format for + ld.so.cache + [23819] hurd: hurd: Add C11 thread support + [23990] build: test-container error out on failure to exec child. + [23991] build: shell-container typo in run_command_array + [24638] manual: Error in example of parsing a template string + [24654] manual: Wrong declaration of wcschr in libc manual + [24943] dynamic-link: Support DT_AUDIT, DT_DEPAUDIT in the dynamic + linker + [25051] dynamic-link: aarch64, powerpc64 uses surplus static tls for + dynamically loaded dsos + [25098] nptl: nptl: ctype classification functions are not AS-Safe + [25219] libc: improve out-of-bounds checking with GCC 10 attribute + access + [25262] libc: getcontext/setcontext/swapcontext unnecessarily save and + restore EAX, ECX and EDX + [25397] dynamic-link: Legacy bitmap doesn't cover jitted code + [25414] glob: 'glob' use-after-free bug (CVE-2020-1752) + [25420] network: Race condition in resolv_conf.c can result in caching + stale configuration forever + [25487] math: sinl() stack corruption from crafted input + (CVE-2020-10029) + [25506] build: configure: broken detection of STT_GNU_IFUNC when GCC + defaults to PIE + [25523] libc: MIPS/Linux inline syscall template is miscompiled + [25620] libc: Signed comparison vulnerability in the ARMv7 memcpy() + (CVE-2020-6096) + [25623] libc: test-sysvmsg, test-sysvsem, test-sysvshm fail with 2.31 + on 32 bit and old kernel + [25635] libc: arm: Wrong sysdep order selection for soft-fp + [25639] localedata: Some names of days and months wrongly spelt in + Occitan + [25657] libc: sigprocmask() and sigisemptyset() manipulate different + amount of sigset_t bytes + [25691] stdio: printf: memory leak when printing long multibyte + strings + [25715] libc: system() returns wrong errors when posix_spawn fails + [25733] malloc: mallopt(M_MXFAST) can set global_max_fast to 0 + [25734] locale: mbrtowc with Big5-HKSCS fails to reset conversion + state for conversions that produce two Unicode code points + [25765] nptl: Incorrect futex syscall in __pthread_disable_asynccancel + for linux x86_64 leads to livelock + [25788] dynamic-link: [i386] -fno-omit-frame-pointer in CFLAGS causes + test failures, invalid instruction in ld.so + [25790] glob: Typo in tst-fnmatch.input + [25810] libc: x32: Incorrect syscall entries with pointer, off_t and + size_t + [25819] localedata: Update locale data to Unicode 13.0.0 + [25824] libc: Abnormal function of strnlen in aarch64 + [25887] dynamic-link: Wasted space in _dl_x86_feature_1[1] + [25896] libc: Incorrect prctl + [25902] libc: Bad LOADARGS_N + [25905] dynamic-link: VSX registers are corrupted during PLT + resolution when glibc is built with --disable-multi-arch and --with- + cpu=power9 + [25933] string: Off by one error in __strncmp_avx2 when + length=VEC_SIZE*4 and strings are at page boundaries can cause a + segfault + [25942] nptl: Deadlock on stack_cache_lock between __nptl_setxid and + exiting detached thread + [25966] libc: Incorrect access of __x86_shared_non_temporal_threshold + for x32 + [25976] nss: internal_end*ent in nss_compat may clobber errno, hiding + ERANGE + [25999] nptl: Use-after-free issue in pthread_getaddr_default_np + [26073] math: getpayload() has wrong return value + [26076] dynamic-link: dlmopen crashes after failing to load + dependencies in audit mode + [26120] localedata: column width of of some Korean + JUNGSEONG/JONGSEONG characters wrong (should be 0) + [26128] libc: Incorrect bit_cpu_CLFLUSHOPT + [26133] libc: Incorrect need_arch_feature_F16C + [26137] libc: strtod() triggers exception FE_INEXACT on reasonable + input + [26149] libc: PKU is usable only if OSPKE is set + [26173] libc: powerpc64*: Add @notoc to calls to functions that do not + preserve r2 + [26208] libc: Incorrect bit_cpu_CLFSH + [26210] network: Incorrect use of hidden symbols for global sunrpc + variables + [26211] stdio: printf integer overflow calculating allocation size + [26214] stdio: printf_fp double free + [26215] stdio: printf_fp memory leak + [26232] time: FAIL: support/tst-timespec for 32-bit targets + [26258] nss: nss_compat should not read input files with mmap + [26332] string: Incorrect cache line size load causes memory + corruption in memset + Version 2.31