From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-qt1-x836.google.com (mail-qt1-x836.google.com [IPv6:2607:f8b0:4864:20::836]) by sourceware.org (Postfix) with ESMTPS id 055B03949093 for ; Mon, 1 Feb 2021 19:33:51 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 055B03949093 Received: by mail-qt1-x836.google.com with SMTP id z22so13179683qto.7 for ; Mon, 01 Feb 2021 11:33:51 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:from:autocrypt:subject:message-id:date :user-agent:mime-version:content-language:content-transfer-encoding; bh=I8OZyefdjfcDuktxX52pQFY20SuWna/QPWudRBmJNjw=; b=OkNpOHiCyG/IsD/TxwqqlMDN+oyL7ekv9XMgJRo50jMlvJHG2asFZD+kCA6+gP5uVo STBpJmFzG0ib90yglJekq7G0hsx3BhTQhfnAegpjwf/1GlTWFHYkjDdR65Wor5UcRlm2 6Awl9kVqhjUMQyfOePxkLXjA3G3MIhjX7d37h5oeWHVnzkbx9+PRXsXId3YVwwPmgJYG MMOdcViwqhvRXHPY56BHioi/8EqLKo3iMPAE1L6MsFpniRTlaEO4rX5ng9EaCSZpyedV /x9qB3dnC6xAnTnQ49DmYnlUg4cSOhq1V3dDkK+7o2p8+CBNlh2VrjmDb9Y2YTwi+IEA IyEw== X-Gm-Message-State: AOAM5336g7u97LeEdWt7qcELcGiBr2fEzeUDgo6QDzr9A9OJDa4GaOYn ixHWprCtCV+7uzIOJ81aPpCf2/39BocuUw== X-Google-Smtp-Source: ABdhPJygjRphPqlrywA2H4aWaVhwoYZmRs7TLvHiz7PUqFa6Un25aUopNAGzJXGlWTByGXN6WvYJhA== X-Received: by 2002:ac8:6059:: with SMTP id k25mr16431252qtm.82.1612208030338; Mon, 01 Feb 2021 11:33:50 -0800 (PST) Received: from [192.168.1.4] ([177.194.48.209]) by smtp.googlemail.com with ESMTPSA id p23sm15439158qtu.4.2021.02.01.11.33.48 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 01 Feb 2021 11:33:49 -0800 (PST) To: GNU C Library , libc-announce@sourceware.org, info-gnu@gnu.org From: Adhemerval Zanella Autocrypt: addr=adhemerval.zanella@linaro.org; prefer-encrypt=mutual; keydata= mQINBFcVGkoBEADiQU2x/cBBmAVf5C2d1xgz6zCnlCefbqaflUBw4hB/bEME40QsrVzWZ5Nq 8kxkEczZzAOKkkvv4pRVLlLn/zDtFXhlcvQRJ3yFMGqzBjofucOrmdYkOGo0uCaoJKPT186L NWp53SACXguFJpnw4ODI64ziInzXQs/rUJqrFoVIlrPDmNv/LUv1OVPKz20ETjgfpg8MNwG6 iMizMefCl+RbtXbIEZ3TE/IaDT/jcOirjv96lBKrc/pAL0h/O71Kwbbp43fimW80GhjiaN2y WGByepnkAVP7FyNarhdDpJhoDmUk9yfwNuIuESaCQtfd3vgKKuo6grcKZ8bHy7IXX1XJj2X/ BgRVhVgMHAnDPFIkXtP+SiarkUaLjGzCz7XkUn4XAGDskBNfbizFqYUQCaL2FdbW3DeZqNIa nSzKAZK7Dm9+0VVSRZXP89w71Y7JUV56xL/PlOE+YKKFdEw+gQjQi0e+DZILAtFjJLoCrkEX w4LluMhYX/X8XP6/C3xW0yOZhvHYyn72sV4yJ1uyc/qz3OY32CRy+bwPzAMAkhdwcORA3JPb kPTlimhQqVgvca8m+MQ/JFZ6D+K7QPyvEv7bQ7M+IzFmTkOCwCJ3xqOD6GjX3aphk8Sr0dq3 4Awlf5xFDAG8dn8Uuutb7naGBd/fEv6t8dfkNyzj6yvc4jpVxwARAQABtElBZGhlbWVydmFs IFphbmVsbGEgTmV0dG8gKExpbmFybyBWUE4gS2V5KSA8YWRoZW1lcnZhbC56YW5lbGxhQGxp bmFyby5vcmc+iQI3BBMBCAAhBQJXFRpKAhsDBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJ EKqx7BSnlIjv0e8P/1YOYoNkvJ+AJcNUaM5a2SA9oAKjSJ/M/EN4Id5Ow41ZJS4lUA0apSXW NjQg3VeVc2RiHab2LIB4MxdJhaWTuzfLkYnBeoy4u6njYcaoSwf3g9dSsvsl3mhtuzm6aXFH /Qsauav77enJh99tI4T+58rp0EuLhDsQbnBic/ukYNv7sQV8dy9KxA54yLnYUFqH6pfH8Lly sTVAMyi5Fg5O5/hVV+Z0Kpr+ZocC1YFJkTsNLAW5EIYSP9ftniqaVsim7MNmodv/zqK0IyDB GLLH1kjhvb5+6ySGlWbMTomt/or/uvMgulz0bRS+LUyOmlfXDdT+t38VPKBBVwFMarNuREU2 69M3a3jdTfScboDd2ck1u7l+QbaGoHZQ8ZNUrzgObltjohiIsazqkgYDQzXIMrD9H19E+8fw kCNUlXxjEgH/Kg8DlpoYJXSJCX0fjMWfXywL6ZXc2xyG/hbl5hvsLNmqDpLpc1CfKcA0BkK+ k8R57fr91mTCppSwwKJYO9T+8J+o4ho/CJnK/jBy1pWKMYJPvvrpdBCWq3MfzVpXYdahRKHI ypk8m4QlRlbOXWJ3TDd/SKNfSSrWgwRSg7XCjSlR7PNzNFXTULLB34sZhjrN6Q8NQZsZnMNs TX8nlGOVrKolnQPjKCLwCyu8PhllU8OwbSMKskcD1PSkG6h3r0AquQINBFcVGkoBEACgAdbR Ck+fsfOVwT8zowMiL3l9a2DP3Eeak23ifdZG+8Avb/SImpv0UMSbRfnw/N81IWwlbjkjbGTu oT37iZHLRwYUFmA8fZX0wNDNKQUUTjN6XalJmvhdz9l71H3WnE0wneEM5ahu5V1L1utUWTyh VUwzX1lwJeV3vyrNgI1kYOaeuNVvq7npNR6t6XxEpqPsNc6O77I12XELic2+36YibyqlTJIQ V1SZEbIy26AbC2zH9WqaKyGyQnr/IPbTJ2Lv0dM3RaXoVf+CeK7gB2B+w1hZummD21c1Laua +VIMPCUQ+EM8W9EtX+0iJXxI+wsztLT6vltQcm+5Q7tY+HFUucizJkAOAz98YFucwKefbkTp eKvCfCwiM1bGatZEFFKIlvJ2QNMQNiUrqJBlW9nZp/k7pbG3oStOjvawD9ZbP9e0fnlWJIsj 6c7pX354Yi7kxIk/6gREidHLLqEb/otuwt1aoMPg97iUgDV5mlNef77lWE8vxmlY0FBWIXuZ yv0XYxf1WF6dRizwFFbxvUZzIJp3spAao7jLsQj1DbD2s5+S1BW09A0mI/1DjB6EhNN+4bDB SJCOv/ReK3tFJXuj/HbyDrOdoMt8aIFbe7YFLEExHpSk+HgN05Lg5TyTro8oW7TSMTk+8a5M kzaH4UGXTTBDP/g5cfL3RFPl79ubXwARAQABiQIfBBgBCAAJBQJXFRpKAhsMAAoJEKqx7BSn lIjvI/8P/jg0jl4Tbvg3B5kT6PxJOXHYu9OoyaHLcay6Cd+ZrOd1VQQCbOcgLFbf4Yr+rE9l mYsY67AUgq2QKmVVbn9pjvGsEaz8UmfDnz5epUhDxC6yRRvY4hreMXZhPZ1pbMa6A0a/WOSt AgFj5V6Z4dXGTM/lNManr0HjXxbUYv2WfbNt3/07Db9T+GZkpUotC6iknsTA4rJi6u2ls0W9 1UIvW4o01vb4nZRCj4rni0g6eWoQCGoVDk/xFfy7ZliR5B+3Z3EWRJcQskip/QAHjbLa3pml xAZ484fVxgeESOoaeC9TiBIp0NfH8akWOI0HpBCiBD5xaCTvR7ujUWMvhsX2n881r/hNlR9g fcE6q00qHSPAEgGr1bnFv74/1vbKtjeXLCcRKk3Ulw0bY1OoDxWQr86T2fZGJ/HIZuVVBf3+ gaYJF92GXFynHnea14nFFuFgOni0Mi1zDxYH/8yGGBXvo14KWd8JOW0NJPaCDFJkdS5hu0VY 7vJwKcyHJGxsCLU+Et0mryX8qZwqibJIzu7kUJQdQDljbRPDFd/xmGUFCQiQAncSilYOcxNU EMVCXPAQTteqkvA+gNqSaK1NM9tY0eQ4iJpo+aoX8HAcn4sZzt2pfUB9vQMTBJ2d4+m/qO6+ cFTAceXmIoFsN8+gFN3i8Is3u12u8xGudcBPvpoy4OoG Subject: The GNU C Library version 2.33 is now available Message-ID: <7d6c163d-1d37-a7fe-e52a-bf4422261b57@linaro.org> Date: Mon, 1 Feb 2021 16:33:47 -0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-7.6 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-Mailman-Approved-At: Mon, 01 Feb 2021 22:24:08 +0000 X-BeenThere: libc-announce@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-announce mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Feb 2021 19:33:53 -0000 The GNU C Library ================= The GNU C Library version 2.33 is now available. The GNU C Library is used as *the* C library in the GNU system and in GNU/Linux systems, as well as many other systems that use Linux as the kernel. The GNU C Library is primarily designed to be a portable and high performance C library. It follows all relevant standards including ISO C11 and POSIX.1-2017. It is also internationalized and has one of the most complete internationalization interfaces known. The GNU C Library webpage is at http://www.gnu.org/software/libc/ Packages for the 2.33 release may be downloaded from: http://ftpmirror.gnu.org/libc/ http://ftp.gnu.org/gnu/libc/ The mirror list is at http://www.gnu.org/order/ftp.html NEWS for version 2.33 ===================== Major new features: * The dynamic linker accepts the --list-tunables argument which prints all the supported tunables. This option is disable if glibc is configured with tunables disabled (--enable-tunables=no). * The dynamic linker accepts the --argv0 argument and provides opportunity to change argv[0] string. * The dynamic linker loads optimized implementations of shared objects from subdirectories under the glibc-hwcaps directory on the library search path if the system's capabilities meet the requirements for that subdirectory. Initially supported subdirectories include "power9" and "power10" for the powerpc64le-linux-gnu architecture, "z13", "z14", "z15" for s390x-linux-gnu, and "x86-64-v2", "x86-64-v3", "x86-64-v4" for x86_64-linux-gnu. In the x86_64-linux-gnu case, the subdirectory names correspond to the vendor-independent x86-64 microarchitecture levels defined in the x86-64 psABI supplement. * The new --help option of the dynamic linker provides usage and information and library search path diagnostics. * The mallinfo2 function is added to report statistics as per mallinfo, but with larger field widths to accurately report values that are larger than fit in an integer. * Add to provide query macros for x86 CPU features. * Support for the RISC-V ISA running on Linux has been expanded to run on 32-bit hardware. This is supported for the following ISA and ABI pairs: - rv32imac ilp32 - rv32imafdc ilp32 - rv32imafdc ilp32d The 32-bit RISC-V port requires at least Linux 5.4, GCC 7.1 and binutils 2.28. * A new fortification level _FORTIFY_SOURCE=3 is available. At this level, glibc may use additional checks that may have an additional performance overhead. At present these checks are available only on LLVM 9 and later. The latest GCC available at this time (10.2) does not support this level of fortification. Deprecated and removed features, and other changes affecting compatibility: * The mallinfo function is marked deprecated. Callers should call mallinfo2 instead. * When dlopen is used in statically linked programs, alternative library implementations from HWCAP subdirectories are no longer loaded. Instead, the default implementation is used. * The deprecated header and the function vtimes have been removed. To support old binaries, the vtimes function continues to exist as a compatibility symbol. Applications should use the getrlimit or prlimit. * Following a change in the tzdata 2018a release upstream, the zdump program is now installed in the /usr/bin subdirectory. Previously, the /usr/sbin subdirectory was used. * On s390(x), the type float_t is now derived from the macro __FLT_EVAL_METHOD__ that is defined by the compiler, instead of being hardcoded to double. This does not affect the ABI of any libraries that are part of the GNU C Library, but may affect the ABI of other libraries that use this type in their interfaces. The new definition improves consistency with compiler behavior in many scenarios. * A future version of glibc will stop loading shared objects from the "tls" subdirectories on the library search path, the subdirectory that corresponds to the AT_PLATFORM system name, and also stop employing the legacy AT_HWCAP search mechanism. Applications should switch to the new glibc-hwcaps mechanism instead; if they do not do that, only the baseline version (directly from the search path directory) will be loaded. Changes to build and runtime requirements: * On Linux, the system administrator needs to configure /dev/pts with the intended access modes for pseudo-terminals. glibc no longer attemps to adjust permissions of terminal devices. The previous glibc defaults ("tty" group, user read/write and group write) already corresponded to what most systems used, so that grantpt did not perform any adjustments. * On Linux, the posix_openpt and getpt functions no longer attempt to use legacy (BSD) pseudo-terminals and assume that if /dev/ptmx exists (and pseudo-terminals are supported), a devpts file system is mounted on /dev/pts. Current systems already meet these requirements. * s390x requires GCC 7.1 or newer. See gcc Bug 98269. Security related changes: CVE-2021-3326: An assertion failure during conversion from the ISO-20220-JP-3 character set using the iconv function has been fixed. This assertion was triggered by certain valid inputs in which the converted output contains a combined sequence of two wide characters crossing a buffer boundary. Reported by Tavis Ormandy. CVE-2020-27618: An infinite loop has been fixed in the iconv program when invoked with input containing redundant shift sequences in the IBM1364, IBM1371, IBM1388, IBM1390, or IBM1399 character sets. CVE-2020-29562: An assertion failure has been fixed in the iconv function when invoked with UCS4 input containing an invalid character. CVE-2019-25013: A buffer overflow has been fixed in the iconv function when invoked with EUC-KR input containing invalid multibyte input sequences. The following bugs are resolved with this release: [10635] libc: realpath portability patches [16124] dynamic-link: ld.so should allow to change argv[0] [17924] malloc: 'free' should not set errno [18683] libc: Linux faccessat implementation can incorrectly ignore AT_EACCESS [22899] libc: Use 64-bit readdir() in generic POSIX getcwd() [23249] libc: Epyc and other current AMD CPUs do not select the "haswell" platform subdirectory [24080] dynamic-link: Definition of "haswell" platform is inconsistent with GCC [24202] libc: m68k setjmp() saves incorrect 'a5' register in --enable- stack-protector=all [24941] libc: Make grantpt usable after multi-threaded fork in more cases [24970] libc: realpath mishandles EOVERFLOW; stat not needed anyway [24973] locale: iconv encounters segmentation fault when converting 0x00 0xfe in EUC-KR to UTF-8 (CVE-2019-25013) [25399] string: undefined reference to `__warn_memset_zero_len' when changing gnuc version [25859] libc: glibc parser for /sys/devices/system/cpu/online is incorrect [25938] dynamic-link: ld.so.cache should store meaning of hwcap mask bits [25971] libc: s390 bits/hwcap.h out of sync with kernel [26053] libc: unlockpt fails with ENOTTY for non-ptmx descriptors [26100] libc: Race in syslog(3) with regards to tag printing. [26124] libc: Export [26130] nscd: Inconsistent nscd cache during pruning [26203] libc: GLRO(dl_x86_cpu_features) may not be intialized [26224] locale: iconv hangs when converting some invalid inputs from several IBM character sets (CVE-2020-27618) [26341] libc: realpath cyclically call __alloca(path_max) to consume too much stack space [26343] manual: invalid documented return type for strerrorname_np(), strerrordesc_np(), sigdescr_np(), sigabbrev_np() [26376] libc: Namespace violation in stdio.h and sys/stat.h if build with optimization. [26383] locale: bind_textdomain_codeset doesn't accept //TRANSLIT anymore [26394] time: [2.33 Regression] FAIL: nptl/tst-join14 [26534] math: libm.so 2.32 SIGILL in pow() due to FMA4 instruction on non-FMA4 system [26552] dynamic-link: CPU_FEATURE_USABLE_P should be more conservative [26553] libc: mtx_init allows type set to "mtx_recursive" only [26555] string: strerrorname_np does not return the documented value [26592] libc: pointer arithmetic overflows in realpath [26600] network: Transaction ID collisions cause slow DNS lookups in getaddrinfo [26606] libc: [2.33 Regression] pselect is broken on x32 [26615] libc: powerpc: libc segfaults when LD_PRELOADed with libgcc [26620] glob: fnmatch with collating symbols results in segmentation fault [26625] libc: [2.33 Regression] CET is disabled [26636] libc: 32-bit shmctl(IPC_INFO) crashes when shminfo struct is at the end of a memory mapping [26637] libc: semctl SEM_STAT_ANY fails to pass the buffer specified by the caller to the kernel [26639] libc: msgctl IPC_INFO and MSG_INFO return garbage [26647] build: [-Werror=array-parameter=] due to different declarations for __sigsetjmp [26648] libc: mkstemp is likely to fail on systems with non-stricly- monotonic clocks [26649] stdio: printf should handle non-normal x86 long double numbers gracefully (CVE-2020-29573) [26686] build: -Warray-parameter instances building with GCC 11 [26687] build: -Warray-bounds instances building with GCC 11 [26690] stdio: Aliasing violation in __vfscanf_internal [26691] nptl: Use a minimum guard size of 64 KiB on aarch64 [26726] build: GCC warning calling new_composite_name with an array of one element [26736] libc: FAIL: misc/tst-sysvshm-linux [26737] libc: Random FAIL: rt/tst-shm [26791] libc: Missing O_CLOEXEC in sysconf.c [26798] dynamic-link: aarch64: variant PCS symbols may be incorrectly lazy bound [26801] nptl: pthread_mutex_clocklock with CLOCK_MONOTONIC can fail on PI mutexes [26818] string: aarch64: string tests may run ifunc variants that are not safe [26821] libc: Memory leak test failures on Fedora 33 [26824] libc: FAIL: elf/tst-cpu-features-supports with recent trunk: FSGSBASE/LM/RDRAND check failure [26833] time: adjtime() with delta == NULL segfaults on armv7 32bit platform [26853] libc: aarch64: Missing unwind information in statically linked startup code [26923] locale: Assertion failure in iconv when converting invalid UCS4 (CVE-2020-29562) [26926] dynamic-link: aarch64: library dependencies are not bti protected [26932] libc: sh: Multiple floating point functions defined as stubs only since 2.31 [26964] nptl: pthread_mutex_timedlock returning EAGAIN after futex is locked [26988] dynamic-link: aarch64: BTI mprotect address is not page aligned [27002] build: libc_freeres_fn build failure with GCC 11 [27004] dynamic-link: ld.so is miscompiled by GCC 11 [27008] dynamic-link: ld.so.cache should have endianness markup [27042] libc: [alpha] anonymous union in struct stat confuses detection logic [27053] libc: Conformance regression in system(3) (and probably also pclose(3)) [27072] dynamic-link: static pie ifunc resolvers run before hwcap is setup [27077] network: Do not reload /etc/nsswitch.conf from chroot [27083] libc: Unsafe unbounded alloca in addmntent [27104] dynamic-link: The COMMON_CPUID_INDEX_MAX handshake does not work [27130] string: "rep movsb" performance issue [27150] libc: alpha: wait4() is unavailable in static linking [27177] dynamic-link: GLIBC_TUNABLES=glibc.cpu.x86_ibt=on:glibc.cpu.x86_shstk=on doesn't work [27222] dynamic-link: Incorrect sysdeps/x86/tst-cpu-features-cpuinfo.c [27237] malloc: deadlock in malloc/tst-malloc-stats-cancellation [27256] locale: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters (CVE-2021-3326) Release Notes ============= https://sourceware.org/glibc/wiki/Release/2.33 Contributors ============ This release was made possible by the contributions of many people. The maintainers are grateful to everyone who has contributed changes or bug reports. These include: Adhemerval Zanella Alexandra Hájková Alistair Francis Andreas Schwab Anssi Hannula Arjun Shankar Benno Schulenberg Carlos O'Donell Chen Li Cooper Qu Corinna Vinschen DJ Delorie Dmitry V. Levin Fangrui Song Florian Weimer Guillaume Gardet H.J. Lu Jakub Jelinek Jangwoong Kim Jeremie Koenig Jim Wilson John David Anglin John McCabe Jonathan Wakely Jonny Grant Joseph Myers Lode Willems Lucas A. M. Magalhaes Lukasz Majewski Maciej W. Rozycki Mao Han Marc Aurèle La France Marius Hillenbrand Mark Wielaard Martin Liska Martin Sebor Matheus Castanho Matt Turner Maximilian Krüger Michael Colavita Ondřej Hošek Patrick McGehearty Patsy Griffin Paul E. Murphy Paul Eggert Paul Zimmermann Prasanth R Raoni Fassina Firmino Raphael M Zinsly Raphael Moreira Zinsly Richard Braun Richard Earnshaw Rolf Eike Beer Sajan Karumanchi Samuel Thibault Sergei Trofimovich Shuo Wang Siddhesh Poyarekar Stafford Horne Stefan Liebler Szabolcs Nagy Thorsten Kukuk Tulio Magno Quites Machado Filho Vincent Chen Vincent Mihalkovic Vineet Gupta W. Hashimoto Wilco Dijkstra Xiaoming Ni Zong Li liqingqing Érico Rolim