Update NEWS.

Suggestions by Florian Weimer, Andreas Schwab, and Alexander Monakov. See: https://sourceware.org/pipermail/libc-alpha/2021-July/129356.html https://sourceware.org/pipermail/libc-alpha/2021-July/129357.html https://sourceware.org/pipermail/libc-alpha/2021-July/129361.html
2024-11-21 12:30:06 +00:00 · 2021-07-31 23:39:07 -04:00 · 2021-07-31 23:39:07 -04:00 · 2e2c08aa4d
commit 2e2c08aa4d
parent cfdaa29f66
1 changed files with 172 additions and 4 deletions
--- a/176
+++ b/176
@ -9,14 +9,32 @@ Version 2.34

 Major new features:

+* In order to support smoother in-place-upgrades and to simplify
+  the implementation of the runtime all functionality formerly
+  implemented in the libraries libpthread, libdl, libutil, libanl has
+  been integrated into libc.  New applications do not need to link with
+  -lpthread, -ldl, -lutil, -lanl anymore.  For backwards compatibility,
+  empty static archives libpthread.a, libdl.a, libutil.a, libanl.a are
+  provided, so that the linker options keep working.  Applications which
+  have been linked against glibc 2.33 or earlier continue to load the
+  corresponding shared objects (which are now empty).  The integration
+  of those libraries into libc means that additional symbols become
+  available by default.  This can cause applications that contain weak
+  references to take unexpected code paths that would only have been
+  used in previous glibc versions when e.g. preloading libpthread.so.0,
+  potentially exposing application bugs.
+
 * When _DYNAMIC_STACK_SIZE_SOURCE or _GNU_SOURCE are defined,
  PTHREAD_STACK_MIN is no longer constant and is redefined to
-  sysconf(_SC_THREAD_STACK_MIN).
+  sysconf(_SC_THREAD_STACK_MIN).  This supports dynamic sized register
+  sets for modern architectural features like Arm SVE.

 * Add _SC_MINSIGSTKSZ and _SC_SIGSTKSZ.  When _DYNAMIC_STACK_SIZE_SOURCE
  or _GNU_SOURCE are defined, MINSIGSTKSZ and SIGSTKSZ are no longer
  constant on Linux.  MINSIGSTKSZ is redefined to sysconf(_SC_MINSIGSTKSZ)
-  and SIGSTKSZ is redefined to sysconf (_SC_SIGSTKSZ).
+  and SIGSTKSZ is redefined to sysconf (_SC_SIGSTKSZ).  This supports
+  dynamic sized register sets for modern architectural features like
+  Arm SVE.

 * The dynamic linker implements the --list-diagnostics option, printing
  a dump of information related to IFUNC resolver operation and
@ -108,6 +126,15 @@ Deprecated and removed features, and other changes affecting compatibility:
  ns_format_ttl, ns_makecanon, ns_parse_ttl, ns_samedomain, ns_samename,
  ns_sprintrr, ns_sprintrrf, ns_subdomain have been deprecated.

+* Various symbols previously defined in libresolv have been moved to libc
+  in order to prepare for libresolv moving entirely into libc (see earlier
+  entry for merging libraries into libc).  The symbols __dn_comp,
+  __dn_expand, __dn_skipname, __res_dnok, __res_hnok, __res_mailok,
+  __res_mkquery, __res_nmkquery, __res_nquery, __res_nquerydomain,
+  __res_nsearch, __res_nsend, __res_ownok, __res_query, __res_querydomain,
+  __res_search, __res_send formerly in libresolv have been renamed and no
+  longer have a __ prefix.  They are now available in libc.
+
 * The pthread cancellation handler is now installed with SA_RESTART and
  pthread_cancel will always send the internal SIGCANCEL on a cancellation
  request.  It should not be visible to applications since the cancellation
@ -172,10 +199,151 @@ Security related changes:
  issue when using a notification type of SIGEV_THREAD and a thread
  attribute with a non-default affinity mask.

+  CVE-2021-35942: The wordexp function may overflow the positional
+  parameter number when processing the expansion resulting in a crash.
+  Reported by Philippe Antoine.
+
 The following bugs are resolved with this release:

-  [The release manager will add the list generated by
-  scripts/list-fixed-bugs.py just before the release.]
+  [4737] libc: fork is not async-signal-safe
+  [5781] math: Slow dbl-64 sin/cos/sincos for special values
+  [10353] libc: Methods for deleting all file descriptors greater than
+    given integer (closefrom)
+  [14185] glob: fnmatch() fails when '*' wildcard is applied on the file
+    name containing multi-byte character(s)
+  [14469] math: Inaccurate j0f function
+  [14470] math: Inaccurate j1f function
+  [14471] math: Inaccurate y0f function
+  [14472] math: Inaccurate y1f function
+  [14744] nptl: kill -32 $pid or kill -33 $pid on a process cancels a
+    random thread
+  [15271] dynamic-link: dlmopen()ed shared library with LM_ID_NEWLM
+    crashes if it fails dlsym() twice
+  [15648] nptl: multiple definition of `__lll_lock_wait_private'
+  [16063] nptl: Provide a pthread_once variant in libc directly
+  [17144] libc: syslog is not thread-safe if NO_SIGPIPE is not defined
+  [17145] libc: syslog with LOG_CONS leaks console file descriptor
+  [17183] manual: description of ENTRY struct in <search.h> in glibc
+    manual is incorrect
+  [18435] nptl: pthread_once hangs when init routine throws an exception
+  [18524] nptl: Missing calloc error checking in
+    __cxa_thread_atexit_impl
+  [19329] dynamic-link: dl-tls.c assert failure at concurrent
+    pthread_create and dlopen
+  [19366] nptl: returning from a thread should disable cancellation
+  [19511] nptl: 8MB memory leak in pthread_create in case of failure
+    when non-root user changes priority
+  [20802] dynamic-link: getauxval NULL pointer dereference after static
+    dlopen
+  [20813] nptl: pthread_exit is inconsistent between libc and libpthread
+  [22057] malloc: malloc_usable_size is broken with mcheck
+  [22668] locale: LC_COLLATE: the last character of ellipsis is not
+    ordered correctly
+  [23323] libc: [RFE] CSU startup hardening.
+  [23328] malloc: Remove malloc hooks and ensure related APIs return no
+    data.
+  [23462] dynamic-link: Static binary with dynamic string tokens ($LIB,
+    $PLATFORM, $ORIGIN) crashes
+  [23489] libc: "gcc -lmcheck" aborts on free when using posix_memalign
+  [23554] nptl: pthread_getattr_np reports wrong stack size with
+    MULTI_PAGE_ALIASING
+  [24106] libc: Bash interpreter in ldd script is taken from host
+  [24773] dynamic-link: dlerror in an secondary namespace does not use
+    the right free implementation
+  [25036] localedata: Update collation order for Swedish
+  [25383] libc: where_is_shmfs/__shm_directory/SHM_GET_NAME may cause
+    shm_open to pick wrong directory
+  [25680] dynamic-link: ifuncmain9picstatic and ifuncmain9picstatic
+    crash in IFUNC resolver due to stack canary (--enable-stack-
+    protector=all)
+  [26874] build: -Warray-bounds in _IO_wdefault_doallocate
+  [26983] math: [x86_64] x86_64 tgamma has too large ULP error
+  [27111] dynamic-link: pthread_create and tls access use link_map
+    objects that may be concurrently freed by dlclose
+  [27132] malloc: memusagestat is linked to system librt, leading to
+    undefined symbols on major version upgrade
+  [27136] dynamic-link: dtv setup at thread creation may leave an entry
+    uninitialized
+  [27249] libc: libSegFault.so does not output signal number properly
+  [27304] nptl: pthread_cond_destroy does not pass private flag to futex
+    system calls
+  [27318] dynamic-link: glibc fails to load binaries when built with
+    -march=sandybridge:  CPU ISA level is lower than required
+  [27343] nss: initgroups() SIGSEGVs when called on a system without
+    nsswich.conf (in a chroot)
+  [27346] dynamic-link: x86: PTWRITE feature check is missing
+  [27389] network: NSS chroot hardening causes regressions in chroot
+    deployments
+  [27403] dynamic-link: aarch64: tlsdesc htab is not freed on dlclose
+  [27444] libc: sysconf reports unsupported option (-1) for
+    _SC_LEVEL1_ICACHE_LINESIZE on X86 since v2.33
+  [27462] nscd: double-free in nscd (CVE-2021-27645)
+  [27468] malloc: aarch64: realloc crash with heap tagging: FAIL:
+    malloc/tst-malloc-thread-fail
+  [27498] dynamic-link: __dl_iterate_phdr lacks unwinding information
+  [27511] libc: S390 memmove assumes Vector Facility when MIE Facility 3
+    is present
+  [27522] glob: glob, glob64 incorrectly marked as __THROW
+  [27555] dynamic-link: Static tests fail with --enable-stack-
+    protector=all
+  [27559] libc: fstat(AT_FDCWD) succeeds (it shouldn't) and returns
+    information for the current directory
+  [27577] dynamic-link: elf/ld.so --help doesn't work
+  [27605] libc: tunables can't control xsave/xsavec selection in
+    dl_runtime_resolve_*
+  [27623] libc: powerpc: Missing registers in sc[v] clobbers list
+  [27645] libc: [linux] sysconf(_SC_NPROCESSOR...) breaks down on
+    containers
+  [27646] dynamic-link: Linker error for non-existing NSS symbols (e.g.
+    _nss_files_getcanonname_r) from within a dlmopen namespace.
+  [27648] libc: FAIL: misc/tst-select
+  [27650] stdio: vfscanf returns too early if a match is longer than
+    INT_MAX
+  [27651] libc: Performance regression after updating to 2.33
+  [27655] string: Wrong size calculation in string/test-strnlen.c
+  [27706] libc: select fails to update timeout on error
+  [27709] libc: arm: FAIL: debug/tst-longjmp_chk2
+  [27721] dynamic-link: x86: ld_audit ignores bind now for TLSDESC and
+    tries resolving them lazily
+  [27744] nptl: Support different libpthread/ld.so load orders in
+    libthread_db
+  [27749] libc: Data race __run_exit_handlers
+  [27761] libc: getconf: Segmentation fault when passing '-vq' as
+    argument
+  [27832] nss: makedb.c:797:7: error: 'writev' specified size 4294967295
+    exceeds maximum object size 2147483647
+  [27870] malloc: MALLOC_CHECK_ causes realloc(valid_ptr, TOO_LARGE) to
+    not set ENOMEM
+  [27872] build: Obsolete configure option --enable-stackguard-
+    randomization
+  [27873] build: tst-cpu-features-cpuinfo fail when building on AMD cpu
+  [27882] localedata: Use U+00AF MACRON in more EBCDIC charsets
+  [27892] libc: powerpc: scv ABI error handling fails to check
+    IS_ERR_VALUE
+  [27896] nptl: mq_notify does not handle separately allocated thread
+    attributes (CVE-2021-33574)
+  [27901] libc: TEST_STACK_ALIGN doesn't work
+  [27902] libc: The x86-64 clone wrapper fails to align child stack
+  [27914] nptl: Install SIGSETXID handler with SA_ONSTACK
+  [27939] libc: aarch64: clone does not align the stack
+  [27968] libc: s390x: clone does not align the stack
+  [28011] libc: Wild read in wordexp (parse_param) (CVE-2021-35942)
+  [28024] string: s390(31bit): Wrong result of memchr (MEMCHR_Z900_G5)
+    with n >= 0x80000000
+  [28028] malloc: malloc: tcache shutdown sequence does not work if the
+    thread never allocated anything
+  [28033] libc: Need to check RTM_ALWAYS_ABORT for RTM
+  [28064] string: x86_64:wcslen implementation list has wcsnlen
+  [28067] libc: FAIL: posix/tst-spawn5
+  [28068] malloc: FAIL: malloc/tst-mallocalign1-mcheck
+  [28071] time: clock_gettime, gettimeofday, time lost vDSO acceleration
+    on older kernels
+  [28075] nis: Out-of-bounds static buffer read in nis_local_domain
+  [28089] build: tst-tls20 fails when linker defaults to --as-needed
+  [28090] build: elf/tst-cpu-features-cpuinfo-static fails on certain
+    AMD64 cpus
+  [28091] network: ns_name_skip may return 0 for domain names without
+    terminator


 Version 2.33