|tag name||glibc-2.19 (62acb0ba856abf4a2a173e4b49c28749af7bd572)|
|tag date||2014-02-07 19:12:54 +1000|
|tagged by||Allan McRae <firstname.lastname@example.org>|
|tagged object||commit 9a869d8220...|
The GNU C Library
The GNU C Library version 2.19 is now available.
The GNU C Library is used as *the* C library in the GNU systems
and most systems with the Linux kernel.
The GNU C Library is primarily designed to be a portable
and high performance C library. It follows all relevant
standards including ISO C11 and POSIX.1-2008. It is also
internationalized and has one of the most complete
internationalization interfaces known.
The GNU C Library webpage is at http://www.gnu.org/software/libc/
Packages for the 2.19 release may be downloaded from:
The mirror list is at http://www.gnu.org/order/ftp.html
NEWS for version 2.19
* The following bugs are resolved with this release:
156, 387, 431, 762, 832, 926, 2801, 4772, 6786, 6787, 6807, 6810, 6981,
7003, 9721, 9954, 10253, 10278, 11087, 11157, 11214, 12100, 12486, 12751,
12986, 13028, 13982, 13985, 14029, 14032, 14120, 14143, 14155, 14286,
14547, 14699, 14752, 14782, 14876, 14910, 15004, 15048, 15073, 15089,
15128, 15218, 15268, 15277, 15308, 15362, 15374, 15400, 15425, 15427,
15483, 15522, 15531, 15532, 15593, 15601, 15608, 15609, 15610, 15632,
15640, 15670, 15672, 15680, 15681, 15723, 15734, 15735, 15736, 15748,
15749, 15754, 15760, 15763, 15764, 15797, 15799, 15825, 15843, 15844,
15846, 15847, 15849, 15850, 15855, 15856, 15857, 15859, 15867, 15886,
15887, 15890, 15892, 15893, 15895, 15897, 15901, 15905, 15909, 15915,
15917, 15919, 15921, 15923, 15939, 15941, 15948, 15963, 15966, 15968,
15985, 15988, 15997, 16032, 16034, 16036, 16037, 16038, 16041, 16046,
16055, 16071, 16072, 16074, 16077, 16078, 16103, 16112, 16143, 16144,
16146, 16150, 16151, 16153, 16167, 16169, 16172, 16195, 16214, 16245,
16271, 16274, 16283, 16289, 16293, 16314, 16316, 16330, 16337, 16338,
16356, 16365, 16366, 16369, 16372, 16375, 16379, 16384, 16385, 16386,
16387, 16390, 16394, 16398, 16400, 16407, 16408, 16414, 16430, 16431,
16453, 16474, 16506, 16510, 16529
* Slovenian translations for glibc messages have been contributed by the
Translation Project's Slovenian team of translators.
* The public headers no longer use __unused nor __block. This change is to
support compiling programs that are derived from BSD sources and use
__unused internally, and to support compiling with Clang's -fblock
extension which uses __block.
* CVE-2012-4412 The strcoll implementation caches indices and rules for
large collation sequences to optimize multiple passes. This cache
computation may overflow for large collation sequences and may cause a
stack or buffer overflow. This is now fixed to use a slower algorithm
which does not use a cache if there is an integer overflow.
* CVE-2012-4424 The strcoll implementation uses malloc to cache indices and
rules for large collation sequences to optimize multiple passes and falls
back to alloca if malloc fails, resulting in a possible stack overflow.
The implementation now falls back to an uncached collation sequence lookup
if malloc fails.
* CVE-2013-4788 The pointer guard used for pointer mangling was not
initialized for static applications resulting in the security feature
being disabled. The pointer guard is now correctly initialized to a
random value for static applications. Existing static applications need
to be recompiled to take advantage of the fix (bug 15754).
* CVE-2013-4237 The readdir_r function could write more than NAME_MAX bytes
to the d_name member of struct dirent, or omit the terminating NUL
character. (Bugzilla #14699).
* CVE-2013-4332 The pvalloc, valloc, memalign, posix_memalign and
aligned_alloc functions could allocate too few bytes or corrupt the
heap when passed very large allocation size values (Bugzilla #15855,
* CVE-2013-4458 Stack overflow in getaddrinfo with large number of results
for AF_INET6 has been fixed (Bugzilla #16072).
* New locales: ak_GH, anp_IN, ar_SS, cmn_TW, hak_TW, lzh_TW, nan_TW, pap_AW,
pap_CW, quz_PE, the_NP.
* Substantially revised locales: gd_GB, ht_HT
* The LC_ADDRESS field was updated to support country_car for almost all
* ISO 1427 definitions were updated.
* ISO 3166 definitions were updated.
* The localedef utility now supports --big-endian and --little-endian
command-line options to generate locales for a different system from that
for which the C library was built.
* Binary locale files now only depend on the endianness of the system for
which they are generated and not on other properties of that system. As a
consequence, binary files generated with new localedef may be incompatible
with old versions of the GNU C Library, and binary files generated with
old localedef may be incompatible with this version of the GNU C Library,
in the following circumstances:
+ Locale files may be incompatible on m68k systems.
+ Locale archive files (but not separate files for individual locales) may
be incompatible on systems where plain "char" is signed.
* The configure option --disable-versioning has been removed. Builds with
--disable-versioning had not worked for several years.
* ISO 639 definitions were updated for Chiga (cgg) and Chinese (gan, hak, czh,
cjy, lzh, cmn, mnp, cdo, czo, cpx, wuu, hsn, yue).
* SystemTap probes for malloc have been introduced.
* SystemTap probes for slow multiple precision fallback paths of
transcendental functions have been introduced.
* Support for powerpc64le has been added.
* The soft-float powerpc port now supports e500 processors.
* Support for STT_GNU_IFUNC symbols added for ppc32/power4+ and ppc64.
* A new feature test macro _DEFAULT_SOURCE is available to enable the same
set of header declarations that are enabled by default, even when other
feature test macros or compiler options such as -std=c99 would otherwise
disable some of those declarations.
* The _BSD_SOURCE feature test macro no longer enables BSD interfaces that
conflict with POSIX. The libbsd-compat library (which was a dummy library
that did nothing) has also been removed.
* Preliminary documentation about Multi-Thread, Async-Signal and
Async-Cancel Safety has been added.
This release was made possible by the contributions of many people.
The maintainers are grateful to everyone who has contributed
changes or bug reports. These include:
Arun Kumar Pyasi
David S. Miller
Fernando J. V. da Silva
Maciej W. Rozycki
Patrick 'P. J.' McDermott
Ryan S. Arnold
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
-----END PGP SIGNATURE-----