This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
The GNU C Library version 2.19 is now available
- From: Allan McRae <allan at archlinux dot org>
- To: libc-alpha <libc-alpha at sourceware dot org>, libc-announce at sourceware dot org, info-gnu at gnu dot org
- Date: Sat, 08 Feb 2014 07:58:20 +1000
- Subject: The GNU C Library version 2.19 is now available
- Authentication-results: sourceware.org; auth=none
The GNU C Library
=================
The GNU C Library version 2.19 is now available.
The GNU C Library is used as *the* C library in the GNU systems
and most systems with the Linux kernel.
The GNU C Library is primarily designed to be a portable
and high performance C library. It follows all relevant
standards including ISO C11 and POSIX.1-2008. It is also
internationalized and has one of the most complete
internationalization interfaces known.
The GNU C Library webpage is at http://www.gnu.org/software/libc/
Packages for the 2.19 release may be downloaded from:
http://ftpmirror.gnu.org/libc/
http://ftp.gnu.org/gnu/libc/
The mirror list is at http://www.gnu.org/order/ftp.html
NEWS for version 2.19
=====================
* The following bugs are resolved with this release:
156, 387, 431, 762, 832, 926, 2801, 4772, 6786, 6787, 6807, 6810, 6981,
7003, 9721, 9954, 10253, 10278, 11087, 11157, 11214, 12100, 12486, 12751,
12986, 13028, 13982, 13985, 14029, 14032, 14120, 14143, 14155, 14286,
14547, 14699, 14752, 14782, 14876, 14910, 15004, 15048, 15073, 15089,
15128, 15218, 15268, 15277, 15308, 15362, 15374, 15400, 15425, 15427,
15483, 15522, 15531, 15532, 15593, 15601, 15608, 15609, 15610, 15632,
15640, 15670, 15672, 15680, 15681, 15723, 15734, 15735, 15736, 15748,
15749, 15754, 15760, 15763, 15764, 15797, 15799, 15825, 15843, 15844,
15846, 15847, 15849, 15850, 15855, 15856, 15857, 15859, 15867, 15886,
15887, 15890, 15892, 15893, 15895, 15897, 15901, 15905, 15909, 15915,
15917, 15919, 15921, 15923, 15939, 15941, 15948, 15963, 15966, 15968,
15985, 15988, 15997, 16032, 16034, 16036, 16037, 16038, 16041, 16046,
16055, 16071, 16072, 16074, 16077, 16078, 16103, 16112, 16143, 16144,
16146, 16150, 16151, 16153, 16167, 16169, 16172, 16195, 16214, 16245,
16271, 16274, 16283, 16289, 16293, 16314, 16316, 16330, 16337, 16338,
16356, 16365, 16366, 16369, 16372, 16375, 16379, 16384, 16385, 16386,
16387, 16390, 16394, 16398, 16400, 16407, 16408, 16414, 16430, 16431,
16453, 16474, 16506, 16510, 16529
* Slovenian translations for glibc messages have been contributed by the
Translation Project's Slovenian team of translators.
* The public headers no longer use __unused nor __block. This change is to
support compiling programs that are derived from BSD sources and use
__unused internally, and to support compiling with Clang's -fblock
extension which uses __block.
* CVE-2012-4412 The strcoll implementation caches indices and rules for
large collation sequences to optimize multiple passes. This cache
computation may overflow for large collation sequences and may cause a
stack or buffer overflow. This is now fixed to use a slower algorithm
which does not use a cache if there is an integer overflow.
* CVE-2012-4424 The strcoll implementation uses malloc to cache indices and
rules for large collation sequences to optimize multiple passes and falls
back to alloca if malloc fails, resulting in a possible stack overflow.
The implementation now falls back to an uncached collation sequence lookup
if malloc fails.
* CVE-2013-4788 The pointer guard used for pointer mangling was not
initialized for static applications resulting in the security feature
being disabled. The pointer guard is now correctly initialized to a
random value for static applications. Existing static applications need
to be recompiled to take advantage of the fix (bug 15754).
* CVE-2013-4237 The readdir_r function could write more than NAME_MAX bytes
to the d_name member of struct dirent, or omit the terminating NUL
character. (Bugzilla #14699).
* CVE-2013-4332 The pvalloc, valloc, memalign, posix_memalign and
aligned_alloc functions could allocate too few bytes or corrupt the
heap when passed very large allocation size values (Bugzilla #15855,
#15856, #15857).
* CVE-2013-4458 Stack overflow in getaddrinfo with large number of results
for AF_INET6 has been fixed (Bugzilla #16072).
* New locales: ak_GH, anp_IN, ar_SS, cmn_TW, hak_TW, lzh_TW, nan_TW, pap_AW,
pap_CW, quz_PE, the_NP.
* Substantially revised locales: gd_GB, ht_HT
* The LC_ADDRESS field was updated to support country_car for almost all
supported locales.
* ISO 1427 definitions were updated.
* ISO 3166 definitions were updated.
* The localedef utility now supports --big-endian and --little-endian
command-line options to generate locales for a different system from that
for which the C library was built.
* Binary locale files now only depend on the endianness of the system for
which they are generated and not on other properties of that system. As a
consequence, binary files generated with new localedef may be incompatible
with old versions of the GNU C Library, and binary files generated with
old localedef may be incompatible with this version of the GNU C Library,
in the following circumstances:
+ Locale files may be incompatible on m68k systems.
+ Locale archive files (but not separate files for individual locales) may
be incompatible on systems where plain "char" is signed.
* The configure option --disable-versioning has been removed. Builds with
--disable-versioning had not worked for several years.
* ISO 639 definitions were updated for Chiga (cgg) and Chinese (gan,
hak, czh,
cjy, lzh, cmn, mnp, cdo, czo, cpx, wuu, hsn, yue).
* SystemTap probes for malloc have been introduced.
* SystemTap probes for slow multiple precision fallback paths of
transcendental functions have been introduced.
* Support for powerpc64le has been added.
* The soft-float powerpc port now supports e500 processors.
* Support for STT_GNU_IFUNC symbols added for ppc32/power4+ and ppc64.
* A new feature test macro _DEFAULT_SOURCE is available to enable the same
set of header declarations that are enabled by default, even when other
feature test macros or compiler options such as -std=c99 would otherwise
disable some of those declarations.
* The _BSD_SOURCE feature test macro no longer enables BSD interfaces that
conflict with POSIX. The libbsd-compat library (which was a dummy library
that did nothing) has also been removed.
* Preliminary documentation about Multi-Thread, Async-Signal and
Async-Cancel Safety has been added.
Contributors
============
This release was made possible by the contributions of many people.
The maintainers are grateful to everyone who has contributed
changes or bug reports. These include:
Adam Buchbinder
Adam Conrad
Adhemerval Zanella
Alan Modra
Alexandre Oliva
Allan McRae
Andreas Arnez
Andreas Jaeger
Andreas Krebbel
Andreas Schwab
Andrew Hunter
Andrew Pinski
Anton Blanchard
Arun Kumar Pyasi
Aurelien Jarno
Brooks Moses
Bruno Haible
Carlos O'Donell
Chris Leonard
Chris Metcalf
Chung-Lin Tang
David Holsgrove
David S. Miller
Eric Biggers
Eric Blake
Eric Wong
Fabrice Bauzac
Fernando J. V. da Silva
Florian Weimer
Guy Martin
H.J. Lu
Jan Kratochvil
Jia Liu
Joseph Myers
Kaz Kojima
Liubov Dmitrieva
Maciej W. Rozycki
Marc-Antoine Perennou
Marcus Shawcroft
Marko Myllynen
Markus Trippelsdorf
Maxim Kuvyrkov
Meador Inge
Michael Bauer
Michael Stahl
Mike Frysinger
Olivier Langlois
OndÅej BÃlka
Patrick 'P. J.' McDermott
Paul Eggert
Paul Pluzhnikov
Pavel Simerda
Petr Machata
Rajalakshmi Srinivasaraghavan
Reuben Thomas
Richard Henderson
Richard Sandiford
Roland McGrath
Ryan S. Arnold
Sami Kerola
Samuel Thibault
Siddhesh Poyarekar
Stefan Liebler
Steve Ellcey
Thomas Schwinge
Toke HÃiland-JÃrgensen
Tom Tromey
Torvald Riegel
Ulrich Weigand
Uros Bizjak
Venkataramanan Kumar
Ville Skytta
Vinitha Vijayan
Wei-Lun Chao
Will Newton
Yogesh Chaudhari
Yuri Chornoivan
Yuriy Kaminskiy