The GNU C Library version 2.38 is now available
Andreas K. Huettel
dilfridge@gentoo.org
Mon Jul 31 21:41:12 GMT 2023
The GNU C Library
=================
The GNU C Library version 2.38 is now available.
The GNU C Library is used as *the* C library in the GNU system and
in GNU/Linux systems, as well as many other systems that use Linux
as the kernel.
The GNU C Library is primarily designed to be a portable
and high performance C library. It follows all relevant
standards including ISO C11 and POSIX.1-2017. It is also
internationalized and has one of the most complete
internationalization interfaces known.
The GNU C Library webpage is at http://www.gnu.org/software/libc/
Packages for the 2.38 release may be downloaded from:
http://ftpmirror.gnu.org/libc/
http://ftp.gnu.org/gnu/libc/
The mirror list is at http://www.gnu.org/order/ftp.html
Distributions are encouraged to track the release/* branches
corresponding to the releases they are using. The release
branches will be updated with conservative bug fixes and new
features while retaining backwards compatibility.
NEWS for version 2.38
=====================
Major new features:
* When C2X features are enabled and the base argument is 0 or 2, the
following functions support binary integers prefixed by 0b or 0B as
input: strtol, strtoll, strtoul, strtoull, strtol_l, strtoll_l,
strtoul_l, strtoull_l, strtoimax, strtoumax, strtoq, strtouq, wcstol,
wcstoll, wcstoul, wcstoull, wcstol_l, wcstoll_l, wcstoul_l,
wcstoull_l, wcstoimax, wcstoumax, wcstoq, wcstouq. Similarly, the
following functions support binary integers prefixed by 0b or 0B as
input to the %i format: fscanf, scanf, sscanf, vscanf, vsscanf,
vfscanf, fwscanf, wscanf, swscanf, vfwscanf, vwscanf, vswscanf; those
functions also support the %b format for binary integers, with or
without such a prefix and independent of standards mode.
* PRIb*, PRIB* and SCNb* macros from C2X have been added to
<inttypes.h>.
* printf-family functions now support the wN format length modifiers for
arguments of type intN_t, int_leastN_t, uintN_t or uint_leastN_t (for
example, %w32d to print int32_t or int_least32_t in decimal, or %w32x
to print uint32_t or uint_least32_t in hexadecimal) and the wfN format
length modifiers for arguments of type int_fastN_t or uint_fastN_t, as
specified in draft ISO C2X.
* A new tunable, glibc.pthread.stack_hugetlb, can be used to disable
Transparent Huge Pages (THP) in stack allocation at pthread_create.
* Support for x86_64 running on Hurd has been added. This port requires
as least binutils 2.40 and GCC 13:
- x86_64-gnu
* Vector math library libmvec support has been added to AArch64. It
requires GCC version >= 10.1.0. It can be disabled via
"--disable-mathvec", however that is not a supported configuration as
it changes the ABI. The symbol names follow the AArch64 vector ABI,
they are declared in math.h and have to be called manually at this point.
* The strlcpy and strlcat functions have been added. They are derived
from OpenBSD, and are expected to be added to a future POSIX version.
* A new configure option, "--enable-fortify-source", can be used to build the
GNU C Library with _FORTIFY_SOURCE. The level of fortification can either be
provided, or is set to the highest value supported by the compiler. If not
explicitly enabled, then fortify source is forcibly disabled so to keep
original behavior unchanged.
Deprecated and removed features, and other changes affecting compatibility:
* libcrypt is no longer built by default; one may use the "--enable-crypt"
option to build libcrypt. libcrypt is likely to be removed from the
GNU C Library in a future release, so it is recommended that
applications port away from it to an alternative such as libxcrypt.
* In the Linux kernel for the hppa/parisc architecture some of the
MADV_XXX constants were changed to have the same values as the other
architectures. New programs compiled with this glibc version and which
use the madvise call will require at least Linux kernel version 6.2,
alternatively stable kernels from versions 6.1.6, 5.15.87, 5.10.163,
5.4.228, 4.19.270 or 4.14.303.
* The "--disable-experimental-malloc" option is no longer available. The
per-thread cache can still be disabled per-application using tunables
(glibc.malloc.tcache_count set to zero).
* The configure option "--enable-tunables" has been removed. The tunable
feature is now always enabled.
Changes to build and runtime requirements:
* Building libmvec on AArch64 requires at a minimum GCC 10.1.0 for SVE
ACLE.
Security related changes:
CVE-2023-25139: When the printf family of functions is called with a
format specifier that uses an <apostrophe> (enable grouping) and a
minimum width specifier, the resulting output could be larger than
reasonably expected by a caller that computed a tight bound on the
buffer size. The resulting larger than expected output could result
in a buffer overflow in the printf family of functions.
The following bugs are resolved with this release:
[178] string: Please add strlcpy and strlcat (attached)
[14697] nptl: Behavior of exit is nonconformant with respect to
threads and stdio
[15142] stdio: Missing locking in _IO_cleanup
[18096] glob: null deref in wordexp/parse_dollars/parse_arith
[18906] stdio: fopen: ccs value may affect open mode
[24466] stdio: Feature request: provide special printf formats for
intXX_t
[25457] nss: hosts lookup fails for ipv4mapped ipv6 addresses
[28519] libc: system and popen should pass "--" between /bin/sh and
argument
[29016] stdio: popen() sets errno to ENOMEM when shell does not exist
[29591] string: wcsnlen length can overflow in page cross case.
[30053] time: strftime %s returns -1 after 2038 on 32 bits systems
[30068] stdio: incorrect printf output for integers with thousands
separator and width field (CVE-2023-25139)
[30111] time: support_descriptors_list fails after 2038 on 32 bits
systems
[30125] dynamic-link: [regression, bisected] glibc-2.37 creates new
symlink for libraries without soname
[30130] math: [s390] The _FPU_SETCW macro yields compile error with
Clang
[30156] time: Potential ntp_gettime abi break
[30235] libc: Missing fallback in getlogin if loginuid is unset
[30258] dynamic-link: sprof cannot read and display shared object
profiling data correctly
[30263] libc: Add test coverage for abs(), labs(), and llabs().
[30305] math: Incorrect asm constraint in feraiseexcept on x86-64
[30402] libc: FAIL: elf/tst-glibcelf
[30425] dynamic-link: Symbol lookup during dlclose may fail
unnecessarily
[30435] dynamic-link: Root dir wrongly marked as nonexist in open_path
[30477] libc: [RISCV]: time64 does not work on riscv32
[30515] dynamic-link: _dl_find_object incorrectly returns 1 during
early startup
[30527] network: resolv_conf lock not unlocked on allocation failure
[30550] math: powerpc64le: GCC-specific code for isinf() is being used
on clang
[30555] string: strerror can incorrectly return NULL
[30579] malloc: trim_threshold in realloc lead to high memory usage
[30662] nscd: Group and password cache use errno in place of errval
Release Notes
=============
https://sourceware.org/glibc/wiki/Release/2.38
Contributors
============
This release was made possible by the contributions of many people.
The maintainers are grateful to everyone who has contributed
changes or bug reports. These include:
Adam Yi
Adhemerval Zanella Netto
Alejandro Colomar
Andreas Arnez
Andreas K. Hüttel
Andreas Schwab
Arjun Shankar
Arsen Arsenović
Aurelien Jarno
Ayush Mittal
Bert Wesarg
Carlos O'Donell
Cupertino Miranda
DJ Delorie
Dridi Boukelmoune
Flavio Cruz
Florian Weimer
Frédéric Bérat
Gavin Smith
Guy-Fleury Iteriteka
H.J. Lu
Hsiangkai Wang
Indu Bhagat
Jan-Benedict Glaw
Joan Bruguera
Joe Ramsay
Joe Simmons-Talbott
John David Anglin
Joseph Myers
Julian Squires
Jun Tang
Kacper Piwiński
Kito Cheng
Mahesh Bodapati
Martin Coufal
Maxim Kuvyrkov
Nisha Menon
Noah Goldstein
Paul Eggert
Paul Pluzhnikov
Paul Zimmermann
Pavel Kozlov
Qihao Chencao
Qixing ksyx Xue
Richard Henderson
Robert Morell
Romain Geissler
Ronan Pigott
Roy Eldar
Sachin Monga
Sam James
Samuel Thibault
Sergey Bugaev
Siddhesh Poyarekar
Simon Kissane
Stefan Liebler
Szabolcs Nagy
Tulio Magno Quites Machado Filho
Vitaly Buka
Wilco Dijkstra
Xi Ruoyao
Ying Huang
abushwang
caiyinyu
quxm
Леонид Юрьев (Leonid Yuriev)
наб
We would like to call out the following and thank them for their
tireless patch review:
Adhemerval Zanella
Andreas K. Hüttel
Arjun Shankar
Aurelien Jarno
Carlos Eduardo Seo
Carlos O'Donell
DJ Delorie
Florian Weimer
Joe Simmons-Talbott
Noah Goldstein
Palmer Dabbelt
Paul E. Murphy
Rajalakshmi Srinivasaraghavan
Richard Henderson
Siddhesh Poyarekar
Szabolcs Nagy
Wilco Dijkstra
--
Andreas K. Hüttel
dilfridge@gentoo.org
Gentoo Linux developer
(council, toolchain, base-system, perl, releng)
https://wiki.gentoo.org/wiki/User:Dilfridge
https://www.akhuettel.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 981 bytes
Desc: This is a digitally signed message part.
URL: <https://sourceware.org/pipermail/libc-announce/attachments/20230731/a8b71820/attachment.sig>
More information about the Libc-announce
mailing list