ProHoster > Блог > ozi ịntanetị > Mwepụta ọba akwụkwọ Sistemu Glibc 2.32

Mwepụta ọba akwụkwọ Sistemu Glibc 2.32

Mgbe ọnwa isii nke mmepe bipụtara ntọhapụ ụlọ akwụkwọ sistemụ Ụlọ akwụkwọ GNU C (glibc) 2.32, nke zuru oke na-akwado ihe achọrọ nke ISO C11 na POSIX.1-2017. Ntọhapụ ọhụrụ a gụnyere ndozi sitere na ndị mmepe 67.

Emebere ya na Glibc 2.32 ndozi i nwere ike mara:

  • Agbakwunyere nkwado maka ndị nhazi Synopsys ARC HS (ARCv2 ISA). Ọdụ ụgbọ mmiri ahụ chọrọ opekata mpe binutils 2.32, gcc 8.3, na kernel. Linux 5.1. A na-akwado ụdị ABI atọ: arc-linux-gnu, arc-linux-gnuhf na arceb-linux-gnu (big-endian);
  • Nbudata modul nyocha akọwapụtara na ngalaba DT_AUDIT na
    DT_DEPAUDIT nke faịlụ enwere ike ime ya.
  • Maka ihe owuwu powerpc64le, nkwado maka ụdị IEEE128 ogologo ụdị okpukpu abụọ ka etinyere, nke a na-enyere ya aka mgbe ejiri nhọrọ “-mabi=ieeelongdouble” wuo.
  • Ejiri njirimara 'nweta' GCC kọwaa ụfọdụ API, nke na-enye ohere ka iwepụta ịdọ aka ná ntị ka mma mgbe a na-achịkọta ya na GCC 10 iji chọpụta oke njupụta nke nwere ike ime yana ọnọdụ ndị ọzọ na-apụ apụ.
  • Iji Linux-systems tinyere ọrụ pthread_attr_setsigmask_np na
    pthread_attr_getsigmask_np, nke na-enye ngwa ahụ ike ịkọwa ihe nkpuchi mgbaàmà maka eriri emepụtara site na iji pthread_create.
  • Emelitela data ntinye, ozi ụdị agwa, na tebụl ntụgharị asụsụ iji kwado nkọwapụta Unicode 13.0.0;
  • Etinyere faịlụ nkụnye eji isi mee ọhụrụ , nke na-akọwa __libc_single_threaded variable, nke enwere ike iji na ngwa maka njikarịcha otu eriri.
  • Ọrụ agbakwunyere sigabbrev_np na sigdescr_np na-eweghachi aha mkpirisi na nkọwa nke mgbama (dịka ọmụmaatụ, "HUP" na "Hangup" maka SIGHUP).
  • Ọrụ agbakwunyere strerrorname_np na strerrordesc_np na-eweghachi aha na nkọwa nke njehie ahụ (dịka ọmụmaatụ, "EINVAL" na "Arụmụka na-ezighi ezi" maka EINVAL).
  • Agbakwunyere ọkọlọtọ "--enable-standard-branch-protection" (ma ọ bụ -mbranch-protection=standard na GCC) maka ikpo okwu ARM64, na-eme ka usoro ARMv8.5-BTI (Akara Target Indicator) iji chebe mmezu nke usoro ntụziaka ndị ahụ. e kwesịghị igbu alaka ngalaba. A na-emejuputa mgbanwe mgbanwe na ngalaba koodu aka ike iji gbochie imepụta ngwa n'erigbu ndị na-eji usoro mmemme na-alaghachi azụ (ROP - Mmemme Nlaghachi; onye na-awakpo ahụ anaghị anwa itinye koodu ya na ebe nchekwa, mana ọ na-arụ ọrụ na mpempe akwụkwọ dị adị. nke ntuziaka igwe nke na-ejedebe na ntụziaka nchịkwa nlọghachi, nke sitere na nke a na-ewu usoro oku iji nweta ọrụ achọrọ).
  • Emeela nnukwu mkpochapụ nke njirimara oge ochie, gụnyere mwepụ nke nhọrọ "-enable-obsolete-rpc" na "-enable-obsolete-nsl", faịlụ nkụnye eji isi mee. . The ọrụ sstk, siginterrupt, sigpause, sighold, sigrelse, sigignore na sigset, na arrays sys_siglist, _sys_siglist na sys_sigabbrev, akara sys_errlist, _sys_errlist, sys_nerr na sys_nerr na sys.
  • ldconfig ejirila ndabara kpalie ya iji usoro ld.so.cache ọhụrụ, nke akwadoro na glibc ihe fọrọ nke nta ka ọ bụrụ afọ 20.
  • Edoziri adịghị ike:
    • CVE-2016-10228 - Akara aka na ọrụ iconv na-eme mgbe ejiri nhọrọ "-c" na-agba ọsọ mgbe ị na-edozi data multi-byte na-ezighi ezi.
    • CVE-2020-10029 nrụrụ aka mgbe a na-akpọ ọrụ trigonometric na arụmụka pseudo-null.
    • CVE-2020-1752 - Nweta ebe nchekwa na-enweghị ohere na ọrụ glob mgbe ị na-agbasa ntụnye aka na ndekọ ụlọ (“~ onye ọrụ”) n'ụzọ.
    • CVE-2020-6096 - njikwa na-ezighi ezi na ikpo okwu ARMv7 nke ụkpụrụ parameter na-adịghị mma na memcpy () na memmove (), nke na-ekpebi nha mpaghara depụtaghachiri. Na-enye ohere hazie koodu ogbugbu mgbe ị na-ahazi data n'otu ụzọ na ọrụ memcpy () na memmove(). Ọ dị mkpa na nsogbu ahụ nọgidere emezighị ya ihe fọrọ nke nta ka ọ bụrụ ọnwa abụọ kemgbe ekpughere ozi ahụ n'ihu ọha yana ọnwa ise kemgbe ndị nrụpụta Glibc mara ọkwa.

isi: opennet.ru

Zụta nnabata ntụkwasị obi maka saịtị nwere nchekwa DDoS, sava VPS VDS 🔥 Zụta ebe nrụọrụ weebụ a pụrụ ịtụkwasị obi na nchekwa DDoS, sava VPS VDS | ProHoster