Pambuyo pa miyezi isanu ndi umodzi ya chitukuko system library kumasulidwa (chilichonse) , yomwe ikugwirizana kwathunthu ndi zofunikira za ISO C11 ndi POSIX.1-2017. Kutulutsidwa kwatsopano kumaphatikizapo zosintha kuchokera kwa opanga 67.
Kukhazikitsidwa mu Glibc 2.32 mutha kuzindikira:
- Thandizo lowonjezera la mapurosesa a Synopsys ARC HS (ARCv2 ISA). Doko limafunikira ma binutils 2.32, gcc 8.3 ndi Linux kernel 5.1 kuti ayende. Mitundu itatu ya ABI imathandizidwa: arc-linux-gnu, arc-linux-gnuhf ndi arceb-linux-gnu (big-endian);
- Kutsegula ma module owunikira omwe afotokozedwa m'magawo a DT_AUDIT ndi
DT_DEPAUDIT ya fayilo yomwe ingagwiritsidwe ntchito. - Pazomangamanga za powerpc64le, chithandizo cha mtundu wa IEEE128 wautali wawiri chimakhazikitsidwa, chomwe chimathandizidwa pomanga ndi "-mabi=ieeelongdouble".
- Ma API ena amafotokozedwa ndi mawonekedwe a GCC 'access', omwe amalola machenjezo abwinoko kuti apangidwe akapangidwa mu GCC 10 kuti azindikire kusefukira kwa buffer ndi zochitika zina zakunja.
- Kwa machitidwe a Linux, ntchito pthread_attr_setsigmask_np ndi
pthread_attr_getsigmask_np, zomwe zimapereka mwayi wofotokozera chigoba cha ulusi wopangidwa pogwiritsa ntchito pthread_create. - Deta ya encoding, zambiri zamtundu wa zilembo, ndi matebulo omasulira zasinthidwa kuti zithandizire tsatanetsatane wa Unicode 13.0.0;
- Wowonjezera mutu wapamwamba wapamwamba , yomwe imatanthauzira __libc_single_threaded variable, yomwe ingagwiritsidwe ntchito pazowonjezera zamtundu umodzi.
- Zowonjezera sigabbrev_np ndi sigdescr_np zomwe zimabweretsanso dzina lofupikitsidwa ndi kufotokozera siginecha (mwachitsanzo, "HUP" ndi "Hangup" ya SIGHUP).
- Zowonjezeredwa za strerrorname_np ndi strerrordesc_np zomwe zimabweretsa dzina ndi malongosoledwe a cholakwika (mwachitsanzo, "EINVAL" ndi "mtsutsano wolakwika" wa EINVAL).
- Pa nsanja ya ARM64, mbendera ya "-enable-standard-branch-protection" yawonjezedwa (kapena -mbranch-protection=standard mu GCC), yomwe imathandizira njira ya ARMv8.5-BTI (Branch Target Indicator) kuteteza Kukhazikitsa ma seti a malangizo omwe sayenera kuchitidwa. Kuletsa kusintha kwa magawo osasinthika a code kumakhazikitsidwa kuti aletse kupangidwa kwa zida zamagetsi muzochita zomwe zimagwiritsa ntchito njira zobwereranso (ROP - Return-Oriented Programming; wowukirayo samayesa kuyika code yake kukumbukira, koma amagwira ntchito pazidutswa zomwe zidalipo kale. ya malangizo amakina omwe amatha ndi malangizo owongolera obwerera, pomwe maitanidwe angapo amapangidwa kuti apeze zomwe mukufuna).
- Kuyeretsa kwakukulu kwa zinthu zakale kwachitika, kuphatikizapo kuchotsedwa kwa "--enable-obsolete-rpc" ndi "--enable-obsolete-nsl", mutu wapamwamba. . Ntchito sstk, siginterrupt, sigpause, sighold, sigrelse, sigignore ndi sigset, arrays sys_siglist, _sys_siglist ndi sys_sigabbrev, zizindikiro sys_errlist, _sys_errlist, sys_nerrcated ndi _SS_SS_
- ldconfig yasunthidwa mwachisawawa kuti igwiritse ntchito mtundu watsopano wa ld.so.cache, womwe wakhala ukuthandizidwa mu glibc kwa zaka pafupifupi 20.
- Zowopsa zakhazikika:
- CVE-2016-10228 - Kuzungulira muzogwiritsira ntchito iconv kumachitika mukathamangitsidwa ndi "-c" pokonza deta yolakwika ya multi-byte.
- CVE-2020-10029 Chiphuphu chochuluka poyitana ntchito za trigonometric ndi mkangano wabodza.
- CVE-2020-1752 - Kufikira kukumbukira kosagwiritsa ntchito pambuyo-pambuyo pa ntchito yapadziko lonse pamene mukukulitsa zolembera zanyumba ("~ wosuta") m'njira.
- CVE-2020-6096 - Kusamalidwa molakwika pa ARMv7 papulatifomu yazabwino za parameter mu memcpy () ndi memmove (), zomwe zimatsimikizira kukula kwa malo omwe adakopera. konzekerani ma code pamene mukukonza deta yokonzedwa mwanjira inayake mu memcpy () ndi memmove () ntchito. Ndikofunikira kuti vutoli osakonzedwa kwa pafupifupi miyezi iwiri kuchokera pomwe zambiri zidawululidwa komanso miyezi isanu kuyambira pomwe opanga Glibc adadziwitsidwa.
Source: opennet.ru