Pulogalamu ya ProHoster > Blog > nkhani zapaintaneti > Kutulutsidwa kwa Library ya Glibc 2.35 System

Kutulutsidwa kwa Library ya Glibc 2.35 System

Pambuyo pa miyezi isanu ndi umodzi ya chitukuko, laibulale ya GNU C Library (glibc) 2.35 system yatulutsidwa, yomwe ikugwirizana kwathunthu ndi zofunikira za ISO C11 ndi POSIX.1-2017. Kutulutsidwa kwatsopano kumaphatikizapo zosintha kuchokera kwa opanga 66.

Zina mwazosintha zomwe zakhazikitsidwa mu Glibc 2.35 ndi monga:

  • Thandizo lowonjezera la "C.UTF-8" la komweko, lomwe limaphatikizapo malamulo ophatikizana pamakhodi onse a Unicode, koma kusunga malo kumangogwiritsidwa ntchito pamagulu a ASCII mu fnmatch, regexec ndi regcomp ntchito. Malowa ndi pafupifupi 400 KB, pomwe 346 KB ndi data ya LC_CTYPE ya Unicode, ndipo imafuna kuyika kosiyana (osamangidwa mu Glibc).
  • Deta ya encoding, mtundu wa zilembo, ndi matebulo omasulira zasinthidwa kuti zigwirizane ndi tsatanetsatane wa Unicode 14.0.0.
  • MU Ndipo ntchito ndi ma macros amayendetsedwa kuti azizungulira zotsatirazo kukhala mtundu wocheperako: fsqrt, fsqrtl, dsqrtl, ffma, ffmal, dfmal, fMsqrtfN, fMsqrtfNx, fMxsqrtfN, fMxsqrtfNx, fMfmafN, fMfxfNfNfN, fMfxfNfN, fMxfNfN Ntchitozi zikufotokozedwa mwatsatanetsatane TS 18661-1: 2014, TS 18661-3: 2015 ndikuwonjezedwa pazolemba zam'tsogolo za ISO C2X C.
  • MU Ndipo adakhazikitsa ntchito ndi ma macros kuti apeze manambala oyandama ochepera komanso ochulukirapo okhala ndi mitundu yoyandama, yayitali iwiri, _FloatN ndi _FloatNx, yofotokozedwa mu IEEE 754-2019 ndikuwonjezedwa pazolemba zamtsogolo za ISO C2X C: fmaximum, fmaximum_num , fmaximum_mag, fminimum_mag_nambala, fminimum_nambala, fminimum_mag, fminimum_mag_nambala.
  • MU anawonjezera zokhazikika za manambala a malo oyandama mwatsatanetsatane: M_Ef, M_LOG2Ef, M_LOG10Ef, M_LN2f, M_LN10f, M_PIf, M_PI_2f, M_PI_4f, M_1_PIf, M_2_PIf, M_2_SQRTPIf, M_2_SfSRT1.
  • Kwa ntchito exp10 mu mutu wapamwamba Anawonjezera ma macros ofanana omwe samamangiriridwa ku mitundu inayake.
  • MU adawonjezera _PRINTF_NAN_LEN_MAX macro omwe akuperekedwa muyeso wa ISO C2X.
  • Zowonjezera za "%b" ndi "%B" ku gulu la printf la magwiridwe antchito kuti musindikize manambala oyimira binary.
  • Dongosolo lolumikizira lomwe limagwiritsa ntchito njira yatsopano yosinthira ya DSO yomwe imagwiritsa ntchito kufufuza kozama koyamba (DFS) kuthana ndi zovuta zogwirira ntchito polimbana ndi kudalira kozungulira. Kuti musankhe algorithm yosankha DSO, gawo la glibc.rtld.dynamic_sort limaperekedwa, lomwe lingakhazikitsidwe ku "1" kuti libwerere ku algorithm yakale.
  • ABI yawonjezera thandizo la ntchito yatsopano '__memcmpeq', yogwiritsidwa ntchito ndi ophatikiza kukhathamiritsa kugwiritsa ntchito 'memcmp' ngati mtengo womwe wabwezedwa ndi ntchitoyi ukugwiritsidwa ntchito pongoyang'ana momwe ntchitoyo ikamalizidwira.
  • Thandizo lowonjezera pakulembetsa ulusi wokha pogwiritsa ntchito rseq (zotsatira zoyambira) zomwe zaperekedwa kuyambira Linux kernel 4.18. Kuyimba kwa dongosolo la rseq kumakupatsani mwayi wokonzekera kutsata mosalekeza kwa gulu la malangizo omwe sanasokonezedwe ndikutsimikizira zotsatira ndi malangizo omaliza mu gulu. Kwenikweni, imapereka njira yochitira ma atomiki othamanga kwambiri omwe, ngati asokonezedwa ndi ulusi wina, amatsukidwa ndikuyesedwanso.
  • Wowonjezera symlink /usr/bin/ld.so.
  • Kusonkhana kosasinthika kwa mafayilo onse omwe angathe kuchitidwa a mapulogalamu ophatikizidwa ndi mayeso omwe amaikidwa mu PIE (position independent executable) amaperekedwa. Kuti mulepheretse izi, njira ya "-disable-default-pie" imaperekedwa.
  • Kwa Linux, zochunira za glibc.malloc.hugetlb zawonjezedwa kuti zilole kukhazikitsidwa kwa malloc kusinthidwe kugwiritsa ntchito madvise system call ndi MADV_HUGEPAGE mbendera ya mmap ndi sbrk, kapena kugwiritsa ntchito mwachindunji masamba akulu okumbukira pofotokoza mbendera ya MAP_HUGETLB mu mmap. mafoni. Pachiyambi choyamba, phindu la ntchito likhoza kupezedwa ngati Masamba Akuluakulu a Transparent amagwiritsidwa ntchito mu madvise mode, ndipo kachiwiri, mphamvu yogwiritsira ntchito Masamba Akuluakulu osungidwa amaperekedwa.
  • Anawonjezera _dl_find_object ntchito yomwe ingagwiritsidwe ntchito kuwonjezera chidziwitso chotsitsimula foni.
  • Thandizo lowonjezera pamamangidwe a OpenRISC (or1k-linux-gnu) mumachitidwe oyandama. Doko limafunikira ma binutils 2.35, GCC 11, ndi Linux kernel 5.4.
  • Onjezani mbendera yomanga "--with-rtld-early-cflags", yomwe ingagwiritsidwe ntchito kufotokozera mbendera zowonjezeredwa zomwe zimagwiritsidwa ntchito pomanga khodi yoyamba yolumikizira mwamphamvu.
  • Pa nsanja ya Linux, ntchito ya epoll_pwait2 yawonjezedwa, yomwe imasiyana ndi epoll_wait pofotokoza nthawi yomaliza ndi kulondola kwa nanosecond.
  • Onjezani posix_spawn_file_actions_addtcsetpgrp_np ntchito kuti athetse mikangano yamtundu mukakhazikitsa kolowera njira yatsopano.
  • Pamapulogalamu opangidwa ndi Glibc ndi GCC 12+, "_FORTIFY_SOURCE=3" njira yodzitchinjiriza imakhazikitsidwa, yomwe imazindikira kuti buffer imatha kusefukira pochita zingwe zomwe zafotokozedwa mufayilo yamutu wa string.h. Kusiyana kwa "_FORTIFY_SOURCE=2" kumatsikira ku macheke owonjezera, omwe angayambitse kuchepa kwa ntchito.
  • Thandizo la Intel MPX (Memory Protection Extensions), lomwe limagwiritsidwa ntchito poyang'ana zolozera za malire a kukumbukira, latha (ukadaulo uwu sunafalikire ndipo wachotsedwa kale ku GCC ndi LLVM).
  • Njira yolumikizirana ndi malo ogwirizana ndi LD_TRACE_PRELINKING ndi LD_USE_LOAD_BIAS zatsitsidwa ndipo zichotsedwa pakatulutsidwa mtsogolo.

    Zowopsa zakhazikika:

    • CVE-2022-23218, CVE-2022-23219 - Buffer kusefukira mu ntchito za svcunix_create ndi clnt_create, zomwe zimayambitsidwa ndi kukopera zomwe zili mu fayilo ya dzina lafayilo pa stack osayang'ana kukula kwa zomwe zakopedwa. Pamapulogalamu opangidwa popanda chitetezo cha stack ndikugwiritsa ntchito protocol ya "unix", kusatetezeka kungayambitse kuphatikizika kwa code yowukira mukamakonza mayina a mafayilo aatali kwambiri.
    • CVE-2021-3998 ndi chiwopsezo mu realpath() ntchito chifukwa chobweza, pansi pamikhalidwe ina, pamtengo wolakwika wokhala ndi data yotsalira yodetsedwa kuchokera pamndandanda. Pa pulogalamu ya SUID-root fusermount, chiwopsezocho chingagwiritsidwe ntchito kupeza zidziwitso zachinsinsi kuchokera kumakumbukiro azinthu, mwachitsanzo, kupeza zambiri zolozera.
    • CVE-2021-3999 - Single-byte buffer kusefukira mu getcwd() ntchito. Vutoli limadza chifukwa cha cholakwika chomwe chakhalapo kuyambira 1995. Kuti mupangitse kusefukira, ingoyitanitsani chdir() pa "/" chikwatu pamalo ena okwera.

    Source: opennet.ru

Kuwonjezera ndemanga