Mushure memwedzi mitanhatu yebudiriro system library library (glibc) , iyo inonyatsoenderana nezvinodiwa zve ISO C11 uye POSIX.1-2017. Kuburitswa kutsva kunosanganisira zvigadziriso kubva ku67 Developers.
Yakaiswa muGlibc 2.32 unogona kucherechedza:
- Yakawedzerwa rutsigiro rweSynopsys ARC HS (ARCv2 ISA) processors. Chiteshi chinoda kanenge binutils 2.32, gcc 8.3 uye Linux kernel 5.1 kumhanya. Mhando nhatu dzeABI dzinotsigirwa: arc-linux-gnu, arc-linux-gnuhf uye arceb-linux-gnu (big-endian);
- Kurodha kwemamodule ekuongorora akatsanangurwa muzvikamu DT_AUDIT uye
DT_DEPAUDIT yefaira rinogoneka. - Kune iyo powerpc64le architecture, tsigiro yeIEEE128 refu yakapetwa kaviri mhando inoshandiswa, iyo inogoneswa kana uchivaka ne "-mabi=ieeelongdouble" sarudzo.
- Mamwe maAPI anotsanangurwa neiyo GCC 'access' hunhu, iyo inobvumira yambiro iri nani kuti igadzirwe kana yaunganidzwa muGCC 10 kuti ione zvingangoitika buffer mafashama uye mamwe ekunze-kwe-mabhiri mamiriro.
- Kune Linux masisitimu, iwo mabasa pthread_attr_setsigmask_np uye
pthread_attr_getsigmask_np, iyo inopa iyo application kugona kutsanangura mask yechiratidzo chetambo dzakagadzirwa uchishandisa pthread_create. - Encoding data, character type information, and transliteration tables zvakagadziridzwa kutsigira Unicode 13.0.0 tsanangudzo;
- Yakawedzera faira remusoro mutsva , iyo inotsanangura __libc_single_threaded variable, iyo inogona kushandiswa mumashandisirwo e-single-threaded optimizations.
- Akawedzera mabasa sigabbrev_np uye sigdescr_np anodzosa zita rakapfupikiswa uye tsananguro yechiratidzo (semuenzaniso, "HUP" uye "Hangup" yeSIGHUP).
- Akawedzera mabasa strerrorname_np uye strerrordesc_np anodzosa zita netsanangudzo yechakaipa (semuenzaniso, "EINVAL" uye "Haroro isiriyo" yeEINVAL).
- Papuratifomu yeARM64, mureza we "-enable-standard-bazi-protection" wawedzerwa (kana -mbranch-protection=standard muGCC), iyo inogonesa iyo ARMv8.5-BTI (Bazi Target Indicator) kuchengetedza kuitwa kwemaseti ekuraira asingafanirwe kuitwa. Kuvharira shanduko kuenda kuzvikamu zvekupokana zvekodhi kunoitwa kudzivirira kusikwa kwezvigajeti mukushandisa zvinoshandisa kudzoka-yakatarisana programming matekiniki (ROP - Return-Oriented Programming; anorwisa haaedze kuisa kodhi yake mundangariro, asi anoshanda pane zvidimbu zvagara zviripo. yemirairo yemuchina inopera nemirairo yekudzora yekudzoka, kubva painovakwa ketani yekufona kuti uwane basa rinodiwa).
- Kucheneswa kukuru kwezvinhu zvechinyakare kwaitwa, kusanganisira kubviswa kwe "--enable-obsolete-rpc" uye "--enable-obsolete-nsl" sarudzo, musoro faira. . Iwo mabasa sstk, siginterrupt, sigpause, sighold, sigrelse, sigignore uye sigset, the arrays sys_siglist, _sys_siglist uye sys_sigabbrev, zviratidzo sys_errlist, _sys_errlist, sys_nerner uye _SS_SS yakatsanangurwa, uye_sss_sss_ssd_ssd_sd_sd_smodule.
- ldconfig yakafambiswa nekusarudzika kuti ishandise iyo ld.so.cache fomati itsva, iyo yakatsigirwa muglibc kweanoda kusvika makore makumi maviri.
- Kusagadzikana kwakagadziriswa:
- CVE-2016-10228 - Iyo loop mune iconv utility inoitika kana ichimhanya ne "-c" sarudzo paunenge uchigadzira isiriyo yakawanda-byte data.
- CVE-2020-10029 Stack huori pakudaidza trigonometric mabasa ane pseudo-null nharo.
- CVE-2020-1752 - Yekushandisa-mushure-yemahara ndangariro yekuwana mune iyo glob basa kana uchiwedzera rengedzo kudhairekitori repamba ("~ mushandisi") munzira.
- CVE-2020-6096 - Kubata zvisirizvo pane iyo ARMv7 papuratifomu yeasina kunaka parameter tsika mu memcpy () uye memmove (), iyo inosarudza saizi yenzvimbo yakakopwa. ronga kuurayiwa kwekodhi paunenge uchigadzira data rakarongwa neimwe nzira mune memcpy () uye memmove () mabasa. Zvakakosha kuti dambudziko isina kugadziriswa kweinenge mwedzi miviri kubva ruzivo rwakaburitswa pachena uye nemwedzi mishanu kubva vagadziri veGlibc vaziviswa.
Source: opennet.ru