ProHoster > Π‘Π»ΠΎΠ³ > wararka internetka > Siidaynta Maktabada Nidaamka Glibc 2.30

Siidaynta Maktabada Nidaamka Glibc 2.30

Kadib lix bilood oo horumar ah la daabacay siidaynta maktabada nidaamka GNU C Library (glibc) 2.30, kaas oo si buuxda u raacaya shuruudaha ISO C11 iyo POSIX.1-2008. Siideynta cusub waxaa ku jira hagaajinta 48 horumariye.

Waxaa lagu fuliyay Glibc 2.30 horumar waxaad ogaan kartaa:

  • Xidhiidhiyaha firfircooni wuxuu taageeraa "--preload" ikhtiyaarka horay loogu raray walxaha la wadaago (oo la mid ah doorsoomiyaha deegaanka LD_PRELOAD);
  • Shaqada twalk_r ee lagu daray, oo la mid ah hawshii socodka hore ee jirtay, laakiin kuu oggolaanaysa inaad dood dheeraad ah u gudbiso hawsha dib-u-soo- yeedhista ee la bixiyay;
  • Linux, getdents64 cusub, gettid iyo tgkill hawlaha ayaa lagu daray;
  • Maareynta xusuusta waxay u shaqeysaa malloc, calloc, realloc, reallocarray, valloc, pvalloc, memalign, iyo posix_memalign waxay ku dhameeyaan koodka qaladka marka wadarta cabirka shayga uu dhaafo qiimaha PTRDIFF_MAX. Isbeddelkani waxa uu ka fogaanayaa hab-dhaqanka aan la qeexin marka natiijada wax-is-beddelka tilmaamuhu ay keento qulqulka nooca ptrdiff_t;
  • Lagu daray POSIX hawlaha la soo jeediyay pthread_cond_clockwait, pthread_mutex_clocklock,
    pthread_rwlock_clockrdlock, pthread_rwlock_clockwrlock, iyo sem_clockwait, oo la mid ah "waqtiga" u dhigma, laakiin sidoo kale qaadashada clockid_t parameter si aad u doorato saacad;

  • Xogta codaynta, macluumaadka nooca jilaha, iyo jaantusyada qoraalka waa la cusboonaysiiyay si ay u taageeraan qeexida Unicode 12.1.0;
  • clock_gettime, clock_getres, clock_settime, clock_getcpuclockid, iyo clock_nanosleep hawlaha aan hadda lagu bixiyo maktabadda librt codsiyada cusub, iyo qeexitaannada libc si toos ah ayaa loo isticmaalaa halkii;
  • /etc/resolv.conf ayaa meesha ka saartay doorashada "inet6". Waxaa laga saaray RES_USE_INET6, RES_INSECURE1 iyo RES_INSECURE2 calamada resolv.h;
  • Marka la tilmaamayo "--enable-bind-now" doorashada, barnaamijyada la rakibay hadda waxay ku xidhan yihiin iyagoo isticmaalaya calanka BIND_NOW;
  • Faylka madaxa ee sys/sysctl.h ee Linux-gaar ah iyo shaqadii sysctl waa la joojiyay, codsiyaduna waa inay adeegsadaan /proc pseudo-FS beddelkeeda;
  • Glibc hadda waxay u baahan tahay GCC 6.2 ama ka cusub si loo dhiso (comileer kasta ayaa loo isticmaali karaa in lagu dhiso codsiyada);
  • Nuglaanta ayaa go'an CVE-2019-7309 ee hirgelinta shaqada memcmp ee loogu talagalay duugoobay x32 subarchitecture (aan lagu khaldin x86 IA-32), taas oo keentay in shaqadu si khalad ah u soo celiso qiimaha 0 ee xargaha aan ku habboonayn;
  • Nuglaanta ayaa go'an CVE-2019-9169, kaas oo sababi kara in xogta laga akhriyo meel ka baxsan xuduudka marka la farsameynayo tibaaxaha caadiga ah qaarkood.

Source: opennet.ru

Add a comment