Phatlalatso ea Laeborari ea Tsamaiso ea Glibc 2.30

Ka mor'a likhoeli tse tšeletseng tsa tsoelo-pele e phatlalalitsoeng ho lokolloa ha laebrari ea tsamaiso Laeborari ea GNU C (glibc) 2.30, e lumellanang ka botlalo le litlhoko tsa ISO C11 le POSIX.1-2008. Phallo e ncha e kenyelletsa litokiso tse tsoang ho baetsi ba 48.

E kentsoe ho Glibc 2.30 ntlafatso o ka hlokomela:

• Sehokelo se matla se ts'ehetsa khetho ea "--preload" bakeng sa ho kenya lintho tse arolelanoang esale pele (tse ts'oanang le LD_PRELOAD tikoloho e fapaneng);
• E kentse ts'ebetso ea twalk_r, e ts'oanang le ts'ebetso ea twalk e seng e ntse e le teng, empa e u lumella ho fetisa khang e eketsehileng mosebetsing o fanoeng oa callback;
• Bakeng sa Linux, mesebetsi e mecha ea getdents64, gettid le tgkill e kentsoe;
• Tsamaiso ea memori e sebetsa malloc, calloc, realloc, reallocarray, valloc, pvalloc, memalign, le posix_memaligne e emisa ka khoutu ea phoso ha boholo ba ntho bo feta boleng ba PTRDIFF_MAX. Phetoho ena e qoba boitšoaro bo sa hlalosoang ha sephetho sa ho qhekella ha pointer se fella ka ho ata ha mofuta oa ptrdiff_t;
• E kentse mesebetsi e reriloeng ea POSIX pthread_cond_clockwait, pthread_mutex_clocklock,
  pthread_rwlock_clockrdlock, pthread_rwlock_clockwrlock, le sem_clockwait, tse tšoanang le "timed" tse lekanang, empa ho feta moo ho nka parameter ea clockid_t ho khetha sebali;

• Lintlha tsa khouto, tlhahisoleseding ea mofuta oa litlhaku, le litafole tsa phetolelo li nchafalitsoe ho tšehetsa tlhaloso ea Unicode 12.1.0;
• clock_gettime, clock_getres, clock_settime, clock_getcpuclockid, le clock_nanosleep mesebetsi ha e sa fanoa laebraring ea librt bakeng sa lits'ebetso tse ncha, 'me litlhaloso tsa libc li sebelisoa ka mokhoa o ikemetseng ho e-na le hoo;
• /etc/resolv.conf e tlositse khetho ea "inet6". E tlositse lifolakha tsa khale tsa RES_USE_INET6, RES_INSECURE1 le RES_INSECURE2 ho resolv.h;
• Ha u hlakisa khetho ea "-enable-bind-now", mananeo a kentsoeng a tlameletsoe ho sebelisa folakha ea BIND_NOW;
• Faele ea hlooho ea Linux-specific sys/sysctl.h le ts'ebetso ea sysctl ha e sebetse, 'me lits'ebetso li lokela ho sebelisa /proc pseudo-FS sebakeng sa eona;
• Hona joale Glibc e hloka GCC 6.2 kapa e ncha ho e haha ​​(moqapi ofe kapa ofe o ka sebelisoa ho aha lits'ebetso);
• Kotsi e tsitsitse CVE-2019-7309 phethahatsong ea mosebetsi oa memcmp bakeng sa e sa sebetseng x32 subarchitecture (ha ea lokela ho ferekanngoa le x86 IA-32), ka lebaka leo mosebetsi o ka khutlisetsang boleng ba 0 ka mokhoa o fosahetseng bakeng sa likhoele tse sa tsamaisaneng;
• Kotsi e tsitsitse CVE-2019-9169, e ka etsang hore data e baloe ho tsoa ho buffer e kantle ho meeli ha e sebetsana le lipolelo tse itseng tse tloaelehileng.

Source: opennet.ru