Headline
CVE-2015-5180: Siddhesh Poyarekar - The GNU C Library version 2.25 is now available
CVE-2015-5180 glibc: DNS resolver NULL pointer dereference with crafted record type
This is the mail archive of the [email protected] mailing list for the glibc project.
Index Nav:
[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:
[Date Prev] [Date Next]
[Thread Prev] [Thread Next]
Other format:
[Raw text]
- From: Siddhesh Poyarekar <siddhesh at sourceware dot org>
- To: “libc-alpha at sourceware dot org” <libc-alpha at sourceware dot org>
- Date: Sun, 5 Feb 2017 22:08:35 +0530
- Subject: The GNU C Library version 2.25 is now available
- Authentication-results: sourceware.org; auth=none
- Reply-to: siddhesh at sourceware dot org
The GNU C Library
The GNU C Library version 2.25 is now available.
The GNU C Library is used as *the* C library in the GNU system and in GNU/Linux systems, as well as many other systems that use Linux as the kernel.
The GNU C Library is primarily designed to be a portable and high performance C library. It follows all relevant standards including ISO C11 and POSIX.1-2008. It is also internationalized and has one of the most complete internationalization interfaces known.
The GNU C Library webpage is at http://www.gnu.org/software/libc/
Packages for the 2.25 release may be downloaded from: http://ftpmirror.gnu.org/libc/ http://ftp.gnu.org/gnu/libc/
The mirror list is at http://www.gnu.org/order/ftp.html
NEWS for version 2.25
* The feature test macro __STDC_WANT_LIB_EXT2__, from ISO/IEC TR 24731-2:2010, is supported to enable declarations of functions from that TR. Note that not all functions from that TR are supported by the GNU C Library.
* The feature test macro __STDC_WANT_IEC_60559_BFP_EXT__, from ISO/IEC TS 18661-1:2014, is supported to enable declarations of functions and macros from that TS. Note that not all features from that TS are supported by the GNU C Library.
* The feature test macro __STDC_WANT_IEC_60559_FUNCS_EXT__, from ISO/IEC TS 18661-4:2015, is supported to enable declarations of functions and macros from that TS. Note that most features from that TS are not supported by the GNU C Library.
* The nonstandard feature selection macros _REENTRANT and _THREAD_SAFE are now treated as compatibility synonyms for _POSIX_C_SOURCE=199506L. Since the GNU C Library defaults to a much newer revision of POSIX, this will only affect programs that specifically request an old conformance mode. For instance, a program compiled with -std=c89 -D_REENTRANT will see a change in the visible declarations, but a program compiled with just -D_REENTRANT, or -std=c99 -D_POSIX_C_SOURCE=200809L -D_REENTRANT, will not.
Some C libraries once required _REENTRANT and/or _THREAD_SAFE to be defined by all multithreaded code, but glibc has not required this for many years.
* The inclusion of <sys/sysmacros.h> by <sys/types.h> is deprecated. This means that in a future release, the macros “major”, “minor”, and “makedev” will only be available from <sys/sysmacros.h>.
These macros are not part of POSIX nor XSI, and their names frequently collide with user code; see for instance glibc bug 19239 and Red Hat bug 130601. <stdlib.h> includes <sys/types.h> under _GNU_SOURCE, and C++ code presently cannot avoid being compiled under _GNU_SOURCE, exacerbating the problem.
* New <fenv.h> features from TS 18661-1:2014 are added to libm: the fesetexcept, fetestexceptflag, fegetmode and fesetmode functions, the femode_t type and the FE_DFL_MODE and FE_SNANS_ALWAYS_SIGNAL macros.
* Integer width macros from TS 18661-1:2014 are added to <limits.h>: CHAR_WIDTH, SCHAR_WIDTH, UCHAR_WIDTH, SHRT_WIDTH, USHRT_WIDTH, INT_WIDTH, UINT_WIDTH, LONG_WIDTH, ULONG_WIDTH, LLONG_WIDTH, ULLONG_WIDTH; and to <stdint.h>: INT8_WIDTH, UINT8_WIDTH, INT16_WIDTH, UINT16_WIDTH, INT32_WIDTH, UINT32_WIDTH, INT64_WIDTH, UINT64_WIDTH, INT_LEAST8_WIDTH, UINT_LEAST8_WIDTH, INT_LEAST16_WIDTH, UINT_LEAST16_WIDTH, INT_LEAST32_WIDTH, UINT_LEAST32_WIDTH, INT_LEAST64_WIDTH, UINT_LEAST64_WIDTH, INT_FAST8_WIDTH, UINT_FAST8_WIDTH, INT_FAST16_WIDTH, UINT_FAST16_WIDTH, INT_FAST32_WIDTH, UINT_FAST32_WIDTH, INT_FAST64_WIDTH, UINT_FAST64_WIDTH, INTPTR_WIDTH, UINTPTR_WIDTH, INTMAX_WIDTH, UINTMAX_WIDTH, PTRDIFF_WIDTH, SIG_ATOMIC_WIDTH, SIZE_WIDTH, WCHAR_WIDTH, WINT_WIDTH.
* New <math.h> features are added from TS 18661-1:2014:
Signaling NaN macros: SNANF, SNAN, SNANL.
Nearest integer functions: roundeven, roundevenf, roundevenl, fromfp, fromfpf, fromfpl, ufromfp, ufromfpf, ufromfpl, fromfpx, fromfpxf, fromfpxl, ufromfpx, ufromfpxf, ufromfpxl.
llogb functions: the llogb, llogbf and llogbl functions, and the FP_LLOGB0 and FP_LLOGBNAN macros.
Max-min magnitude functions: fmaxmag, fmaxmagf, fmaxmagl, fminmag, fminmagf, fminmagl.
Comparison macros: iseqsig.
Classification macros: iscanonical, issubnormal, iszero.
Total order functions: totalorder, totalorderf, totalorderl, totalordermag, totalordermagf, totalordermagl.
Canonicalize functions: canonicalize, canonicalizef, canonicalizel.
NaN functions: getpayload, getpayloadf, getpayloadl, setpayload, setpayloadf, setpayloadl, setpayloadsig, setpayloadsigf, setpayloadsigl.
* The functions strfromd, strfromf, and strfroml, from ISO/IEC TS 18661-1:2014, are added to libc. They convert a floating-point number into string.
* Most of glibc can now be built with the stack smashing protector enabled. It is recommended to build glibc with --enable-stack- protector=strong. Implemented by Nick Alcock (Oracle).
* The function explicit_bzero, from OpenBSD, has been added to libc. It is intended to be used instead of memset() to erase sensitive data after use; the compiler will not optimize out calls to explicit_bzero even if they are “unnecessary” (in the sense that no _correct_ program can observe the effects of the memory clear).
* On ColdFire, MicroBlaze, Nios II and SH3, the float_t type is now defined to float instead of double. This does not affect the ABI of any libraries that are part of the GNU C Library, but may affect the ABI of other libraries that use this type in their interfaces.
* On x86_64, when compiling with -mfpmath=387 or -mfpmath=sse+387, the float_t and double_t types are now defined to long double instead of float and double. These options are not the default, and this does not affect the ABI of any libraries that are part of the GNU C Library, but it may affect the ABI of other libraries that use this type in their interfaces, if they are compiled or used with those options.
* The getentropy and getrandom functions, and the <sys/random.h> header file have been added.
* The buffer size for byte-oriented stdio streams is now limited to 8192 bytes by default. Previously, on Linux, the default buffer size on most file systems was 4096 bytes (and thus remains unchanged), except on network file systems, where the buffer size was unpredictable and could be as large as several megabytes.
* The <sys/quota.h> header now includes the <linux/quota.h> header. Support for the Linux quota interface which predates kernel version 2.4.22 has been removed.
* The malloc_get_state and malloc_set_state functions have been removed. Already-existing binaries that dynamically link to these functions will get a hidden implementation in which malloc_get_state is a stub. As far as we know, these functions are used only by GNU Emacs and this change will not adversely affect already-built Emacs executables. Any undumped Emacs executables, which normally exist only during an Emacs build, should be rebuilt by re-running “./configure; make” in the Emacs build tree.
* The “ip6-dotint” and “no-ip6-dotint” resolver options, and the corresponding RES_NOIP6DOTINT flag from <resolv.h> have been removed. “no-ip6-dotint” had already been the default, and support for the “ip6-dotint” option was removed from the Internet in 2006.
* The “ip6-bytestring” resolver option and the corresponding RES_USEBSTRING flag from <resolv.h> have been removed. The option relied on a backwards-incompatible DNS extension which was never deployed on the Internet.
* The flags RES_AAONLY, RES_PRIMARY, RES_NOCHECKNAME, RES_KEEPTSIG, RES_BLAST defined in the <resolv.h> header file have been deprecated. They were already unimplemented.
* The “inet6” option in /etc/resolv.conf and the RES_USE_INET6 flag for _res.flags are deprecated. The flag was standardized in RFC 2133, but removed again from the IETF name lookup interface specification in RFC
- Applications should use getaddrinfo instead.
* DNSSEC-related declarations and definitions have been removed from the <arpa/nameser.h> header file, and libresolv will no longer attempt to decode the data part of DNSSEC record types. Previous versions of glibc only implemented minimal support for the previous version of DNSSEC, which is incompatible with the currently deployed version.
* The resource record type classification macros ns_t_qt_p, ns_t_mrr_p, ns_t_rr_p, ns_t_udp_p, ns_t_xfr_p have been removed from the <arpa/nameser.h> header file because the distinction between RR types and meta-RR types is not officially standardized, subject to revision, and thus not suitable for encoding in a macro.
* The types res_sendhookact, res_send_qhook, re_send_rhook, and the qhook and rhook members of the res_state type in <resolv.h> have been removed. The glibc stub resolver did not support these hooks, but the header file did not reflect that.
* For multi-arch support it is recommended to use a GCC which has been built with support for GNU indirect functions. This ensures that correct debugging information is generated for functions selected by IFUNC resolvers. This support can either be enabled by configuring GCC with '–enable-gnu-indirect-function’, or by enabling it by default by setting ‘default_gnu_indirect_function’ variable for a particular architecture in the GCC source file 'gcc/config.gcc’.
* GDB pretty printers have been added for mutex and condition variable structures in POSIX Threads. When installed and loaded in gdb these pretty printers show various pthread variables in human-readable form when read using the ‘print’ or ‘display’ commands in gdb.
* Tunables feature added to allow tweaking of the runtime for an application program. This feature can be enabled with the ‘–enable-tunables’ configure flag. The GNU C Library manual has details on usage and README.tunables has instructions on adding new tunables to the library.
* A new version of condition variables functions have been implemented in the NPTL implementation of POSIX Threads to provide stronger ordering guarantees.
* A new version of pthread_rwlock functions have been implemented to use a more scalable algorithm primarily through not using a critical section anymore to make state changes.
Security related changes:
* On ARM EABI (32-bit), generating a backtrace for execution contexts which have been created with makecontext could fail to terminate due to a missing .cantunwind annotation. This has been observed to lead to a hang (denial of service) in some Go applications compiled with gccgo. Reported by Andreas Schwab. (CVE-2016-6323)
* The DNS stub resolver functions would crash due to a NULL pointer dereference when processing a query with a valid DNS question type which was used internally in the implementation. The stub resolver now uses a question type which is outside the range of valid question type values. (CVE-2015-5180)
Contributors
This release was made possible by the contributions of many people. The maintainers are grateful to everyone who has contributed changes or bug reports. These include:
Adhemerval Zanella Alan Modra Alexandre Oliva Andreas Schwab Andrew Senkevich Aurelien Jarno Brent W. Baccala Carlos O’Donell Chris Metcalf Chung-Lin Tang DJ Delorie David S. Miller Denis Kaganovich Dmitry V. Levin Ernestas Kulik Florian Weimer Gabriel F T Gomes Gabriel F. T. Gomes H.J. Lu Jakub Jelinek James Clarke James Greenhalgh Jim Meyering John David Anglin Joseph Myers Maciej W. Rozycki Mark Wielaard Martin Galvan Martin Pitt Mike Frysinger Märt Põder Nick Alcock Paul E. Murphy Paul Murphy Rajalakshmi Srinivasaraghavan Rasmus Villemoes Rical Jasan Richard Henderson Roland McGrath Samuel Thibault Siddhesh Poyarekar Stefan Liebler Steve Ellcey Svante Signell Szabolcs Nagy Tom Tromey Torvald Riegel Tulio Magno Quites Machado Filho Wilco Dijkstra Yury Norov Zack Weinberg
Index Nav:
[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:
[Date Prev] [Date Next]
[Thread Prev] [Thread Next]
Related news
Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Ja...