Resolves: RHEL-45522
Fedora 40 commit: 9404e14f4d
Upstream commit: 4bdcc1963bc2b5ba5f8e319e402d9eb2cb6096c1
Fedora 40 changes:
- Backport /etc/resolv.conf enhancements to thelp with RHEL-18039 testing
Related: RHEL-50663
- Support --without testsuite builds without perl installed (#2292195)
- Use release instead of baserelease for glibc32 conflict
- Add Conflicts:/Obsoletes: for glibc32 to glibc.i686
- ppc64le: Build early startup code with -mcpu=power8
Resolves: RHEL-43456
- Move ANSI_X3.110-1983 support from main package to glibc-gconv-extra.
Resolves: RHEL-41206
Upstream changes:
- manual: make setrlimit() description less ambiguous
- manual/stdio: Clarify putc and putwc
- malloc: add multi-threaded tests for aligned_alloc/calloc/malloc
- malloc: avoid global locks in tst-aligned_alloc-lib.c
- resolv: Track single-request fallback via _res._flags (bug 31476)
- resolv: Do not wait for non-existing second DNS response after error (bug 30081)
- resolv: Allow short error responses to match any query (bug 31890)
Resolves: RHEL-50663
- elf: Fix localplt.awk for DT_RELR-enabled builds (BZ 31978)
- Fix usage of _STACK_GROWS_DOWN and _STACK_GROWS_UP defines [BZ 31989]
- Linux: Make __rseq_size useful for feature detection (bug 31965)
- elf: Make dl-rseq-symbols Linux only
- nptl: fix potential merge of __rseq_* relro symbols
- s390x: Fix segfault in wcsncmp [BZ #31934]
Resolves: RHEL-49488
- stdlib: fix arc4random fallback to /dev/urandom (BZ 31612)
- math: Provide missing math symbols on libc.a (BZ 31781)
- math: Fix isnanf128 static build (BZ 31774)
- math: Fix i386 and m68k exp10 on static build (BZ 31775)
- math: Fix i386 and m68k fmod/fmodf on static build (BZ 31488)
- posix: Fix pidfd_spawn/pidfd_spawnp leak if execve fails (BZ 31695)
Upstream commit: 4bdcc1963bc2b5ba5f8e319e402d9eb2cb6096c1
- manual: make setrlimit() description less ambiguous
- manual/stdio: Clarify putc and putwc
- malloc: add multi-threaded tests for aligned_alloc/calloc/malloc
- malloc: avoid global locks in tst-aligned_alloc-lib.c
- resolv: Track single-request fallback via _res._flags (bug 31476)
- resolv: Do not wait for non-existing second DNS response after error (bug 30081)
- resolv: Allow short error responses to match any query (bug 31890)
- elf: Fix localplt.awk for DT_RELR-enabled builds (BZ 31978)
- Fix usage of _STACK_GROWS_DOWN and _STACK_GROWS_UP defines [BZ 31989]
- Linux: Make __rseq_size useful for feature detection (bug 31965)
- elf: Make dl-rseq-symbols Linux only
- nptl: fix potential merge of __rseq_* relro symbols
- s390x: Fix segfault in wcsncmp [BZ #31934]
- stdlib: fix arc4random fallback to /dev/urandom (BZ 31612)
- math: Provide missing math symbols on libc.a (BZ 31781)
- math: Fix isnanf128 static build (BZ 31774)
- math: Fix i386 and m68k exp10 on static build (BZ 31775)
- math: Fix i386 and m68k fmod/fmodf on static build (BZ 31488)
- posix: Fix pidfd_spawn/pidfd_spawnp leak if execve fails (BZ 31695)
Backport upstream commits to support installing /usr/bin/mtrace
without Perl in the buildroot. Add an explicit dependency on
/usr/bin/perl to glibc-utils because it's no longer generated
automatically.
This is necessary because %{baserelease} < %{release}, so the
previous Obsoletes: clause did not match an installed glibc32
package from the same build.
(cherry picked from commit add3da24f037a9d934eaeb9a6c246a45d3a716cc)
Fedora commit: ed89a91b42
Upstream commit: 7f9f25f255ee2c00178779fbce502f4b94b848b9
- Linux: Include <dl-symbol-redir-ifunc.h> in dl-sysdep.c
- x86: Properly set x86 minimum ISA level [BZ #31883]
- x86: Properly set MINIMUM_X86_ISA_LEVEL for i386 [BZ #31867]
- localedata: ssy_ER: Fix syntax error
- malloc: New test to check malloc alternate path using memory obstruction
- malloc: Improve aligned_alloc and calloc test coverage.
- malloc/Makefile: Split and sort tests
- x86/cet: fix shadow stack test scripts
Resolves: RHEL-43307
Resolves: RHEL-43456
Upstream commit: 7f9f25f255ee2c00178779fbce502f4b94b848b9
- Linux: Include <dl-symbol-redir-ifunc.h> in dl-sysdep.c
- x86: Properly set x86 minimum ISA level [BZ #31883]
- x86: Properly set MINIMUM_X86_ISA_LEVEL for i386 [BZ #31867]
- localedata: ssy_ER: Fix syntax error
- malloc: New test to check malloc alternate path using memory obstruction
- malloc: Improve aligned_alloc and calloc test coverage.
- malloc/Makefile: Split and sort tests
- x86/cet: fix shadow stack test scripts
libc_malloc_debug.so.0 and libmemusage.so are memory tracing libraries
and therefore should not be installed by default. Since they need to
be preloaded in order to use memory tracing tools in glibc-utils, they
belong alongside them.
On x86_64, glibc-utils will now only contain the 64-bit version of these
libraries but still need the 32-bit version (in order to support tracing
i686 applications). Therefore, on i686 the libraries remain in the main
glibc package.
rawhide commits:
* 2d5af83031edfa8191254814609961e4e57766fc
* e9d072eb64a251e09a121122941605f4a22d170a
Resolves: RHEL-2283
Related: RHEL-35602
Fedora 40 commit: 2c1b0f092c
Upstream commit: 97bb89668d7171164975f3dc895e38343a2f3a95
- Force DT_RPATH for --enable-hardcoded-path-in-tests
- elf: Only process multiple tunable once (BZ 31686)
- Add a test to check for duplicate definitions in the static library
- i686: Fix multiple definitions of __memmove_chk and __memset_chk
- i586: Fix multiple definitions of __memcpy_chk and __mempcpy_chk
- time: Allow later version licensing.
- nscd: Use time_t for return type of addgetnetgrentX
- login: structs utmp, utmpx, lastlog _TIME_BITS independence (bug 30701)
- login: Check default sizes of structs utmp, utmpx, lastlog
Related: RHEL-35602
Fedora 40 commit: b3097fa24a
This supports multiple ld.so files in a cleaner way. Also
forward-port multiple libc.so.6 file handling in
wrap-find-debuginfo.sh from downstream. This also incorporates
the “nm --format=posix“ change from #2115831 downstream.
Related: RHEL-35602
Fedora 40 commit: 4ccb7475fc
Upstream commit: fd658f026f25cf59e8db243bc3b3e09cd5a20ba0
nscd is currently not build, so the security fixes below
are not relevant.
- elf: Also compile dl-misc.os with $(rtld-early-cflags)
- CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX (bug 31680)
- CVE-2024-33600: nscd: Avoid null pointer crashes after notfound response (bug 31678)
- CVE-2024-33600: nscd: Do not send missing not-found response in addgetnetgrentX (bug 31678)
- CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bug 31677)
- x86: Define MINIMUM_X86_ISA_LEVEL in config.h [BZ #31676]
Related: RHEL-31738
- i386: ulp update for SSE2 --disable-multi-arch configurations
- nptl: Fix tst-cancel30 on kernels without ppoll_time64 support
Related: RHEL-35602
Fedora 40 commit: 94914be52f
Upstream commit: 31da30f23cddd36db29d5b6a1c7619361b271fb4
- iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961)
Resolves: RHEL-31801
- x86_64: Exclude SSE, AVX and FMA4 variants in libm multiarch
- Apply the Makefile sorting fix
- powerpc: Fix ld.so address determination for PCREL mode (bug 31640)
- x86-64: Simplify minimum ISA check ifdef conditional with if
- x86-64: Don't use SSE resolvers for ISA level 3 or above
- AArch64: Check kernel version for SVE ifuncs
- aarch64: fix check for SVE support in assembler
- aarch64/fpu: Sync libmvec routines from 2.39 and before with AOR
- i386: Use generic memrchr in libc (bug 31316)
Related: RHEL-35602
Fedora 40 commit: 1bea1361dc
Upstream commit: 6ade91c21140d8c803c289932dbfc74537f65a1f
- elf: Avoid some free (NULL) calls in _dl_update_slotinfo
- misc: Add support for Linux uio.h RWF_NOAPPEND flag
- i386: Disable Intel Xeon Phi tests for GCC 15 and above (BZ 31782)
- Reinstate generic features-time64.h
- Always define __USE_TIME_BITS64 when 64 bit time_t is used
- socket: Use may_alias on sockaddr structs (bug 19622)
- parse_fdinfo: Don't advance pointer twice [BZ #31798]
- LoongArch: Fix undefined `__memset_aligned` reference in ld.so linking.
- socket: Add new test for connect
- libsupport: Add xgetpeername
- x86_64: Fix missing wcsncat function definition without multiarch (x86-64-v4)
libc_malloc_debug.so.0 and libmemusage.so are memory tracing libraries
and therefore should not be installed by default. Since they need to
be preloaded in order to use memory tracing tools in glibc-utils, they
belong alongside them.
On x86_64, glibc-utils will now only contain the 64-bit version of these
libraries but still need the 32-bit version (in order to support tracing
i686 applications). Therefore, on i686 the libraries remain in the main
glibc package.
rawhide commits:
* 2d5af83031edfa8191254814609961e4e57766fc
* e9d072eb64a251e09a121122941605f4a22d170a
Upstream commit: 97bb89668d7171164975f3dc895e38343a2f3a95
- Force DT_RPATH for --enable-hardcoded-path-in-tests
- elf: Only process multiple tunable once (BZ 31686)
- Add a test to check for duplicate definitions in the static library
- i686: Fix multiple definitions of __memmove_chk and __memset_chk
- i586: Fix multiple definitions of __memcpy_chk and __mempcpy_chk
- time: Allow later version licensing.
- nscd: Use time_t for return type of addgetnetgrentX
- login: structs utmp, utmpx, lastlog _TIME_BITS independence (bug 30701)
- login: Check default sizes of structs utmp, utmpx, lastlog
This supports multiple ld.so files in a cleaner way. Also
forward-port multiple libc.so.6 file handling in
wrap-find-debuginfo.sh from downstream. This also incorporates
the “nm --format=posix“ change from #2115831 downstream.
Co-authored-by: Tulio Magno Quites Machado Filho <tuliom@redhat.com>
(cherry picked from commit 7749ea58a9e2198f830d6eb8b162344aaf8acb84)
Upstream commit: fd658f026f25cf59e8db243bc3b3e09cd5a20ba0
nscd is currently not build, so the security fixes below
are not relevant.
- elf: Also compile dl-misc.os with $(rtld-early-cflags)
- CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX (bug 31680)
- CVE-2024-33600: nscd: Avoid null pointer crashes after notfound response (bug 31678)
- CVE-2024-33600: nscd: Do not send missing not-found response in addgetnetgrentX (bug 31678)
- CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bug 31677)
- x86: Define MINIMUM_X86_ISA_LEVEL in config.h [BZ #31676]
- i386: ulp update for SSE2 --disable-multi-arch configurations
- nptl: Fix tst-cancel30 on kernels without ppoll_time64 support
Upstream commit: 31da30f23cddd36db29d5b6a1c7619361b271fb4
- iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961)
- x86_64: Exclude SSE, AVX and FMA4 variants in libm multiarch
- Apply the Makefile sorting fix
- powerpc: Fix ld.so address determination for PCREL mode (bug 31640)
- x86-64: Simplify minimum ISA check ifdef conditional with if
- x86-64: Don't use SSE resolvers for ISA level 3 or above
- AArch64: Check kernel version for SVE ifuncs
- aarch64: fix check for SVE support in assembler
- aarch64/fpu: Sync libmvec routines from 2.39 and before with AOR
- i386: Use generic memrchr in libc (bug 31316)
Upstream commit: 5d070d12b3a52bc44dd1b71743abc4b6243862ae
Related: RHEL-25850
- x86: Expand the comment on when REP STOSB is used on memset
- x86: Do not prefer ERMS for memset on Zen3+
- x86: Fix Zen3/Zen4 ERMS selection (BZ 30994)
Resolves: RHEL-25530
- Add tst-gnu2-tls2mod1 to test-internal-extras
- elf: Enable TLS descriptor tests on aarch64
- arm: Update _dl_tlsdesc_dynamic to preserve caller-saved registers (BZ 31372)
- Ignore undefined symbols for -mtls-dialect=gnu2
- x86-64: Allocate state buffer space for RDI, RSI and RBX
- x86-64: Update _dl_tlsdesc_dynamic to preserve AMX registers
- x86: Update _dl_tlsdesc_dynamic to preserve caller-saved registers
Resolves: RHEL-29179
- x86-64: Save APX registers in ld.so trampoline
Resolves: RHEL-25045
- LoongArch: Correct {__ieee754, _}_scalb -> {__ieee754, _}_scalbf
- powerpc: Placeholder and infrastructure/build support to add Power11 related changes.
- powerpc: Add HWCAP3/HWCAP4 data to TCB for Power Architecture.
Resolves: RHEL-24761
Fedora 40 commit: 24af28d49b
GCC for x86_64 includes 32-bit multilib support, requiring a 32-bit
glibc to be present when GCC is built. That 32-bit glibc cannot come
from an i686 RPM because of limitations in Koji, so there is a hack
including a glibc32 "source" package that actually contains binaries
from an i686 build (and thus needs additional manual update steps).
Set up glibc.spec to build a glibc32 binary package directly when
building for x86_64, so avoiding the need for the separate glibc32
source package. Do not generate ELF dependencies for glibc32 to avoid
accidentally having it chosen over glibc.686.
The list of files in the glibc32 package has been compared to that in
the previous package (the gnu/lib-names-32.h header is added, as its
previous omission appears to be a bug). And the lists of files in the
other packages built from glibc.spec have also been compared before
and after this change, to make sure there aren't inappropriate changes
to those lists.
Resolves: RHEL-29228
Related: RHEL-25850
Fedora 40 commits: fc720e61941470fe1da7
This commit (a) expands on and corrects some errors in the long
comment describing various licenses used in glibc preceding the
License field; and (b) migrates the License field to SPDX identifiers
based on an analysis of glibc-2.39 sources done using the ScanCode
toolkit.
Resolves: RHEL-25850
Fedora 40 commit: aa075b2434
Upstream commit: 5d070d12b3a52bc44dd1b71743abc4b6243862ae
- x86: Expand the comment on when REP STOSB is used on memset
- x86: Do not prefer ERMS for memset on Zen3+
- x86: Fix Zen3/Zen4 ERMS selection (BZ 30994)
- Add tst-gnu2-tls2mod1 to test-internal-extras
- elf: Enable TLS descriptor tests on aarch64
- arm: Update _dl_tlsdesc_dynamic to preserve caller-saved registers (BZ 31372)
- Ignore undefined symbols for -mtls-dialect=gnu2
- x86-64: Allocate state buffer space for RDI, RSI and RBX
- x86-64: Update _dl_tlsdesc_dynamic to preserve AMX registers
- x86: Update _dl_tlsdesc_dynamic to preserve caller-saved registers
- x86-64: Save APX registers in ld.so trampoline
- LoongArch: Correct {__ieee754, _}_scalb -> {__ieee754, _}_scalbf
- powerpc: Placeholder and infrastructure/build support to add Power11 related changes.
- powerpc: Add HWCAP3/HWCAP4 data to TCB for Power Architecture.
GCC for x86_64 includes 32-bit multilib support, requiring a 32-bit
glibc to be present when GCC is built. That 32-bit glibc cannot come
from an i686 RPM because of limitations in Koji, so there is a hack
including a glibc32 "source" package that actually contains binaries
from an i686 build (and thus needs additional manual update steps).
Set up glibc.spec to build a glibc32 binary package directly when
building for x86_64, so avoiding the need for the separate glibc32
source package. This improvement is tracked in
<https://fedoraproject.org/wiki/Changes/glibc32_Build_Adjustments> and
<https://bugzilla.redhat.com/show_bug.cgi?id=1598524>.
The list of files in the glibc32 package has been compared to that in
the previous package (the gnu/lib-names-32.h header is added, as its
previous omission appears to be a bug). And the lists of files in the
other packages built from glibc.spec have also been compared before
and after this change, to make sure there aren't inappropriate changes
to those lists.
(cherry picked from commit e025effd84d415d98dcebbc97cdf03e6e44465b8)
