glibc-2.40

[Xi Ruoyao]

New minor version.

It comes a week earlier than the previous schedule. Note that we'll get Binutils-2.43 and GCC-14.2 in late July as well, so maybe we can handle the trios altogether in the next update.

[Bruce Dubbs]

I was planning on doing the update of all new LFS packages on the 31st (9 days from now). Unless someone want to do some early testing, I don't see a need to advance that schedule.

[Xi Ruoyao]

Replying to Bruce Dubbs:

I was planning on doing the update of all new LFS packages on the 31st (9 days from now). Unless someone want to do some early testing, I don't see a need to advance that schedule.

GCC 14.2 will be released on 30th and Binutils-2.43 will be released on 28th, so the plan is enough to pick them up.

[Bruce Dubbs]

Version 2.40

Major new features:

• The <stdbit.h> header type-generic macros have been changed when using GCC 14.1 or later to use __builtin_stdc_bit_ceil etc. built-in functions in order to support unsigned __int128 and/or unsigned _BitInt(N) operands with arbitrary precisions when supported by the target.

• The GNU C Library now supports a feature test macro _ISOC23_SOURCE to enable features from the ISO C23 standard. Only some features from this standard are supported by the GNU C Library. The older name _ISOC2X_SOURCE is still supported. Features from C23 are also enabled by _GNU_SOURCE, or by compiling with the GCC options -std=c23, -std=gnu23, -std=c2x or -std=gnu2x.

• The following ISO C23 function families (introduced in TS 18661-4:2015) are now supported in <math.h>. Each family includes functions for float, double, long double, _FloatN and _FloatNx, and a type-generic macro in <tgmath.h>.

• Exponential functions: exp2m1, exp10m1.

• Logarithmic functions: log2p1, log10p1, logp1.

• A new tunable, glibc.rtld.enable_secure, can be used to run a program as if it were a setuid process. This is currently a testing tool to allow more extensive verification tests for AT_SECURE programs and not meant to be a security feature.

• On Linux, the epoll header was updated to include epoll ioctl definitions and the related structure added in Linux kernel 6.9.

• The fortify functionality has been significantly enhanced for building programs with clang against the GNU C Library.

• Many functions have been added to the vector library for aarch64:

acosh, asinh, atanh, cbrt, cosh, erf, erfc, hypot, pow, sinh, tanh

• On x86, memset can now use non-temporal stores to improve the performance of large writes. This behaviour is controlled by a new tunable x86_memset_non_temporal_threshold.

Deprecated and removed features, and other changes affecting compatibility:

• Architectures which use a 32-bit seconds-since-epoch field in struct lastlog, struct utmp, struct utmpx (such as i386, powerpc64le, rv32, rv64, x86-64) switched from a signed to an unsigned type for that field. This allows these fields to store timestamps beyond the year 2038, until the year 2106. Please note that applications are still expected to migrate off the interfaces declared in <utmp.h> and <utmpx.h> (except for login_tty) due to locking and session management problems.

• __rseq_size now denotes the size of the active rseq area (20 bytes initially), not the size of struct rseq (32 bytes initially).

Security related changes:

The following CVEs were fixed in this release, details of which can be found in the advisories directory of the release tarball:

GLIBC-SA-2024-0004:

ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961)

GLIBC-SA-2024-0005:

nscd: Stack-based buffer overflow in netgroup cache (CVE-2024-33599)

GLIBC-SA-2024-0006:

nscd: Null pointer crash after notfound response (CVE-2024-33600)

GLIBC-SA-2024-0007:

nscd: netgroup cache may terminate daemon on memory allocation failure (CVE-2024-33601)

GLIBC-SA-2024-0008:

nscd: netgroup cache assumes NSS callback uses in-buffer strings (CVE-2024-33602)

[Xi Ruoyao]

Binutils-2.43 is delayed to Aug 4 and there's a 2.42.90 pre-release if someone wants to test: ​https://sourceware.org/pipermail/binutils/2024-July/135853.html

[Joe Locash]

Replying to Xi Ruoyao:

Binutils-2.43 is delayed to Aug 4 and there's a 2.42.90 pre-release if someone wants to test: ​https://sourceware.org/pipermail/binutils/2024-July/135853.html

I did a test build of LFS and BLFS with binutils-2.43.50-f026d7063ec.tar.xz (20240725), gcc-14.2.0-RC-20240723.tar.xz, and linux-6.10.1 and didn't have any issues.

[Bruce Dubbs]

Thanks Joe.

[Bruce Dubbs]

Fixed at commit 44c33588fd.