GNU C Library version 2.30 released with Unicode 12.1 support

glibc one of the more essential parts of any GNU/Linux distribution. There's no bash, no X, no KDE Plasma, no nothing without it. The new version of the GNU C Library fixes to security issues with assigned CVEs. There's also Minguo calendar support for Chinese Taipei and the Unicode entry for the new Japanese era added to the ja_JP locale which was added to Unicode 12.1.

Security Fixes

• CVE-2019-7309: x86-64 memcmp used signed Jcc instructions to check size. For x86-64, memcmp on an object size larger than SSIZE_MAX has undefined behavior. On x32, the size_t argument may be passed in the lower 32 bits of the 64-bit RDX register with non-zero upper 32 bits. When it happened with the sign bit of RDX register set, memcmp gave the wrong result since it treated the size argument as zero. Reported by H.J. Lu.
• CVE-2019-9169: Attempted case-insensitive regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read. Reported by Hongxu Chen.

Major new features

• Unicode 12.1.0 Support: Character encoding, character type info, and transliteration tables are all updated to Unicode 12.1.0, using generator scripts contributed by Mike FABIAN (Red Hat).
• The dynamic linker accepts the --preload argument to preload shared objects, in addition to the LD_PRELOAD environment variable.
• The twalk_r function has been added. It is similar to the existing twalk function, but it passes an additional caller-supplied argument to the callback function.
• On Linux, the getdents64, gettid, and tgkill functions have been added.
• Minguo (Republic of China) calendar support has been added as an alternative calendar for the following locales: zh_TW, cmn_TW, hak_TW, nan_TW, lzh_TW.
• The entry for the new Japanese era has been added for ja_JP locale.
• Memory allocation functions malloc, calloc, realloc, reallocarray, valloc, pvalloc, memalign, and posix_memalign fail now with total object size larger than PTRDIFF_MAX. This is to avoid potential undefined behavior with pointer subtraction within the allocated object, where results might overflow the ptrdiff_t type.
• The dynamic linker no longer refuses to load objects which reference versioned symbols whose implementation has moved to a different soname since the object has been linked. The old error message, symbol FUNCTION-NAME, version SYMBOL-VERSION not defined in file DSO-NAME with link time reference, is gone.
• Add new POSIX-proposed pthread_cond_clockwait, pthread_mutex_clocklock, pthread_rwlock_clockrdlock, pthread_rwlock_clockwrlock and sem_clockwait functions. These behave similarly to their "timed" equivalents, but also accept a clockid_t parameter to determine which clock their timeout should be measured against. All functions allow waiting against CLOCK_MONOTONIC and CLOCK_REALTIME. The decision of which clock to be used is made at the time of the wait (unlike with pthread_condattr_setclock, which requires the clock choice at initialization time).
• On AArch64 the GNU IFUNC resolver call ABI changed: old resolvers still work, new resolvers can use a second argument which can be extended in the future, currently it contains the AT_HWCAP2 value.
• Deprecated and removed features, and other changes affecting compatibility:
• The copy_file_range function fails with ENOSYS if the kernel does not support the system call of the same name. Previously, user space emulation was performed, but its behavior did not match the kernel behavior, which was deemed too confusing. Applications which use the copy_file_range function can no longer rely on glibc to provide a fallback on kernels that do not support the copy_file_range system call, and if this function returns ENOSYS, they will need to use their own fallback. Support for copy_file_range for most architectures was added in version 4.5 of the mainline Linux kernel.
• The functions clock_gettime, clock_getres, clock_settime, clock_getcpuclockid, clock_nanosleep were removed from the librt library for new applications (on architectures which had them). Instead, the definitions in libc will be used automatically, which have been available since glibc 2.17.
• The obsolete and never-implemented XSI STREAMS header files <stropts.h> and <sys/stropts.h> have been removed.
• Support for the "inet6" option in /etc/resolv.conf and the RES_USE_INET6 resolver flag (deprecated in glibc 2.25) have been removed.
• The obsolete RES_INSECURE1 and RES_INSECURE2 option flags for the DNS stub resolver have been removed from <resolv.h>.
• With --enable-bind-now, installed programs are now linked with the BIND_NOW flag.
• Support for the PowerPC SPE ISA extension (powerpc-*-*gnuspe* configurations) has been removed, following the deprecation of this subarchitecture in version 8 of GCC, and its removal in version 9.
• On 32-bit Arm, support for the port-based I/O emulation and the <sys/io.h> header have been removed.
• The Linux-specific <sys/sysctl.h> header and the sysctl function have been deprecated and will be removed from a future version of glibc. Application should directly access /proc instead. For obtaining random bits, the getentropy function can be used.
• Changes to build and runtime requirements:
• GCC 6.2 or later is required to build the GNU C Library. Older GCC versions and non-GNU compilers are still supported when compiling programs that use the GNU C Library.

The GNU C Library's website is at www.gnu.org/software/libc/. The new version can be acquired by visiting ftpmirror.gnu.org/libc/ which will redirect you to one of the many mirrors on the gnu mirror list.