Bayan watanni shida na ci gaba An sanar da sakin sabon sigar Glibc 2.35 wanda ya haɗa da gyarawa daga masu haɓakawa 66 kuma daga cikin ci gaban da aka aiwatar za mu iya samun cewa an ƙara goyon bayan wurin "C.UTF-8", wanda ya haɗa da haɗin kai ga duk lambobin Unicode, amma an iyakance ga amfani da jeri na ASCII a cikin fnmatch, regexec da ayyukan regcomp don adanawa. sarari.
Yankin yana kusan 400 KB, wanda 346 KB shine bayanan LC_CTYPE don Unicode, kuma dole ne a shigar dashi daban (ba a gina shi cikin Glibc ba). An sabunta bayanan ɓoye, bayanin nau'in hali, da teburan tarjama don tallafawa ƙayyadaddun Unicode 14.0.0.
Wani canjin da yayi fice shine Y aiwatar da ayyuka da macros waɗanda ke zagaye sakamakon zuwa nau'in kunkuntar, Baya ga aiwatar da ayyuka da macros don nemo mafi ƙanƙanta da matsakaicin lambobi masu iyo nau'ikan iyo, dogayen ninki biyu, _FloatN da _FloatNx, wanda aka bayyana a cikin ƙayyadaddun IEEE 754-2019.
don ayyuka exp10, ana ƙara macro masu dacewa a cikin fayil ɗin taken, waɗanda ba a ɗaure su da takamaiman nau'ikan ba, tare da ƙara _PRINTF_NAN_LEN_MAX macro zuwa ga , wanda aka gabatar a cikin daftarin ma'aunin ISO C2X.
Tsarin haɗin kai mai ƙarfi yana aiwatar da sabon rarrabuwa algorithm DSO ta amfani da bincike mai zurfi (DFS) don magance al'amurran da suka shafi aiki lokacin da ake sarrafa abubuwan dogaro da madauki. Don zaɓar nau'in Algorithm na DSO, ana ba da shawarar siga glibc.rtld.dynamic_sort, wanda za'a iya saita shi zuwa "1" don komawa zuwa algorithm na baya.
Bayan shi ƙarin tallafi don sabon aiki '__memcmpeq' zuwa ABI, wanda masu tarawa ke amfani da shi don inganta amfani da 'memcmp' lokacin da aka yi amfani da ƙimar dawowar wannan aikin kawai don duba yanayin kammala aiki.
Da goyan bayan rijistar zaren atomatik ta amfani da tsarin kiran tsarin rseq (sake farawa) da aka bayar tun Linux kernel 4.18. Kira tsarin rseq yana ba da damar tsara ci gaba da aiwatar da ƙungiyar umarni wanda ba a katsewa kuma ya aikata sakamakon tare da sanarwa ta ƙarshe a cikin rukuni. Mahimmanci, yana ba da wurin aiwatar da ayyukan atomic cikin sauri wanda, idan wani zaren ya katse, ana tsaftacewa kuma ana sake gwadawa.
A daya bangaren kuma, yana bayarwa tsoho tari na duk fayilolin aiwatarwa na ginanniyar shirye-shiryen da ɗakin gwaji a cikin yanayin PIE (matsayi mai cin gashin kansa).
Don kashe wannan hali, an bayar da zaɓin “–disable-default-pie”, da na Linux, ya ƙara saitin glibc.malloc.hugetlb don canza aiwatar da malloc don amfani da tsarin mahaukacin kira tare da tutar MADV_HUGEPAGE don mmap da sbrk, ko amfani da manyan shafukan ƙwaƙwalwar ajiya kai tsaye ta hanyar tantance tutar MAP_HUGETLB a cikin kiran mmap.
A cikin shari'ar farko, ana iya samun haɓakar aiki ta amfani da manyan Shafuna masu kama da gaskiya a cikin yanayin hauka, kuma a cikin yanayi na biyu, zaku iya amfani da manyan shafuka masu tanadin tsarin (Manyan Shafukan).
Hakanan ya kamata a lura cewa an gyara wasu lahani a cikin wannan sabon sigar:
- CVE-2022-23218, CVE-2022-23219: A buffer ambaliya a cikin svcunix_create da clnt_create ayyuka lalacewa ta hanyar kwafin abinda ke ciki na sigar sunan fayil akan tari ba tare da duba girman bayanan da aka kwafi ba. Don aikace-aikacen da aka gina ba tare da kariyar tari ba da kuma amfani da ƙa'idar "unix", rashin lahani na iya haifar da mummunan kisa lokacin sarrafa sunayen fayiloli masu tsayi.
- BAKU-2021-3998: lahani a cikin ainihin hanyar () aikin da ya haifar ta hanyar dawo da ƙimar da ba daidai ba a ƙarƙashin wasu sharuɗɗan da ke ɗauke da bayanan da ba su da tsabta daga tari. Don shirin SUID-tushen fusermount, ana iya amfani da raunin don samun bayanai masu mahimmanci daga ƙwaƙwalwar aiki, misali, don samun bayanan mai nuni.
- BAKU-2021-3999: byte buffer guda ɗaya ya mamaye aikin getcwd(). Matsalar ta samo asali ne ta hanyar kwaro da ta kasance tun 1995. Don kiran ambaliya, a cikin wani wuri daban na sunan wurin dutse, kawai a kira chdir() akan directory "/".
Finalmente Idan kuna da sha'awar sanin game da shi, zaka iya bincika bayanan a cikin bin hanyar haɗi.