Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20210115045821.GI23432@brightrain.aerifal.cx>
Date: Thu, 14 Jan 2021 23:58:24 -0500
From: Rich Felker <dalias@...c.org>
To: musl@...ts.openwall.com
Subject: musl 1.2.2 release

The release adds the _Fork function from the upcoming edition of POSIX
and takes advantage of the interpretation dropping the
async-signal-safety requirement from fork to provide a consistent
execution environment (not restricted to calling only
async-signal-safe functions) after a multithreaded parent forks. This
solves deadlocks which would otherwise be effectively unfixable in
some language runtimes that expose fork as part of their contract with
applications, as well as various library and application software that
could and should be fixed, but hasn't been. A number of related issues
in synchronization between fork, abort, async IO, posix_spawn,
pthread_exit, and other components have been fixed as part of this
change.

The realpath function has been rewritten to do its own path traversal,
rather than depending on procfs magic symlink contents for O_PATH file
descriptors. This makes it work prior to mount of /proc and in
container or chroot environments where /proc contents may not
accurately reflect the pathname as visible to the calling process.

The C versions of the square root functions, used on archs without a
native FPU instruction for square root, have also been rewritten with
significant improvements to performance, especially on archs that lack
FPU entirely. This rewrite also fixes the lack of accurate sqrtl on
archs with quad-precision long double.

New functions added include the aforementioned _Fork, reallocarray
from OpenBSD, gettid along with SIGEV_THREAD_ID timer notification
support, and tcgetwinsize/tcsetwinsize from POSIX-future.

A buffer overflow (CVE-2020-28928) in wcsnrtombs has been fixed with
the function essentially rewritten. This function is not widely used
and the bug is not relevant to software that does not use it directly
(it's not used by other libc components), but it may be serious for
software that does. An assortment of lesser bugs have also been fixed.



https://musl.libc.org/releases/musl-1.2.2.tar.gz
https://musl.libc.org/releases/musl-1.2.2.tar.gz.asc



Special thanks to musl's release sponsors who have supported the
project financially over this release cycle via Patreon and GitHub
Sponsors at the $32/month level or higher:

* Andrew Kelley / ziglang
* David Sonder
* Drew DeVault
* Evan Phoenix
* Hurricane Labs (hurricanelabs.com)
* Jered Sutton
* Jeremiah Gowdy
* Jonathan Barronville
* Jonny
* Julien Voisin
* Justin Cormack
* Laurent Bercot
* Les Aker
* The Midipix Project (midipix.org)
* Michael Forney
* Mirza Prasovic
* Nathan Hoad
* Neal Gompa
* Noel Cower

For information on becoming a sponsor, visit one of:

https://github.com/sponsors/richfelker
https://patreon.com/musl

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.