Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 18 Apr 2012 19:13:28 -0700
From: Isaac Dunham <idunham@...abit.com>
To: musl@...ts.openwall.com
Subject: Re: musl 0.8.8 released; all users should upgrade or patch

On Wed, 18 Apr 2012 05:07:56 -0400
Rich Felker <dalias@...ifal.cx> wrote:

> Hi everyone,
> 
> I've released musl 0.8.8 including a fix for the buffer overflow issue
> discovered yesterday. Release summary:
> 
>     Fix for critical buffer overflow vulnerability in fprintf with
>     unbuffered files. Major math library correctness and performance
>     improvements, including x86 assembly. New floating point
>     parser/converter with correct rounding, new scanf that corrects
>     many corner-case errors, and new wcstod/f/ld (previously missing).
>     Various compatibility improvements and small bug fixes.
> 
>     http://www.etalabs.net/musl/releases/musl-0.8.8.tar.gz
> 
> With this release, musl seems to have complete interface-level
> coverage of ISO C99 and POSIX 2008. There are still some features
I forget what they were, but ISTR seeing one or two missing functions
in one of the headers I worked on.

> math, float parsing, and scanf code. I'd also like to get the
> in-progress _BSD_SOURCE feature test macro patchset finished and
> integrated. If all goes well, we might just have one or two more
> releases in this series before 0.9 begins.
What I'd had in mind was to have _BSD_SOURCE ready "before 0.9.0" (when
you were talking about having the license change).
I haven't made much progress on it lately, and have been going through
header by header (there are no patches I haven't sent left).  If anyone
wants to work on the other headers, they're welcome to do so.  A header
should take less than 3 hours to go over, from my experience.

> Just looked back at the list archives and my original goals for 1.0,
> and it seems we're nearly there, and already exceeding the goals in
> some areas like application compatibility. A big thanks goes out to
> everyone who's been testing and reporting the issues you run into
> building apps!

You're welcome, and thank you for developing musl!

Isaac Dunham

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.