Date: Tue, 3 Dec 2013 23:35:54 -0500 From: Rich Felker <dalias@...ifal.cx> To: musl@...ts.openwall.com Subject: Re: draft release notes for 0.9.15 On Wed, Dec 04, 2013 at 03:42:06AM +0100, Szabolcs Nagy wrote: > * Rich Felker <dalias@...ifal.cx> [2013-12-03 20:33:20 -0500]: > > See draft below. Comments welcome, especially on what's the most > > important to go in the short release blurb since there's so much.. > > my list would be: > > new features: > v4 and v6 nameserver in resolv.conf > multicast structures in netinet/in.h > shadow password api > libc.so can print musl version info > > bug fixes: > mbsrtowcs buffer overflow > group file handling > execle environ passing > setenv crash > timezone > ip address parsing > faccessat > fnmatch > fd leaks That's a big list. Of these, I think setenv is probably not worth mentioning. It's rare (and probably buggy) to be calling setenv many times; most sane usage just calls it a finite number of times at startup, where memory exhaustion is really unlikely. Based on this, here's a proposed draft blurb: Major bug fixes include a buffer overflow in mbsrtowcs, various group file handling errors, failure of execle to pass on the new environment, and timezone-parsing crashes on 64-bit systems. Also fixed are several file descriptor leak (close-on-exec) issues, handling of invalid IP address strings, several fnmatch corner cases possibly leading to out-of-bound access, and failure of faccessat with the AT_EACCESS flag. This release also adds support for mixing IPv4 and v6 nameservers in resolv.conf, expanded shadow password API, IPv6 multicast structures, and the ability for libc.so to report the version installed. That might still need to be trimmed down a bit to freecode's (formerly freshmeat) release blurb limit but it works for all our other uses. Rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.