lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <2013849140.21031.1654286948952.JavaMail.zimbra@efficios.com>
Date:   Fri, 3 Jun 2022 16:09:08 -0400 (EDT)
From:   Mathieu Desnoyers <mathieu.desnoyers@...icios.com>
To:     Diamon discuss <diamon-discuss@...ts.linuxfoundation.org>,
        lttng-dev <lttng-dev@...ts.lttng.org>,
        linux-trace-users <linux-trace-users@...r.kernel.org>,
        linux-kernel <linux-kernel@...r.kernel.org>
Subject: [RELEASE] LTTng-UST 2.13.3 and 2.12.5 (Linux user-space tracer)

Hi,

This is a stable release announcement for the LTTng-UST project. LTTng-UST
is a tracer for Linux user-space applications. The respective versions are
2.13.3 and 2.12.5.

Those are bug fix releases correcting a few issues in both stable branches,
namely by removing use of non-async-signal-safe functions in the ERR()
error-printing macros, and fixing a use-after-free memory read in a list
traversal within the statedump code.

Specifically in 2.13.3, the bytecode interpreter in LTTng-UST left the
context fields byte order uninitialized, thus leading to bogus context field
values in the event notification capture feature. Fix this by initializing
the byte order.

Also specifically in 2.13.3, a too-strict validation of array/sequence field
types is relaxed to allow pointer types to be used as integer values. This
was allowed prior to 2.13, and this too-strict validation was therefore an
instrumentation API regression.

Detailed Changelog:

2022-06-03 (National Repeat Day) (National Repeat Day) lttng-ust 2.13.3
        * Document ust lock async-signal-safety
        * Fix: don't use strerror() from ust lock nocheck
        * Fix: remove non-async-signal-safe fflush from ERR()
        * Fix: Pointers are rejected by integer element compile time assertion for array and sequence
        * Fix: statedump: invalid read during iter_end
        * Fix: bytecode interpreter context_get_index() leaves byte order uninitialized

2022-06-03 (National Repeat Day) (National Repeat Day) lttng-ust 2.12.5
        * Document ust lock async-signal-safety
        * Fix: don't use strerror() from ust lock nocheck
        * Fix: remove non-async-signal-safe fflush from ERR()
        * Fix: statedump: invalid read during iter_end
        * Fix: bytecode interpreter context_get_index() leaves byte order uninitialized

Thanks,

Mathieu

Project website: https://lttng.org
Documentation: https://lttng.org/docs
Download link: https://lttng.org/download

-- 
Mathieu Desnoyers
EfficiOS Inc.
http://www.efficios.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ