Chapter 4. Compiler and Tools

Resolution for gcc compatibility issue with sockaddr_in

The default RHEL 6 compiler has rules about how to copy struct sockaddr_in that are substantially different to those used by later versions of gcc (E.g. the tools provided with Red Hat Developer Toolset). This caused corrupted sockaddr_in overlays when using newer compilers.
This update changes the way the unused portions of the sockaddr_in structure are defined. Now, newer versions of gcc will copy them correctly.
Note that -fno-strict-aliasing is still required for compiling such sources. (BZ#1338673)

Resolution for floating point exception error when measuring memory usage of processes that did not allocate memory

When running the memusage utility on programs that did not explicitly allocate any further memory, a floating point exception was encountered.
This update checks for zeroed internal statistics and will not divide by them, avoiding the exception. (BZ#1331304)

Improved behavior in getaddrinfo() when scanning interfaces after being passed an IP address

Versions of glibc prior to this one would scan every IP address on an interface referenced by a getaddrinfo() call, even if the hostname passed was itself a numeric IP address. On systems with large numbers of IP addresses configured on the interface, this caused the call to take an excessive amount of time.
With this update, the scan happens only when needed and the call returns quickly when passed a numeric IP address. (BZ#1270950)

Fix for handling any open file descriptors in the event of thread cancellation

The use of POSIX thread cancellation could cause glibc to improperly handle open file descriptors, particularly those held open when processing identity information.
To correct this and ensure that functions like getpwuid_r complete, even when the thread is being cancelled, the library calls have been changed to correctly handle open file descriptors in any call from the exec family of functions. (BZ#1012343)

Fix for tzdata-update inheriting an unusable umask

When updating /etc/localtime, tzdata-update applies the current process umask to determine the file permissions.
If the umask is a restrictive value, such as 077, the new /etc/localtime file may not be readable by non-root users. To resolve this, tzdata-update now sets the permissions to rw-r--r-- (0644) unconditionally. (BZ#1373646)

Resolution for getaddrinfo accessing uninitialised data

On systems with nscd enabled, the getaddrinfo function in glibc could access uninitialized data and return false address information.
This update avoids accessing uninitialized data and ensures that correct addresses are returned. (BZ#1223095)

The system default CA bundle has been set as default in the compiled-in default setting or configuration in mutt

Previously, when connecting to a new system via TLS/SSL, the mutt email client required the user to save the certificate. With this update, the system Certificate Authority (CA) bundle is set in mutt by default. As a result, mutt now connects via SSL/TLS to hosts with a valid certificate without prompting the user to approve or reject the certificate. (BZ#1196787)

Resolv::DNS no longer returns truncated DNS replies

The Ruby Resolv::DNS resolver silently returned truncated DNS replies when the DNS response did not fit into the hard-coded 512-byte limit. Consequently, numerous DNS records required upgrading of the DNS connection from User Datagram Protocol (UDP) to Transmission Control Protocol (TCP) to receive complete DNS replies. This affected, for example, Microsoft Active Directory domains where the Key Distribution Center (KDC) list contained a larger set of servers. With this update, if a UDP reply is truncated, Resolv::DNS retries using TCP, which is the correct behavior according to RFC 1123. As a result, complete DNS replies are returned. (BZ#1331086)

tcsh no longer becomes unresponsive when the .history file is located on a network file system

Previously, if the .history file was located on a network file system, such as NFS or Samba, the tcsh command language interpreter sometimes became unresponsive during the login process. With this update, the .history file is not locked if located on a network file system. As a result, tcsh no longer becomes unresponsive in the described situation.
Note that having multiple instances of tcsh running can cause the .history file to become corrupted. You can resolve this problem by enabling explicit file-locking mechanism. To do that, add the lock parameter to the savehist option in the tcsh configuration file. For example:
$ cat /etc/csh.cshrc
# csh configuration for all shell invocations.
set savehist = (1024 merge lock)
To force tcsh to use file-locking when .history is located on a network file system, the lock parameter must be the third parameter of the savehist option. Do this at your own risk, because Red Hat does not guarantee that using the lock parameter prevents tcsh from becoming unresponsive during the login process. (BZ#885901)

The LWP::UserAgent Perl module now correctly handles proxy settings for HTTPS requests

The LWP::UserAgent Perl module previously did not honor HTTPS proxy environment variables by default. The perl-libwww-perl package version 5.883-3 started using the IO::Socket::SSL module instead of the Net::SSL module for implementing TLS. Consequently, applications that rely on processing of the https_proxy environment variable in the Net:SSL module established connections directly to the HTTPS server instead of through the HTTPS proxy server.
With this update, the Net::SSL module's behavior has been added to the LWP::UserAgent module to ensure that the https_proxy and HTTPS_PROXY environment variables are honored if no env_proxy option has been passed to the LWP::UserAgent module's new() method. Additionally, proxy specifications without a URL schema are now recognized. As a result, applications using the Net::SSL module correctly work after switching to the IO::Socket::SSL cryptographic back end from the perl-libwww-perl package. (BZ#1400632)

The Frontier::Client Perl module no longer ignores proxy settings for HTTPS requests

When using the Frontier::Client Perl module to send an XML-RPC request to an HTTPS server through a proxy service, the proxy setting was previously ignored. Consequently, the request was sent directly to the HTTPS server and not through the proxy server. With this update, the Frontier::Client Perl module has been corrected to pass the proxy setting to an underlying LWP::UserAgent object for both HTTP and HTTPS schemata, and Frontier::Client now respects proxy setting also for HTTPS requests. (BZ#832390)

RPM verification no longer reports failures in the /var/account/pacct file

Previously, the RPM verification and compliance check reported failures, because the mode of the /var/account/pacct file was not set after installation. To fix this bug, the mode of /var/account/pacct is changed immediately after installation to 0600. As a result, the RPM verification check no longer reports failures in the /var/account/pacct, and the file is now accessible only by root. (BZ#1182317)

Output of jobs in tcsh is now correctly displayed to stdout

Previously, the output of the jobs built-in command was displayed to standard error instead of standard output. This bug has been fixed, and the output of jobs is now correctly displayed to stdout. (BZ#1338986)

Several regressions in the tcsh have been fixed

This update fixes several regressions in the tcsh command language interpreter:
  • When browsing command history using the Ctrl+P or Up Arrow keys, backslashes are now shown correctly.
  • A backslash now correctly escapes user-defined aliases; this fixes git-completion.
  • The output of the built-in time command is now correctly captured when used with the built-in setenv command. (BZ#1334751)

git shortlog no longer crashes due to using freed memory

Previously, when email address entries differed only in case, the .mailmap feature of the git shortlog command did not replace a duplicate email entry with a strdup pointer, and freed memory was referenced. Consequently, Git terminated unexpectedly due to using already freed memory. A patch has been applied, which ensures that memory is freed before these entries are replaced, and git shortlog correctly uses only allocated memory. (BZ#874659)

Perl interpreter no longer crashes when attempting to report Can't coerce HASH to string

When running an XML::LibXSLT Perl script in a mod_perl environment, the Perl interpreter could terminate unexpectedly with a segmentation fault while it tried to report the Can't coerce HASH to string runtime error. The code printing the error message has been modified to handle missing script line details correctly, and the Perl interpreter no longer crashes in this scenario. (BZ#1364206)

gdbserver now supports seamless debugging of processes from containers

Prior to this update, when GDB was executing inside a Super-Privileged Container (SPC) and attached to a process that was running in another container on Red Hat Enterprise Linux Atomic Host, GDB did not locate the binary images of the main executable or any shared libraries loaded by the process to be debugged.
As a consequence, GDB could have displayed error messages relating to files not being present, or being present but mismatched. Also, GDB may have seemed to attach correctly, but subsequent commands may have failed or displayed corrupted information.
In Red Hat Enterprise Linux 6.9, gdbserver has been extended for seamless support of debugging processes from containers. The Red Hat Enterprise Linux 6.9 version of gdbserver newly supports the qXfer:exec-file:read and vFile:setfs packets. However, the Red Hat Enterprise Linux 6.9 version of gdb cannot use these packets. The Red Hat Developer Toolset 4.1 (or later) version of gdb is recommended for use with containers and with Red Hat Enterprise Linux 6.9 gdbserver. The Red Hat Developer Toolset version of gdbserver can be used as well.
Red Hat Enterprise Linux 6.9 gdb can now suggest using gdbserver when run with the -p parameter (or the attach command) and when, at the same time, it detects that the process being attached is from a container. Red Hat Enterprise Linux 6.9 gdb now also suggests the explicit use of the file command to specify the location of the process executable in the container being debugged. The file command does not need to be entered when the Red Hat Developer Toolset version of gdb is being used instead.
With this update, Red Hat Enterprise Linux 6.9 gdbserver provides seamless debugging of processes from containers together with Red Hat Developer Toolset 4.1 (or later) gdb. Additionally, Red Hat Enterprise Linux 6.9 gdb guides the user through the debugging of processes from containers when Red Hat Developer Toolset gdb is not available. (BZ#1316539)