Chapter 7. Compiler and Tools

pcp rebased to version 3.11.8

The Performance Co-Pilot application (PCP) has been upgraded to upstream version 3.11.81, which provides a number of bug fixes and enhancements over the previous version. Notable enhancements include:
  • A new client tool pcp2influxdb has been added to allow export of performance metric values to the influxdb database.
  • New client tools pcp-mpstat and pcp-pidstat have been added to allow retrospective analysis of mpstat and pidstat values.
  • New performance metrics have been added for device mapper, Ceph devices, cpusched cgroups, per-processor soft IRQs, buddyinfo, zoneinfo, shared memory, libvirt, same-page-sharing, lio, Redis, and Docker.
  • Additional performance metrics from several subsystems are now available for a variety of PCP analysis tools. (BZ#1423020)

systemtap rebased to version 3.1

The systemtap package has been upgraded to upstream version 3.1, which provides a number of bug fixes and enhancements over the previous version. Notable changes include:
  • The probes for system calls no longer default to being based on debuginfo information.
  • Support for probing Python functions has been added.
  • Access to Java function parameters has been made more uniform.
  • The performance of statistical aggregate variables has been improved.
  • A new statistics operator @variance has been added.
  • More options for fetching and setting user-space values have been added.
  • NFS monitoring has been improved with sample
scripts and tapset compatibility fixes. (BZ#1398393, BZ#1416204, BZ#1433391)

valgrind rebased to version 3.12

The valgrind package has been upgraded to upstream version 3.12, which provides a number of bug fixes and enhancements over the previous version. Notable changes include:
  • A new option --ignore-range-below-sp has been added to the memcheck tool to ignore memory accesses below the stack pointer. This is a generic replacement for the now deprecated option --workaround-gcc296-bugs=yes.
  • The maximum number of callers in a suppression entry generated by the --gen-suppressions=yes option is now equal to the value given by the --num-callers option.
  • The cost of instrumenting code blocks for the most common use case, the memcheck tool on the AMD64 and Intel 64 architectures, has been reduced.
  • Performance has been improved for debugging programs which discard a lot of instruction address ranges of 8KB or less.
  • Support for IBM Power 9 (ISA 3.0) architecture has been added.
  • Partial support for AMD FMA4 instructions has been added.
  • Support for cryptographic and CRC instructions on the 64-bit ARM architecture version 8 has been added. (BZ#1391217)

New package: unitsofmeasurement

The unitsofmeasurement package enables expressing units of measurement in Java code. With the new API for units of measurement, handling of physical quantities is easier and less error-prone. The package's API is efficient in use of memory and resources. (BZ#1422263)

SSL/TLS certificate verification for HTTP clients is now enabled by default in the Python standard library

The default global setting for HTTP clients has been changed in the Python standard library to verify SSL/TLS certificates by default. Customers using the file-based configuration are not affected. For details, see https://access.redhat.com/articles/2039753. (BZ#1219110)

Support for %gemspec_add_dep and %gemspec_remove_dep has been added

This update adds support for the %gemspec_add_dep and %gemspec_remove_dep macros. These macros allow easier adjustment of rubygem-* package dependencies. In addition, all current macros have been extended to improve support for pre-release version of packages. (BZ#1397390)

ipmitool rebased to version 1.8.18

The ipmitool package has been upgraded to upstream version 1.8.18, which provides a number of bug fixes and enhancements over the previous version. Notable changes include:
  • The PEF user interface has been redesigned
  • A new subcommand lan6 has been added for IP version 6 local area network parameters
  • Support for VITA-specific sensor types and events has been added
  • Support for HMAC_MD5 and HMAC_SHA256 encryption has been added
  • Support for checking PICMG extension 5.x has been added
  • Support for USB medium as a new communication interface has been added
  • The USB driver has been enabled by default for GNU Linux systems (BZ#1398658)

lshw updated for the little-endian variant of IBM Power

The lshw packages, which provide detailed information on the hardware configuration of a machine, have been updated for the little-endian variant of IBM Power System. (BZ#1368704)

perf now supports uncore events on Intel Xeon v5

With this update, Performance analysis tool for Linux (perf) has been updated to support uncore events on Intel Xeon v5 server CPU. These events provide additional performance monitoring information for advanced users. (BZ#1355919)

dmidecode updated

The dmidecode package has been updated to a later version, which provides several bug fixes and hardware enablement improvements. (BZ#1385884)

iSCSI now supports configuring the ALUA operation by using targetcli

With multiple paths from the initiator to a target, you can use Asymmetric Logical Unit Assignment (ALUA) to configure preferences for how to use the paths in a non-uniform, preferential way. The Linux-IO (LIO) kernel target has always supported this feature. With this update, you can use the targetcli command shell to configure the ALUA operation. (BZ#1243410)

jansson rebased to version 2.10

The jansson library has been updated to version 2.10, which provides several bug fixes and enhancements over the previous version. Notably, interfaces have been added to support the clevis, tang and jose applications. (BZ#1389805)

A new compatibility environmental variable for egrep and fgrep

In an earlier grep rebase, the egrep and fgrep commands were replaced by grep -E and grep -F respectively. This change could affect customer scripts because only grep was shown in the outupt of the ps command. To prevent such problems, this update introduces a new compatibility environmental variable: GREP_LEGACY_EGREP_FGREP_PS. To preserve showing egrep and fgrep in ps output, set the variable to 1:
GREP_LEGACY_EGREP_FGREP_PS=1
(BZ#1297441)

lastcomm now supports the --pid option

The lastcomm command now supports the --pid option. This option shows the process ID (PID) and parent-process ID (PPID) for each record if supported by the kernel. (BZ#1255183)

New package: perl-Perl4-CoreLibs

A new perl-Perl4-CoreLibs package is now available in the Base channel of Red Hat Enterprise Linux 7. This package contains libraries that were previously available in Perl 4 but were removed from Perl 5.16, which is distributed with Red Hat Enterprise Linux 7. In the previous release, these libraries were provided in a Perl subpackage through the Optional channel. (BZ#1366724)

tar now follows symlinks to directories when extracting from the archive

This update adds the --keep-directory-symlink option to the tar command. This option changes the behavior of tar when it encounters a symlink with the same name as the directory that it is about to extract. By default, tar would first remove the symlink and then proceed extracting the directory. The --keep-directory-symlink option disables this behavior and instructs tar to follow symlinks to directories when extracting from the archive. (BZ#1350640)

The IO::Socket::SSL Perl module now supports restricting of TLS version

The Net:SSLeay Perl module has been updated to support explicit specification of the TLS protocol versions 1.1 or 1.2 to improve security, and the IO::Socket::SSL module has been updated accordingly. When a new IO::Socket::SSL object is created, it is now possible to restrict the TLS version to 1.1 or 1.2 by setting the SSL_version option to TLSv1_1 or TLSv1_2 respectively. Alternatively, TLSv11 and TLSv12 can be used. Note that these values are case-sensitive. (BZ#1335035)

The Net:SSLeay Perl module now supports restricting of TLS version

The Net:SSLeay Perl module has been updated to support explicit specification of the TLS protocol version, which can be used for improving security. To restrict TLS version to 1.1 or 1.2, set the Net::SSLeay::ssl_version variable to 11 or 12 respectively. (BZ#1335028)

wget now supports specification of the TLS protocol version

Previously, the wget utility used the highest TLS protocol version 1.2 by default when connecting to a remote server. With this update, wget has been enhanced to allow the user to explicitly select the TLS protocol minor version by adding the --secure-protocol=TLSv1_1 or --secure-protocol=TLSv1_2 command-line options to the wget command. (BZ#1439811)

tcpdump rebased to version 4.9.0

The tcpdump package has been upgraded to upstream version 4.9.0, which provides a number of bug fixes and enhancements over the previous version. Notable changes include:
  • Many security vulnerabilities have been fixed
  • Numerous improvements have been made in the dissection of popular network protocols
  • The default snaplen feature has been increased to 262144 bytes
  • The capture buffer has been enlarged to 4 MiB (BZ#1422473)

The option to set capture direction for tcpdump changed from -P to -Q

Previously, the tcpdump utility in Red Hat Enterprise Linux used the -P option to set the capture direction, while the upstream version used -Q. The -Q option has been implemented and is now preferred. The -P option retains the previous function as an alias of -Q, but displays a warning. (BZ#1292056)

OpenJDK now supports SystemTap on the 64-bit ARM architecture

The OpenJDK platform now supports introspection with the SystemTap instrumentation tool on the 64-bit ARM architecture. (BZ#1373986)

sos rebased to version 3.4

The sos package has been updated to upstream version 3.4, which provides a number of enhancements, new features, and bug fixes, including:
  • New plug-ins have been added for ceph_ansible, collectd, crypto, dracut, gnocchi, jars, nfsganesha, nodejs, npm, openstack_ansible, openstack_instack, openstack_manila, salt, saltmaster, and storageconsole
  • API plug-in enhancements
  • Internationalisation updates
  • The networking plug-in no longer crashes when a network name contains the single quote character '
  • The foreman-debug plug-in is now run with a longer timeout to prevent incomplete foreman-debug information collected
  • Certain private SSL certificate files are no longer collected (BZ#1414879)

targetd rebased to version 0.8.6

The targetd packages have been upgraded to upstream version 0.8.6, which provides a number of bug fixes and enhancements over the previous version. Notably, the targetd service now runs on either Python 2 or Python 3 run time, and the following APIs have been added: initiator_list, access_group_list, access_group_create, access_group_destroy, access_group_init_add, access_group_init_del, access_group_map_list, access_group_map_create, and access_group_map_destroy.
Notable bug fixes include:
  • targetd is now compliant with JSON-RPC response version 2.0.
  • the export_create API can now be used to map the same LUN to multiple initiators.
  • targetd now ensures that SSL certificates are present at start-up. (BZ#1162381)

shim rebased to version 12-1

With this update, the shim package has been upgraded to upstream version 12-1, which provides a number of bug fixes and enhancements over the previous version. Notably, the support for 32-bit UEFI firmware and Extensible Firmware Interface (EFI) utilities has been added. (BZ#1310766)

rubygem-abrt rebased to version 0.3.0

The rubygem-abrt package has been rebased to version 0.3.0, which provides several bug fixes and enhancements over the previous version. Notably:
  • The Ruby ABRT handler now supports uReports, automatic anonymous microreports. With uReports enabled, developers are promptly notified about application issues and are able to fix bugs and resolve problems faster.
  • Previously, when a Ruby application was using Bundler to manage its dependencies and an error occurred, an incorrect logic was used to load components of the Ruby ABRT handler. Consequently, an unexpected LoadReport error was reported to the user instead of a proper ABRT report. The loading logic has been fixed, and the Ruby application errors are now correctly handled and reported using ABRT. (BZ#1418750)

New package: http-parser

The new http-parser package provides a utility for parsing HTTP messages. It parses both requests and responses. The parser is designed to be used in applications managing HTTP performance. It does not make any syscalls or allocations, it does not buffer data, and it can be interrupted at any time. Depending on your architecture, it only requires about 40 bytes of data per message stream. (BZ#1393819)

Intel and IBM POWER transactional memory support for all default POSIX mutexes

The default POSIX mutexes can be transparently substituted with Intel and IBM POWER transactional memory support, which significantly reduces the cost of lock acquisition. To enable transactional memory support for all default POSIX mutexes, set the RHEL_GLIBC_TUNABLES=glibc.elision.enable environment variable to 1. As a result, performance of some applications can be improved.
Developers are advised to use profiling to decide whether enabling of this feature improves performance for their applications. (BZ#841653, BZ#731835)

glibc now supports group merging

The ability to merge group members from different Name Service modules has been added to glibc. As a result, management of centralized user access control and group membership across multiple hosts is now easier. (BZ#1298975)

glibc now supports optimized string comparison functions on The IBM POWER9 architecture

The string comparison functions strcmp and strncmp from the glibc library have been optimized for the IBM POWER9 architecture. (BZ#1320947)

Improved performance for dynamically loaded libraries using the Intel SSE, AVX and AVX512 features

Dynamic library loading has been updated for libraries using the Intel SSE, AVX, and AVX512 features. As a result, performance while loading these libraries has improved. Additionally, support for LD_AUDIT-style auditing has been added. (BZ#1421155)

elfutils rebased to version 0.168

The elfutils package has been upgraded to upstream version 0.168, which provides a number of bug fixes and enhancements:
  • The option --symbols of the eu-readelf utility now allows selecting the section for displaying symbols.
  • New functions for the creation of ELF/DWARF string tables have been added to the libdw library.
  • The DW_LANG_PL1 constant has been changed to DW_LANG_PLI. The previous name is still accepted.
  • The return type of the gelf_newehdr and gelf_newphdr functions from the libelf library has been changed to void* for source compatibility with other libelf implementations. This change retains binary compatibility on all platforms supported by Red Hat Enterprise Linux. (BZ#1400302)

bison rebased to version 3.0.4

The bison package has been upgraded to upstream version 3.0.4, which provides a number of bug fixes and enhancements:
  • Endless diagnostics caused by caret errors have been fixed.
  • The -Werror=CATEGORY option has been added to treat specified warnings as errors. The warnings do not have to be explicitly activated using the -W option.
  • Many improvements in handling of precedence rules and useless rules.
Additionally, the following changes breaking backward compatibility have been introduced:
  • The following features have been deprecated: YYFAIL, YYLEX_PARAM, YYPARSE_PARAM, yystype, yyltype
  • Missing semicolons at the end of actions are no longer automatically added.
  • To use Bison extensions with the autoconf utility versions 2.69 and earlier, pass the option -Wno-yacc to (AM_)YFLAGS. (BZ#1306000)

The system default CA bundle has been set as default in the compiled-in default setting or configuration in Mutt

Previously, when connecting to a new system via TLS/SSL, the Mutt email client required the user to save the certificate. With this update, the system Certificate Authority (CA) bundle is set in Mutt by default. As a result, Mutt now connects via SSL/TLS to hosts with a valid certificate without prompting the user to approve or reject the certificate. (BZ#1388511)

objdump mixed listing speed up

Previously, the BFD library for parsing DWARF debug information and locating source code was very slow. The BFD library is used by the objdump tool. As a consequence, objdump became significantly slower when producing a mixed listing of source code and disassembly. Performance of the BFD library has been improved. As a result, producing a mixed listing with objdump is faster. (BZ#1366052)

ethtool support for human readable output from the fjes driver

The ethtool utility has been enhanced to provide a human readable form of register dump output from the fjes driver. As a result, users of ethtool can inspect the Fujitsu Extended Socket Network Device driver more comfortably. (BZ#1402701)

ecj rebased to version 4.5.2

The ecj package has been upgraded to upstream version 4.5.2, which provides a number of bug fixes and enhancements over the previous version. Notably, support for features added to the Java language in version 8 has been completed. As a result, compilation of Java code using Java 8 features no longer fails. This includes cases where code not using Java 8 features referenced code using these features, such as system classes provided by the Java Runtime Environment. (BZ#1379855)

rhino rebased to version 1.7R5

The rhino package has been upgraded to upstream version 1.7R5, which provides a number of bug fixes and enhancements over the previous version. Notably, the former problem with an infinite loop while parsing regular expressions has been fixed. Applications using Rhino that previously encountered this bug now function correctly. (BZ#1350331)

scap-security-guide and oscap-docker now support containers

The user can now use the oscap-docker utility and the SCAP Security Guide to assess compliance of container or container image without encountering false positive results. Tests that make no sense in container context, such as partitioning, has been set to the not applicable value, and containers can be now scanned with a selected security policy. (BZ#1404392)