Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package mold for openSUSE:Factory checked in at 2023-10-18 21:26:24 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/mold (Old) and /work/SRC/openSUSE:Factory/.mold.new.31755 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "mold" Wed Oct 18 21:26:24 2023 rev:34 rq:1118582 version:2.3.0 Changes: -------- --- /work/SRC/openSUSE:Factory/mold/mold.changes 2023-09-28 00:38:57.405897917 +0200 +++ /work/SRC/openSUSE:Factory/.mold.new.31755/mold.changes 2023-10-18 21:26:41.486834219 +0200 @@ -1,0 +2,36 @@ +Wed Oct 18 12:34:13 UTC 2023 - Martin Liska <martin.li...@melowntech.com> + +- Update to version 2.3.0 + * [x86-64] mold 2.3.0 has introduced an experimental flag, -z rewrite-endbr, which + rewrites superfluous endbr64 instructions as nop. + * endbr64 is a relatively recent x86 instruction used to mark locations where an + indirect jump instruction can transfer control. With control-flow integrity + enabled (meaning endbr64 is effective), an indirect jump can only target an + endbr64 or it will trigger a runtime exception. This mechanism significantly + hinders certain control hijacking attacks, such as ROP or JOP, since attackers + cannot jump to just any location. + * When given the -fcf-protection flag, GCC conservatively places an endbr64 at the + beginning of every global function. This is because the function's address might + be taken as a pointer by other translation units. However, in most cases, + function addresses are not actually taken. This conservative approach results in + an overabundance of unnecessary endbr64 instructions, leading to not only code + bloating but also a potential decrease in security as there are more locations + for an attacker to exploit. + * The new linker option, -z rewrite-endbr, aims to alleviate this issue. The + linker can carry out a whole-program analysis on the input files to identify + functions whose addresses are never taken. If -z rewrite-endbr is specified, + mold will conduct this analysis and replace the initial endbr64 with a nop for + functions whose addresses aren't taken. (17f0d85) + * mold now produces a more compact .gdb_index section when using the --gdb-index + flag. Additionally, mold now generates a correct .gdb_index section for object + files created by Clang. (a396fa4) + * mold is now capable of handling input sections larger than 4 GiB. (0ce32d3) + * [PPC] mold can now generate executables for POWER10 processors. Previously, + executables produced by mold would crash immediately on startup on POWER10. + (0f71471) + * [ARM64] When a function with a non-standard calling convention is exported, it's + mandatory for the linker to turn on the STO_AARCH64_VARIANT_PCS flag to notify + the dynamic linker. mold now appropriately sets this flag. (2e3b56e) + * [RISC-V] mold now supports new GP-relative relocations. (ac3ee91) + +------------------------------------------------------------------- Old: ---- mold-2.2.0.tar.gz New: ---- mold-2.3.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mold.spec ++++++ --- /var/tmp/diff_new_pack.61AaUn/_old 2023-10-18 21:26:42.014853346 +0200 +++ /var/tmp/diff_new_pack.61AaUn/_new 2023-10-18 21:26:42.018853492 +0200 @@ -17,7 +17,7 @@ Name: mold -Version: 2.2.0 +Version: 2.3.0 Release: 0 Summary: A Modern Linker (mold) License: MIT ++++++ mold-2.2.0.tar.gz -> mold-2.3.0.tar.gz ++++++ /work/SRC/openSUSE:Factory/mold/mold-2.2.0.tar.gz /work/SRC/openSUSE:Factory/.mold.new.31755/mold-2.3.0.tar.gz differ: char 13, line 1
