From 18f2a3bc6debec775a16c3bf1cec8e87b6e72aa0 Mon Sep 17 00:00:00 2001 From: AlmaLinux RelEng Bot Date: Tue, 19 May 2026 19:32:21 -0400 Subject: [PATCH] import UBI glib2-2.80.4-12.el10_2.13 --- ...busconnection-serial-number-overflow.patch | 0 glib2.spec | 19 +- gunixmount-improvements.patch | 516 ++++++++++++++++++ startup-notify-without-gappinfo.patch | 56 ++ 4 files changed, 586 insertions(+), 5 deletions(-) rename RHEL-114857.patch => gdbusconnection-serial-number-overflow.patch (100%) create mode 100644 gunixmount-improvements.patch create mode 100644 startup-notify-without-gappinfo.patch diff --git a/RHEL-114857.patch b/gdbusconnection-serial-number-overflow.patch similarity index 100% rename from RHEL-114857.patch rename to gdbusconnection-serial-number-overflow.patch diff --git a/glib2.spec b/glib2.spec index c6fac67..ac02c7e 100644 --- a/glib2.spec +++ b/glib2.spec @@ -10,7 +10,7 @@ Name: glib2 Version: 2.80.4 -Release: 10%{?dist}.%{autorelease -n} +Release: 12%{?dist}.%{autorelease -n} Summary: A library of handy utility functions License: LGPL-2.1-or-later @@ -39,11 +39,20 @@ Patch: CVE-2024-52533.patch Patch: CVE-2025-4373.patch # https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4470 -Patch: RHEL-114857.patch +Patch: gdbusconnection-serial-number-overflow.patch + +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3933 +Patch: startup-notify-without-gappinfo.patch # https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914 Patch: CVE-2025-13601.patch +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4916 +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4918 +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4930 +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4931 +Patch: gunixmount-improvements.patch + # https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4933 # https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4921 Patch: CVE-2025-14087.patch @@ -318,10 +327,10 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || : - Fix CVE-2025-14087 and CVE-2025-14512 * Mon Jan 19 2026 Michael Catanzaro - 2.80.4-12 -- Fix NVR +- Add patch for CVE-2025-13601 and patches for GUnixMount issues -* Mon Jan 19 2026 Michael Catanzaro - 2.80.4-11 -- Add patch for CVE-2025-13601 +* Wed Nov 26 2025 Florian Müllner - 2.80.4-11 +- Allow to get startup notify ID without GAppInfo * Tue Sep 16 2025 RHEL Packaging Agent - 2.80.4-10 - Backport patch to prevent sending a serial of zero on overflow diff --git a/gunixmount-improvements.patch b/gunixmount-improvements.patch new file mode 100644 index 0000000..a934d72 --- /dev/null +++ b/gunixmount-improvements.patch @@ -0,0 +1,516 @@ +From e2de4e224a638918842e0578ddf4cb3101a2b0fa Mon Sep 17 00:00:00 2001 +From: Christian Hergert +Date: Fri, 21 Nov 2025 12:31:13 -0800 +Subject: [PATCH 1/5] gio/gunixmounts: mark some file-system types as system + +Since this list was originally created, more file system types have +become commonly used and would benefit from being marked as a system +file-system type. + +This was found while tracking down some performance issues in +gnome-settings-daemon trash handling. +--- + gio/gunixmounts.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/gio/gunixmounts.c b/gio/gunixmounts.c +index 6df984420..c15eb5f4e 100644 +--- a/gio/gunixmounts.c ++++ b/gio/gunixmounts.c +@@ -320,6 +320,8 @@ g_unix_is_system_fs_type (const char *fs_type) + "auto", + "autofs", + "autofs4", ++ "binfmt_misc", ++ "bpf", + "cgroup", + "configfs", + "cxfs", +@@ -328,6 +330,7 @@ g_unix_is_system_fs_type (const char *fs_type) + "devpts", + "devtmpfs", + "ecryptfs", ++ "efivarfs", + "fdescfs", + "fusectl", + "gfs", +@@ -356,6 +359,7 @@ g_unix_is_system_fs_type (const char *fs_type) + "selinuxfs", + "sysfs", + "tmpfs", ++ "tracefs", + "usbfs", + NULL + }; +-- +2.52.0 + + +From ccfc181691e5eda9d914473496f5f0e198e7364e Mon Sep 17 00:00:00 2001 +From: Ondrej Holy +Date: Mon, 1 Dec 2025 15:36:02 +0100 +Subject: [PATCH 2/5] gio/gunixmounts: Mark more file systems as system + internal + +The commit f1a90a67 updated list of system internal file systems. +I think we can add a few more file systems (i.e. `cgroups2`, +`fuse.gvfsd-fuse`, `fuse.portal`) and `/bin/efi` path. This is to +improve performance of `gvfsd-trash`, `gsd-houskeeping` and similar. + +Related: https://gitlab.gnome.org/GNOME/gvfs/-/issues/814 +--- + gio/gunixmounts.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/gio/gunixmounts.c b/gio/gunixmounts.c +index c15eb5f4e..99a72e154 100644 +--- a/gio/gunixmounts.c ++++ b/gio/gunixmounts.c +@@ -239,6 +239,7 @@ g_unix_is_mount_path_system_internal (const char *mount_path) + */ + "/", /* we already have "Filesystem root" in Nautilus */ + "/bin", ++ "/bin/efi", + "/boot", + "/compat/linux/proc", + "/compat/linux/sys", +@@ -323,6 +324,7 @@ g_unix_is_system_fs_type (const char *fs_type) + "binfmt_misc", + "bpf", + "cgroup", ++ "cgroup2", + "configfs", + "cxfs", + "debugfs", +@@ -332,6 +334,8 @@ g_unix_is_system_fs_type (const char *fs_type) + "ecryptfs", + "efivarfs", + "fdescfs", ++ "fuse.gvfsd-fuse", ++ "fuse.portal", + "fusectl", + "gfs", + "gfs2", +-- +2.52.0 + + +From cfe7f8f178155bf12598583c6efeea55cb204c94 Mon Sep 17 00:00:00 2001 +From: Ondrej Holy +Date: Wed, 3 Dec 2025 10:02:15 +0100 +Subject: [PATCH 3/5] gio/gunixmounts: Replace /bin/efi with /boot/efi + +The commit 06e9f2c0 added `/bin/efi` instead of `/boot/efi` to the +list of system internal mount paths by mistake. Let's fix it. +--- + gio/gunixmounts.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/gio/gunixmounts.c b/gio/gunixmounts.c +index 99a72e154..d51079b3b 100644 +--- a/gio/gunixmounts.c ++++ b/gio/gunixmounts.c +@@ -239,8 +239,8 @@ g_unix_is_mount_path_system_internal (const char *mount_path) + */ + "/", /* we already have "Filesystem root" in Nautilus */ + "/bin", +- "/bin/efi", + "/boot", ++ "/boot/efi", + "/compat/linux/proc", + "/compat/linux/sys", + "/dev", +-- +2.52.0 + + +From 6f0aa00dc242df965cc8a59f2dc9540911b3b61c Mon Sep 17 00:00:00 2001 +From: Christian Hergert +Date: Fri, 21 Nov 2025 18:54:33 -0800 +Subject: [PATCH 4/5] gio/unixmounts: use bsearch() to check for set inclusion + +This turns out to be about 17% faster than the previous set comparisons +on large (in the thousands) /proc/mounts configurations. It does require +that we keep the lists sorted but ended up faster than gperf hashing. +--- + gio/gunixmounts.c | 61 ++++++++++++++++++++++++----------------------- + 1 file changed, 31 insertions(+), 30 deletions(-) + +diff --git a/gio/gunixmounts.c b/gio/gunixmounts.c +index d51079b3b..897c73ef9 100644 +--- a/gio/gunixmounts.c ++++ b/gio/gunixmounts.c +@@ -41,6 +41,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -206,16 +207,17 @@ static GSource *proc_mounts_watch_source = NULL; + static struct libmnt_monitor *proc_mounts_monitor = NULL; + #endif + ++static int ++compare_str (const char * key, ++ const char * const *element) ++{ ++ return strcmp (key, *element); ++} ++ + static gboolean +-is_in (const char *value, const char *set[]) ++is_in (const char *value, const char *set[], gsize set_size) + { +- int i; +- for (i = 0; set[i] != NULL; i++) +- { +- if (strcmp (set[i], value) == 0) +- return TRUE; +- } +- return FALSE; ++ return bsearch (value, set, set_size, sizeof (char *), (GCompareFunc)compare_str) != NULL; + } + + /** +@@ -233,11 +235,12 @@ is_in (const char *value, const char *set[]) + gboolean + g_unix_is_mount_path_system_internal (const char *mount_path) + { ++ /* keep sorted for bsearch */ + const char *ignore_mountpoints[] = { + /* Includes all FHS 2.3 toplevel dirs and other specialized + * directories that we want to hide from the user. + */ +- "/", /* we already have "Filesystem root" in Nautilus */ ++ "/", /* we already have "Filesystem root" in Nautilus */ + "/bin", + "/boot", + "/boot/efi", +@@ -253,11 +256,15 @@ g_unix_is_mount_path_system_internal (const char *mount_path) + "/live/image", + "/media", + "/mnt", ++ "/net", + "/opt", ++ "/proc", + "/rescue", + "/root", + "/sbin", ++ "/sbin", + "/srv", ++ "/sys", + "/tmp", + "/usr", + "/usr/X11R6", +@@ -269,23 +276,21 @@ g_unix_is_mount_path_system_internal (const char *mount_path) + "/var", + "/var/crash", + "/var/local", +- GLIB_LOCALSTATEDIR, + "/var/log", + "/var/log/audit", /* https://bugzilla.redhat.com/show_bug.cgi?id=333041 */ + "/var/mail", + "/var/run", +- GLIB_RUNSTATEDIR, + "/var/tmp", /* https://bugzilla.redhat.com/show_bug.cgi?id=335241 */ +- "/proc", +- "/sbin", +- "/net", +- "/sys", +- NULL + }; + +- if (is_in (mount_path, ignore_mountpoints)) ++ if (is_in (mount_path, ignore_mountpoints, G_N_ELEMENTS (ignore_mountpoints))) + return TRUE; +- ++ ++ /* Kept separate from sorted list as they may vary */ ++ if (g_str_equal (GLIB_LOCALSTATEDIR, mount_path) || ++ g_str_equal (GLIB_RUNSTATEDIR, mount_path)) ++ return TRUE; ++ + if (g_str_has_prefix (mount_path, "/dev/") || + g_str_has_prefix (mount_path, "/proc/") || + g_str_has_prefix (mount_path, "/sys/")) +@@ -315,14 +320,13 @@ g_unix_is_mount_path_system_internal (const char *mount_path) + gboolean + g_unix_is_system_fs_type (const char *fs_type) + { ++ /* keep sorted for bsearch */ + const char *ignore_fs[] = { + "adfs", + "afs", + "auto", + "autofs", + "autofs4", +- "binfmt_misc", +- "bpf", + "cgroup", + "cgroup2", + "configfs", +@@ -332,7 +336,6 @@ g_unix_is_system_fs_type (const char *fs_type) + "devpts", + "devtmpfs", + "ecryptfs", +- "efivarfs", + "fdescfs", + "fuse.gvfsd-fuse", + "fuse.portal", +@@ -363,14 +366,12 @@ g_unix_is_system_fs_type (const char *fs_type) + "selinuxfs", + "sysfs", + "tmpfs", +- "tracefs", + "usbfs", +- NULL + }; + + g_return_val_if_fail (fs_type != NULL && *fs_type != '\0', FALSE); + +- return is_in (fs_type, ignore_fs); ++ return is_in (fs_type, ignore_fs, G_N_ELEMENTS (ignore_fs)); + } + + /** +@@ -392,19 +393,19 @@ g_unix_is_system_fs_type (const char *fs_type) + gboolean + g_unix_is_system_device_path (const char *device_path) + { ++ /* keep sorted for bsearch */ + const char *ignore_devices[] = { +- "none", +- "sunrpc", +- "devpts", +- "nfsd", + "/dev/loop", + "/dev/vn", +- NULL ++ "devpts", ++ "nfsd", ++ "none", ++ "sunrpc", + }; + + g_return_val_if_fail (device_path != NULL && *device_path != '\0', FALSE); + +- return is_in (device_path, ignore_devices); ++ return is_in (device_path, ignore_devices, G_N_ELEMENTS (ignore_devices)); + } + + static gboolean +-- +2.52.0 + + +From 182df8cc63f902288d377d9664dbf63448ca1cfe Mon Sep 17 00:00:00 2001 +From: Christian Hergert +Date: Tue, 6 Jan 2026 10:56:59 -0800 +Subject: [PATCH 5/5] gio/unixmounts: test that mounts are in sorted order + +--- + gio/gunixmounts-private.h | 69 +++++++++++++++++++++++++++++++++++++++ + gio/gunixmounts.c | 51 ++--------------------------- + gio/tests/unix-mounts.c | 25 ++++++++++++++ + 3 files changed, 96 insertions(+), 49 deletions(-) + create mode 100644 gio/gunixmounts-private.h + +diff --git a/gio/gunixmounts-private.h b/gio/gunixmounts-private.h +new file mode 100644 +index 000000000..196e81aca +--- /dev/null ++++ b/gio/gunixmounts-private.h +@@ -0,0 +1,69 @@ ++/* GIO - GLib Input, Output and Streaming Library ++ * ++ * Copyright 2006-2007 Red Hat, Inc. ++ * Copyright 2026 Christian Hergert ++ * ++ * SPDX-License-Identifier: LGPL-2.1-or-later ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2.1 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General ++ * Public License along with this library; if not, see . ++ */ ++ ++#pragma once ++ ++/* keep sorted for bsearch */ ++static const char *system_mount_paths[] = { ++ /* Includes all FHS 2.3 toplevel dirs and other specialized ++ * directories that we want to hide from the user. ++ */ ++ "/", /* we already have "Filesystem root" in Nautilus */ ++ "/bin", ++ "/boot", ++ "/compat/linux/proc", ++ "/compat/linux/sys", ++ "/dev", ++ "/etc", ++ "/home", ++ "/lib", ++ "/lib64", ++ "/libexec", ++ "/live/cow", ++ "/live/image", ++ "/media", ++ "/mnt", ++ "/net", ++ "/opt", ++ "/proc", ++ "/rescue", ++ "/root", ++ "/sbin", ++ "/sbin", ++ "/srv", ++ "/sys", ++ "/tmp", ++ "/usr", ++ "/usr/X11R6", ++ "/usr/local", ++ "/usr/obj", ++ "/usr/ports", ++ "/usr/src", ++ "/usr/xobj", ++ "/var", ++ "/var/crash", ++ "/var/local", ++ "/var/log", ++ "/var/log/audit", /* https://bugzilla.redhat.com/show_bug.cgi?id=333041 */ ++ "/var/mail", ++ "/var/run", ++ "/var/tmp", /* https://bugzilla.redhat.com/show_bug.cgi?id=335241 */ ++}; +diff --git a/gio/gunixmounts.c b/gio/gunixmounts.c +index 897c73ef9..ec7c1e7d9 100644 +--- a/gio/gunixmounts.c ++++ b/gio/gunixmounts.c +@@ -76,6 +76,7 @@ extern char* hasmntopt(const struct mntent* mnt, const char* opt); + #endif + + #include "gunixmounts.h" ++#include "gunixmounts-private.h" + #include "gfile.h" + #include "gfilemonitor.h" + #include "glibintl.h" +@@ -235,55 +236,7 @@ is_in (const char *value, const char *set[], gsize set_size) + gboolean + g_unix_is_mount_path_system_internal (const char *mount_path) + { +- /* keep sorted for bsearch */ +- const char *ignore_mountpoints[] = { +- /* Includes all FHS 2.3 toplevel dirs and other specialized +- * directories that we want to hide from the user. +- */ +- "/", /* we already have "Filesystem root" in Nautilus */ +- "/bin", +- "/boot", +- "/boot/efi", +- "/compat/linux/proc", +- "/compat/linux/sys", +- "/dev", +- "/etc", +- "/home", +- "/lib", +- "/lib64", +- "/libexec", +- "/live/cow", +- "/live/image", +- "/media", +- "/mnt", +- "/net", +- "/opt", +- "/proc", +- "/rescue", +- "/root", +- "/sbin", +- "/sbin", +- "/srv", +- "/sys", +- "/tmp", +- "/usr", +- "/usr/X11R6", +- "/usr/local", +- "/usr/obj", +- "/usr/ports", +- "/usr/src", +- "/usr/xobj", +- "/var", +- "/var/crash", +- "/var/local", +- "/var/log", +- "/var/log/audit", /* https://bugzilla.redhat.com/show_bug.cgi?id=333041 */ +- "/var/mail", +- "/var/run", +- "/var/tmp", /* https://bugzilla.redhat.com/show_bug.cgi?id=335241 */ +- }; +- +- if (is_in (mount_path, ignore_mountpoints, G_N_ELEMENTS (ignore_mountpoints))) ++ if (is_in (mount_path, system_mount_paths, G_N_ELEMENTS (system_mount_paths))) + return TRUE; + + /* Kept separate from sorted list as they may vary */ +diff --git a/gio/tests/unix-mounts.c b/gio/tests/unix-mounts.c +index e3cc6c18c..98a3bcdfc 100644 +--- a/gio/tests/unix-mounts.c ++++ b/gio/tests/unix-mounts.c +@@ -30,6 +30,8 @@ + #include + #include + ++#include "../gunixmounts-private.h" ++ + static void + test_is_system_fs_type (void) + { +@@ -50,6 +52,28 @@ test_is_system_device_path (void) + g_assert_false (g_unix_is_system_device_path ("/")); + } + ++static void ++test_system_mount_paths_sorted (void) ++{ ++ size_t i; ++ size_t n_paths = G_N_ELEMENTS (system_mount_paths); ++ ++ g_test_summary ("Verify that system_mount_paths array is sorted for bsearch"); ++ ++ for (i = 1; i < n_paths; i++) ++ { ++ int cmp = strcmp (system_mount_paths[i - 1], system_mount_paths[i]); ++ if (cmp > 0) ++ { ++ g_test_fail_printf ("system_mount_paths array is not sorted: " ++ "\"%s\" should come before \"%s\"", ++ system_mount_paths[i - 1], ++ system_mount_paths[i]); ++ return; ++ } ++ } ++} ++ + int + main (int argc, + char *argv[]) +@@ -60,6 +84,7 @@ main (int argc, + + g_test_add_func ("/unix-mounts/is-system-fs-type", test_is_system_fs_type); + g_test_add_func ("/unix-mounts/is-system-device-path", test_is_system_device_path); ++ g_test_add_func ("/unix-mounts/system-mount-paths-sorted", test_system_mount_paths_sorted); + + return g_test_run (); + } +-- +2.52.0 + diff --git a/startup-notify-without-gappinfo.patch b/startup-notify-without-gappinfo.patch new file mode 100644 index 0000000..8d1b1f4 --- /dev/null +++ b/startup-notify-without-gappinfo.patch @@ -0,0 +1,56 @@ +From 373dfac8dbd9ed5e7ee398ae8645a4cd440163b4 Mon Sep 17 00:00:00 2001 +From: Julian Sparber +Date: Mon, 22 Jul 2024 14:24:22 +0200 +Subject: [PATCH] gappinfo: Allow giving no GAppInfo for getting startup notify + id + +On Wayland the activation token returned by +`g_app_launch_context_get_startup_notify_id()` doesn't depend on the +`GAppInfo`. The token is only used to hand over focus to the +application that is launched. In some cases it's not even possible to know +what application will actually be used to open the files. For example +when using portals within a sandbox. Therefore, allow providing no +`GAppInfo`. + +This also makes clear in the docs that the `files` argument can be `NULL`. + +(cherry picked from commit 6210708f050d389e83d921b9e5c09db1a988d510) +--- + gio/gappinfo.c | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/gio/gappinfo.c b/gio/gappinfo.c +index 652cae6e1..76b43d159 100644 +--- a/gio/gappinfo.c ++++ b/gio/gappinfo.c +@@ -1593,8 +1593,8 @@ g_app_launch_context_get_display (GAppLaunchContext *context, + /** + * g_app_launch_context_get_startup_notify_id: + * @context: a #GAppLaunchContext +- * @info: a #GAppInfo +- * @files: (element-type GFile): a #GList of #GFile objects ++ * @info: (nullable): the app info ++ * @files: (nullable) (element-type GFile): a list of [iface@Gio.File] objects + * + * Initiates startup notification for the application and returns the + * `XDG_ACTIVATION_TOKEN` or `DESKTOP_STARTUP_ID` for the launched operation, +@@ -1609,6 +1609,7 @@ g_app_launch_context_get_display (GAppLaunchContext *context, + * [freedesktop.org Startup Notification Protocol](http://standards.freedesktop.org/startup-notification-spec/startup-notification-latest.txt). + * + * Support for the XDG Activation Protocol was added in GLib 2.76. ++ * Since GLib 2.82 @info and @files can be `NULL`, but if it's not supported the returned token may be `NULL`. + * + * Returns: (nullable): a startup notification ID for the application, or %NULL if + * not supported. +@@ -1621,7 +1622,7 @@ g_app_launch_context_get_startup_notify_id (GAppLaunchContext *context, + GAppLaunchContextClass *class; + + g_return_val_if_fail (G_IS_APP_LAUNCH_CONTEXT (context), NULL); +- g_return_val_if_fail (G_IS_APP_INFO (info), NULL); ++ g_return_val_if_fail (info == NULL || G_IS_APP_INFO (info), NULL); + + class = G_APP_LAUNCH_CONTEXT_GET_CLASS (context); + +-- +2.52.0 +