import glib2-2.56.4-9.el8

This commit is contained in:
CentOS Sources 2021-05-18 02:39:07 -04:00 committed by Andrew Lukoshko
parent bea9bf982b
commit 5b5d052d1d
4 changed files with 1090 additions and 36 deletions

View File

@ -0,0 +1,38 @@
From 32ed752130bcbccc008819a7f1ea27651c601ee2 Mon Sep 17 00:00:00 2001
From: Matthias Clasen <mclasen@redhat.com>
Date: Tue, 22 Jan 2019 13:26:31 -0500
Subject: [PATCH 9/9] keyfile settings: Use tighter permissions
When creating directories, create them with 700 permissions,
instead of 777.
Closes: #1658
---
gio/gkeyfilesettingsbackend.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/gio/gkeyfilesettingsbackend.c b/gio/gkeyfilesettingsbackend.c
index f5358818e..3d793f5a8 100644
--- a/gio/gkeyfilesettingsbackend.c
+++ b/gio/gkeyfilesettingsbackend.c
@@ -113,7 +113,8 @@ g_keyfile_settings_backend_keyfile_write (GKeyfileSettingsBackend *kfsb)
contents = g_key_file_to_data (kfsb->keyfile, &length, NULL);
g_file_replace_contents (kfsb->file, contents, length, NULL, FALSE,
- G_FILE_CREATE_REPLACE_DESTINATION,
+ G_FILE_CREATE_REPLACE_DESTINATION |
+ G_FILE_CREATE_PRIVATE,
NULL, NULL, NULL);
compute_checksum (kfsb->digest, contents, length);
@@ -708,7 +709,7 @@ g_keyfile_settings_backend_constructed (GObject *object)
kfsb->permission = g_simple_permission_new (TRUE);
kfsb->dir = g_file_get_parent (kfsb->file);
- g_file_make_directory_with_parents (kfsb->dir, NULL, NULL);
+ g_mkdir_with_parents (g_file_peek_path (kfsb->dir), 0700);
kfsb->file_monitor = g_file_monitor (kfsb->file, G_FILE_MONITOR_NONE, NULL, NULL);
kfsb->dir_monitor = g_file_monitor (kfsb->dir, G_FILE_MONITOR_NONE, NULL, NULL);
--
2.28.0

View File

@ -455,7 +455,7 @@ new file mode 100644
index 000000000..3b4dfb872
--- /dev/null
+++ b/glib/ghmac-gnutls.c
@@ -0,0 +1,151 @@
@@ -0,0 +1,160 @@
+/* ghmac.h - data hashing functions
+ *
+ * Copyright (C) 2011 Collabora Ltd.
@ -539,7 +539,16 @@ index 000000000..3b4dfb872
+GHmac *
+g_hmac_copy (const GHmac *hmac)
+{
+ g_error ("g_hmac_copy is not available with GnuTLS-backend GHmac");
+ GHmac *copy;
+
+ g_return_val_if_fail (hmac != NULL, NULL);
+
+ copy = g_slice_new0 (GHmac);
+ copy->ref_count = 1;
+ copy->digest_type = hmac->digest_type;
+ copy->hmac = gnutls_hmac_copy (hmac->hmac);
+
+ return copy;
+}
+
+GHmac *
@ -661,34 +670,6 @@ index c7f28b5b6..a2f9da81c 100644
c_args : ['-DG_LOG_DOMAIN="GLib"', '-DGLIB_COMPILATION'] + pcre_static_args + glib_hidden_visibility_args
)
diff --git a/glib/tests/hmac.c b/glib/tests/hmac.c
index 3ac3206df..5212c2523 100644
--- a/glib/tests/hmac.c
+++ b/glib/tests/hmac.c
@@ -1,3 +1,5 @@
+#include "config.h"
+
#include <glib.h>
#include <string.h>
#include <stdlib.h>
@@ -427,6 +429,9 @@ test_hmac_ref_unref (void)
static void
test_hmac_copy (void)
{
+#ifdef HAVE_GNUTLS
+ g_test_skip ("No g_hmac_copy with gnutls");
+#else
GHmac *hmac, *check;
hmac = g_hmac_new (G_CHECKSUM_SHA256, (guchar*)"aaa", 3);
@@ -435,6 +440,7 @@ test_hmac_copy (void)
g_assert_cmpstr (g_hmac_get_string (hmac), ==, g_hmac_get_string (check));
g_hmac_unref (check);
g_hmac_unref (hmac);
+#endif
}
static void
diff --git a/meson.build b/meson.build
index 0cefee51d..81b16b004 100644
--- a/meson.build
@ -700,7 +681,7 @@ index 0cefee51d..81b16b004 100644
+# gnutls is used optionally by ghmac
+libgnutls_dep = []
+if get_option('gnutls')
+ libgnutls_dep = [dependency('gnutls', version : '>=3.6.7', required : true)]
+ libgnutls_dep = [dependency('gnutls', version : '>=3.6.9', required : true)]
+ glib_conf.set('HAVE_GNUTLS', 1)
+endif
+

File diff suppressed because it is too large Load Diff

View File

@ -5,17 +5,14 @@
Name: glib2
Version: 2.56.4
Release: 8%{?dist}
Release: 9%{?dist}
Summary: A library of handy utility functions
License: LGPLv2+
URL: http://www.gtk.org
Source0: http://download.gnome.org/sources/glib/2.56/glib-%{version}.tar.xz
# https://gitlab.gnome.org/GNOME/glib/merge_requests/903
# https://bugzilla.redhat.com/show_bug.cgi?id=1630260
Patch37: ghmac-gnutls.patch
# And the BR for this
# For ghmac-gnutls.patch
BuildRequires: pkgconfig(gnutls)
BuildRequires: chrpath
@ -56,6 +53,10 @@ Patch21: 0002-gvariant-test-Also-force-alignment-for-tuple-test-da.patch
# Backported from 2.58 (for 3.32 GNOME rebase)
Patch30: backport-per-desktop-overrides.patch
# https://gitlab.gnome.org/GNOME/glib/merge_requests/903
# https://bugzilla.redhat.com/show_bug.cgi?id=1630260
Patch37: ghmac-gnutls.patch
# Backported from git
Patch40: 0001-gdbus-codegen-honor-Property.EmitsChangedSignal-anno.patch
@ -64,6 +65,11 @@ Patch50: 0001-gcredentialsprivate-Document-the-various-private-mac.patch
Patch51: 0001-GDBus-prefer-getsockopt-style-credentials-passing-AP.patch
Patch52: 0001-credentials-Invalid-Linux-struct-ucred-means-no-info.patch
# Mostly from https://gitlab.gnome.org/GNOME/glib/-/commits/master/gio/gkeyfilesettingsbackend.c
Patch60: keyfile-backend.patch
# https://gitlab.gnome.org/GNOME/glib/-/issues/1658
Patch61: CVE-2019-13012.patch
%description
GLib is the low-level core library that forms the basis for projects
such as GTK+ and GNOME. It provides data structure handling for C,
@ -261,6 +267,14 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || :
%{_datadir}/installed-tests
%changelog
* Tue Nov 10 2020 Michael Catanzaro <mcatanzaro@redhat.com> - 2.56.4-9
- Update GHmac patch to implement g_hmac_copy()
Resolves: #1786538
- Update keyfile settings backend
Resolves: #1728896
- Fix CVE-2019-13012
Resolves: #1728632
* Mon Dec 02 2019 Colin Walters <walters@verbum.org> - 2.56.4-8
- Backport patches for GDBus auth
Resolves: #1777213