From c838bc8632b9cd805aaaa58891eb8a2f72d96bc9 Mon Sep 17 00:00:00 2001 From: Konstantin Kostiuk Date: Thu, 26 Oct 2023 14:44:18 +0300 Subject: [PATCH] Bump glib2 version 2.78.0 - Fix CVEs: CVE-2023-32636, CVE-2023-29499, CVE-2023-32611, CVE-2023-32665, DoS - Resolves: RHEL-5019 - Resolves: RHEL-5020 - Resolves: RHEL-5092 - Resolves: RHEL-5093 - Resolves: RHEL-5094 Signed-off-by: Konstantin Kostiuk --- ...n-Win32-to-make-sure-g_unlink-always.patch | 33 +++++++++-------- gating.yaml | 3 +- mingw-glib2.spec | 35 ++++++++++++++----- sources | 2 +- 4 files changed, 46 insertions(+), 27 deletions(-) diff --git a/0001-Use-CreateFile-on-Win32-to-make-sure-g_unlink-always.patch b/0001-Use-CreateFile-on-Win32-to-make-sure-g_unlink-always.patch index 1679956..9e5aab5 100644 --- a/0001-Use-CreateFile-on-Win32-to-make-sure-g_unlink-always.patch +++ b/0001-Use-CreateFile-on-Win32-to-make-sure-g_unlink-always.patch @@ -1,13 +1,13 @@ -diff -rupN --no-dereference glib-2.66.7/gio/tests/org.gtk.test.gschema.override.orig glib-2.66.7-new/gio/tests/org.gtk.test.gschema.override.orig ---- glib-2.66.7/gio/tests/org.gtk.test.gschema.override.orig 2021-02-11 13:24:55.208942400 +0100 -+++ glib-2.66.7-new/gio/tests/org.gtk.test.gschema.override.orig 1970-01-01 01:00:00.000000000 +0100 +diff -rupN --no-dereference glib-2.78.0/gio/tests/org.gtk.test.gschema.override.orig glib-2.78.0-new/gio/tests/org.gtk.test.gschema.override.orig +--- glib-2.78.0/gio/tests/org.gtk.test.gschema.override.orig 2023-09-08 15:42:18.000000000 +0200 ++++ glib-2.78.0-new/gio/tests/org.gtk.test.gschema.override.orig 1970-01-01 01:00:00.000000000 +0100 @@ -1,2 +0,0 @@ -[org.gtk.test.per-desktop:GNOME-Classic] -desktop = "GNOME Classic" -diff -rupN --no-dereference glib-2.66.7/gio/tests/org.gtk.test.gschema.xml.orig glib-2.66.7-new/gio/tests/org.gtk.test.gschema.xml.orig ---- glib-2.66.7/gio/tests/org.gtk.test.gschema.xml.orig 2021-02-11 13:24:55.208942400 +0100 -+++ glib-2.66.7-new/gio/tests/org.gtk.test.gschema.xml.orig 1970-01-01 01:00:00.000000000 +0100 -@@ -1,222 +0,0 @@ +diff -rupN --no-dereference glib-2.78.0/gio/tests/org.gtk.test.gschema.xml.orig glib-2.78.0-new/gio/tests/org.gtk.test.gschema.xml.orig +--- glib-2.78.0/gio/tests/org.gtk.test.gschema.xml.orig 2023-09-08 15:42:18.000000000 +0200 ++++ glib-2.78.0-new/gio/tests/org.gtk.test.gschema.xml.orig 1970-01-01 01:00:00.000000000 +0100 +@@ -1,225 +0,0 @@ - - - @@ -93,6 +93,9 @@ diff -rupN --no-dereference glib-2.66.7/gio/tests/org.gtk.test.gschema.xml.orig - - "BackSpace" - +- +- "12:00 AM" +- - - - @@ -230,10 +233,10 @@ diff -rupN --no-dereference glib-2.66.7/gio/tests/org.gtk.test.gschema.xml.orig - - - -diff -rupN --no-dereference glib-2.66.7/glib/gstdio.c glib-2.66.7-new/glib/gstdio.c ---- glib-2.66.7/glib/gstdio.c 2021-02-11 13:24:55.239942800 +0100 -+++ glib-2.66.7-new/glib/gstdio.c 2021-03-05 23:02:21.918877448 +0100 -@@ -1045,6 +1045,11 @@ g_open (const gchar *filename, +diff -rupN --no-dereference glib-2.78.0/glib/gstdio.c glib-2.78.0-new/glib/gstdio.c +--- glib-2.78.0/glib/gstdio.c 2023-09-08 15:42:18.000000000 +0200 ++++ glib-2.78.0-new/glib/gstdio.c 2023-09-19 11:45:02.396539056 +0200 +@@ -1052,6 +1052,11 @@ g_open (const gchar *filename, int mode) { #ifdef G_OS_WIN32 @@ -245,7 +248,7 @@ diff -rupN --no-dereference glib-2.66.7/glib/gstdio.c glib-2.66.7-new/glib/gstdi wchar_t *wfilename = g_utf8_to_utf16 (filename, -1, NULL, NULL, NULL); int retval; int save_errno; -@@ -1055,12 +1060,114 @@ g_open (const gchar *filename, +@@ -1062,12 +1067,114 @@ g_open (const gchar *filename, return -1; } @@ -363,7 +366,7 @@ diff -rupN --no-dereference glib-2.66.7/glib/gstdio.c glib-2.66.7-new/glib/gstdi return retval; #else int fd; -@@ -1108,6 +1215,8 @@ g_creat (const gchar *filename, +@@ -1115,6 +1222,8 @@ g_creat (const gchar *filename, int mode) { #ifdef G_OS_WIN32 @@ -372,7 +375,7 @@ diff -rupN --no-dereference glib-2.66.7/glib/gstdio.c glib-2.66.7-new/glib/gstdi wchar_t *wfilename = g_utf8_to_utf16 (filename, -1, NULL, NULL, NULL); int retval; int save_errno; -@@ -1118,12 +1227,41 @@ g_creat (const gchar *filename, +@@ -1125,12 +1234,41 @@ g_creat (const gchar *filename, return -1; } @@ -417,7 +420,7 @@ diff -rupN --no-dereference glib-2.66.7/glib/gstdio.c glib-2.66.7-new/glib/gstdi return retval; #else return creat (filename, mode); -@@ -1565,34 +1703,102 @@ g_fopen (const gchar *filename, +@@ -1572,34 +1710,102 @@ g_fopen (const gchar *filename, const gchar *mode) { #ifdef G_OS_WIN32 diff --git a/gating.yaml b/gating.yaml index 4124226..f88aa91 100644 --- a/gating.yaml +++ b/gating.yaml @@ -2,5 +2,4 @@ product_versions: - rhel-9 decision_context: osci_compose_gate -rules: - - !PassingTestCaseRule {test_case_name: desktop-qe.desktop-ci.tier1-gating.functional} +rules: [] diff --git a/mingw-glib2.spec b/mingw-glib2.spec index 96b128e..3af939f 100644 --- a/mingw-glib2.spec +++ b/mingw-glib2.spec @@ -1,8 +1,8 @@ %{?mingw_package_header} Name: mingw-glib2 -Version: 2.70.1 -Release: 4%{?dist} +Version: 2.78.0 +Release: 1%{?dist} Summary: MinGW Windows GLib2 library License: LGPL-2.0-or-later @@ -19,23 +19,21 @@ BuildRequires: gcc-c++ BuildRequires: mingw32-filesystem >= 107 BuildRequires: mingw32-gcc -BuildRequires: mingw32-gcc-c++ BuildRequires: mingw32-binutils BuildRequires: mingw32-win-iconv BuildRequires: mingw32-gettext BuildRequires: mingw32-libffi -BuildRequires: mingw32-pcre -BuildRequires: mingw32-zlib +BuildRequires: mingw32-pcre2 +BuildRequires: mingw32-zlib >= 1.2.13 BuildRequires: mingw64-filesystem >= 107 BuildRequires: mingw64-gcc -BuildRequires: mingw64-gcc-c++ BuildRequires: mingw64-binutils BuildRequires: mingw64-win-iconv BuildRequires: mingw64-gettext BuildRequires: mingw64-libffi -BuildRequires: mingw64-pcre -BuildRequires: mingw64-zlib +BuildRequires: mingw64-pcre2 +BuildRequires: mingw64-zlib >= 1.2.13 # Native version required for msgfmt use in build BuildRequires: gettext @@ -98,10 +96,17 @@ Static version of the MinGW Windows GLib2 library. %autosetup -p1 -n glib-%{version} %build -%mingw_meson --default-library=both +export MINGW_BUILDDIR_SUFFIX=static +%mingw_meson --default-library=static +%mingw_ninja +export MINGW_BUILDDIR_SUFFIX=shared +%mingw_meson --default-library=shared %mingw_ninja %install +export MINGW_BUILDDIR_SUFFIX=static +%mingw_ninja_install +export MINGW_BUILDDIR_SUFFIX=shared %mingw_ninja_install # There's a small difference in the file glibconfig.h between the @@ -151,9 +156,11 @@ rm -f %{buildroot}%{mingw64_libdir}/*.def # The gdbus-codegen pieces are already in the native glib2 package rm -f %{buildroot}%{mingw32_bindir}/gdbus-codegen rm -rf %{buildroot}%{mingw32_libdir}/gdbus-2.0 +sed -i 's|gdbus_codegen=.*|gdbus_codegen=%{_bindir}/gdbus-codegen|g' %{buildroot}%{mingw32_libdir}/pkgconfig/gio-2.0.pc rm -f %{buildroot}%{mingw64_bindir}/gdbus-codegen rm -rf %{buildroot}%{mingw64_libdir}/gdbus-2.0 +sed -i 's|gdbus_codegen=.*|gdbus_codegen=%{_bindir}/gdbus-codegen|g' %{buildroot}%{mingw64_libdir}/pkgconfig/gio-2.0.pc # Drop all .la files find %{buildroot} -name "*.la" -delete @@ -272,6 +279,16 @@ find %{buildroot} -name "*.la" -delete %changelog +* Thu Oct 26 2023 Konstantin Kostiuk - 2.78.0-1 +- Bump glib2 version 2.78.0 +- Drop DesktopQE gating +- Fix CVEs: CVE-2023-32636, CVE-2023-29499, CVE-2023-32611, CVE-2023-32665, DoS +- Resolves: RHEL-5019 +- Resolves: RHEL-5020 +- Resolves: RHEL-5092 +- Resolves: RHEL-5093 +- Resolves: RHEL-5094 + * Mon Aug 7 2023 Konstantin Kostiuk - 2.70.1-4 - Fix Glib2 build - Resolves: RHEL-1056 diff --git a/sources b/sources index 7faf60b..1b07ded 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (glib-2.70.1.tar.xz) = 639317c98ab72ad853608ab4d395484daff135c0222556c51ca93fd8533c5759db14478beda964e4feb02bb2737a46a4eda25063f98a9c6ba6ae4bc5d74bf5e1 +SHA512 (glib-2.78.0.tar.xz) = 3d06890002f4b13f831c83fbb70cfce529f9750e30888619e4d6277116be15d106379a03143412cf4b2a289c0cbdbbc299ecf17284fbffc06c791ecf7556c765