mirror of
https://git.yoctoproject.org/poky
synced 2026-01-29 21:08:42 +01:00
glib-2.0: Upgrade 2.78.4 -> 2.78.5
Handle CVE-2024-34397
Remove backported patch included in this release.
News (d18807b5ff):
Overview of changes in GLib 2.78.5, 2024-05-07
==============================================
* Fix CVE-2024-34397: GDBus signal subscriptions for well-known names are
vulnerable to unicast spoofing (#3268, work by Simon McVittie, reported by
Alicia Boya García)
* Bugs fixed:
- #3168 gvfs-udisks2-volume-monitor SIGSEGV in g_content_type_guess_for_tree()
due to filename with bad encoding (Ondrej Holy)
- #3268 CVE-2024-34397: GDBus signal subscriptions for well-known names are
vulnerable to unicast spoofing (Simon McVittie)
- !3825 glib-2-78: ci: Drop FreeBSD 12 CI runner as it’s EOL
- !3960 gcontenttype: Make filename valid utf-8 string before processing
- !4040 Backport !4038 “gdbusconnection: Don't deliver signals if the sender
doesn't match” to glib-2-78
- !4043 CI: Ignore MSYS2 CI failures for this older stable-branch
* Translation updates:
- English (United Kingdom) (Andi Chandler)
- Georgian (Ekaterine Papava)
- Portuguese (Brazil) (Juliano de Souza Camargo)
(From OE-Core rev: 14de0c10f6b65eac758220d95e6d31066649a214)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Peter Marko
committed by
Steve Sakoman
Steve Sakoman
parent
22357a9a04
commit
ea63f4e0ed
@@ -1,54 +0,0 @@
|
||||
From cce3ae98a2c1966719daabff5a4ec6cf94a846f6 Mon Sep 17 00:00:00 2001
|
||||
From: Philip Withnall <pwithnall@gnome.org>
|
||||
Date: Mon, 26 Feb 2024 16:55:44 +0000
|
||||
Subject: [PATCH] tests: Remove variable-length lookbehind tests for GRegex
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
PCRE2 10.43 has now introduced support for variable-length lookbehind,
|
||||
so these tests now fail if GLib is built against PCRE2 10.43 or higher.
|
||||
|
||||
See
|
||||
https://github.com/PCRE2Project/pcre2/blob/e8db6fa7137f4c6f66cb87e0a3c9467252ec1ef7/ChangeLog#L94.
|
||||
|
||||
Rather than making the tests conditional on the version of PCRE2 in use,
|
||||
just remove them. They are mostly testing the PCRE2 code rather than
|
||||
any code in GLib, so don’t have much value.
|
||||
|
||||
This should fix CI runs on msys2-mingw32, which updated to PCRE2 10.43 2
|
||||
days ago.
|
||||
|
||||
Signed-off-by: Philip Withnall <pwithnall@gnome.org>
|
||||
|
||||
Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/cce3ae98a2c1966719daabff5a4ec6cf94a846f6]
|
||||
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
|
||||
---
|
||||
glib/tests/regex.c | 10 ----------
|
||||
1 file changed, 10 deletions(-)
|
||||
|
||||
diff --git a/glib/tests/regex.c b/glib/tests/regex.c
|
||||
index 1082526292..d7a698ec67 100644
|
||||
--- a/glib/tests/regex.c
|
||||
+++ b/glib/tests/regex.c
|
||||
@@ -1885,16 +1885,6 @@ test_lookbehind (void)
|
||||
g_match_info_free (match);
|
||||
g_regex_unref (regex);
|
||||
|
||||
- regex = g_regex_new ("(?<!dogs?|cats?) x", G_REGEX_OPTIMIZE, G_REGEX_MATCH_DEFAULT, &error);
|
||||
- g_assert (regex == NULL);
|
||||
- g_assert_error (error, G_REGEX_ERROR, G_REGEX_ERROR_VARIABLE_LENGTH_LOOKBEHIND);
|
||||
- g_clear_error (&error);
|
||||
-
|
||||
- regex = g_regex_new ("(?<=ab(c|de)) foo", G_REGEX_OPTIMIZE, G_REGEX_MATCH_DEFAULT, &error);
|
||||
- g_assert (regex == NULL);
|
||||
- g_assert_error (error, G_REGEX_ERROR, G_REGEX_ERROR_VARIABLE_LENGTH_LOOKBEHIND);
|
||||
- g_clear_error (&error);
|
||||
-
|
||||
regex = g_regex_new ("(?<=abc|abde)foo", G_REGEX_OPTIMIZE, G_REGEX_MATCH_DEFAULT, &error);
|
||||
g_assert (regex);
|
||||
g_assert_no_error (error);
|
||||
--
|
||||
GitLab
|
||||
|
||||
|
||||
@@ -16,14 +16,13 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \
|
||||
file://0001-gio-tests-resources.c-comment-out-a-build-host-only-.patch \
|
||||
file://0001-Switch-from-the-deprecated-distutils-module-to-the-p.patch \
|
||||
file://memory-monitor.patch \
|
||||
file://fix-regex.patch \
|
||||
file://skip-timeout.patch \
|
||||
"
|
||||
SRC_URI:append:class-native = " file://relocate-modules.patch \
|
||||
file://0001-meson.build-do-not-enable-pidfd-features-on-native-g.patch \
|
||||
"
|
||||
|
||||
SRC_URI[sha256sum] = "24b8e0672dca120cc32d394bccb85844e732e04fe75d18bb0573b2dbc7548f63"
|
||||
SRC_URI[sha256sum] = "39b26044bd44dc30f427202add4997f554723c30017e92ff36da4197a2c916aa"
|
||||
|
||||
# Find any meson cross files in FILESPATH that are relevant for the current
|
||||
# build (using siteinfo) and add them to EXTRA_OEMESON.
|
||||
Reference in New Issue
Block a user