Handle regression of CVE-2024-34397 fix.
News (d40f72e98e):
Overview of changes in GLib 2.78.6, 2024-05-08
==============================================
* Fix a regression with IBus caused by the fix for CVE-2024-34397 (#3353,
work by Simon McVittie)
* Bugs fixed:
- #3353 Fixing CVE-2024-34397 caused regressions for ibus (Simon McVittie)
- !4056 Backport !4053 “gdbusconnection: Allow name owners to have the syntax
of a well-known name” to glib-2-78
(From OE-Core rev: 51da20dc574a7f2a9759a4368d7668e3421e379f)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Handle CVE-2024-34397
Remove backported patch included in this release.
News (d18807b5ff):
Overview of changes in GLib 2.78.5, 2024-05-07
==============================================
* Fix CVE-2024-34397: GDBus signal subscriptions for well-known names are
vulnerable to unicast spoofing (#3268, work by Simon McVittie, reported by
Alicia Boya García)
* Bugs fixed:
- #3168 gvfs-udisks2-volume-monitor SIGSEGV in g_content_type_guess_for_tree()
due to filename with bad encoding (Ondrej Holy)
- #3268 CVE-2024-34397: GDBus signal subscriptions for well-known names are
vulnerable to unicast spoofing (Simon McVittie)
- !3825 glib-2-78: ci: Drop FreeBSD 12 CI runner as it’s EOL
- !3960 gcontenttype: Make filename valid utf-8 string before processing
- !4040 Backport !4038 “gdbusconnection: Don't deliver signals if the sender
doesn't match” to glib-2-78
- !4043 CI: Ignore MSYS2 CI failures for this older stable-branch
* Translation updates:
- English (United Kingdom) (Andi Chandler)
- Georgian (Ekaterine Papava)
- Portuguese (Brazil) (Juliano de Souza Camargo)
(From OE-Core rev: 14de0c10f6b65eac758220d95e6d31066649a214)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The /timeout/rounding test is sensitive to system load, as it expects
timeouts to trigger in windows that on an idle system are realistic but
not when running inside a qemu-system on a loaded system.
[ YOCTO #14464 ]
(From OE-Core rev: 684ac8005aef8ab26e61e6e7535e19c9974972d3)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
License-Update: copyright years
(From OE-Core rev: 6a0cb6e129d5602808f34fd2a9460fc05d9520d6)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* to fix build on hosts with python-3.12, now it fails with:
Traceback (most recent call last):
File "recipe-sysroot-native/usr/bin/gdbus-codegen", line 53, in <module>
from codegen import codegen_main
File "recipe-sysroot-native/usr/share/glib-2.0/codegen/codegen_main.py", line 29, in <module>
from . import dbustypes
File "recipe-sysroot-native/usr/share/glib-2.0/codegen/dbustypes.py", line 22, in <module>
from . import utils
File "recipe-sysroot-native/usr/share/glib-2.0/codegen/utils.py", line 22, in <module>
import distutils.version
ModuleNotFoundError: No module named 'distutils'
CMake Error at CMakeLists.txt:90 (message):
Error in generating code for connman interface using gdbus-codegen
(From OE-Core rev: 258cb46f93af3249fb554a679af6222174bd2e95)
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We've been seeing the memory-monitor-dbus test case fail occasionally
on the autobuilder. Luckily there have been a series of fixes upstream
to fix races in the test case, so backport these and hopefully they
fix the issue.
[ YOCTO #15362 ]
(From OE-Core rev: 311d2606a70528e14093dd93178a2c7170718333)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
With python 3.12 some of the glib ptests started failing. Inspection
revealed that they fail because all tests in some glib's test suites are skipped;
python 3.12's unittest module deems "no tests in a test suite were executed"
a failure (and I tend to agree).
Why are all the tests skipped? Because python dbus module is missing from
the image, and it's missing because it's pulled in by dbusmock, which
in turn is missing because it is pulled in by glib recipe subject to
GI_DATA_ENABLED, and that variable is not global but defined in a g-i-data
class that glib recipe did not include.
So needed dependencies were simply always excluded regardless of g-i settings,
until now.
(From OE-Core rev: c9010feb8e4862f5c0dfde33ba73f3e7cc35b790)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The meson.build looks for a target gtk-doc, but it should be looking for
the native package.
Fixing this means we can drop the need for a target gtk-doc package.
(From OE-Core rev: f91694fa8f5c2c3e6f4946300f040677cb0828fd)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Latest meson expects it there and fails if it can't find it; meanwhile
we patch glib to put it into libexecdir for reasons of avoiding incorrect
debian package renaming in multilib scenarios.
(From OE-Core rev: cd530108e1b31ff3dff9e677e8e5af920e6609aa)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
=========
* Fix truncating files when "g_file_set_contents_full()" is called without
"G_FILE_SET_CONTENTS_CONSISTENT"
* Fix "-Dlibelf=disabled" on Linux
* Bugs fixed:
- #3105 NetworkManager 1.44.0 crashes repeatedly with glib 2.78.0
- #3111 gsubprocess-testprog.c: build error with cygwin (sys/ptrace.h: No such
file or directory)
- #3116 gio clears modification time in microseconds when setting with
"set_modification_date_time"
- #3120 Build of glib 2.78.0 ignores -Dlibelf=disabled
- #3128 glib-2.78.0 fails at gio/tests/gsubprocess.p/gsubprocess.c.o
- #3130 Segfault when creating GIO GPropertyAction without properties
- #3144 "g_file_set_contents_full()" doesn't truncate the file (without
"G_FILE_SET_CONTENTS_CONSISTENT")
- !3576 guniprop.c: Avoid creating (temporarily) out-of-bounds pointers
- !3579 Fixes for integer cast warnings when targeting CHERI
- !3580 Fix test_find_program on FreeBSD
- !3589 gconstructor.h: Ensure [c|d]tor prototypes are present for MSVC
- !3594 Fix gutils-user-database test on macOS
- !3596 Add value annotation to G_TYPE_FUNDAMENTAL_MAX
- !3601 meson: Fix Windows build with PCRE2 as sibling subproject
- !3604 Backport !3589 "gconstructor.h: Ensure [c|d]tor prototypes are present
for MSVC" to glib-2-78
- !3608 Backport !3587 "glocalfileinfo: Preserve microseconds for
access/modify times" to glib-2-78
- !3609 Backport !3607 "Make sure the "GTask" is freed on a graceful
disconnect" to glib-2-78
- !3614 Backport !3582 "Buffer needs to be aligned correctly to receive
linux_dirent64." to glib-2-78
- !3616 Backport !3590 "gtestutils.h: Fix warning with -Wsign-conversion
caused by g_assert_cmpint" to glib-2-78
- !3619 Backport !3617 "tests: Drop unnecessary include from gsubprocess-
testprog.c" to glib-2-78
- !3622 Backport !3621 "wakeup: do single read when using eventfd()" to
glib-2-78
- !3625 Backport !3624 "wakeup: Fix g_wakeup_acknowledge if signal comes in"
to glib-2-78
- !3644 Backport !3633 "Use g_task_return in task threads" to glib-2-78
- !3649 Backport !3648 "build: Fix -Dlibelf=disabled on Linux" to glib-2-78
- !3659 Backport !3650 "gfileutils: Add a missing ftruncate() call when
writing files" to glib-2-78
(From OE-Core rev: 2a2df44ef1b413f1ae268a69e36ca796fc8c9d0b)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
FILES:${PN}-utils is += extended and than replaced completely later,
remove the first extension.
(From OE-Core rev: d9d61c5217938749e3edc5f8a5c987f46bbab3d7)
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
FAIL: glib/convert.test (Child process killed by signal 6)
FAIL: glib/collate.test (Child process killed by signal 6)
FAIL: glib/gdatetime.test (Child process killed by signal 6)
FAIL: glib/date.test (Child process killed by signal 6)
FAIL: glib/converter-stream.test (Child process killed by signal 6)
FAIL: glib/option-context.test (Child process killed by signal 6)
(From OE-Core rev: a28e0d41fbb5027aa6d2537288a8acc7d53964e7)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a patch so that native glib executables do not error out
on systems with kernels less than 5.4.
(From OE-Core rev: 404d9187f2be1f99be740e10b3d4cc23e482027d)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
GLib has had an option to control libelf since 2.67.0, so use it.
(From OE-Core rev: d2f028c53a2390c28685b373841c9a600e91819a)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We have glibc 2.38 which added strlcpy(), so enable the use of it
explicitly in the Meson cross file for when the target doesn't support
qemu-usermode (which will result in the default of not using it).
(From OE-Core rev: b29028a12cfa6747ba83e63e03e4ec9c8064c667)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
=============
* Fix build failure on Android with 'statx()' support (#3039)
* Bugs fixed:
- #3003 glib-compile-schemas failed on directory name with no Latin symbols
- #3039 Build failure due to statx fields with NDK r25.c
- !3447 Backport !3446 "glib-compile-resources: Fix non-ASCII arg parsing on
Windows" to glib-2-76
- !3479 Backport !3473 "glib: reset errno to 0 when futex() returns EAGAIN" to
glib-2-76
- !3480 Backport !3468 "Avoid stack overflow in gspawn on macOS" to glib-2-76
- !3492 Backport !3482 "glocalfileinfo: Fix incorrect use of struct
statx.st_mtimensec on Android" to glib-2-76
* Translation updates:
- English (United Kingdom)
- Portuguese (Brazil)
- Slovak
(From OE-Core rev: 2b8a98d1f7456882db92be1c709aea0bf868a344)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
gio/tests/portal: Fix test ordering race
When the gnome test runner executes the tests, the test appear to execute in disk
order. This means it sometimes works and we sometimes see breakage in portal-support-snap
and portal-support-snap-classic.
The issue is that some tests create config files but some don't. If they run
in the wrong order, tests see config files they shouldn't and break.
Fix this by deleting the files after each test run, properly cleaning up after
themselves. There are probably better ways to handle this but this patch should
at least let us check this is the issue.
I've tried to report upstream but their issue tracker account creation is struggling
and I can't get my account to work.
(From OE-Core rev: bff17171841fd15fb6084262e397c736005f7e3b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
gcc 13 appears to trigger TMPDIR changes in glib which causes ptest failures:
FAIL: glib/utils-c-90.test (Child process killed by signal 6)
FAIL: glib/utils.test (Child process killed by signal 6)
FAIL: glib/utils-c-99.test (Child process killed by signal 6)
FAIL: glib/utils-c-17.test (Child process killed by signal 6)
FAIL: glib/utils-c-11.test (Child process killed by signal 6)
The issue is caused by our symlinks between tmp directories which
cause the tests to get confused. We can set G_TEST_TMPDIR to
a resolved path using readlink to avoid the failures.
(From OE-Core rev: 7ef0ce88e23c7ca138bc4041931d9bfe1d85dfc0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If both __NR_futex and __NR_futex_time64 are defined, g_futex_simple()
will first call futex_time64(). If that fails with ENOSYS, then
futex_time() is called instead. However, errno was not saved and
restored in this case, which would result in g_futex_simple()
returning with errno set to ENOSYS, even if futex_time() succeeded.
(From OE-Core rev: 1d6bff65391045ba40e84721eb0f6826e25e09f3)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop backports.
Refactor relocate-modules.patch; upstream has implemented the same
logic, but made it os x only - we can simply drop those ifdef guards:
af83c6571e
(From OE-Core rev: 5627068ab335229cef6fb295f995e8547d591944)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
===========
* Fix regression in type checking 'g_str_equal()' from C++ projects (#2820)
* Bugs fixed:
- #2820 g_str_equal: New macro version breaks compilation in C++ projects
- !3096 Backport !3094 "gstrfuncs: Fix regression in C++ types accepted by
g_str_equal()" to glib-2-74
(From OE-Core rev: 148d1492314a73731048a74d2561ec19eefe369c)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If a access or creation timestamp has 0 microseconds, then the test
fails as it doesn't expect this to be a valid value. Expand a previous
fix for modification times to cover these timestamps too.
[ YOCTO #14373 ]
(From OE-Core rev: 15715e6ad81c97cd50e288f3745615eb19be90d1)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
