Package: glib2.0 / 2.33.12+really2.32.4-5

Metadata

Package Version Patches format
glib2.0 2.33.12+really2.32.4-5 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
01_gettext desktopfiles.patch | (download)

glib/gkeyfile.c | 71 71 + 0 - 0 !
glib/gkeyfile.h | 3 3 + 0 - 0 !
2 files changed, 74 insertions(+)

 add some description
02_gettext desktopfiles ubuntu.patch | (download)

glib/gkeyfile.c | 20 20 + 0 - 0 !
1 file changed, 20 insertions(+)

 provide backwards compatibility for 01_gettext-desktopfiles.patch for x-{debian,ubuntu}-gettext-domain
# UbuntuSpecific: 01_gettext-desktopfiles.patch was changed to use X-GNOME-, so this is necessary until all our .desktop files are converted
03_revert_git_single_include_error.patch | (download)

configure.ac | 2 2 + 0 - 0 !
glib/deprecated/gallocator.h | 2 1 + 1 - 0 !
glib/deprecated/gcache.h | 2 1 + 1 - 0 !
glib/deprecated/gcompletion.h | 2 1 + 1 - 0 !
glib/deprecated/grel.h | 2 1 + 1 - 0 !
glib/deprecated/gthread.h | 2 1 + 1 - 0 !
glib/galloca.h | 2 1 + 1 - 0 !
glib/garray.h | 2 1 + 1 - 0 !
glib/gasyncqueue.h | 2 1 + 1 - 0 !
glib/gatomic.h | 2 1 + 1 - 0 !
glib/gbacktrace.h | 2 1 + 1 - 0 !
glib/gbase64.h | 2 1 + 1 - 0 !
glib/gbitlock.h | 2 1 + 1 - 0 !
glib/gbookmarkfile.h | 2 1 + 1 - 0 !
glib/gchecksum.h | 2 1 + 1 - 0 !
glib/gconvert.h | 2 1 + 1 - 0 !
glib/gdataset.h | 2 1 + 1 - 0 !
glib/gdate.h | 2 1 + 1 - 0 !
glib/gdatetime.h | 2 1 + 1 - 0 !
glib/gdir.h | 2 1 + 1 - 0 !
glib/gerror.h | 2 1 + 1 - 0 !
glib/gfileutils.h | 2 1 + 1 - 0 !
glib/ghash.h | 2 1 + 1 - 0 !
glib/ghmac.h | 2 1 + 1 - 0 !
glib/ghook.h | 2 1 + 1 - 0 !
glib/giochannel.h | 2 1 + 1 - 0 !
glib/gkeyfile.h | 2 1 + 1 - 0 !
glib/glist.h | 2 1 + 1 - 0 !
glib/gmacros.h | 2 1 + 1 - 0 !
glib/gmain.h | 2 1 + 1 - 0 !
glib/gmappedfile.h | 2 1 + 1 - 0 !
glib/gmarkup.h | 2 1 + 1 - 0 !
glib/gmem.h | 2 1 + 1 - 0 !
glib/gmessages.h | 2 1 + 1 - 0 !
glib/gnode.h | 2 1 + 1 - 0 !
glib/goption.h | 2 1 + 1 - 0 !
glib/gpattern.h | 2 1 + 1 - 0 !
glib/gprimes.h | 2 1 + 1 - 0 !
glib/gqsort.h | 2 1 + 1 - 0 !
glib/gquark.h | 2 1 + 1 - 0 !
glib/gqueue.h | 2 1 + 1 - 0 !
glib/grand.h | 2 1 + 1 - 0 !
glib/gregex.h | 2 1 + 1 - 0 !
glib/gscanner.h | 2 1 + 1 - 0 !
glib/gsequence.h | 2 1 + 1 - 0 !
glib/gshell.h | 2 1 + 1 - 0 !
glib/gslice.h | 2 1 + 1 - 0 !
glib/gslist.h | 2 1 + 1 - 0 !
glib/gspawn.h | 2 1 + 1 - 0 !
glib/gstrfuncs.h | 2 1 + 1 - 0 !
glib/gstring.h | 2 1 + 1 - 0 !
glib/gstringchunk.h | 2 1 + 1 - 0 !
glib/gtestutils.h | 2 1 + 1 - 0 !
glib/gthread.h | 2 1 + 1 - 0 !
glib/gthreadpool.h | 2 1 + 1 - 0 !
glib/gtimer.h | 2 1 + 1 - 0 !
glib/gtimezone.h | 2 1 + 1 - 0 !
glib/gtree.h | 2 1 + 1 - 0 !
glib/gtypes.h | 2 1 + 1 - 0 !
glib/gunicode.h | 2 1 + 1 - 0 !
glib/gurifuncs.h | 2 1 + 1 - 0 !
glib/gutils.h | 2 1 + 1 - 0 !
glib/gvariant.h | 2 1 + 1 - 0 !
glib/gvarianttype.h | 2 1 + 1 - 0 !
glib/gversionmacros.h | 2 1 + 1 - 0 !
glib/gwin32.h | 2 1 + 1 - 0 !
66 files changed, 67 insertions(+), 65 deletions(-)

---
04_homedir_env.patch | (download)

docs/reference/glib/running.sgml | 16 16 + 0 - 0 !
glib/gutils.c | 10 9 + 1 - 0 !
2 files changed, 25 insertions(+), 1 deletion(-)

 handle the g_home environment variable to override the passwd entry
 This will allow to fix various kinds of build failures due to restricted
 build environments.
05_run gio tests with a dbus session.patch | (download)

Makefile.decl | 2 1 + 1 - 0 !
gio/tests/Makefile.am | 3 3 + 0 - 0 !
2 files changed, 4 insertions(+), 1 deletion(-)

 [patch] run gio tests with a dbus session

Some gio tests (e.g. gapplication) need a running dbus session
to work, so we run them with dbus-launch, which prepares the
dbus session.

10_gdbus_race.patch | (download)

gio/gdbusactiongroup.c | 4 3 + 1 - 0 !
1 file changed, 3 insertions(+), 1 deletion(-)

 gdbusactiongroup: hold ref until async init done

to avoid use-after-free if GDBusActionGroup was finalized

https://bugzilla.gnome.org/show_bug.cgi?id=679509

11_CVE 2012 3524_setuid.patch | (download)

configure.ac | 15 13 + 2 - 0 !
gio/gdbusaddress.c | 9 9 + 0 - 0 !
gio/gvfs.c | 3 3 + 0 - 0 !
glib/genviron.c | 1 1 + 0 - 0 !
glib/glib-private.c | 4 3 + 1 - 0 !
glib/glib-private.h | 4 4 + 0 - 0 !
glib/gutils.c | 57 57 + 0 - 0 !
7 files changed, 90 insertions(+), 3 deletions(-)

 cve-2012-3524: hardening for being run in a setuid environment

Some programs attempt to use libglib (or even libgio) when setuid.
For a long time, GTK+ simply aborted if launched in this
configuration, but we never had a real policy for GLib.

I'm not sure whether we should advertise such support.  However, given
that there are real-world programs that do this currently, we can make
them safer with not too much effort.

Better to fix a problem caused by an interaction between two
components in *both* places if possible.

This patch adds a private function g_check_setuid() which is used to
first ensure we don't run an external dbus-launch binary if
DBUS_SESSION_BUS_ADDRESS isn't set.

Second, we also ensure the local VFS is used in this case.  The
gdaemonvfs extension point will end up talking to the session bus
which is typically undesirable in a setuid context.

Implementing g_check_setuid() is interesting - whether or not we're
running in a privilege-escalated path is operating system specific.
Note that GTK+'s code to check euid versus uid worked historically on
Unix, more modern systems have filesystem capabilities and SELinux
domain transitions, neither of which are captured by the uid
comparison.

On Linux/glibc, the way this works is that the kernel sets an
AT_SECURE flag in the ELF auxiliary vector, and glibc looks for it on
startup.  If found, then glibc sets a public-but-undocumented
__libc_enable_secure variable which we can use.  Unfortunately, while
it *previously* worked to check this variable, a combination of newer
binutils and RPM break it:
http://www.openwall.com/lists/owl-dev/2012/08/14/1

So for now on Linux/glibc, we fall back to the historical Unix version
until we get glibc fixed.

On some BSD variants, there is a issetugid() function.  On other Unix
variants, we fall back to what GTK+ has been doing.

Reported-By: Sebastian Krahmer <krahmer@suse.de>
Signed-off-by: Colin Walters <walters@verbum.org>

20_glib compile resources_leak.patch | (download)

gio/glib-compile-resources.c | 4 3 + 1 - 0 !
1 file changed, 3 insertions(+), 1 deletion(-)

---
61_glib compile binaries path.patch | (download)

gio-2.0.pc.in | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 adjust path to glib-compile-schemas in the pkg-config file
 This is because gio-querymodules and glib-compile-schemas have been put
 in a private, versioned directory in libglib2.0-0 to avoid a dependency loop.
90_gio modules multiarch compat.patch | (download)

gio/giomodule.c | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

---
91_revert_schema_path_warning.patch | (download)

gio/glib-compile-schemas.c | 6 0 + 6 - 0 !
1 file changed, 6 deletions(-)

 revert http://git.gnome.org/browse/glib/commit/?id=6560b3. final freeze is not the time to start fixing the gsettings paths of all packages.
92_kfreebsd_credentials.patch | (download)

gio/gcredentials.c | 18 9 + 9 - 0 !
gio/gunixcredentialsmessage.c | 12 6 + 6 - 0 !
2 files changed, 15 insertions(+), 15 deletions(-)

 [patch] use the freebsd credentials-passing code on debian
 GNU/kFreeBSD

The __FreeBSD__ macro means we have both a FreeBSD kernel and FreeBSD
libc, which isn't the case on GNU/kFreeBSD (GNU libc and userland on