Package: glib2.0 / 2.33.12+really2.32.4-5
Metadata
Package | Version | Patches format |
---|---|---|
glib2.0 | 2.33.12+really2.32.4-5 | 3.0 (quilt) |
Patch series
view the series filePatch | File delta | Description |
---|---|---|
01_gettext desktopfiles.patch | (download) |
glib/gkeyfile.c |
71 71 + 0 - 0 ! |
add some description |
02_gettext desktopfiles ubuntu.patch | (download) |
glib/gkeyfile.c |
20 20 + 0 - 0 ! |
provide backwards compatibility for 01_gettext-desktopfiles.patch for x-{debian,ubuntu}-gettext-domain # UbuntuSpecific: 01_gettext-desktopfiles.patch was changed to use X-GNOME-, so this is necessary until all our .desktop files are converted |
03_revert_git_single_include_error.patch | (download) |
configure.ac |
2 2 + 0 - 0 ! |
--- |
04_homedir_env.patch | (download) |
docs/reference/glib/running.sgml |
16 16 + 0 - 0 ! |
handle the g_home environment variable to override the passwd entry This will allow to fix various kinds of build failures due to restricted build environments. |
05_run gio tests with a dbus session.patch | (download) |
Makefile.decl |
2 1 + 1 - 0 ! |
[patch] run gio tests with a dbus session Some gio tests (e.g. gapplication) need a running dbus session to work, so we run them with dbus-launch, which prepares the dbus session. |
10_gdbus_race.patch | (download) |
gio/gdbusactiongroup.c |
4 3 + 1 - 0 ! |
gdbusactiongroup: hold ref until async init done to avoid use-after-free if GDBusActionGroup was finalized https://bugzilla.gnome.org/show_bug.cgi?id=679509 |
11_CVE 2012 3524_setuid.patch | (download) |
configure.ac |
15 13 + 2 - 0 ! |
cve-2012-3524: hardening for being run in a setuid environment Some programs attempt to use libglib (or even libgio) when setuid. For a long time, GTK+ simply aborted if launched in this configuration, but we never had a real policy for GLib. I'm not sure whether we should advertise such support. However, given that there are real-world programs that do this currently, we can make them safer with not too much effort. Better to fix a problem caused by an interaction between two components in *both* places if possible. This patch adds a private function g_check_setuid() which is used to first ensure we don't run an external dbus-launch binary if DBUS_SESSION_BUS_ADDRESS isn't set. Second, we also ensure the local VFS is used in this case. The gdaemonvfs extension point will end up talking to the session bus which is typically undesirable in a setuid context. Implementing g_check_setuid() is interesting - whether or not we're running in a privilege-escalated path is operating system specific. Note that GTK+'s code to check euid versus uid worked historically on Unix, more modern systems have filesystem capabilities and SELinux domain transitions, neither of which are captured by the uid comparison. On Linux/glibc, the way this works is that the kernel sets an AT_SECURE flag in the ELF auxiliary vector, and glibc looks for it on startup. If found, then glibc sets a public-but-undocumented __libc_enable_secure variable which we can use. Unfortunately, while it *previously* worked to check this variable, a combination of newer binutils and RPM break it: http://www.openwall.com/lists/owl-dev/2012/08/14/1 So for now on Linux/glibc, we fall back to the historical Unix version until we get glibc fixed. On some BSD variants, there is a issetugid() function. On other Unix variants, we fall back to what GTK+ has been doing. Reported-By: Sebastian Krahmer <krahmer@suse.de> Signed-off-by: Colin Walters <walters@verbum.org> |
20_glib compile resources_leak.patch | (download) |
gio/glib-compile-resources.c |
4 3 + 1 - 0 ! |
--- |
61_glib compile binaries path.patch | (download) |
gio-2.0.pc.in |
4 2 + 2 - 0 ! |
adjust path to glib-compile-schemas in the pkg-config file This is because gio-querymodules and glib-compile-schemas have been put in a private, versioned directory in libglib2.0-0 to avoid a dependency loop. |
90_gio modules multiarch compat.patch | (download) |
gio/giomodule.c |
2 2 + 0 - 0 ! |
--- |
91_revert_schema_path_warning.patch | (download) |
gio/glib-compile-schemas.c |
6 0 + 6 - 0 ! |
revert http://git.gnome.org/browse/glib/commit/?id=6560b3. final freeze is not the time to start fixing the gsettings paths of all packages. |
92_kfreebsd_credentials.patch | (download) |
gio/gcredentials.c |
18 9 + 9 - 0 ! |
[patch] use the freebsd credentials-passing code on debian GNU/kFreeBSD The __FreeBSD__ macro means we have both a FreeBSD kernel and FreeBSD libc, which isn't the case on GNU/kFreeBSD (GNU libc and userland on |