1 files changed, 36 insertions, 0 deletions
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-1.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-1.patch
new file mode 100644
index 0000000000..3047062f54
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-1.patch
@@ -0,0 +1,36 @@
+From f8273b9aded135fe07094faebd527e43851aaf6e Mon Sep 17 00:00:00 2001
+From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
+Date: Sun, 7 Feb 2021 23:32:40 +0100
+Subject: [PATCH 1/5] giochannel: Fix length_size bounds check
+The inverted condition is an obvious error introduced by ecdf91400e9a.
+Fixes https://gitlab.gnome.org/GNOME/glib/-/issues/2323
+(cherry picked from commit a149bf2f9030168051942124536e303af8ba6176)
+Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz]
+CVE: CVE-2021-27219
+Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
+---
+ glib/giochannel.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/glib/giochannel.c b/glib/giochannel.c
+index 4dec20f77..c3f3102ff 100644
+--- a/glib/giochannel.c
+++ b/glib/giochannel.c
+@@ -896,7 +896,7 @@ g_io_channel_set_line_term (GIOChannel      *channel,
+     {
+       /* FIXME: We’re constrained by line_term_len being a guint here */
+       gsize length_size = strlen (line_term);
+-      g_return_if_fail (length_size > G_MAXUINT);
+      g_return_if_fail (length_size <= G_MAXUINT);
+       length_unsigned = (guint) length_size;
+     }
+ 
+-- 
+GitLab

diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-1.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-1.patch new file mode 100644 index 0000000000..3047062f54 --- /dev/null +++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-reg1-1.patch
@@ -0,0 +1,36 @@
	1	From f8273b9aded135fe07094faebd527e43851aaf6e Mon Sep 17 00:00:00 2001
	2	From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
	3	Date: Sun, 7 Feb 2021 23:32:40 +0100
	4	Subject: [PATCH 1/5] giochannel: Fix length_size bounds check
	5
	6	The inverted condition is an obvious error introduced by ecdf91400e9a.
	7
	8	Fixes https://gitlab.gnome.org/GNOME/glib/-/issues/2323
	9
	10	(cherry picked from commit a149bf2f9030168051942124536e303af8ba6176)
	11
	12	Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz]
	13	CVE: CVE-2021-27219
	14	Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
	15
	16	---
	17	glib/giochannel.c \| 2 +-
	18	1 file changed, 1 insertion(+), 1 deletion(-)
	19
	20	diff --git a/glib/giochannel.c b/glib/giochannel.c
	21	index 4dec20f77..c3f3102ff 100644
	22	--- a/glib/giochannel.c
	23	+++ b/glib/giochannel.c
	24	@@ -896,7 +896,7 @@ g_io_channel_set_line_term (GIOChannel *channel,
	25	{
	26	/* FIXME: We’re constrained by line_term_len being a guint here */
	27	gsize length_size = strlen (line_term);
	28	- g_return_if_fail (length_size > G_MAXUINT);
	29	+ g_return_if_fail (length_size <= G_MAXUINT);
	30	length_unsigned = (guint) length_size;
	31	}
	32
	33	--
	34	GitLab
	35
	36