glib-2.0: Upgrade 2.78.4 -> 2.78.5

Handle CVE-2024-34397 Remove backported patch included in this release. News (https://gitlab.gnome.org/GNOME/glib/-/commit/d18807b5ffc6dedc2db5225b044063f65720bf56): Overview of changes in GLib 2.78.5, 2024-05-07 ============================================== * Fix CVE-2024-34397: GDBus signal subscriptions for well-known names are vulnerable to unicast spoofing (#3268, work by Simon McVittie, reported by Alicia Boya García) * Bugs fixed: - #3168 gvfs-udisks2-volume-monitor SIGSEGV in g_content_type_guess_for_tree() due to filename with bad encoding (Ondrej Holy) - #3268 CVE-2024-34397: GDBus signal subscriptions for well-known names are vulnerable to unicast spoofing (Simon McVittie) - !3825 glib-2-78: ci: Drop FreeBSD 12 CI runner as it’s EOL - !3960 gcontenttype: Make filename valid utf-8 string before processing - !4040 Backport !4038 “gdbusconnection: Don't deliver signals if the sender doesn't match” to glib-2-78 - !4043 CI: Ignore MSYS2 CI failures for this older stable-branch * Translation updates: - English (United Kingdom) (Andi Chandler) - Georgian (Ekaterine Papava) - Portuguese (Brazil) (Juliano de Souza Camargo) (From OE-Core rev: 14de0c10f6b65eac758220d95e6d31066649a214) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Peter Marko <peter.marko@siemens.com> 2024-05-08 13:46:36 +0200
committer: Steve Sakoman <steve@sakoman.com> 2024-05-23 08:55:01 -0700
commit: ea63f4e0ed8eaf3f1478072029bee3a6a4189664 (patch)
tree: 9352f381f086de0f46ff8ca9732ce2610ef3386c /meta/recipes-core/glib-2.0/glib-2.0_2.78.5.bb
parent: 22357a9a0410562dbc873b72bfbca51d8ac23a15 (diff)
download: poky-ea63f4e0ed8eaf3f1478072029bee3a6a4189664.tar.gz
1 files changed, 56 insertions, 0 deletions
diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.78.5.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.78.5.bb
new file mode 100644
index 0000000000..d0aac737f7
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0_2.78.5.bb
@@ -0,0 +1,56 @@
+require glib.inc
+PE = "1"
+SHRT_VER = "${@oe.utils.trim_version("${PV}", 2)}"
+SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \
+           file://run-ptest \
+           file://0001-Fix-DATADIRNAME-on-uclibc-Linux.patch \
+           file://0001-Remove-the-warning-about-deprecated-paths-in-schemas.patch \
+           file://0001-Install-gio-querymodules-as-libexec_PROGRAM.patch \
+           file://0010-Do-not-hardcode-python-path-into-various-tools.patch \
+           file://0001-Set-host_machine-correctly-when-building-with-mingw3.patch \
+           file://0001-Do-not-write-bindir-into-pkg-config-files.patch \
+           file://0001-meson-Run-atomics-test-on-clang-as-well.patch \
+           file://0001-gio-tests-resources.c-comment-out-a-build-host-only-.patch \
+           file://0001-Switch-from-the-deprecated-distutils-module-to-the-p.patch \
+           file://memory-monitor.patch \
+           file://skip-timeout.patch \
+           "
+SRC_URI:append:class-native = " file://relocate-modules.patch \ 
+                                file://0001-meson.build-do-not-enable-pidfd-features-on-native-g.patch \
+                              "
+SRC_URI[sha256sum] = "39b26044bd44dc30f427202add4997f554723c30017e92ff36da4197a2c916aa"
+# Find any meson cross files in FILESPATH that are relevant for the current
+# build (using siteinfo) and add them to EXTRA_OEMESON.
+inherit siteinfo
+def find_meson_cross_files(d):
+    if bb.data.inherits_class('native', d):
+        return ""
+    thisdir = os.path.normpath(d.getVar("THISDIR"))
+    import collections
+    sitedata = siteinfo_data(d)
+    # filename -> found
+    files = collections.OrderedDict()
+    for path in d.getVar("FILESPATH").split(":"):
+        for element in sitedata:
+            filename = os.path.normpath(os.path.join(path, "meson.cross.d", element))
+            sanitized_path = filename.replace(thisdir, "${THISDIR}")
+            if sanitized_path == filename:
+                if os.path.exists(filename):
+                    bb.error("Cannot add '%s' to --cross-file, because it's not relative to THISDIR '%s' and sstate signature would contain this full path" % (filename, thisdir))
+                continue
+            files[filename.replace(thisdir, "${THISDIR}")] = os.path.exists(filename)
+    items = ["--cross-file=" + k for k,v in files.items() if v]
+    d.appendVar("EXTRA_OEMESON", " " + " ".join(items))
+    items = ["%s:%s" % (k, "True" if v else "False") for k,v in files.items()]
+    d.appendVarFlag("do_configure", "file-checksums", " " + " ".join(items))
+python () {
+    find_meson_cross_files(d)
+}
author	Peter Marko <peter.marko@siemens.com>	2024-05-08 13:46:36 +0200
committer	Steve Sakoman <steve@sakoman.com>	2024-05-23 08:55:01 -0700
commit	ea63f4e0ed8eaf3f1478072029bee3a6a4189664 (patch)
tree	9352f381f086de0f46ff8ca9732ce2610ef3386c /meta/recipes-core/glib-2.0/glib-2.0_2.78.5.bb
parent	22357a9a0410562dbc873b72bfbca51d8ac23a15 (diff)
download	poky-ea63f4e0ed8eaf3f1478072029bee3a6a4189664.tar.gz

diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.78.5.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.78.5.bb new file mode 100644 index 0000000000..d0aac737f7 --- /dev/null +++ b/meta/recipes-core/glib-2.0/glib-2.0_2.78.5.bb
@@ -0,0 +1,56 @@
	1	require glib.inc
	2
	3	PE = "1"
	4
	5	SHRT_VER = "${@oe.utils.trim_version("${PV}", 2)}"
	6
	7	SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \
	8	file://run-ptest \
	9	file://0001-Fix-DATADIRNAME-on-uclibc-Linux.patch \
	10	file://0001-Remove-the-warning-about-deprecated-paths-in-schemas.patch \
	11	file://0001-Install-gio-querymodules-as-libexec_PROGRAM.patch \
	12	file://0010-Do-not-hardcode-python-path-into-various-tools.patch \
	13	file://0001-Set-host_machine-correctly-when-building-with-mingw3.patch \
	14	file://0001-Do-not-write-bindir-into-pkg-config-files.patch \
	15	file://0001-meson-Run-atomics-test-on-clang-as-well.patch \
	16	file://0001-gio-tests-resources.c-comment-out-a-build-host-only-.patch \
	17	file://0001-Switch-from-the-deprecated-distutils-module-to-the-p.patch \
	18	file://memory-monitor.patch \
	19	file://skip-timeout.patch \
	20	"
	21	SRC_URI:append:class-native = " file://relocate-modules.patch \
	22	file://0001-meson.build-do-not-enable-pidfd-features-on-native-g.patch \
	23	"
	24
	25	SRC_URI[sha256sum] = "39b26044bd44dc30f427202add4997f554723c30017e92ff36da4197a2c916aa"
	26
	27	# Find any meson cross files in FILESPATH that are relevant for the current
	28	# build (using siteinfo) and add them to EXTRA_OEMESON.
	29	inherit siteinfo
	30	def find_meson_cross_files(d):
	31	if bb.data.inherits_class('native', d):
	32	return ""
	33
	34	thisdir = os.path.normpath(d.getVar("THISDIR"))
	35	import collections
	36	sitedata = siteinfo_data(d)
	37	# filename -> found
	38	files = collections.OrderedDict()
	39	for path in d.getVar("FILESPATH").split(":"):
	40	for element in sitedata:
	41	filename = os.path.normpath(os.path.join(path, "meson.cross.d", element))
	42	sanitized_path = filename.replace(thisdir, "${THISDIR}")
	43	if sanitized_path == filename:
	44	if os.path.exists(filename):
	45	bb.error("Cannot add '%s' to --cross-file, because it's not relative to THISDIR '%s' and sstate signature would contain this full path" % (filename, thisdir))
	46	continue
	47	files[filename.replace(thisdir, "${THISDIR}")] = os.path.exists(filename)
	48
	49	items = ["--cross-file=" + k for k,v in files.items() if v]
	50	d.appendVar("EXTRA_OEMESON", " " + " ".join(items))
	51	items = ["%s:%s" % (k, "True" if v else "False") for k,v in files.items()]
	52	d.appendVarFlag("do_configure", "file-checksums", " " + " ".join(items))
	53
	54	python () {
	55	find_meson_cross_files(d)
	56	}