Control: tags -1 confirmed moreinfo On 2021-03-20 21:58:39 +0000, Simon McVittie wrote: > On Sat, 20 Mar 2021 at 17:08:14 +0000, Simon McVittie wrote: > > [x] attach debdiff against the package in testing > > (as with the recent mutter and gnome-shell unblocks, to minimize > > noise this is a diff between patched trees, excluding the patches > > themselves) > > Sorry, really attached now.
Thanks, please go ahead and let us know once it reached unstable. Cheers > > smcv > git diff archive/debian/2.66.7-2..patch-queue/debian/master | filterdiff -p1 > --exclude 'debian/patches/*.patch' > > diff --git a/NEWS b/NEWS > index 0f0a6a28b..d4a4703d2 100644 > --- a/NEWS > +++ b/NEWS > @@ -1,3 +1,15 @@ > +Overview of changes in GLib 2.66.8 > +================================== > + > +* Fix a security issue when using `g_file_replace()` with > + `G_FILE_CREATE_REPLACE_DESTINATION` (#2325) > + > +* Bugs fixed: > + - #2325 file-roller symlink attack > + - !1982 Backport !2325 “file-roller symlink attack” to glib-2-66 > + - !1990 Backport !1976 “Use the right permissions for directory watching on > Win32” to glib-2-66 > + > + > Overview of changes in GLib 2.66.7 > ================================== > > diff --git a/debian/changelog b/debian/changelog > index eefd875a6..80c0657ef 100644 > --- a/debian/changelog > +++ b/debian/changelog > @@ -1,3 +1,23 @@ > +glib2.0 (2.66.8-1) unstable; urgency=medium > + > + * d/watch: Only watch for 2.66.x versions. > + 2.68.0 has been released but will not be in bullseye. > + * New upstream release > + - Functionally equivalent to 2.66.7-2, except for the version number > + and a change to Windows-specific code that is not used in Debian > + * Drop patches that were included in the new upstream release > + * d/p/glocalfileoutputstream-Tidy-up-error-handling.patch: > + Add patch from upstream to clean up error handling. > + After the fix for #984969, this function could end up calling close(-1), > + which is harmless but gets flagged as an error by static analysis and > + by error-checking instrumentation. Fixing this will prevent it from > + obscuring real errors. > + * Add CVE references in recent changelog entries. > + CVE IDs for the vulnerabilities were not available at the time they were > + fixed, but now they are. > + > + -- Simon McVittie <s...@debian.org> Sat, 20 Mar 2021 15:35:19 +0000 > + > glib2.0 (2.66.7-2) unstable; urgency=medium > > * d/changelog: Add bug numbers for integer overflows in previous versions > @@ -6,7 +26,7 @@ glib2.0 (2.66.7-2) unstable; urgency=medium > replace a path that is a dangling symlink, previously it would have also > created the target of the symlink as an empty file, which could > conceivably be security-sensitive if the symlink is attacker-controlled. > - (Closes: #984969) > + (Closes: #984969; CVE-2021-28153) > > -- Simon McVittie <s...@debian.org> Thu, 11 Mar 2021 10:23:38 +0000 > > @@ -16,7 +36,7 @@ glib2.0 (2.66.7-1) unstable; urgency=high > - Fix another regression caused by the GHSL-2021-045 fixes in 2.66.6 > - Warn and fail on integer overflow in g_byte_array_new_take() > for arrays larger than G_MAXUINT > - (Closes: #982779; similar to GHSL-2021-045) > + (Closes: #982779; CVE-2021-27218) > - Disallow using currently-undefined D-Bus connection or server flags, > to prevent forward-compatibility problems with new security-sensitive > flags that are likely to be introduced in GLib 2.68 > @@ -41,7 +61,7 @@ glib2.0 (2.66.6-1) unstable; urgency=high > > * New upstream release > - Fix various integer overflows, some of them potentially exploitable > - (Closes: #982778, GHSL-2021-045) > + (Closes: #982778; CVE-2021-27219, GHSL-2021-045) > > -- Simon McVittie <s...@debian.org> Thu, 04 Feb 2021 20:24:20 +0000 > > diff --git > a/debian/patches/glocalfileoutputstream-Tidy-up-error-handling.patch > b/debian/patches/glocalfileoutputstream-Tidy-up-error-handling.patch > new file mode 100644 > index 000000000..04f040d40 > diff --git a/debian/patches/series b/debian/patches/series > index 772de8095..8e7842b2f 100644 > --- a/debian/patches/series > +++ b/debian/patches/series > @@ -1,10 +1,6 @@ > -glocalfileoutputstream-Fix-a-typo-in-a-comment.patch > -tests-Stop-using-g_test_bug_base-in-file-tests.patch > -glocalfileoutputstream-Factor-out-a-flag-check.patch > -glocalfileoutputstream-Fix-CREATE_REPLACE_DESTINATION-wit.patch > -glocalfileoutputstream-Add-a-missing-O_CLOEXEC-flag-to-re.patch > glib-tests-fileutils-Make-more-use-of-g_assert_no_errno.patch > glib-tests-fileutils-Fix-expectations-when-running-as-roo.patch > +glocalfileoutputstream-Tidy-up-error-handling.patch > 01_gettext-desktopfiles.patch > 0001-timer-test-use-volatile-for-locals.patch > gwakeuptest-Be-less-parallel-unless-invoked-with-m-slow.patch > diff --git a/debian/watch b/debian/watch > index f028879b9..5a5e3cbab 100644 > --- a/debian/watch > +++ b/debian/watch > @@ -1,3 +1,3 @@ > version=4 > -https://download.gnome.org/sources/glib/([\d\.]+[02468])/ \ > +https://download.gnome.org/sources/glib/2.66/ \ > glib@ANY_VERSION@\.tar\.xz > diff --git a/gio/glocalfileoutputstream.c b/gio/glocalfileoutputstream.c > index 4c512ea81..78d3e85a6 100644 > --- a/gio/glocalfileoutputstream.c > +++ b/gio/glocalfileoutputstream.c > @@ -943,7 +943,7 @@ handle_overwrite_open (const char *filename, > _("Error when getting information for file “%s”: %s"), > display_name, g_strerror (errsv)); > g_free (display_name); > - goto err_out; > + goto error; > } > > /* not a regular file */ > @@ -955,7 +955,7 @@ handle_overwrite_open (const char *filename, > G_IO_ERROR, > G_IO_ERROR_IS_DIRECTORY, > _("Target file is a directory")); > - goto err_out; > + goto error; > } > else if (!is_symlink || > #ifdef S_ISLNK > @@ -969,7 +969,7 @@ handle_overwrite_open (const char *filename, > G_IO_ERROR, > G_IO_ERROR_NOT_REGULAR_FILE, > _("Target file is not a regular file")); > - goto err_out; > + goto error; > } > } > > @@ -983,7 +983,7 @@ handle_overwrite_open (const char *filename, > G_IO_ERROR_WRONG_ETAG, > _("The file was externally modified")); > g_free (current_etag); > - goto err_out; > + goto error; > } > g_free (current_etag); > } > @@ -1078,7 +1078,7 @@ handle_overwrite_open (const char *filename, > G_IO_ERROR_CANT_CREATE_BACKUP, > _("Backup file creation failed")); > g_free (backup_filename); > - goto err_out; > + goto error; > } > > bfd = g_open (backup_filename, > @@ -1092,7 +1092,7 @@ handle_overwrite_open (const char *filename, > G_IO_ERROR_CANT_CREATE_BACKUP, > _("Backup file creation failed")); > g_free (backup_filename); > - goto err_out; > + goto error; > } > > /* If needed, Try to set the group of the backup same as the > @@ -1109,7 +1109,7 @@ handle_overwrite_open (const char *filename, > g_unlink (backup_filename); > g_close (bfd, NULL); > g_free (backup_filename); > - goto err_out; > + goto error; > } > > if ((_g_stat_gid (&original_stat) != _g_stat_gid (&tmp_statbuf)) && > @@ -1126,7 +1126,7 @@ handle_overwrite_open (const char *filename, > g_unlink (backup_filename); > g_close (bfd, NULL); > g_free (backup_filename); > - goto err_out; > + goto error; > } > } > #endif > @@ -1141,7 +1141,7 @@ handle_overwrite_open (const char *filename, > g_close (bfd, NULL); > g_free (backup_filename); > > - goto err_out; > + goto error; > } > > g_close (bfd, NULL); > @@ -1156,7 +1156,7 @@ handle_overwrite_open (const char *filename, > g_io_error_from_errno (errsv), > _("Error seeking in file: %s"), > g_strerror (errsv)); > - goto err_out; > + goto error; > } > } > > @@ -1172,7 +1172,7 @@ handle_overwrite_open (const char *filename, > g_io_error_from_errno (errsv), > _("Error removing old file: %s"), > g_strerror (errsv)); > - goto err_out2; > + goto error; > } > > if (readable) > @@ -1189,7 +1189,7 @@ handle_overwrite_open (const char *filename, > _("Error opening file “%s”: %s"), > display_name, g_strerror (errsv)); > g_free (display_name); > - goto err_out2; > + goto error; > } > } > else > @@ -1207,15 +1207,16 @@ handle_overwrite_open (const char *filename, > g_io_error_from_errno (errsv), > _("Error truncating file: %s"), > g_strerror (errsv)); > - goto err_out; > + goto error; > } > } > > return fd; > > - err_out: > - g_close (fd, NULL); > - err_out2: > +error: > + if (fd >= 0) > + g_close (fd, NULL); > + > return -1; > } > > diff --git a/gio/win32/gwin32fsmonitorutils.c > b/gio/win32/gwin32fsmonitorutils.c > index e6b7d1dcd..b47124634 100644 > --- a/gio/win32/gwin32fsmonitorutils.c > +++ b/gio/win32/gwin32fsmonitorutils.c > @@ -345,7 +345,7 @@ g_win32_fs_monitor_init (GWin32FSMonitorPrivate *monitor, > monitor->file_attribs = INVALID_FILE_ATTRIBUTES; > monitor->pfni_prev = NULL; > monitor->hDirectory = CreateFileW (wdirname_with_long_prefix != NULL ? > wdirname_with_long_prefix : monitor->wfullpath_with_long_prefix, > - FILE_GENERIC_READ | FILE_GENERIC_WRITE, > + FILE_LIST_DIRECTORY, > FILE_SHARE_DELETE | FILE_SHARE_READ | > FILE_SHARE_WRITE, > NULL, > OPEN_EXISTING, > diff --git a/meson.build b/meson.build > index aee96566c..740e46b86 100644 > --- a/meson.build > +++ b/meson.build > @@ -1,5 +1,5 @@ > project('glib', 'c', 'cpp', > - version : '2.66.7', > + version : '2.66.8', > # NOTE: We keep this pinned at 0.49 because that's what Debian 10 ships > meson_version : '>= 0.49.2', > default_options : [ -- Sebastian Ramacher
signature.asc
Description: PGP signature
