glib glib-utils gdbus-codegen: bump 2.66.7 -> 2.68.3
This upgrades glib to the latest revision provided by Gentoo
to get fixes including for CVE-2021-28153 and reduce the
ebuild delta while keeping all the cros-specific downstream
changes as before.
BUG=b/200325608,b/200325807
TEST=presubmit
RELEASE_NOTE=Updated glib, glib-utils and gdbus-codegen to v2.68.3. This
resolves CVE-2021-28153.
cos-patch: security-moderate
Cq-Depend: chromium:3122333
Change-Id: Ic80e17417c0f303b129dcffc0b89b1f0dd219fca
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/overlays/chromiumos-overlay/+/3110407
Reviewed-by: Manoj Gupta <manojgupta@chromium.org>
Commit-Queue: Manoj Gupta <manojgupta@chromium.org>
Tested-by: Manoj Gupta <manojgupta@chromium.org>
Reviewed-on: https://cos-review.googlesource.com/c/third_party/overlays/chromiumos-overlay/+/22673
Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
Main-Branch-Verified: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
Reviewed-by: Meena Shanmugam <meenashanmugam@google.com>
diff --git a/dev-libs/glib/Manifest b/dev-libs/glib/Manifest
index c9d7739..0712703 100644
--- a/dev-libs/glib/Manifest
+++ b/dev-libs/glib/Manifest
@@ -1 +1 @@
-DIST glib-2.66.7.tar.xz 4844892 BLAKE2B 2d128e8c933a8c5bd27734e96e50244f27c29199823e2185e8cfa5b4bbc0ca23f761c9de275c9941672eb945e302178b3cb4b5bd577f375ad953a97dddc70e34 SHA512 f6e6cc0fe2ab4a31a623bf9a1e63f833783e044e7ed55b66a84fc0cbf1410eec233fe0e226abb20aac0e40167a9624bf5e65197f9eed879da1293af44408d530
+DIST glib-2.68.3.tar.xz 4945236 BLAKE2B 6086b7490f418cb98119ab25670766e3a84de81fd180dbc6e8f929d8f8ab748b0ae7ad6a85f5419ab3c00589c3afba95972d8b4541b310acdf6b6dc9b460a07d SHA512 fb120105c4cb582491a53a0e4c61fe4bdd1f94b279bb7c362afd591369ede50a196c706375564ededf3550d4062a285b038e20b605e6d5dfe36f5d208f4bad3f
diff --git a/dev-libs/glib/files/glib-2.68.3-glibc-2.34-close_range.patch b/dev-libs/glib/files/glib-2.68.3-glibc-2.34-close_range.patch
new file mode 100644
index 0000000..a84ccaa
--- /dev/null
+++ b/dev-libs/glib/files/glib-2.68.3-glibc-2.34-close_range.patch
@@ -0,0 +1,32 @@
+https://bugs.gentoo.org/803632
+https://gitlab.gnome.org/GNOME/glib/-/commit/63e7864d1a0ddbead3c18872e95116e3843e81be.patch
+
+From 6e59d21b273f026e82adc56fecbec67d1ffa72a4 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Thu, 8 Jul 2021 17:26:43 -0700
+Subject: [PATCH] correctly use 3 parameters for close_range
+
+libc implementation has 3 parameter e.g.
+https://www.freebsd.org/cgi/man.cgi?query=close_range&sektion=2&format=html
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ glib/gspawn.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/glib/gspawn.c b/glib/gspawn.c
+index 95f5b868e..a15fb1ca1 100644
+--- a/glib/gspawn.c
++++ b/glib/gspawn.c
+@@ -1494,7 +1494,7 @@ safe_closefrom (int lowfd)
+ *
+ * Handle ENOSYS in case it’s supported in libc but not the kernel; if so,
+ * fall back to safe_fdwalk(). */
+- if (close_range (lowfd, G_MAXUINT) != 0 && errno == ENOSYS)
++ if (close_range (lowfd, G_MAXUINT, 0) != 0 && errno == ENOSYS)
+ #endif /* HAVE_CLOSE_RANGE */
+ (void) safe_fdwalk (close_func, GINT_TO_POINTER (lowfd));
+ #endif
+--
+GitLab
+
diff --git a/dev-libs/glib/glib-2.66.7-r2.ebuild b/dev-libs/glib/glib-2.68.3-r1.ebuild
similarity index 91%
rename from dev-libs/glib/glib-2.66.7-r2.ebuild
rename to dev-libs/glib/glib-2.68.3-r1.ebuild
index 509c386..53a84fb 100644
--- a/dev-libs/glib/glib-2.66.7-r2.ebuild
+++ b/dev-libs/glib/glib-2.68.3-r1.ebuild
@@ -1,10 +1,10 @@
-# Copyright 1999-2020 Gentoo Authors
+# Copyright 1999-2021 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
PYTHON_COMPAT=( python3_{6,7,8,9} )
-inherit flag-o-matic gnome.org gnome2-utils linux-info meson multilib multilib-minimal python-any-r1 toolchain-funcs xdg
+inherit flag-o-matic gnome.org gnome2-utils linux-info meson-multilib multilib python-any-r1 toolchain-funcs xdg
DESCRIPTION="The GLib library of C routines"
HOMEPAGE="https://www.gtk.org/"
@@ -13,13 +13,10 @@
SLOT="2"
IUSE="cros_host dbus debug doc elibc_glibc fam gtk-doc kernel_linux +mime selinux static-libs sysprof systemtap test utils xattr"
RESTRICT="!test? ( test )"
+REQUIRED_USE="gtk-doc? ( test )" # Bug #777636
KEYWORDS="*"
-# * libelf isn't strictly necessary, but makes gresource tool more useful, and
-# the check is automagic in gio/meson.build. gresource is not a multilib tool
-# right now, thus it doesn't matter if non-native ABI libelf exists or not
-# (non-native binary is overwritten, it doesn't matter if libelf was linked to).
# * elfutils (via libelf) does not build on Windows. gresources are not embedded
# within ELF binaries on that platform anyway and inspecting ELF binaries from
# other platforms is not that useful so exclude the dependency in this case.
@@ -33,7 +30,7 @@
!<dev-util/gdbus-codegen-${PV}
>=virtual/libiconv-0-r1[${MULTILIB_USEDEP}]
>=dev-libs/libpcre-8.31:3[${MULTILIB_USEDEP},static-libs?]
- >=virtual/libffi-3.0.13-r1:=[${MULTILIB_USEDEP}]
+ >=dev-libs/libffi-3.0.13-r1:=[${MULTILIB_USEDEP}]
>=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}]
>=virtual/libintl-0-r2[${MULTILIB_USEDEP}]
kernel_linux? ( >=sys-apps/util-linux-2.23[${MULTILIB_USEDEP}] )
@@ -41,7 +38,7 @@
xattr? ( !elibc_glibc? ( >=sys-apps/attr-2.4.47-r1[${MULTILIB_USEDEP}] ) )
cros_host? ( virtual/libelf:0= )
fam? ( >=virtual/fam-0-r1[${MULTILIB_USEDEP}] )
- sysprof? ( >=dev-util/sysprof-capture-3.38:4[${MULTILIB_USEDEP}] )
+ sysprof? ( >=dev-util/sysprof-capture-3.40.1:4[${MULTILIB_USEDEP}] )
"
DEPEND="${RDEPEND}"
# libxml2 used for optional tests that get automatically skipped
@@ -73,7 +70,9 @@
)
PATCHES=(
+ "${FILESDIR}"/${PN}-2.64.1-mark-gdbus-server-auth-test-flaky.patch
"${FILESDIR}/glib-2.66.7-CHROMIUM-gdbus-system-bus-address.patch"
+ "${FILESDIR}"/${PN}-2.68.3-glibc-2.34-close_range.patch
)
pkg_setup() {
@@ -171,19 +170,18 @@
-Dman=$(multilib_native_usex doc true false)
$(meson_use systemtap dtrace)
$(meson_use systemtap)
- -Dgtk_doc=$(multilib_native_usex gtk-doc true false)
+ $(meson_feature sysprof)
+ $(meson_native_use_bool gtk-doc gtk_doc)
$(meson_use fam)
+ $(meson_use test tests)
-Dinstalled_tests=false
-Dnls=enabled
-Doss_fuzz=disabled
+ $(meson_native_use_feature cros_host libelf)
)
meson_src_configure
}
-multilib_src_compile() {
- meson_src_compile
-}
-
multilib_src_test() {
export XDG_CONFIG_DIRS=/etc/xdg
export XDG_DATA_DIRS=/usr/local/share:/usr/share
@@ -272,6 +270,13 @@
ewarn "your final image for performance reasons and re-run it when packages"
ewarn "installing GIO modules get upgraded or added to the image."
fi
+
+ for v in ${REPLACING_VERSIONS}; do
+ if ver_test "$v" "-lt" "2.63.6"; then
+ ewarn "glib no longer installs the gio-launch-desktop binary. You may need"
+ ewarn "to restart your session for \"Open With\" dialogs to work."
+ fi
+ done
}
pkg_postrm() {
diff --git a/dev-util/gdbus-codegen/Manifest b/dev-util/gdbus-codegen/Manifest
index c9d7739..0712703 100644
--- a/dev-util/gdbus-codegen/Manifest
+++ b/dev-util/gdbus-codegen/Manifest
@@ -1 +1 @@
-DIST glib-2.66.7.tar.xz 4844892 BLAKE2B 2d128e8c933a8c5bd27734e96e50244f27c29199823e2185e8cfa5b4bbc0ca23f761c9de275c9941672eb945e302178b3cb4b5bd577f375ad953a97dddc70e34 SHA512 f6e6cc0fe2ab4a31a623bf9a1e63f833783e044e7ed55b66a84fc0cbf1410eec233fe0e226abb20aac0e40167a9624bf5e65197f9eed879da1293af44408d530
+DIST glib-2.68.3.tar.xz 4945236 BLAKE2B 6086b7490f418cb98119ab25670766e3a84de81fd180dbc6e8f929d8f8ab748b0ae7ad6a85f5419ab3c00589c3afba95972d8b4541b310acdf6b6dc9b460a07d SHA512 fb120105c4cb582491a53a0e4c61fe4bdd1f94b279bb7c362afd591369ede50a196c706375564ededf3550d4062a285b038e20b605e6d5dfe36f5d208f4bad3f
diff --git a/dev-util/gdbus-codegen/gdbus-codegen-2.66.7-r1.ebuild b/dev-util/gdbus-codegen/gdbus-codegen-2.68.3.ebuild
similarity index 95%
rename from dev-util/gdbus-codegen/gdbus-codegen-2.66.7-r1.ebuild
rename to dev-util/gdbus-codegen/gdbus-codegen-2.68.3.ebuild
index 0b83fea..54e5e8b 100644
--- a/dev-util/gdbus-codegen/gdbus-codegen-2.66.7-r1.ebuild
+++ b/dev-util/gdbus-codegen/gdbus-codegen-2.68.3.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2020 Gentoo Authors
+# Copyright 1999-2021 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
@@ -16,7 +16,6 @@
LICENSE="LGPL-2+"
SLOT="0"
KEYWORDS="*"
-IUSE=""
RDEPEND="${PYTHON_DEPS}"
DEPEND="${RDEPEND}"
@@ -54,7 +53,7 @@
--stringparam man.copyright.section.enabled 0 \
-o "${2}" \
http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl \
- "${1}" || ewarn "manpage generation failed"
+ "${1}" || die "manpage generation failed"
}
src_compile() {
diff --git a/dev-util/glib-utils/Manifest b/dev-util/glib-utils/Manifest
index c9d7739..0712703 100644
--- a/dev-util/glib-utils/Manifest
+++ b/dev-util/glib-utils/Manifest
@@ -1 +1 @@
-DIST glib-2.66.7.tar.xz 4844892 BLAKE2B 2d128e8c933a8c5bd27734e96e50244f27c29199823e2185e8cfa5b4bbc0ca23f761c9de275c9941672eb945e302178b3cb4b5bd577f375ad953a97dddc70e34 SHA512 f6e6cc0fe2ab4a31a623bf9a1e63f833783e044e7ed55b66a84fc0cbf1410eec233fe0e226abb20aac0e40167a9624bf5e65197f9eed879da1293af44408d530
+DIST glib-2.68.3.tar.xz 4945236 BLAKE2B 6086b7490f418cb98119ab25670766e3a84de81fd180dbc6e8f929d8f8ab748b0ae7ad6a85f5419ab3c00589c3afba95972d8b4541b310acdf6b6dc9b460a07d SHA512 fb120105c4cb582491a53a0e4c61fe4bdd1f94b279bb7c362afd591369ede50a196c706375564ededf3550d4062a285b038e20b605e6d5dfe36f5d208f4bad3f
diff --git a/dev-util/glib-utils/glib-utils-2.66.7-r2.ebuild b/dev-util/glib-utils/glib-utils-2.68.3.ebuild
similarity index 94%
rename from dev-util/glib-utils/glib-utils-2.66.7-r2.ebuild
rename to dev-util/glib-utils/glib-utils-2.68.3.ebuild
index b9c8099..19db913 100644
--- a/dev-util/glib-utils/glib-utils-2.66.7-r2.ebuild
+++ b/dev-util/glib-utils/glib-utils-2.68.3.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2020 Gentoo Authors
+# Copyright 1999-2021 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
@@ -17,9 +17,7 @@
KEYWORDS="*"
-RDEPEND="${PYTHON_DEPS}
- !<dev-libs/glib-2.56.2:2
-"
+RDEPEND="${PYTHON_DEPS}"
BDEPEND="
dev-libs/libxslt
app-text/docbook-xsl-stylesheets
@@ -41,7 +39,7 @@
--stringparam man.copyright.section.enabled 0 \
-o "${2}" \
http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl \
- "${1}" || ewarn "manpage generation failed"
+ "${1}" || die "manpage generation failed"
}
src_compile() {
