From e906c2cb2e4d424d2cc66a37d0f5550865cd3d4c Mon Sep 17 00:00:00 2001 From: Funda Wang Date: Sat, 9 Aug 2025 02:59:32 +0800 Subject: [PATCH] fix CVE-2025-7039 (cherry picked from commit 6ddfdf72223832c91890aed7ca88776bb0c6bd2f) --- backport-CVE-2025-7039.patch | 42 ++++++++++++++++++++++++++++++++++++ glib2.spec | 6 +++++- 2 files changed, 47 insertions(+), 1 deletion(-) create mode 100644 backport-CVE-2025-7039.patch diff --git a/backport-CVE-2025-7039.patch b/backport-CVE-2025-7039.patch new file mode 100644 index 0000000..0a1ba5e --- /dev/null +++ b/backport-CVE-2025-7039.patch @@ -0,0 +1,42 @@ +From 8f4da99bf2f112b8e4329d8c44b6ab5dea467cb1 Mon Sep 17 00:00:00 2001 +From: Michael Catanzaro +Date: Tue, 1 Jul 2025 10:58:07 -0500 +Subject: [PATCH] gfileutils: fix computation of temporary file name + +We need to ensure that the value we use to index into the letters array +is always positive. + +Fixes #3716 +--- + glib/gfileutils.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/glib/gfileutils.c b/glib/gfileutils.c +index bc4bcf1f4d..9930030d25 100644 +--- a/glib/gfileutils.c ++++ b/glib/gfileutils.c +@@ -1475,9 +1475,9 @@ + static const char letters[] = + "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; + static const int NLETTERS = sizeof (letters) - 1; +- glong value; +- gint64 now_us; +- static int counter = 0; ++ guint64 value; ++ guint64 now_us; ++ static guint counter = 0; + + g_return_val_if_fail (tmpl != NULL, -1); + +@@ -1496,7 +1496,7 @@ + + for (count = 0; count < 100; value += 7777, ++count) + { +- glong v = value; ++ guint64 v = value; + + /* Fill in the random bits. */ + XXXXXX[0] = letters[v % NLETTERS]; +-- +GitLab + diff --git a/glib2.spec b/glib2.spec index 0c8b06f..202449e 100644 --- a/glib2.spec +++ b/glib2.spec @@ -1,6 +1,6 @@ Name: glib2 Version: 2.72.2 -Release: 21 +Release: 22 Summary: The core library that forms the basis for projects such as GTK+ and GNOME License: LGPLv2+ URL: http://www.gtk.org @@ -92,6 +92,7 @@ patch6078: backport-CVE-2024-52533.patch patch6079: backport-CVE-2025-4056.patch patch6080: backport-CVE-2025-3360.patch Patch6081: backport-CVE-2025-4373.patch +Patch6082: backport-CVE-2025-7039.patch BuildRequires: chrpath gcc gcc-c++ gettext perl-interpreter BUildRequires: glibc-devel libattr-devel libselinux-devel meson @@ -278,6 +279,9 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || : %endif %changelog +* Sat Aug 09 2025 Funda Wang - 2.72.2-22 +- fix CVE-2025-7039 + * Sat May 10 2025 Funda Wang - 2.72.2-21 - fix CVE-2025-3360, CVE-2025-4373 -- Gitee