From bc6193f1de592dda88b9cb27c042a3a558204e2b Mon Sep 17 00:00:00 2001 From: roy Date: Tue, 2 Sep 2025 09:56:59 +0800 Subject: [PATCH] Fix CVE-2025-7039 --- .glib2.spec.swp | Bin 0 -> 16384 bytes CVE-2025-7039.patch | 42 ++++++++++++++++++++++++++++++++++++++++++ glib2.spec | 6 +++++- 3 files changed, 47 insertions(+), 1 deletion(-) create mode 100644 .glib2.spec.swp create mode 100644 CVE-2025-7039.patch diff --git a/.glib2.spec.swp b/.glib2.spec.swp new file mode 100644 index 0000000000000000000000000000000000000000..c2e96268da6e252619cbe34ab37ccc6d039fd0e4 GIT binary patch literal 16384 zcmeI3e~ctW6~{|JQ3NEAh(;0%kA*wD?w#q`x!qfK$sMe@svE+3D%}_3G8D_o}LUYo(j6Kg1{WGQ;O0#-5$~Ve?RFl>O~|#$?b===Nrx zg|Xcw%@#Gs^vk6UGM}ajM{Thz+#nncLg9>C^)@Z|ZYQ|!ec-d7T(hEHbg|$JQ zMN*-GLIYdSKoZxri3?c8NT=wwk6g|#x%k)?3Km%k4HOzEG*D=u&_JPqLIZ^c3Jnw* z_1U;2Nt^t}9wed%Xszr*bNGg-xX{n_o} ztI$B9fkFd?1_})n8YnbSXrRzQp@BjJg$4=@6dL#+Xuz}?+lG2Cp#uOs|IhdDe|R5b zFMwykqu?9hdTlZNgJMa)V4d%fP@H*Zp_yzbTxDzaa z!$1e;gO}gS*mK|~;6Ct4@NsYiTn7Gf9%Fw7Pl0cPZ-G0(32*?6fGfax;Q9A3_FM29 z@C>*E>;eCJH|~L7gU7+$;ASulwt?5qg&g1|@ErIqcnEwMw83$3C3y8+jQt2a2EGPr zzyt@uhrx^QWb6^J3T_2;a0U41IgI@SyZ{~sUjY^v1v>a3_&W|uUITvx&w!`Fli*&k z0&WHipbB*GCdTgP;C}FR@FgIC4L%L#0FCd(U<;p-h8xsOmxt{|DMA_8iRIK>u^6_k z#n6nKeB@Luaa>ylLA*M0YSA`h({|)48}URG_=}Do#ir}Bk^F+y9pC0U*L>3x{A%5f zrD+K*7G9`ZToWt8;?m<OO}8#kkN1o`UI zwiBsaSzg>m-LV<=WX)s|_F^oeIGT=SBKYyFfM@zzXf{ODQ@{?a#1npO#!lep*++zL zJN2xT&2KVkU7Ai8u+NX-*2$MoujY8KDEKTno!=B*cI+))a2Y^ZxOAAbH#r zs(`^m(^`TibT(p($dXP-o#XgWA;xa3MS&}z!b!Tv(FGdQRSmWADg4TtL(5XQ!i>Z! zJ0gQ+2eoBI)|8nZQsz1`FjHF1tdJkj4>q589#oOnq=ed}C+KwArBvX&Bh=%1;;XSU zT_37$kS&^X}Ghf{A4C{q;} zuFbT*Gu3BWYM4fkidzy#t}_bsIu;*Rs$by?N&)Md%z&b^PLlR=Gl64>9g9avEgzJQ z4pS?4M5GKdD==t=X$`|wm$h)Fy32|UQ^Q+RUVo|3lETok9`tLL<}1(A`b{>w&1TY9 z=g2Mby5nZLB2%87L+Mn7?LnofSMCrWQ}4Ae@awK)#h8$dpmqZOOIzcD;CRR+rg&K& z-;Eaohr6o&4mRwX))b}<$s*RDm<{QcO>JwP9k9Bruj&i07}{{Jn6MH734KDxB##{5 zf`hBez~i$E2Y2!);Lh5aTWjNHJ#Lv&aClu5!sPb(?BN>^?dK+fS<{R#&4tfe(urf? zQ!D#aO1EJTzQJvC)TPSlYLKpq;5KZ*Tc{usBv>qLriRanxXEjY5A~(aND9HXW3G8Z zqMo|5EOu}=Xlbq*pESy4gN}K##>s4Xu(vYI10FmT(%!yeH$2A^JBDU}MOsZ$A}9^d z(^$4^8>IRPD%rtUkJTzq-moNOujmH7yLwbufrn{fXF(=Hqr%omIM{YQ8166Xrgz4H zi^>f16!|1m0jxU(!led0UEOJHUw_J#_0kT0?KGy`L`g5PzS5&fBu8tGKibe7sYQq} zzK|Qt%f8}PQ_{Mvzt#aI^%XNVtxltmK(D%$vIEiF8a#dd1i< zcfIbYoE3eY!CNDPaO)~(Nr%~PP-(-VB~?TCsk9}ds&CM_ni(}U%zzL}Gc4EAGJ|HM zmglLJjSZ$YEQ>b;oY_i@EteTv%_`Pe`)=B=8E9S`FI9HyFe9wORN@#V22xV^zJZ8v4YTy6RaH>#-^Im6Pn)(Ya22 zRBK*mtJTsQ@e){k88G2a@q=t@THulGJTJ~50;s-2`mhTin5VhgW zv0g+P#taUhR#Mo)P!L8uNUSDDTtHCzsEQ>jZos*zg>brN)JAI5D#!|d< z4;@kO)FTqq;Ck#u+G_+!ymq_6X#amX_K^R^zLWOR=8W1Q&p_ zz$-W(_#>e6f~Ub3!D+Axt^;FWC)fsF##zBj;34o;a38n_NN@|d5_|w$1kMG&$C<(N z;689WxDAYh%fN@gFL7q@1o$!dKDZ5h4(tNk0SA|YS8;~$3ittd5Zn$DFb58T^8tt^v!10}!UCkGo37;1sFYo3?34i9C6Ij@P%Jdt2s*S%c{od0| z%$9I;1l()6#tprSSgslHiF{`N{Ju$qxGZdzcWY&1tXk^%St%jxYkdCL>?Ahhh(IxZ zT|YCK#@XQo77!>Wtz|6pujZe?u7;#Es;QLCF9>MHzu*{80Dg*sD*M9nMF0Phpv7mLe zs*^7FbpF|kqG^xT#yTP$fYwZoNVnub+p|Z77sO((I-i-90nW5M;nfglQ{8PM*$hq; zjq=-)tV)t$^WryzQWdSBX=VE7V zV}V8L$9c3;2dAYHrbK$uy1B)XZVs7}8>vuDvEn2r5`QYcC=X0WC6TiIV{3=LnpxHj ziJKZQRE<716K5*@Dp%L5tlBfuUH4;@v`TfXI^NfVY)Riu%zaBXt<^A(Q(wybWRrSA zzNK?DvAzJ^k?j!xZgJcwPpmIMH?c>6T$eO?(LUVm$)@8u{#55`-SMqzYsWY1W7@>- zjoPQgp7zPF(OB+E+uxGzyH0Fv*C)!=%Fw2>#Ga7otX6w^<0-m?ut@oDT(6KMbefL? zNpjqInE_D|y>XUjnK-lOYWt|ExP?$gCw(66;e63bleig%I6GC_+dLHCkode(O2_Ps zJ4j21u9qhJp|}k9BW-nT>A^Ee65n#2NNCt-Hw1b>>xT_upfaVT!ONLgu9LLsX;x#Z zbG42i8C=Gg6mbGAtv1`8z3C$|4#%86R@uB&>MSjXGM80H zH)A-g?0c*<=&z`w-AOwm13V7HF@uliixwUP;o+GHm$UVj^ZwEj(Q1;KJ699q>o<>i mi~7}ikrrdw!i)EwpsT}y^f-Id0iTBr(sC@9WQ$7J#r_LIBdm%5 literal 0 HcmV?d00001 diff --git a/CVE-2025-7039.patch b/CVE-2025-7039.patch new file mode 100644 index 0000000..5cec29b --- /dev/null +++ b/CVE-2025-7039.patch @@ -0,0 +1,42 @@ +From 61e963284889ddb4544e6f1d5261c16120f6fcc3 Mon Sep 17 00:00:00 2001 +From: Michael Catanzaro +Date: Tue, 1 Jul 2025 10:58:07 -0500 +Subject: [PATCH] gfileutils: fix computation of temporary file name + +We need to ensure that the value we use to index into the letters array +is always positive. + +Fixes #3716 +--- + glib/gfileutils.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/glib/gfileutils.c b/glib/gfileutils.c +index c7d3339d1..286b1b154 100644 +--- a/glib/gfileutils.c ++++ b/glib/gfileutils.c +@@ -1538,9 +1538,9 @@ get_tmp_file (gchar *tmpl, + static const char letters[] = + "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; + static const int NLETTERS = sizeof (letters) - 1; +- gint64 value; +- gint64 now_us; +- static int counter = 0; ++ guint64 value; ++ guint64 now_us; ++ static guint counter = 0; + + g_return_val_if_fail (tmpl != NULL, -1); + +@@ -1559,7 +1559,7 @@ get_tmp_file (gchar *tmpl, + + for (count = 0; count < 100; value += 7777, ++count) + { +- gint64 v = value; ++ guint64 v = value; + + /* Fill in the random bits. */ + XXXXXX[0] = letters[v % NLETTERS]; +-- +2.20.1 + diff --git a/glib2.spec b/glib2.spec index 66b3b90..ab132e2 100644 --- a/glib2.spec +++ b/glib2.spec @@ -2,7 +2,7 @@ Name: glib2 Version: 2.84.4 -Release: 1 +Release: 2 Summary: The core library that forms the basis for projects such as GTK+ and GNOME License: LGPL-2.1-or-later URL: https://www.gtk.org @@ -11,6 +11,7 @@ Source0: https://download.gnome.org/sources/glib/2.84/glib-%{version}.tar Patch1: gspawn-eperm.patch Patch3: gio-fix-filesystem-type-ext-err.patch Patch4: Correct-translation-information.patch +Patch5: CVE-2025-7039.patch BuildRequires: gcc gettext BuildRequires: meson >= 1.4.0 @@ -233,6 +234,9 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || : %{_docdir}/g*-2.0 %changelog +* Tue Sep 02 2025 Yu Peng - 2.84.4-2 +- Fix CVE-2025-7039 + * Sat Aug 09 2025 Funda Wang - 2.84.4-1 - update to 2.84.4 -- Gitee