From 111865439bd557398e4ade6446f4b22bdf9941f4 Mon Sep 17 00:00:00 2001 From: Josef Schlehofer Date: Mon, 20 Apr 2020 12:04:03 +0200 Subject: [PATCH] Revert "glib2: update to 2.64.2" It is not ready and there are some issues described in https://github.com/openwrt/packages/pull/11442 This reverts commit b465ac30028c8b17228f455da057e49add3735b4. Signed-off-by: Josef Schlehofer --- libs/glib2/Makefile | 96 +++++++++---------- libs/glib2/patches/000-CVE-2019-12450.patch | 53 ++++++++++ libs/glib2/patches/001-automake-compat.patch | 5 + libs/glib2/patches/001-no-libelf.patch | 23 ----- .../patches/002-fix-gthreadedresolver.patch | 20 ++++ libs/glib2/patches/002-no-tests.patch | 11 --- 6 files changed, 124 insertions(+), 84 deletions(-) create mode 100644 libs/glib2/patches/000-CVE-2019-12450.patch create mode 100644 libs/glib2/patches/001-automake-compat.patch delete mode 100644 libs/glib2/patches/001-no-libelf.patch create mode 100644 libs/glib2/patches/002-fix-gthreadedresolver.patch delete mode 100644 libs/glib2/patches/002-no-tests.patch diff --git a/libs/glib2/Makefile b/libs/glib2/Makefile index 5f102d235..f9a793251 100644 --- a/libs/glib2/Makefile +++ b/libs/glib2/Makefile @@ -8,33 +8,36 @@ include $(TOPDIR)/rules.mk PKG_NAME:=glib2 -PKG_VERSION:=2.64.2 -PKG_RELEASE:=1 +PKG_VERSION:=2.58.3 +PKG_RELEASE:=5 PKG_SOURCE:=glib-$(PKG_VERSION).tar.xz -PKG_SOURCE_URL:=@GNOME/glib/2.64 -PKG_HASH:=9a2f21ed8f13b9303399de13a0252b7cbcede593d26971378ec6cb90e87f2277 +PKG_BUILD_DIR:=$(BUILD_DIR)/glib-$(PKG_VERSION) +PKG_SOURCE_URL:=@GNOME/glib/2.58 +PKG_HASH:=8f43c31767e88a25da72b52a40f3301fefc49a665b56dc10ee7cc9565cbe7481 + +PKG_BUILD_PARALLEL:=1 +HOST_BUILD_PARALLEL:=1 +PKG_BUILD_DEPENDS:=gettext +HOST_BUILD_DEPENDS:=gettext-full/host libiconv/host libffi/host +PKG_INSTALL:=1 -PKG_MAINTAINER:=Peter Wagner -PKG_LICENSE:=LGPL-2.1-or-later -PKG_LICENSE_FILES:=COPYING PKG_CPE_ID:=cpe:/a:gnome:glib -PKG_BUILD_DIR:=$(BUILD_DIR)/glib-$(PKG_VERSION) +PKG_FIXUP:=autoreconf + HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/glib-$(PKG_VERSION) -PKG_BUILD_DEPENDS:=meson/host -HOST_BUILD_DEPENDS:=meson/host libffi/host libiconv/host -PKG_INSTALL:=1 include $(INCLUDE_DIR)/host-build.mk include $(INCLUDE_DIR)/package.mk -include ../../devel/meson/meson.mk +include $(INCLUDE_DIR)/nls.mk define Package/glib2 SECTION:=libs CATEGORY:=Libraries - DEPENDS:=+zlib +libpthread +libffi +libattr @!USE_UCLIBC + DEPENDS:=$(ICONV_DEPENDS) $(INTL_DEPENDS) +zlib +libpthread +libffi +libattr TITLE:=glib 2.0 + MAINTAINER:=Peter Wagner URL:=http://www.gtk.org/ endef @@ -42,42 +45,35 @@ define Package/glib2/description The GLib library of C routines endef -TARGET_CFLAGS += -ffunction-sections -fdata-sections -flto -TARGET_LDFLAGS += -Wl,--gc-sections - -COMP_ARGS= \ - -Dselinux=disabled \ - -Dlibmount=disabled \ - -Dinternal_pcre=true \ - -Dman=false \ - -Ddtrace=false \ - -Dsystemtap=false \ - -Dgtk_doc=false \ - -Dbsymbolic_functions=true \ - -Dforce_posix_threads=true \ - -Dfam=false \ - -Dinstalled_tests=false \ - -Dnls=disabled \ - -Doss_fuzz=disabled - -MESON_HOST_ARGS += $(COMP_ARGS) -Dxattr=false -MESON_ARGS += $(COMP_ARGS) -Dxattr=true - -# hack to compile static libraries -define Build/Compile - $(call Build/Compile/Meson) - $(call Ninja,-C $(MESON_BUILD_DIR) install,DESTDIR="$(PKG_INSTALL_DIR)") - $(call Meson, \ - --reconfigure \ - --buildtype plain \ - --native-file $(PKG_BUILD_DIR)/openwrt-native.txt \ - --cross-file $(PKG_BUILD_DIR)/openwrt-cross.txt \ - -Ddefault_library=static \ - $(MESON_ARGS) \ - $(MESON_BUILD_DIR) \ - $(PKG_BUILD_DIR), \ - $(MESON_VARS)) -endef +TARGET_CFLAGS += $(FPIC) -ffunction-sections -fdata-sections -flto + +HOST_CONFIGURE_ARGS += \ + --disable-libelf \ + --disable-selinux \ + --with-libiconv=gnu \ + --with-pcre=internal \ + --disable-libmount + +CONFIGURE_ARGS += \ + --enable-shared \ + --enable-static \ + --disable-debug \ + --disable-selinux \ + --disable-libmount \ + --disable-fam \ + --disable-gtk-doc-html \ + --disable-man \ + --disable-compile-warnings \ + --with-libiconv=gnu \ + --with-pcre=internal + +CONFIGURE_VARS += \ + glib_cv_stack_grows=no \ + glib_cv_uscore=no \ + ac_cv_path_GLIB_GENMARSHAL=$(STAGING_DIR_HOSTPKG)/bin/glib-genmarshal \ + ac_cv_func_mmap_fixed_mapped=yes \ + ac_cv_func_posix_getpwuid_r=yes \ + ac_cv_func_posix_getgrgid_r=yes define Build/InstallDev $(INSTALL_DIR) $(1)/usr/bin @@ -102,7 +98,7 @@ define Build/InstallDev $(1)/usr/lib/ $(CP) \ - $(PKG_INSTALL_DIR)/usr/lib/*.{so*,a} \ + $(PKG_INSTALL_DIR)/usr/lib/*.{so*,a,la} \ $(1)/usr/lib/ $(INSTALL_DIR) $(1)/usr/lib/pkgconfig diff --git a/libs/glib2/patches/000-CVE-2019-12450.patch b/libs/glib2/patches/000-CVE-2019-12450.patch new file mode 100644 index 000000000..6c514e1f8 --- /dev/null +++ b/libs/glib2/patches/000-CVE-2019-12450.patch @@ -0,0 +1,53 @@ +From d8f8f4d637ce43f8699ba94c9b7648beda0ca174 Mon Sep 17 00:00:00 2001 +From: Ondrej Holy +Date: Thu, 23 May 2019 10:41:53 +0200 +Subject: [PATCH] gfile: Limit access to files when copying + +file_copy_fallback creates new files with default permissions and +set the correct permissions after the operation is finished. This +might cause that the files can be accessible by more users during +the operation than expected. Use G_FILE_CREATE_PRIVATE for the new +files to limit access to those files. +--- + gio/gfile.c | 11 ++++++----- + 1 file changed, 6 insertions(+), 5 deletions(-) + +diff --git a/gio/gfile.c b/gio/gfile.c +index 24b136d80..74b58047c 100644 +--- a/gio/gfile.c ++++ b/gio/gfile.c +@@ -3284,12 +3284,12 @@ file_copy_fallback (GFile *source, + out = (GOutputStream*)_g_local_file_output_stream_replace (_g_local_file_get_filename (G_LOCAL_FILE (destination)), + FALSE, NULL, + flags & G_FILE_COPY_BACKUP, +- G_FILE_CREATE_REPLACE_DESTINATION, +- info, ++ G_FILE_CREATE_REPLACE_DESTINATION | ++ G_FILE_CREATE_PRIVATE, info, + cancellable, error); + else + out = (GOutputStream*)_g_local_file_output_stream_create (_g_local_file_get_filename (G_LOCAL_FILE (destination)), +- FALSE, 0, info, ++ FALSE, G_FILE_CREATE_PRIVATE, info, + cancellable, error); + } + else if (flags & G_FILE_COPY_OVERWRITE) +@@ -3297,12 +3297,13 @@ file_copy_fallback (GFile *source, + out = (GOutputStream *)g_file_replace (destination, + NULL, + flags & G_FILE_COPY_BACKUP, +- G_FILE_CREATE_REPLACE_DESTINATION, ++ G_FILE_CREATE_REPLACE_DESTINATION | ++ G_FILE_CREATE_PRIVATE, + cancellable, error); + } + else + { +- out = (GOutputStream *)g_file_create (destination, 0, cancellable, error); ++ out = (GOutputStream *)g_file_create (destination, G_FILE_CREATE_PRIVATE, cancellable, error); + } + + if (!out) +-- +2.21.0 + diff --git a/libs/glib2/patches/001-automake-compat.patch b/libs/glib2/patches/001-automake-compat.patch new file mode 100644 index 000000000..5e0ec1515 --- /dev/null +++ b/libs/glib2/patches/001-automake-compat.patch @@ -0,0 +1,5 @@ +--- /dev/null ++++ b/gtk-doc.make +@@ -0,0 +1,2 @@ ++EXTRA_DIST = ++CLEANFILES = diff --git a/libs/glib2/patches/001-no-libelf.patch b/libs/glib2/patches/001-no-libelf.patch deleted file mode 100644 index 7fe2c2bb6..000000000 --- a/libs/glib2/patches/001-no-libelf.patch +++ /dev/null @@ -1,23 +0,0 @@ ---- a/gio/meson.build -+++ b/gio/meson.build -@@ -870,20 +870,6 @@ endif - - # Dependencies used by executables below - have_libelf = false --libelf = dependency('libelf', version : '>= 0.8.12', required : false) --if libelf.found() -- have_libelf = true --else -- # This fallback is necessary on *BSD. elfutils isn't the only libelf -- # implementation, and *BSD usually includes their own libelf as a system -- # library which doesn't have a corresponding .pc file. -- libelf = cc.find_library('elf', required : false) -- have_libelf = libelf.found() -- have_libelf = have_libelf and cc.has_function('elf_begin', dependencies : libelf) -- have_libelf = have_libelf and cc.has_function('elf_getshdrstrndx', dependencies : libelf) -- have_libelf = have_libelf and cc.has_function('elf_getshdrnum', dependencies : libelf) -- have_libelf = have_libelf and cc.has_header('libelf.h') --endif - - if have_libelf - glib_conf.set('HAVE_LIBELF', 1) diff --git a/libs/glib2/patches/002-fix-gthreadedresolver.patch b/libs/glib2/patches/002-fix-gthreadedresolver.patch new file mode 100644 index 000000000..38a2391a1 --- /dev/null +++ b/libs/glib2/patches/002-fix-gthreadedresolver.patch @@ -0,0 +1,20 @@ +--- a/gio/gthreadedresolver.c ++++ b/gio/gthreadedresolver.c +@@ -873,6 +873,8 @@ do_lookup_records (GTask *task, + + #ifdef HAVE_RES_NQUERY + ++#ifdef HAVE_RES_NQUERY ++ + #if defined(HAVE_RES_NDESTROY) + res_ndestroy (&res); + #elif defined(HAVE_RES_NCLOSE) +@@ -883,6 +885,8 @@ do_lookup_records (GTask *task, + + #endif /* HAVE_RES_NQUERY */ + ++#endif ++ + #else + + DNS_STATUS status; diff --git a/libs/glib2/patches/002-no-tests.patch b/libs/glib2/patches/002-no-tests.patch deleted file mode 100644 index 47aa7bcba..000000000 --- a/libs/glib2/patches/002-no-tests.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/meson.build -+++ b/meson.build -@@ -84,7 +84,7 @@ installed_tests_template = files('template.test.in') - installed_tests_template_tap = files('template-tap.test.in') - - # Don’t build the tests unless we can run them (either natively, in an exe wrapper, or by installing them for later use) --build_tests = not meson.is_cross_build() or (meson.is_cross_build() and meson.has_exe_wrapper()) or installed_tests_enabled -+build_tests = false - - add_project_arguments('-D_GNU_SOURCE', language: 'c') -