From patchwork Mon May  4 17:40:57 2026
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Adolf Belka <adolf.belka@ipfire.org>
X-Patchwork-Id: 9805
Return-Path: <development+bounces-2105-patchwork=ipfire.org@lists.ipfire.org>
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange x25519)
	(Client CN "mail01.haj.ipfire.org", Issuer "R12" (not verified))
	by web04.haj.ipfire.org (Postfix) with ESMTPS id 4g8TTK40s4z3x94
	for <patchwork@web04.haj.ipfire.org>; Mon, 04 May 2026 17:41:09 +0000 (UTC)
Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange x25519)
	(Client CN "mail02.haj.ipfire.org", Issuer "E8" (not verified))
	by mail01.ipfire.org (Postfix) with ESMTPS id 4g8TTK2Vsqz60P
	for <patchwork@ipfire.org>; Mon, 04 May 2026 17:41:09 +0000 (UTC)
Received: from mail02.haj.ipfire.org (localhost [IPv6:::1])
	by mail02.haj.ipfire.org (Postfix) with ESMTP id 4g8TTJ4Ccvz33yl
	for <patchwork@ipfire.org>; Mon, 04 May 2026 17:41:08 +0000 (UTC)
X-Original-To: development@lists.ipfire.org
Received: from mail01.ipfire.org (mail01.haj.ipfire.org
 [IPv6:2001:678:b28::25])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange x25519 server-signature ECDSA (secp384r1 raw public key)
 server-digest SHA384
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mail01.haj.ipfire.org", Issuer "R12" (not verified))
	by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4g8TTF6Q03z32nZ
	for <development@lists.ipfire.org>; Mon, 04 May 2026 17:41:05 +0000 (UTC)
Received: from [127.0.0.1] (localhost [127.0.0.1])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange x25519 server-signature RSA-PSS (4096 bits) server-digest
 SHA256)
	(No client certificate requested)
	by mail01.ipfire.org (Postfix) with ESMTPSA id 4g8TTC5DzSz44T;
	Mon, 04 May 2026 17:41:03 +0000 (UTC)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org;
	s=202003ed25519; t=1777916463;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=QovSoGCWZQb2scYCV59QhJFkGj1CIToEcp35Bpfq4W0=;
	b=WBOErezgGZ++iVjtuoTiaUXROqmDe88ZYmoxskL/uq88q+FlQRv9RH6XhRqYhhOiBUxgWf
	ECY6hGKQI8wXGRCA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org;
 s=202003rsa;
	t=1777916463;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=QovSoGCWZQb2scYCV59QhJFkGj1CIToEcp35Bpfq4W0=;
	b=HNhkORNh0yJQbfN6P9o4umbYP/onW/W//mUDDdFrjqwetT1iqQ58bCFEDvC4yGmsWfp7gI
	VexpM6fQQlnmFC14ssMhCcA6NwkLFnenUjiubTzIqFAG4G3H/DpbFbjxjD9ObLPRE1jM2s
	U6wZdS1H5hRF9SD/0xwEPRL12ZsWbvmgsnwXGVOb/rf1jRcudxMxIJ+83VTITcevDN7vwv
	XtJE3dNDXX6ywKXjHEAXUsspsa+Pq0wglrbntGgMIiBs6WkwC6pnZMZxaEWmDPu2uDwszE
	YYeOd1UK+naSMEahzfKEV+CKWhXxu7Zb6jHKDvDcm8kJBlgcBRun7UDxUeLO2A==
From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Cc: Adolf Belka <adolf.belka@ipfire.org>
Subject: [PATCH] glib: Update to version 2.88.1
Date: Mon,  4 May 2026 19:40:57 +0200
Message-ID: <20260504174059.3648098-2-adolf.belka@ipfire.org>
In-Reply-To: <20260504174059.3648098-1-adolf.belka@ipfire.org>
References: <20260504174059.3648098-1-adolf.belka@ipfire.org>
Precedence: list
List-Id: <development.lists.ipfire.org>
List-Subscribe: <https://lists.ipfire.org/>,
 <mailto:development+subscribe@lists.ipfire.org?subject=subscribe>
List-Unsubscribe: <https://lists.ipfire.org/>,
 <mailto:development+unsubscribe@lists.ipfire.org?subject=unsubscribe>
List-Post: <mailto:development@lists.ipfire.org>
List-Help: <mailto:development+help@lists.ipfire.org?subject=help>
Sender: <development@lists.ipfire.org>
Mail-Followup-To: <development@lists.ipfire.org>
MIME-Version: 1.0

- Update from version 2.88.0 to 2.88.1
- Update of rootfile
- Changelog
2.88.1
* Fix miscompilation with GCC 16 due to GLib’s use of the wrong function
  attribute (!5145, work by Sam James)
* Fix flag confusion security issue when using `GRegex` with `G_REGEX_RAW` which
  can result in unbounded out-of-bounds heap reads off the start of a regex
  input string (#3919, work by linhlhq)
* Fix various minor (low severity) security issues, typically one-to-five-byte
  out-of-bounds reads (#3915, #3916, #3917, #3918, #3930) or ones relying on
  very specific (and unlikely) API calls (#3925) or ones relying on
  discouraged P2P D-Bus configurations (#3931, #3933) (work by linhlhq)
* Bugs fixed:
  - #3915 (#YWH-PGM9867-190) Buffer Over-read on GLib through glib/gvariant-
    serialiser.c:1253 via gvs_tuple_is_normal() (Philip Withnall)
  - #3916 (#YWH-PGM9867-187) OOB Read on GLib through
    glib/gmarkup.c:g_markup_escape_text() via
    glib/gmarkup.c:append_escaped_text() (Philip Withnall)
  - #3917 (#YWH-PGM9867-191) OOB Read on GLib through
    glib/gdatetime.c:g_date_time_get_ymd via invalid `GDateTime` (Philip
    Withnall)
  - #3918 (#YWH-PGM9867-193) Buffer Over-read on GLib's g_regex_replace()
    through glib/gregex.c:string_append() via g_utf8_next_char() (Philip
    Withnall)
  - #3919 (#YWH-PGM9867-194) Buffer Over-read on GLib through
    glib/gregex.c:g_regex_split_full() via glib/gutf8.c:g_utf8_prev_char()
    (Philip Withnall)
  - #3925 (#YWH-PGM9867-199) Buffer Over-read on GLib through glib/giochannel.c
    via "g_io_channel_read_line_backend" (Philip Withnall)
  - #3930 (#YWH-PGM9867-200) Off-by-one Error on GLib through glib/gkeyfile.c
    via "g_key_file_get_locale_string_list" (Philip Withnall)
  - #3931 (#YWH-PGM9867-203)  Path Traversal on GLib DBus through
    glib/gio/gdbusauthmechanismsha1.c via keyring_lookup_entry,
    mechanism_client_data_receive (COOKIE_SHA1 Client Authentication) leads to
    Arbitrary File Read (Philip Withnall)
  - #3933 Integer overflow in g_dbus_message_bytes_needed() bypasses 128 MiB
    size check (pre-auth DoS on P2P connections) (Philip Withnall)
  - !5101 Update Serbian translation
  - !5105 docs: Expand docs for GLIB_VERSION_MAX_ALLOWED
  - !5110 gmarkup: fix type of length parameter of text_validate()
  - !5111 Update Russian translation
  - !5113 Update Polish translation
  - !5114 docs: Remove myself from CODEOWNERS
  - !5122 Update Slovak translation
  - !5134 Backport various recent security fixes to GVariant, GMarkup, GDateTime
    and GRegex to glib-2-88
  - !5150 Backport !5145 “gvarianttype: use pure attribute, not inappropriate
    const” to glib-2-88
  - !5152 Update Slovak translation
  - !5154 Update German translation
  - !5165 Update Slovak translation
  - !5166 Update Slovak translation
  - !5169 Update Persian translation
  - !5174 Backport !5170 !5171 !5172 !5173 Various security fixes to glib-2-88
* Translation updates:
  - German (Christian Kirbach)
  - Persian (Danial Behzadi)
  - Polish (Victoria Niedzielska)
  - Russian (Artur S0)
  - Serbian (Марко Костић)
  - Slovak (Jose Riha)

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
 config/rootfiles/common/glib | 16 ++++++++--------
 lfs/glib                     |  4 ++--
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/config/rootfiles/common/glib b/config/rootfiles/common/glib
index cd96e6f7a..f9e0ca72a 100644
--- a/config/rootfiles/common/glib
+++ b/config/rootfiles/common/glib
@@ -339,22 +339,22 @@ usr/include/glib-2.0/gio/gdebugcontroller.h
 #usr/lib/glib-2.0/include/glibconfig.h
 #usr/lib/libgio-2.0.so
 usr/lib/libgio-2.0.so.0
-usr/lib/libgio-2.0.so.0.8800.0
+usr/lib/libgio-2.0.so.0.8800.1
 #usr/lib/libgirepository-2.0.so
 usr/lib/libgirepository-2.0.so.0
-usr/lib/libgirepository-2.0.so.0.8800.0
+usr/lib/libgirepository-2.0.so.0.8800.1
 #usr/lib/libglib-2.0.so
 usr/lib/libglib-2.0.so.0
-usr/lib/libglib-2.0.so.0.8800.0
+usr/lib/libglib-2.0.so.0.8800.1
 #usr/lib/libgmodule-2.0.so
 usr/lib/libgmodule-2.0.so.0
-usr/lib/libgmodule-2.0.so.0.8800.0
+usr/lib/libgmodule-2.0.so.0.8800.1
 #usr/lib/libgobject-2.0.so
 usr/lib/libgobject-2.0.so.0
-usr/lib/libgobject-2.0.so.0.8800.0
+usr/lib/libgobject-2.0.so.0.8800.1
 #usr/lib/libgthread-2.0.so
 usr/lib/libgthread-2.0.so.0
-usr/lib/libgthread-2.0.so.0.8800.0
+usr/lib/libgthread-2.0.so.0.8800.1
 #usr/lib/pkgconfig/gio-2.0.pc
 #usr/lib/pkgconfig/gio-unix-2.0.pc
 #usr/lib/pkgconfig/girepository-2.0.pc
@@ -377,8 +377,8 @@ usr/lib/libgthread-2.0.so.0.8800.0
 #usr/share/gdb/auto-load
 #usr/share/gdb/auto-load/usr
 #usr/share/gdb/auto-load/usr/lib
-#usr/share/gdb/auto-load/usr/lib/libglib-2.0.so.0.8800.0-gdb.py
-#usr/share/gdb/auto-load/usr/lib/libgobject-2.0.so.0.8800.0-gdb.py
+#usr/share/gdb/auto-load/usr/lib/libglib-2.0.so.0.8800.1-gdb.py
+#usr/share/gdb/auto-load/usr/lib/libgobject-2.0.so.0.8800.1-gdb.py
 #usr/share/gettext/its
 #usr/share/gettext/its/gschema.its
 #usr/share/gettext/its/gschema.loc
diff --git a/lfs/glib b/lfs/glib
index 1b6e2269f..47fe1eb6b 100644
--- a/lfs/glib
+++ b/lfs/glib
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 2.88.0
+VER        = 2.88.1
 #          https://download.gnome.org/sources/glib/
 
 THISAPP    = glib-$(VER)
@@ -41,7 +41,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = b540e0f5490f85b44cfad5d819f4a6fd911addc26fed8b8b49852bd6ec322d7d16136b691452030cf5f590374ea06cf8fdb8c9109d5cbe7b68625379bbd40615
+$(DL_FILE)_BLAKE2 = d9a0e54d2c1b5128aee76f1743cbeea84a24af5a2252ba1c649943bbca3fbc5f08896249542526560c92dd0e60cbd8a72498c3cfe1535d1f0bf85316ce37dba1
 
 install : $(TARGET)