gnome-gitlab GNOME/glib 2.74.4
on GNOME GitLab

latest releases: 2.83.0, 2.82.2, 2.82.1...
23 months ago

Overview of changes in GLib 2.74.4

  • Fix missing input validation in GDBusMenuModel (work by Lars Uebernickel) (#861)

  • Various GVariant security fixes when handling untrusted data (work by
    William Manley, Philip Withnall, Simon McVittie) (#2121, #2540, #2794, #2797,
    #2839, #2840, #2841)

  • Bugs fixed:

    • #861 insufficient input validation in GDBusMenuModel (Lars Uebernickel)
    • #2121 GVariant deserialisation does not match spec for non-normal data
      (William Manley, Philip Withnall)
    • #2540 Parsing serialized GVariants can blow up run-time and memory (Philip
      Withnall)
    • #2794 GVariant offset table entry size is not checked in is_normal() (Philip
      Withnall)
    • #2797 g_variant_byteswap() can take a long time with some non-normal inputs
      (Philip Withnall)
    • #2835 gio/gapplication test fails with test_dbus_activate: assertion failed
      (n_activations == 2): (1 == 2) (Philip Withnall)
    • #2839 [bisected] GVariant test regression on big-endian architectures (Simon
      McVittie)
    • #2840 fuzz_variant_binary_byteswap: Heap-buffer-overflow in
      g_variant_serialised_get_child (Philip Withnall)
    • #2841 fuzz_variant_text: Timeout in fuzz_variant_text (Philip Withnall)
    • #2852 alpine/musl: catching signals from a subprocess triggers
      GLib:ERROR:../glib/gmain.c:5569:siginfo_t_to_wait_status: code should not be
      reached (Philip Withnall)
    • !3114 Backport !3113 “gaction: Validate actions activated over D-Bus” to
      glib-2-74
    • !3126 Backport !3125 “Various fixes to normal form handling in GVariant” to
      glib-2-74
    • !3134 Backport !3133 “gmenumodel: disallow exporting large menus on the bus”
      to glib-2-74
    • !3138 Backport !3136 “gvariant-serialiser: Convert endianness of offsets” to
      glib-2-74
    • !3153 Backport !3120 “glib/gthread-posix: Conditionally use futex and/or
      futex_time64 syscalls...” to glib-2-74
    • !3161 Backport !3158 ”gmain: Define fallback values for siginfo_t constants
      for musl” to glib-2-74
    • !3164 Backport !3163 “gvariant: Check offset table doesn’t fall outside
      variant bounds and speed up text parsing” to glib-2-74

  • Translation updates:

    • Abkhazian (Nart Tlisha)
    • Belarusian (Vasil Pupkin)
    • Georgian (Ekaterine Papava)
    • Interlingue (Olga Smirnova)
Check out latest releases or
releases around GNOME/glib 2.74.4

Don't miss a new glib release

NewReleases is sending notifications on new releases.

Get notifications