Patch glib for CVE-2025-7039

Author: azurelinux-security

SPECS/glib/CVE-2025-7039.patch

@@ -0,0 +1,86 @@
+From dfc124ea7797cead9b9a21b7d325daf0028a245d Mon Sep 17 00:00:00 2001
+From: Alexander Kanavin <[email protected]>
+Date: Tue, 22 Aug 2023 19:57:48 +0200
+Subject: [PATCH 1/2] glib/gfileutils.c: use 64 bits for value in
+ get_tmp_file()
+
+On 32 bit systems 'long' value will overflow in 2038 and become negative.
+As it is used to index into letters array, and % operation preserves signs,
+data corruption will then occur.
+
+Signed-off-by: Alexander Kanavin <[email protected]>
+---
+ glib/gfileutils.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/glib/gfileutils.c b/glib/gfileutils.c
+index fd5cd3b..645c277 100644
+--- a/glib/gfileutils.c
++++ b/glib/gfileutils.c
+@@ -1497,7 +1497,7 @@ get_tmp_file (gchar            *tmpl,
+   static const char letters[] =
+     "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
+   static const int NLETTERS = sizeof (letters) - 1;
+-  glong value;
++  gint64 value;
+   gint64 now_us;
+   static int counter = 0;
+ 
+@@ -1518,7 +1518,7 @@ get_tmp_file (gchar            *tmpl,
+ 
+   for (count = 0; count < 100; value += 7777, ++count)
+     {
+-      glong v = value;
++      gint64 v = value;
+ 
+       /* Fill in the random bits.  */
+       XXXXXX[0] = letters[v % NLETTERS];
+-- 
+2.45.4
+
+
+From 806d8dd3dd9cc96192258723eb356d9ebd1d1876 Mon Sep 17 00:00:00 2001
+From: Michael Catanzaro <[email protected]>
+Date: Tue, 1 Jul 2025 10:58:07 -0500
+Subject: [PATCH 2/2] gfileutils: fix computation of temporary file name
+
+We need to ensure that the value we use to index into the letters array
+is always positive.
+
+Fixes #3716
+
+Signed-off-by: Azure Linux Security Servicing Account <[email protected]>
+Upstream-reference: https://gitlab.gnome.org/GNOME/glib/-/commit/285db475ecaa4d2cc39ce326b4c63aacb87ca6ad.patch https://gitlab.gnome.org/GNOME/glib/-/commit/61e963284889ddb4544e6f1d5261c16120f6fcc3.patch
+---
+ glib/gfileutils.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/glib/gfileutils.c b/glib/gfileutils.c
+index 645c277..a9cf9f7 100644
+--- a/glib/gfileutils.c
++++ b/glib/gfileutils.c
+@@ -1497,9 +1497,9 @@ get_tmp_file (gchar            *tmpl,
+   static const char letters[] =
+     "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
+   static const int NLETTERS = sizeof (letters) - 1;
+-  gint64 value;
+-  gint64 now_us;
+-  static int counter = 0;
++  guint64 value;
++  guint64 now_us;
++  static guint counter = 0;
+ 
+   g_return_val_if_fail (tmpl != NULL, -1);
+ 
+@@ -1518,7 +1518,7 @@ get_tmp_file (gchar            *tmpl,
+ 
+   for (count = 0; count < 100; value += 7777, ++count)
+     {
+-      gint64 v = value;
++      guint64 v = value;
+ 
+       /* Fill in the random bits.  */
+       XXXXXX[0] = letters[v % NLETTERS];
+-- 
+2.45.4
+

SPECS/glib/glib.spec

@@ -2,7 +2,7 @@
 Summary:        Low-level libraries useful for providing data structure handling for C.
 Name:           glib
 Version:        2.71.0
-Release:        7%{?dist}
+Release:        8%{?dist}
 License:        LGPLv2+
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
@@ -16,6 +16,7 @@ Patch2:         CVE-2023-32643-CVE-2023-32636.patch
 Patch3:         CVE-2025-3360.patch
 Patch4:         CVE-2025-4373.patch
 Patch5:         CVE-2024-34397.patch
+Patch6:         CVE-2025-7039.patch
 BuildRequires:  cmake
 BuildRequires:  gtk-doc
 BuildRequires:  libffi-devel
@@ -129,6 +130,9 @@ touch %{buildroot}%{_libdir}/gio/modules/giomodule.cache
 %doc %{_datadir}/gtk-doc/html/*
 
 %changelog
+* Mon Sep 08 2025 Azure Linux Security Servicing Account <[email protected]> - 2.71.0-8
+- Patch for CVE-2025-7039
+
 * Thu Jul 03 2025 Archana Shettigar <[email protected]> - 2.71.0-7
 - Patch CVE-2024-34397
 

toolkit/resources/manifests/package/pkggen_core_aarch64.txt

@@ -199,7 +199,7 @@ libxml2-devel-2.10.4-8.cm2.aarch64.rpm
 docbook-dtd-xml-4.5-11.cm2.noarch.rpm
 docbook-style-xsl-1.79.1-14.cm2.noarch.rpm
 libsepol-3.2-2.cm2.aarch64.rpm
-glib-2.71.0-7.cm2.aarch64.rpm
+glib-2.71.0-8.cm2.aarch64.rpm
 libltdl-2.4.6-8.cm2.aarch64.rpm
 libltdl-devel-2.4.6-8.cm2.aarch64.rpm
 pcre-8.45-2.cm2.aarch64.rpm

toolkit/resources/manifests/package/pkggen_core_x86_64.txt

@@ -199,7 +199,7 @@ libxml2-devel-2.10.4-8.cm2.x86_64.rpm
 docbook-dtd-xml-4.5-11.cm2.noarch.rpm
 docbook-style-xsl-1.79.1-14.cm2.noarch.rpm
 libsepol-3.2-2.cm2.x86_64.rpm
-glib-2.71.0-7.cm2.x86_64.rpm
+glib-2.71.0-8.cm2.x86_64.rpm
 libltdl-2.4.6-8.cm2.x86_64.rpm
 libltdl-devel-2.4.6-8.cm2.x86_64.rpm
 pcre-8.45-2.cm2.x86_64.rpm

toolkit/resources/manifests/package/toolchain_aarch64.txt

@@ -101,11 +101,11 @@ gdbm-lang-1.21-1.cm2.aarch64.rpm
 gettext-0.21-3.cm2.aarch64.rpm
 gettext-debuginfo-0.21-3.cm2.aarch64.rpm
 gfortran-11.2.0-8.cm2.aarch64.rpm
-glib-2.71.0-7.cm2.aarch64.rpm
-glib-debuginfo-2.71.0-7.cm2.aarch64.rpm
-glib-devel-2.71.0-7.cm2.aarch64.rpm
-glib-doc-2.71.0-7.cm2.noarch.rpm
-glib-schemas-2.71.0-7.cm2.aarch64.rpm
+glib-2.71.0-8.cm2.aarch64.rpm
+glib-debuginfo-2.71.0-8.cm2.aarch64.rpm
+glib-devel-2.71.0-8.cm2.aarch64.rpm
+glib-doc-2.71.0-8.cm2.noarch.rpm
+glib-schemas-2.71.0-8.cm2.aarch64.rpm
 glibc-2.35-7.cm2.aarch64.rpm
 glibc-debuginfo-2.35-7.cm2.aarch64.rpm
 glibc-devel-2.35-7.cm2.aarch64.rpm

toolkit/resources/manifests/package/toolchain_x86_64.txt

@@ -106,11 +106,11 @@ gdbm-lang-1.21-1.cm2.x86_64.rpm
 gettext-0.21-3.cm2.x86_64.rpm
 gettext-debuginfo-0.21-3.cm2.x86_64.rpm
 gfortran-11.2.0-8.cm2.x86_64.rpm
-glib-2.71.0-7.cm2.x86_64.rpm
-glib-debuginfo-2.71.0-7.cm2.x86_64.rpm
-glib-devel-2.71.0-7.cm2.x86_64.rpm
-glib-doc-2.71.0-7.cm2.noarch.rpm
-glib-schemas-2.71.0-7.cm2.x86_64.rpm
+glib-2.71.0-8.cm2.x86_64.rpm
+glib-debuginfo-2.71.0-8.cm2.x86_64.rpm
+glib-devel-2.71.0-8.cm2.x86_64.rpm
+glib-doc-2.71.0-8.cm2.noarch.rpm
+glib-schemas-2.71.0-8.cm2.x86_64.rpm
 glibc-2.35-7.cm2.x86_64.rpm
 glibc-debuginfo-2.35-7.cm2.x86_64.rpm
 glibc-devel-2.35-7.cm2.x86_64.rpm