Changeset f8d6cf0f


Ignore:
Timestamp:
07/12/2024 01:31:39 PM (2 months ago)
Author:
Ken Moffat <zarniwhoop@…>
Branches:
12.2, gimp3, lazarus, trunk, xry111/for-12.3, xry111/spidermonkey128
Children:
4e2ed570
Parents:
7db4bc0
Message:

Patch gtk+2 to build with gcc14.

The patch includes this week's gtk3 fix, but I am not convinced
that part is actually a vulnerability on recent BLFS. Using the
PoC and the ENVVAR and starting gimp-2.10 from a prepared directory
the PoC failed on gtk2 built with only the gcc14 fixes.

As noted in the comment I added to the patch, the reporter thinks
exploitation on GTK2 is unlikely.

Testing epdfview, the PoC succeeded.

Files:
2 edited

Legend:

Unmodified
Added
Removed

  • introduction/welcome/changelog.xml

    r7db4bc0 rf8d6cf0f  
    3939    </listitem>
    4040    -->
     41    <listitem>
     42      <para>July 12th, 2024</para>
     43      <itemizedlist>
     44        <listitem>
     45          <para>[ken] - Patch gtk+-2.24.33 to build with gcc14.. Fixes
     46          <ulink url="&blfs-ticket-root;19887">19887</ulink>.</para>
     47        </listitem>
     48      </itemizedlist>
     49    </listitem>
     50
    4151    <listitem>
    4252      <para>July 11th, 2024</para>

  • x/lib/gtk+2.xml

    r7db4bc0 rf8d6cf0f  
    6464        <para>
    6565          Estimated build time: &gtk2-time;
     66        </para>
     67      </listitem>
     68    </itemizedlist>
     69
     70    <bridgehead renderas="sect3">Additional Downloads</bridgehead>
     71    <itemizedlist spacing="compact">
     72      <listitem>
     73        <para>
     74          Required patch:
     75          <ulink url="&patch-root;/gtk+-&gtk2-version;-consolidated_fixes-1.patch"/>
    6676        </para>
    6777      </listitem>
     
    102112
    103113<screen><userinput>sed -e 's#l \(gtk-.*\).sgml#&amp; -o \1#' \
    104     -i docs/{faq,tutorial}/Makefile.in      &amp;&amp;
    105 
    106 ./configure --prefix=/usr --sysconfdir=/etc &amp;&amp;
    107 
     114    -i docs/{faq,tutorial}/Makefile.in                  &amp;&amp;
     115patch -p1 -i ../gtk+-&gtk2-version;-consolidated_fixes-1.patch &amp;&amp;
     116./configure --prefix=/usr --sysconfdir=/etc             &amp;&amp;
    108117make</userinput></screen>
    109118
     
    148157      <filename>Makefile</filename>s.
    149158    </para>
     159
     160    <para>
     161      <command>patch -p1 -i ../gtk+-&gtk2-version;-consolidated_fixes-1.patch ...</command>:
     162      This patch allows the package to compile with gcc-14 and also prevents
     163      loading modules from the current directory.
     164    </para>
     165
    150166    <!-- This still seems to have problems with docbook-utils installed.
    151167         However, since it's already been tagged, I'll leave it alone. -->
Note: See TracChangeset for help on using the changeset viewer.