[AUTOPATCHER-CORE] Upgrade glib to 2.78.6 for CVE-2024-34397 [Medium] (#12828)

Co-authored-by: Kanishk Bansal <[email protected]>
Co-authored-by: Sam Meluch <[email protected]>
Co-authored-by: jslobodzian <[email protected]>

Author: 4 people

SPECS/glib/glib.signatures.json

@@ -1,5 +1,5 @@
 {
- "Signatures": {
-  "glib-2.78.1.tar.xz": "915bc3d0f8507d650ead3832e2f8fb670fce59aac4d7754a7dab6f1e6fed78b2"
- }
+  "Signatures": {
+    "glib-2.78.6.tar.xz": "244854654dd82c7ebcb2f8e246156d2a05eb9cd1ad07ed7a779659b4602c9fae"
+  }
 }

SPECS/glib/glib.spec

@@ -1,8 +1,8 @@
 %define majorver %(echo %{version} | cut -d. -f1-2)
 Summary:        Low-level libraries useful for providing data structure handling for C.
 Name:           glib
-Version:        2.78.1
-Release:        5%{?dist}
+Version:        2.78.6
+Release:        1%{?dist}
 License:        LGPLv2+
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
@@ -122,6 +122,9 @@ touch %{buildroot}%{_libdir}/gio/modules/giomodule.cache
 %doc %{_datadir}/gtk-doc/html/*
 
 %changelog
+* Wed Mar 05 2025 CBL-Mariner Servicing Account <[email protected]> - 2.78.6-1
+- Auto-upgrade to 2.78.6 - for CVE-2024-34397
+
 * Thu Nov 14 2024 Sharath Srikanth Chellappa <[email protected]> - 2.78.1-5
 - Patch CVE-2024-52533
 

cgmanifest.json

@@ -4380,8 +4380,8 @@
         "type": "other",
         "other": {
           "name": "glib",
-          "version": "2.78.1",
-          "downloadUrl": "https://ftp.gnome.org/pub/gnome/sources/glib/2.78/glib-2.78.1.tar.xz"
+          "version": "2.78.6",
+          "downloadUrl": "https://ftp.gnome.org/pub/gnome/sources/glib/2.78/glib-2.78.6.tar.xz"
         }
       }
     },

toolkit/resources/manifests/package/pkggen_core_aarch64.txt

@@ -208,7 +208,7 @@ libxml2-devel-2.11.5-4.azl3.aarch64.rpm
 docbook-dtd-xml-4.5-11.azl3.noarch.rpm
 docbook-style-xsl-1.79.1-14.azl3.noarch.rpm
 libsepol-3.6-1.azl3.aarch64.rpm
-glib-2.78.1-5.azl3.aarch64.rpm
+glib-2.78.6-1.azl3.aarch64.rpm
 libltdl-2.4.7-1.azl3.aarch64.rpm
 libltdl-devel-2.4.7-1.azl3.aarch64.rpm
 lua-5.4.6-1.azl3.aarch64.rpm

toolkit/resources/manifests/package/pkggen_core_x86_64.txt

@@ -208,7 +208,7 @@ libxml2-devel-2.11.5-4.azl3.x86_64.rpm
 docbook-dtd-xml-4.5-11.azl3.noarch.rpm
 docbook-style-xsl-1.79.1-14.azl3.noarch.rpm
 libsepol-3.6-1.azl3.x86_64.rpm
-glib-2.78.1-5.azl3.x86_64.rpm
+glib-2.78.6-1.azl3.x86_64.rpm
 libltdl-2.4.7-1.azl3.x86_64.rpm
 libltdl-devel-2.4.7-1.azl3.x86_64.rpm
 lua-5.4.6-1.azl3.x86_64.rpm

toolkit/resources/manifests/package/toolchain_aarch64.txt

@@ -120,11 +120,11 @@ gdbm-lang-1.23-1.azl3.aarch64.rpm
 gettext-0.22-1.azl3.aarch64.rpm
 gettext-debuginfo-0.22-1.azl3.aarch64.rpm
 gfortran-13.2.0-7.azl3.aarch64.rpm
-glib-2.78.1-5.azl3.aarch64.rpm
-glib-debuginfo-2.78.1-5.azl3.aarch64.rpm
-glib-devel-2.78.1-5.azl3.aarch64.rpm
-glib-doc-2.78.1-5.azl3.noarch.rpm
-glib-schemas-2.78.1-5.azl3.aarch64.rpm
+glib-2.78.6-1.azl3.aarch64.rpm
+glib-debuginfo-2.78.6-1.azl3.aarch64.rpm
+glib-devel-2.78.6-1.azl3.aarch64.rpm
+glib-doc-2.78.6-1.azl3.noarch.rpm
+glib-schemas-2.78.6-1.azl3.aarch64.rpm
 glibc-2.38-9.azl3.aarch64.rpm
 glibc-debuginfo-2.38-9.azl3.aarch64.rpm
 glibc-devel-2.38-9.azl3.aarch64.rpm

toolkit/resources/manifests/package/toolchain_x86_64.txt

@@ -127,11 +127,11 @@ gdbm-lang-1.23-1.azl3.x86_64.rpm
 gettext-0.22-1.azl3.x86_64.rpm
 gettext-debuginfo-0.22-1.azl3.x86_64.rpm
 gfortran-13.2.0-7.azl3.x86_64.rpm
-glib-2.78.1-5.azl3.x86_64.rpm
-glib-debuginfo-2.78.1-5.azl3.x86_64.rpm
-glib-devel-2.78.1-5.azl3.x86_64.rpm
-glib-doc-2.78.1-5.azl3.noarch.rpm
-glib-schemas-2.78.1-5.azl3.x86_64.rpm
+glib-2.78.6-1.azl3.x86_64.rpm
+glib-debuginfo-2.78.6-1.azl3.x86_64.rpm
+glib-devel-2.78.6-1.azl3.x86_64.rpm
+glib-doc-2.78.6-1.azl3.noarch.rpm
+glib-schemas-2.78.6-1.azl3.x86_64.rpm
 glibc-2.38-9.azl3.x86_64.rpm
 glibc-debuginfo-2.38-9.azl3.x86_64.rpm
 glibc-devel-2.38-9.azl3.x86_64.rpm