Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gtk4 for openSUSE:Factory checked in at 2022-01-09 22:49:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gtk4 (Old) and /work/SRC/openSUSE:Factory/.gtk4.new.1892 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gtk4" Sun Jan 9 22:49:58 2022 rev:36 rq:944754 version:4.6.0 Changes: -------- --- /work/SRC/openSUSE:Factory/gtk4/gtk4.changes 2022-01-03 10:49:18.259577803 +0100 +++ /work/SRC/openSUSE:Factory/.gtk4.new.1892/gtk4.changes 2022-01-09 22:50:07.795281680 +0100 @@ -1,0 +2,5 @@ +Fri Jan 7 08:26:33 UTC 2022 - Teoh Han Hui <[email protected]> + +- Add gtk4-make-our-stack-noexec.patch: Make our stack noexec. + +------------------------------------------------------------------- New: ---- gtk4-make-our-stack-noexec.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gtk4.spec ++++++ --- /var/tmp/diff_new_pack.Wf6tl3/_old 2022-01-09 22:50:08.631282427 +0100 +++ /var/tmp/diff_new_pack.Wf6tl3/_new 2022-01-09 22:50:08.635282429 +0100 @@ -1,7 +1,7 @@ # # spec file for package gtk4 # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # Copyright (c) 2010 Dominique Leuenebrger, Amsterdam, Netherlands # # All modifications and additions to the file contributed by third parties @@ -34,6 +34,9 @@ Source3: macros.gtk4 Source99: gtk4-rpmlintrc +# PATCH-FIX-UPSTREAM gtk4-make-our-stack-noexec.patch glgo#GNOME/gtk!4330 [email protected] -- Make our stack noexec +Patch0: gtk4-make-our-stack-noexec.patch + BuildRequires: cups-devel >= 2.0 # We do not support building against cups 2.3 betas BuildConflicts: (cups-devel > 2.3 with cups-devel < 2.3.0) ++++++ gtk4-make-our-stack-noexec.patch ++++++ >From 46509b6dd28c58ae8dd7e2c02a82a3ccb2751e88 Mon Sep 17 00:00:00 2001 From: Matthias Clasen <[email protected]> Date: Tue, 4 Jan 2022 07:51:56 -0500 Subject: [PATCH] Make our stack noexec The change to use ld and objcopy for resources had some side-effects: it leaked a few symbols and made our stack executable. We don't want that. Use -z nonexecstack and --strip-all to avoid this. Fixes: #4598 --- gtk/meson.build | 2 ++ 1 file changed, 2 insertions(+) diff --git a/gtk/meson.build b/gtk/meson.build index 91aefe1b17..6ce2c18320 100644 --- a/gtk/meson.build +++ b/gtk/meson.build @@ -927,6 +927,7 @@ if not meson.is_cross_build() and build_machine.system() == 'linux' and objcopy. input : gtk_gresource, output : 'gtkresources_blob.o', command : [ld, + '-z', 'noexecstack', '-r', '-b','binary', '@INPUT@', @@ -937,6 +938,7 @@ if not meson.is_cross_build() and build_machine.system() == 'linux' and objcopy. input : gtk_resources_binary, output : 'gtkresources_blob2.o', command : [objcopy, + '--strip-all', '--add-symbol','_gtk_resource_data=.data:0', '@INPUT@', '@OUTPUT@']) -- GitLab
