[AutoPR- Security] Patch glib for CVE-2026-1484 [LOW] (#15650)

Author: azurelinux-security

SPECS/glib/CVE-2026-1484.patch

@@ -0,0 +1,95 @@
+From fe3ce5d676a1b64a6fe071b21119e06a7ccb7046 Mon Sep 17 00:00:00 2001
+From: Marco Trevisan <mail@3v1n0.net>
+Date: Fri, 23 Jan 2026 18:48:30 +0100
+Subject: [PATCH 1/2] gbase64: Use gsize to prevent potential overflow
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Both g_base64_encode_step() and g_base64_encode_close() return gsize
+values, but these are summed to an int value.
+
+If the sum of these returned values is bigger than MAXINT, we overflow
+while doing the null byte write.
+
+Spotted by treeplus.
+Thanks to the Sovereign Tech Resilience programme from the Sovereign
+Tech Agency.
+
+ID: #YWH-PGM9867-168
+Closes: #3870
+
+(cherry picked from commit 6845f7776982849a2be1d8c9b0495e389092bff2)
+
+Co-authored-by: Marco Trevisan (Treviño) <mail@3v1n0.net>
+---
+ glib/gbase64.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/glib/gbase64.c b/glib/gbase64.c
+index 3c427f8..60c8560 100644
+--- a/glib/gbase64.c
++++ b/glib/gbase64.c
+@@ -264,8 +264,9 @@ g_base64_encode (const guchar *data,
+                  gsize         len)
+ {
+   gchar *out;
+-  gint state = 0, outlen;
++  gint state = 0;
+   gint save = 0;
++  gsize outlen;
+ 
+   g_return_val_if_fail (data != NULL || len == 0, NULL);
+ 
+-- 
+2.45.4
+
+
+From e9754df0897c47f2b5a6fe2a65e6facf362ee614 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= <mail@3v1n0.net>
+Date: Wed, 21 Jan 2026 20:09:44 +0100
+Subject: [PATCH 2/2] gbase64: Ensure that the out value is within allocated
+ size
+
+We do not want to deference or write to it
+
+Related to: #3870
+
+Signed-off-by: Azure Linux Security Servicing Account <azurelinux-security@microsoft.com>
+Upstream-reference: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4979.patch
+---
+ glib/gbase64.c | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/glib/gbase64.c b/glib/gbase64.c
+index 60c8560..0827e83 100644
+--- a/glib/gbase64.c
++++ b/glib/gbase64.c
+@@ -267,6 +267,7 @@ g_base64_encode (const guchar *data,
+   gint state = 0;
+   gint save = 0;
+   gsize outlen;
++  gsize allocsize;
+ 
+   g_return_val_if_fail (data != NULL || len == 0, NULL);
+ 
+@@ -274,10 +275,15 @@ g_base64_encode (const guchar *data,
+      +1 is needed for trailing \0, also check for unlikely integer overflow */
+   g_return_val_if_fail (len < ((G_MAXSIZE - 1) / 4 - 1) * 3, NULL);
+ 
+-  out = g_malloc ((len / 3 + 1) * 4 + 1);
++  allocsize = (len / 3 + 1) * 4 + 1;
++  out = g_malloc (allocsize);
+ 
+   outlen = g_base64_encode_step (data, len, FALSE, out, &state, &save);
++  g_assert (outlen <= allocsize);
++
+   outlen += g_base64_encode_close (FALSE, out + outlen, &state, &save);
++  g_assert (outlen <= allocsize);
++
+   out[outlen] = '\0';
+ 
+   return (gchar *) out;
+-- 
+2.45.4
+

SPECS/glib/glib.spec

@@ -2,7 +2,7 @@
 Summary:        Low-level libraries useful for providing data structure handling for C.
 Name:           glib
 Version:        2.78.6
-Release:        6%{?dist}
+Release:        7%{?dist}
 License:        LGPLv2+
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
@@ -17,6 +17,7 @@ Patch4:         CVE-2025-7039.patch
 Patch5:         CVE-2025-13601.patch
 Patch6:         CVE-2025-14087.patch
 Patch7:         CVE-2025-14512.patch
+Patch8:         CVE-2026-1484.patch
 BuildRequires:  cmake
 BuildRequires:  gtk-doc
 BuildRequires:  libffi-devel
@@ -130,6 +131,9 @@ touch %{buildroot}%{_libdir}/gio/modules/giomodule.cache
 %doc %{_datadir}/gtk-doc/html/*
 
 %changelog
+* Mon Feb 02 2026 Azure Linux Security Servicing Account <azurelinux-security@microsoft.com> - 2.78.6-7
+- Patch for CVE-2026-1484
+
 * Mon Dec 15 2025 Azure Linux Security Servicing Account <azurelinux-security@microsoft.com> - 2.78.6-6
 - Patch for CVE-2025-14087, CVE-2025-14512
 

toolkit/resources/manifests/package/pkggen_core_aarch64.txt

@@ -208,7 +208,7 @@ libxml2-devel-2.11.5-8.azl3.aarch64.rpm
 docbook-dtd-xml-4.5-11.azl3.noarch.rpm
 docbook-style-xsl-1.79.1-14.azl3.noarch.rpm
 libsepol-3.6-2.azl3.aarch64.rpm
-glib-2.78.6-6.azl3.aarch64.rpm
+glib-2.78.6-7.azl3.aarch64.rpm
 libltdl-2.4.7-1.azl3.aarch64.rpm
 libltdl-devel-2.4.7-1.azl3.aarch64.rpm
 lua-5.4.6-1.azl3.aarch64.rpm

toolkit/resources/manifests/package/pkggen_core_x86_64.txt

@@ -208,7 +208,7 @@ libxml2-devel-2.11.5-8.azl3.x86_64.rpm
 docbook-dtd-xml-4.5-11.azl3.noarch.rpm
 docbook-style-xsl-1.79.1-14.azl3.noarch.rpm
 libsepol-3.6-2.azl3.x86_64.rpm
-glib-2.78.6-6.azl3.x86_64.rpm
+glib-2.78.6-7.azl3.x86_64.rpm
 libltdl-2.4.7-1.azl3.x86_64.rpm
 libltdl-devel-2.4.7-1.azl3.x86_64.rpm
 lua-5.4.6-1.azl3.x86_64.rpm

toolkit/resources/manifests/package/toolchain_aarch64.txt

@@ -122,11 +122,11 @@ gdbm-lang-1.23-1.azl3.aarch64.rpm
 gettext-0.22-1.azl3.aarch64.rpm
 gettext-debuginfo-0.22-1.azl3.aarch64.rpm
 gfortran-13.2.0-7.azl3.aarch64.rpm
-glib-2.78.6-6.azl3.aarch64.rpm
-glib-debuginfo-2.78.6-6.azl3.aarch64.rpm
-glib-devel-2.78.6-6.azl3.aarch64.rpm
-glib-doc-2.78.6-6.azl3.noarch.rpm
-glib-schemas-2.78.6-6.azl3.aarch64.rpm
+glib-2.78.6-7.azl3.aarch64.rpm
+glib-debuginfo-2.78.6-7.azl3.aarch64.rpm
+glib-devel-2.78.6-7.azl3.aarch64.rpm
+glib-doc-2.78.6-7.azl3.noarch.rpm
+glib-schemas-2.78.6-7.azl3.aarch64.rpm
 glibc-2.38-18.azl3.aarch64.rpm
 glibc-debuginfo-2.38-18.azl3.aarch64.rpm
 glibc-devel-2.38-18.azl3.aarch64.rpm

toolkit/resources/manifests/package/toolchain_x86_64.txt

@@ -129,11 +129,11 @@ gdbm-lang-1.23-1.azl3.x86_64.rpm
 gettext-0.22-1.azl3.x86_64.rpm
 gettext-debuginfo-0.22-1.azl3.x86_64.rpm
 gfortran-13.2.0-7.azl3.x86_64.rpm
-glib-2.78.6-6.azl3.x86_64.rpm
-glib-debuginfo-2.78.6-6.azl3.x86_64.rpm
-glib-devel-2.78.6-6.azl3.x86_64.rpm
-glib-doc-2.78.6-6.azl3.noarch.rpm
-glib-schemas-2.78.6-6.azl3.x86_64.rpm
+glib-2.78.6-7.azl3.x86_64.rpm
+glib-debuginfo-2.78.6-7.azl3.x86_64.rpm
+glib-devel-2.78.6-7.azl3.x86_64.rpm
+glib-doc-2.78.6-7.azl3.noarch.rpm
+glib-schemas-2.78.6-7.azl3.x86_64.rpm
 glibc-2.38-18.azl3.x86_64.rpm
 glibc-debuginfo-2.38-18.azl3.x86_64.rpm
 glibc-devel-2.38-18.azl3.x86_64.rpm