From ef23f9acf0ace002dec0e2704422123ceddec836 Mon Sep 17 00:00:00 2001
From: wh02252983 <wh02252983@alibaba-inc.com>
Date: Thu, 11 Sep 2025 10:21:12 +0800
Subject: [PATCH] [CVE] add patch to fix CVE-2025-7039 To # N/A add patch to
 fix CVE-2025-7039 Project: TC2024080204 Signed-off-by: wh02252983
 <wh02252983@alibaba-inc.com>

---
 ...-Backport-patch-to-fix-CVE-2025-7039.patch | 29 +++++++++++++++++++
 glib2.spec                                    |  7 ++++-
 2 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100644 1007-Backport-patch-to-fix-CVE-2025-7039.patch

diff --git a/1007-Backport-patch-to-fix-CVE-2025-7039.patch b/1007-Backport-patch-to-fix-CVE-2025-7039.patch
new file mode 100644
index 0000000..d61e78a
--- /dev/null
+++ b/1007-Backport-patch-to-fix-CVE-2025-7039.patch
@@ -0,0 +1,29 @@
+diff --git a/glib/gfileutils.c b/glib/gfileutils.c
+index 0918a65..a46e008 100644
+--- a/glib/gfileutils.c
++++ b/glib/gfileutils.c
+@@ -1532,9 +1532,9 @@ get_tmp_file (gchar            *tmpl,
+   static const char letters[] =
+     "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
+   static const int NLETTERS = sizeof (letters) - 1;
+-  gint64 value;
+-  gint64 now_us;
+-  static int counter = 0;
++  guint64 value;
++  guint64 now_us;
++  static guint counter = 0;
+ 
+   g_return_val_if_fail (tmpl != NULL, -1);
+ 
+@@ -1553,7 +1553,7 @@ get_tmp_file (gchar            *tmpl,
+ 
+   for (count = 0; count < 100; value += 7777, ++count)
+     {
+-      gint64 v = value;
++      guint64 v = value;
+ 
+       /* Fill in the random bits.  */
+       XXXXXX[0] = letters[v % NLETTERS];
+-- 
+2.43.5
+
diff --git a/glib2.spec b/glib2.spec
index 9a939e8..553e0be 100644
--- a/glib2.spec
+++ b/glib2.spec
@@ -1,4 +1,4 @@
-%define anolis_release 6
+%define anolis_release 7
 Name: glib2
 Version: 2.78.3
 Release: %{anolis_release}%{?dist}
@@ -20,6 +20,8 @@ Patch1004:     1004-Backport-patch-to-fix-CVE-2024-34397.patch
 Patch1005:     1005-Backport-patch-to-fix-CVE-2025-6052.patch
 # https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4570
 Patch1006:     1006-Backport-patch-to-fix-CVE-2025-4056.patch
+# https://gitlab.gnome.org/GNOME/glib/-/commit/61e963284889ddb4544e6f1d5261c16120f6fcc3
+Patch1007:     1007-Backport-patch-to-fix-CVE-2025-7039.patch
 
 BuildRequires: gcc meson >= 0.60.0 gettext gtk-doc perl-interpreter glibc-devel
 BuildRequires: systemtap-sdt-devel zlib-devel python3-devel
@@ -164,6 +166,9 @@ touch %{buildroot}%{_libdir}/gio/modules/giomodule.cache
 %doc NEWS README.md
 
 %changelog
+* Thu Sep 11 2025 wh02252983 <wh02252983@alibaba-inc.com> - 2.78.3-7
+- Add patch to fix CVE-2025-7039
+
 * Wed Aug 13 2025 wenxin <wx02272781@alibaba-inc.com> - 2.78.3-6
 - Add patch to fix CVE-2024-34397,CVE-2025-6052,CVE-2025-4056
 
-- 
Gitee