Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

gdk-pixbuf: enable other loaders, disable ani loader #308976

Merged
merged 2 commits into from
May 9, 2024
Merged

gdk-pixbuf: enable other loaders, disable ani loader #308976

merged 2 commits into from
May 9, 2024

Conversation

qubitnano
Copy link
Contributor

@qubitnano qubitnano commented May 4, 2024
edited by jtojnar

Description of changes

Starting with 2.42.11, several loaders are disabled by default:

https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/merge_requests/163

This breaks at least the following on master:

  • building eduke32
  • building netsurf-browser
  • gkrellm builds but segfaults on launch
  • edit(@bobby285271): also Budgie desktop's workspace switcher via libxfce4windowing's xfw-wnck-icon

This enables the "others" option to restore previous behavior while still removing the ani loader due to CVE-2022-48622.

Fixes: #313199

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 24.05 Release Notes (or backporting 23.05 and 23.11 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

Add a 👍 reaction to pull requests you find important.

@qubitnano
gdk-pixbuf: enable other loaders
e69ace5 
2.42.11 disables several loaders by default. The meson option "others" reenables
these for packages that still depend on them.
@qubitnano
gdk-pixbuf: disable ani loader
9b10f90 
The "others" option includes ani which is currently affected by CVE-2022-48622.
Disable this by removing it from the build while allowing the other loaders
to build.
@jtojnar
Copy link
Contributor

jtojnar commented May 4, 2024

Aagh, I forgot about this. There is some more discussion in https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/merge_requests/169. They might end up splitting the other loaders to a separate package: https://gitlab.gnome.org/ebassi/gdk-pixbuf-extra

Generally, we aim to follow upstream and it is true that the others loaders have been unmaintained for years and there is quite a chance of more unnoticed security issues.

But the timing is pretty bad so we might need to merge this for 24.05 unless we manage to resolve the build issues individually.

@trofi
Copy link
Contributor

trofi commented May 5, 2024

I also noticed that claws-mail fails to load any icons with (claws-mail:6551): GdkPixbuf-WARNING **: 22:41:22.928: Error loading XPM image loader: Image type “xpm” is not supported errors.

This was referenced May 7, 2024
Merged
Closed
@SFrijters SFrijters mentioned this pull request May 7, 2024
Closed
@SFrijters
Copy link
Member

quodlibet-full fails its test suite with E gi.repository.GLib.GError: gdk-pixbuf-error-quark: Couldn’t recognize the image file format for file “/build/source/tests/data/image.bmp” (3), it's fixed if I cherry pick these commits on top.

@bobby285271 bobby285271 merged commit 104f667 into NixOS:staging May 9, 2024
30 checks passed
@qubitnano qubitnano deleted the pr/gdk-pixbuf branch May 10, 2024 21:13
@fgaz fgaz mentioned this pull request May 13, 2024
Closed
This was referenced May 15, 2024
Merged
Closed
@nixos-discourse
Copy link

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/i-need-some-help-making-a-nix-package-for-the-remote-desktop-manager-rdm-app/45683/4

@trofi trofi mentioned this pull request May 27, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dasj19 dasj19 Awaiting requested review from dasj19

@hedning hedning Awaiting requested review from hedning

@bobby285271 bobby285271 Awaiting requested review from bobby285271

@jtojnar jtojnar Awaiting requested review from jtojnar

@edolstra edolstra Awaiting requested review from edolstra

Assignees
No one assigned
Labels
10.rebuild-darwin: 501+ 10.rebuild-darwin: 5001+ 10.rebuild-linux: 501+ 10.rebuild-linux: 5001+
Projects
No open projects
24.05 Blockers
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@qubitnano @jtojnar @trofi @SFrijters @nixos-discourse @bobby285271