[glib] 2.67.4

[Philip Withnall <pwithnall src gnome org>]

commit 4236672170fcf643fd7425fcc74cc8d8340ebd79
Author: Philip Withnall <pwithnall endlessos org>
Date:   Tue Feb 16 16:24:25 2021 +0000

    2.67.4
    
    Signed-off-by: Philip Withnall <pwithnall endlessos org>

 NEWS        | 64 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 meson.build |  2 +-
 2 files changed, 65 insertions(+), 1 deletion(-)
---
diff --git a/NEWS b/NEWS
index d70847889..df6b6a217 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,67 @@
+Overview of changes in GLib 2.67.4
+==================================
+
+* Add a `g_string_replace()` function (work by Joshua Lee) (#225)
+
+* Add `G_DBUS_SERVER_FLAGS_AUTHENTICATION_REQUIRE_SAME_USER` flag to simplify
+  the common case for writing a D-Bus authentication observer, allowing most
+  uses of `GDBusAuthObserver` to be dropped (#1804)
+
+* Add a new `g_spawn_with_pipes_and_fds()` variant which supports renumbering
+  FDs (#2097)
+
+* Add new g_memdup2() API to replace g_memdup(), which is vulnerable to a
+  silent integer truncation and heap overflow problem if not used carefully
+  (discovered by Kevin Backhouse, work by Philip Withnall) (#2319)
+
+* Fix various regressions caused by rushed security fixes in 2.66.6 (work by
+  Simon McVittie and Jan Alexander Steffens) (!1932, !1941, #2323)
+
+* Fix a silent integer truncation when calling g_byte_array_new_take() for
+  byte arrays bigger than G_MAXUINT (work by Krzesimir Nowak) (!1942)
+
+* Fix `g_utf8_strdown()` to fix some issues in Turkish
+  (work by Kjell Ahlstedt) (!1930)
+
+* Bugs fixed:
+ - #225 GString doesn't have a g_string_replace() function
+ - #587 g_input_stream_skip() out-of-bounds behavior is inconsistent between implementations
+ - #1804 Add G_DBUS_SERVER_FLAGS_AUTHENTICATION_REQUIRE_SAME_USER flag
+ - #2097 GSubprocessLauncher with FD assignment can clash with g_spawn_async internal pipe
+ - #2315 httpproxy: Need overflow protection when reading response during connection establishment
+ - #2319 CVE-2021-27219 (GHSL-2021-045): integer overflow in g_bytes_new/g_memdup
+ - #2322 g_test_dbus: double output when piping
+ - #2323 [GLIB 2.66.6] g_io_channel_set_line_term() stopped working with null terminated strings and length 
-1
+ - !1917 Adding a missing test on integer overflow within g_http_proxy_connect()
+ - !1918 Fix more warnings
+ - !1923 Add support for Tilix and Konsole
+ - !1930 guniprop: Fix g_utf8_strdown() for Turkish locale
+ - !1932 gtlspassword: Fix inverted assertion
+ - !1934 gdbus: Reject attempts to set future connection or server flags
+ - !1938 Fix more warnings
+ - !1939 ci: Temporarily disable macOS CI job as runner is offline
+ - !1940 Fix more warnings
+ - !1941 gkeyfilesettingsbackend: Fix basename handling when group is unset
+ - !1942 CVE-2021-27218: gbytearray: Do not accept too large byte arrays
+ - !1947 Revert "Merge branch 'wip/pwithnall/macos-ci-disable' into 'master'"
+ - !1948 tests: Use a more realistic language code than sv_SV
+ - !1949 gatomic: Make fallback g_atomic_pointer_get type-safe
+ - !1951 Add a test for parsing 0 as double
+ - !1955 tests: Add missing NULL terminator to spawn-singlethread test
+
+* Translation updates:
+ - Catalan
+ - Galician
+ - Hungarian
+ - Portuguese
+ - Romanian
+ - Slovenian
+ - Spanish
+ - Swedish
+ - Turkish
+ - Ukrainian
+
+
 Overview of changes in GLib 2.67.3
 ==================================
 
diff --git a/meson.build b/meson.build
index 0d892fb2d..8a6dfaede 100644
--- a/meson.build
+++ b/meson.build
@@ -1,5 +1,5 @@
 project('glib', 'c', 'cpp',
-  version : '2.67.3',
+  version : '2.67.4',
   # NOTE: We keep this pinned at 0.49 because that's what Debian 10 ships
   meson_version : '>= 0.49.2',
   default_options : [