new file mode 100644
@@ -0,0 +1,49 @@
+From ec0b708b981af77fef8e4bbb603cde4de4cd2e29 Mon Sep 17 00:00:00 2001
+From: Michael Catanzaro <mcatanzaro@redhat.com>
+Date: Thu, 19 Sep 2024 18:35:53 +0100
+Subject: [PATCH] gsocks4aproxy: Fix a single byte buffer overflow in connect
+ messages
+
+`SOCKS4_CONN_MSG_LEN` failed to account for the length of the final nul
+byte in the connect message, which is an addition in SOCKSv4a vs
+SOCKSv4.
+
+This means that the buffer for building and transmitting the connect
+message could be overflowed if the username and hostname are both
+`SOCKS4_MAX_LEN` (255) bytes long.
+
+Proxy configurations are normally statically configured, so the username
+is very unlikely to be near its maximum length, and hence this overflow
+is unlikely to be triggered in practice.
+
+(Commit message by Philip Withnall, diagnosis and fix by Michael
+Catanzaro.)
+
+Fixes: #3461
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/ec0b708b981af77fef8e4bbb603cde4de4cd2e29]
+CVE: CVE-2024-52533
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ gio/gsocks4aproxy.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/gio/gsocks4aproxy.c b/gio/gsocks4aproxy.c
+index 3dad118eb7..b3146d08fd 100644
+--- a/gio/gsocks4aproxy.c
++++ b/gio/gsocks4aproxy.c
+@@ -79,9 +79,9 @@ g_socks4a_proxy_init (GSocks4aProxy *proxy)
+ * +----+----+----+----+----+----+----+----+----+----+....+----+------+....+------+
+ * | VN | CD | DSTPORT | DSTIP | USERID |NULL| HOST | | NULL |
+ * +----+----+----+----+----+----+----+----+----+----+....+----+------+....+------+
+- * 1 1 2 4 variable 1 variable
++ * 1 1 2 4 variable 1 variable 1
+ */
+-#define SOCKS4_CONN_MSG_LEN (9 + SOCKS4_MAX_LEN * 2)
++#define SOCKS4_CONN_MSG_LEN (10 + SOCKS4_MAX_LEN * 2)
+ static gint
+ set_connect_msg (guint8 *msg,
+ const gchar *hostname,
+--
+GitLab
+
@@ -50,6 +50,7 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \
file://CVE-2024-34397_17.patch \
file://CVE-2024-34397_18.patch \
file://0001-gvariant-serialiser-Convert-endianness-of-offsets.patch \
+ file://CVE-2024-52533.patch \
"
SRC_URI:append:class-native = " file://relocate-modules.patch"