diff --git a/.gitignore b/.gitignore index 39783d0..799c105 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ /rpm-4.9.90.git11505.tar.bz2 +/rpm-4.9.90.git11519.tar.bz2 diff --git a/rpm-4.9.90-canonarch.patch b/rpm-4.9.90-canonarch.patch deleted file mode 100644 index 3883517..0000000 --- a/rpm-4.9.90-canonarch.patch +++ /dev/null @@ -1,24 +0,0 @@ -commit 2e5d83e3d1a27044ee59f13f66b06e9011d1ac9f -Author: Panu Matilainen -Date: Fri Mar 30 09:56:43 2012 +0300 - - Axe leftover CANONARCH assignment messing up our "base" archs (RhBug:808250) - - - This should've been in commit 2a8d03669732f68f02fa7b21ec87ee3f65d11e5b, - the leftover CANONARCH resets the "base arch" we just set to a wrong - value. - (cherry picked from commit 7c39c65da4b1b012061ffbac179a650643d00ba9) - -diff --git a/installplatform b/installplatform -index c56d5665..f7ae241 100755 ---- a/installplatform -+++ b/installplatform -@@ -111,8 +111,6 @@ for ARCH in noarch `grep ^arch_canon $RPMRC | cut -d: -f2`; do - # skip architectures for which we dont have full config parameters - [ -z "$CANONARCH" ] && continue - -- CANONARCH="`echo $ARCH|sed -e "$canonarch_sed"`" -- - if [ "$OS" = "linux" ] && [ "$CANONCOLOR" = 3 ]; then - LIB=${LIB}64 - fi diff --git a/rpm-4.9.90-header-datalength.patch b/rpm-4.9.90-header-datalength.patch deleted file mode 100644 index 4cdf0b6..0000000 --- a/rpm-4.9.90-header-datalength.patch +++ /dev/null @@ -1,70 +0,0 @@ -commit 0b8c3218027c99a6d92c2ca53fe7f42cf87f30a4 -Author: Panu Matilainen -Date: Fri Mar 23 14:17:47 2012 +0200 - - Eliminate broken data end calculation in dataLength() - - - If the caller doesn't know the end pointer, we dont have a whole lot - of chance to come up with a reasonable one either. Just assume - the terminating \0's are there when end boundary is not specified: - when this happens we're dealing with relatively "trusted" data - anyway, the more critical case of reading in unknown headers does - always pass end pointers. - - While capping the end pointer to HEADER_DATA_MAX seems like a - reasonable thing to do (as was done in commit - f79909d04e43cbfbbcdc588530a8c8033c5e0a7c), it doesn't really help - (bad data would likely run past bounds anyway), and it's not right - either: the pointer can be to a stack address, and the stack can be - near the top of addressable range, and ptr + HEADER_DATA_MAX can - cause pointer wraparound. Notably that's exactly what happens - when running 32bit personality process on 64bit system on Linux, - at least in case of i386 process on x86_64, causing all sorts of - breakage.. - -diff --git a/lib/header.c b/lib/header.c -index d741552..023c6e3 100644 ---- a/lib/header.c -+++ b/lib/header.c -@@ -301,16 +301,27 @@ unsigned headerSizeof(Header h, int magicp) - return size; - } - --/* Bounded header string (array) size calculation, return -1 on error */ -+/* -+ * Header string (array) size calculation, bounded if end is non-NULL. -+ * Return length (including \0 termination) on success, -1 on error. -+ */ - static inline int strtaglen(const char *str, rpm_count_t c, const char *end) - { - const char *start = str; - const char *s; - -- while ((s = memchr(start, '\0', end-start))) { -- if (--c == 0 || s > end) -- break; -- start = s + 1; -+ if (end) { -+ while ((s = memchr(start, '\0', end-start))) { -+ if (--c == 0 || s > end) -+ break; -+ start = s + 1; -+ } -+ } else { -+ while ((s = strchr(start, '\0'))) { -+ if (--c == 0) -+ break; -+ start = s + 1; -+ } - } - return (c > 0) ? -1 : (s - str + 1); - } -@@ -328,8 +339,7 @@ static int dataLength(rpm_tagtype_t type, rpm_constdata_t p, rpm_count_t count, - int onDisk, rpm_constdata_t pend) - { - const char * s = p; -- /* Not all callers supply data end, avoid falling over edge of the world */ -- const char * se = pend ? pend : s + HEADER_DATA_MAX; -+ const char * se = pend; - int length = 0; - - switch (type) { diff --git a/rpm-4.9.90-int-libdb.patch b/rpm-4.9.90-int-libdb.patch deleted file mode 100644 index 41f82bf..0000000 --- a/rpm-4.9.90-int-libdb.patch +++ /dev/null @@ -1,67 +0,0 @@ -commit dd05fdd35f680dfff606731a664859ae45762bb1 -Author: Panu Matilainen -Date: Mon Mar 26 13:03:03 2012 +0300 - - Dont bother building internal versions of db utilities we dont need - - - rpmdb_dump, load, recover, verify, stat etc are useful at times, - but these are not. This also fixes build with internal db for - more recent versions of Berkeley DB. - -diff --git a/lib/Makefile.am b/lib/Makefile.am -index 8c3b970..2245c19 100644 ---- a/lib/Makefile.am -+++ b/lib/Makefile.am -@@ -82,29 +82,6 @@ CLEANFILES += $(libdb_la) - - rpmlibexec_PROGRAMS = - --rpmlibexec_PROGRAMS += rpmdb_archive --rpmdb_archive_SOURCES = --rpmdb_archive_LDADD = \ -- $(top_builddir)/db3/db_archive.o \ -- $(top_builddir)/db3/util_sig.o \ -- librpm.la -- --rpmlibexec_PROGRAMS += rpmdb_checkpoint --rpmdb_checkpoint_SOURCES = --rpmdb_checkpoint_LDADD = \ -- $(top_builddir)/db3/db_checkpoint.o \ -- $(top_builddir)/db3/util_log.o \ -- $(top_builddir)/db3/util_sig.o \ -- librpm.la -- --rpmlibexec_PROGRAMS += rpmdb_deadlock --rpmdb_deadlock_SOURCES = --rpmdb_deadlock_LDADD = \ -- $(top_builddir)/db3/db_deadlock.o \ -- $(top_builddir)/db3/util_log.o \ -- $(top_builddir)/db3/util_sig.o \ -- librpm.la -- - rpmlibexec_PROGRAMS += rpmdb_dump - rpmdb_dump_SOURCES = - rpmdb_dump_LDADD = \ -@@ -121,22 +98,6 @@ rpmdb_load_LDADD = \ - $(top_builddir)/db3/util_sig.o \ - librpm.la - --rpmlibexec_PROGRAMS += rpmdb_printlog --rpmdb_printlog_SOURCES = --rpmdb_printlog_LDADD = \ -- $(top_builddir)/db3/db_printlog.o \ -- $(top_builddir)/db3/btree_autop.o \ -- $(top_builddir)/db3/crdel_autop.o \ -- $(top_builddir)/db3/db_autop.o \ -- $(top_builddir)/db3/dbreg_autop.o \ -- $(top_builddir)/db3/fileops_autop.o \ -- $(top_builddir)/db3/hash_autop.o \ -- $(top_builddir)/db3/qam_autop.o \ -- $(top_builddir)/db3/rep_autop.o \ -- $(top_builddir)/db3/txn_autop.o \ -- $(top_builddir)/db3/util_sig.o \ -- librpm.la -- - rpmlibexec_PROGRAMS += rpmdb_recover - rpmdb_recover_SOURCES = - rpmdb_recover_LDADD = \ diff --git a/rpm-4.9.90-keyid-size.patch b/rpm-4.9.90-keyid-size.patch deleted file mode 100644 index 51bf603..0000000 --- a/rpm-4.9.90-keyid-size.patch +++ /dev/null @@ -1,37 +0,0 @@ -commit c5a140133505dbe3cf59c97bbf40c2f5526e5f5b -Author: Panu Matilainen -Date: Thu Mar 22 12:24:55 2012 +0200 - - Oops, "magic eight" is necessary here afterall - - - Fix regression from commit 807b402d95702f3f91e9e2bfbd2b5ca8c9964ed9, - the array gets passed as a pointer (how else would it work at all), - so despite having seemingly correct type, sizeof(keyid) depends - on the pointer size. This happens to be 8 on x86_64 and friends - but breaks on eg i386. - - Also return the explicit size from pgpExtractPubkeyFingerprint(), - this has been "broken" for much longer but then all callers should - really care about is -1 for error. - -diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c -index 4aac23d..e70cf70 100644 ---- a/rpmio/rpmpgp.c -+++ b/rpmio/rpmpgp.c -@@ -757,7 +757,7 @@ static int getFingerprint(const uint8_t *h, size_t hlen, pgpKeyID_t keyid) - (void) rpmDigestFinal(ctx, (void **)&d, &dlen, 0); - - if (d) { -- memcpy(keyid, (d + (dlen-sizeof(keyid))), sizeof(keyid)); -+ memcpy(keyid, (d + (dlen-8)), 8); - free(d); - rc = 0; - } -@@ -787,7 +787,7 @@ int pgpExtractPubkeyFingerprint(const char * b64pkt, pgpKeyID_t keyid) - if (rpmBase64Decode(b64pkt, (void **)&pkt, &pktlen) == 0) { - if (pgpPubkeyFingerprint(pkt, pktlen, keyid) == 0) { - /* if there ever was a bizarre return code for success... */ -- rc = sizeof(keyid); -+ rc = 8; - } - free(pkt); - } diff --git a/rpm-4.9.90-rpmdeps-args.patch b/rpm-4.9.90-rpmdeps-args.patch deleted file mode 100644 index 5be354b..0000000 --- a/rpm-4.9.90-rpmdeps-args.patch +++ /dev/null @@ -1,44 +0,0 @@ -commit 9a2547ff49ae2fa9a4c9118e5472bba045379f3d -Author: Panu Matilainen -Date: Thu Mar 29 11:26:57 2012 +0300 - - Accept files as command line arguments again in rpmdeps (RhBug:807767) - - - Commit a25c3c7bac95ab7eb55f0ecf0b8793d8da341611 removed what was - supposedly a non-supported method of passing files as arguments - (instead of the normal stdin method) to rpmdeps. Turns out - rpmdeps is even documented to take files as cli args, and that's - how Fedora's %filter_setup macros are calling it... - - Allow files as arguments again, but in a way that doesn't cause - argvFoo() vs popt crash-n-burn. - (cherry picked from commit fe252f21b370331016a952b085465cd97837aaef) - -diff --git a/tools/rpmdeps.c b/tools/rpmdeps.c -index 6b0b527..c3112eb 100644 ---- a/tools/rpmdeps.c -+++ b/tools/rpmdeps.c -@@ -60,11 +60,19 @@ main(int argc, char *argv[]) - if (optCon == NULL) - goto exit; - -- while (fgets(buf, sizeof(buf), stdin) != NULL) { -- char *be = buf + strlen(buf) - 1; -- while (strchr("\r\n", *be) != NULL) -- *be-- = '\0'; -- argvAdd(&av, buf); -+ /* normally files get passed through stdin but also accept files as args */ -+ if (poptPeekArg(optCon)) { -+ const char *arg; -+ while ((arg = poptGetArg(optCon)) != NULL) { -+ argvAdd(&av, arg); -+ } -+ } else { -+ while (fgets(buf, sizeof(buf), stdin) != NULL) { -+ char *be = buf + strlen(buf) - 1; -+ while (strchr("\r\n", *be) != NULL) -+ *be-- = '\0'; -+ argvAdd(&av, buf); -+ } - } - /* Make sure file names are sorted. */ - argvSort(av, NULL); diff --git a/rpm-4.9.90-rpmte-fileinfo-2.patch b/rpm-4.9.90-rpmte-fileinfo-2.patch deleted file mode 100644 index 4069909..0000000 --- a/rpm-4.9.90-rpmte-fileinfo-2.patch +++ /dev/null @@ -1,34 +0,0 @@ -commit 2f20f6e6b2cc6f26794678d1db16659c484a001c -Author: Panu Matilainen -Date: Wed Mar 21 09:07:21 2012 +0200 - - Transaction element file info can be legally NULL in some cases - - - rpmteClose() will wipe out the file info to free memory, we only - should care whether we failed to (re)load the file info. This - thinko in commit 06a2f1269b035a3a76464149834f2a5a8c4e89f2 - broke %posttrans scriptlets (and without commit - 274dbf557d1cac90f7c278f9b6d6af05997d92df, %pretrans in other - circumstances), whoopsie *blush*. Now, off to write a test-case - for our scriptlet behavior... - -diff --git a/lib/rpmte.c b/lib/rpmte.c -index 65e1e76..65d65af 100644 ---- a/lib/rpmte.c -+++ b/lib/rpmte.c -@@ -693,11 +693,12 @@ static int rpmteOpen(rpmte te, int reload_fi) - } - if (h != NULL) { - if (reload_fi) { -+ /* This can fail if we get a different, bad header from callback */ - te->fi = getFI(te, h); -+ rc = (te->fi != NULL); -+ } else { -+ rc = 1; - } -- -- /* This can fail if we get a different, bad header from callback */ -- rc = (te->fi != NULL); - - rpmteSetHeader(te, h); - headerFree(h); diff --git a/rpm-4.9.90-rpmte-fileinfo.patch b/rpm-4.9.90-rpmte-fileinfo.patch deleted file mode 100644 index af2c3b3..0000000 --- a/rpm-4.9.90-rpmte-fileinfo.patch +++ /dev/null @@ -1,28 +0,0 @@ -commit 274dbf557d1cac90f7c278f9b6d6af05997d92df -Author: Panu Matilainen -Date: Tue Mar 20 16:32:54 2012 +0200 - - Don't free up file info sets on transaction test-runs, take II - - - Despite commit cef18c94807af0935b7796c462aab8ed39f0f376, we'd still - end up freeing the file info sets via rpmteClose() while going - through the test-transaction packages. This together with commit - 06a2f1269b035a3a76464149834f2a5a8c4e89f2 caused install failures - on packages which have %pretrans scriptlets, if a test-transaction - was first performed on the same transaction set that gets used - for the "real" transaction as well. How wonderfully obscure... - -diff --git a/lib/rpmte.c b/lib/rpmte.c -index d1e4f87..65e1e76 100644 ---- a/lib/rpmte.c -+++ b/lib/rpmte.c -@@ -917,7 +917,8 @@ int rpmteProcess(rpmte te, pkgGoal goal) - { - /* Only install/erase resets pkg file info */ - int scriptstage = (goal != PKG_INSTALL && goal != PKG_ERASE); -- int reset_fi = (scriptstage == 0); -+ int test = (rpmtsFlags(te->ts) & RPMTRANS_FLAG_TEST); -+ int reset_fi = (scriptstage == 0 && test == 0); - int failed = 1; - - /* Dont bother opening for elements without pre/posttrans scripts */ diff --git a/rpm.spec b/rpm.spec index c98316d..fadfae0 100644 --- a/rpm.spec +++ b/rpm.spec @@ -12,7 +12,7 @@ %define rpmhome /usr/lib/rpm %define rpmver 4.9.90 -%define snapver git11505 +%define snapver git11519 %define srcver %{rpmver}%{?snapver:.%{snapver}} %define bdbname libdb @@ -46,13 +46,6 @@ Patch5: rpm-4.9.90-armhfp.patch Patch6: rpm-4.9.0-armhfp-logic.patch # Patches already in upstream -Patch200: rpm-4.9.90-rpmte-fileinfo.patch -Patch201: rpm-4.9.90-rpmte-fileinfo-2.patch -Patch202: rpm-4.9.90-keyid-size.patch -Patch203: rpm-4.9.90-header-datalength.patch -Patch204: rpm-4.9.90-rpmdeps-args.patch -Patch205: rpm-4.9.90-canonarch.patch -Patch206: rpm-4.9.90-int-libdb.patch # These are not yet upstream Patch301: rpm-4.6.0-niagara.patch @@ -222,14 +215,6 @@ packages on a system. %patch3 -p1 -b .no-man-dirs %patch4 -p1 -b .use-gpg2 -%patch200 -p1 -b .rpmte-fileinfo -%patch201 -p1 -b .rpmte-fileinfo-2 -%patch202 -p1 -b .keyid-size -%patch203 -p1 -b .header-datalength -%patch204 -p1 -b .rpmdeps-args -%patch205 -p1 -b .canonarch -%patch206 -p1 -b .int-libdb - %patch301 -p1 -b .niagara %patch302 -p1 -b .geode %patch304 -p1 -b .ldflags @@ -455,6 +440,11 @@ exit 0 %doc COPYING doc/librpm/html/* %changelog +* Thu Apr 05 2012 Panu Matilainen - 4.9.90-0.git11519.1 +- newer git snapshot to keep patch-count down +- fixes CVE-2012-0060, CVE-2012-0061 and CVE-2012-0815 +- fix obsoletes in installing set getting matched on provides (#810077) + * Wed Apr 04 2012 Jindrich Novy - 4.9.90-0.git11505.12 - rebuild against new libdb diff --git a/sources b/sources index 3db9f2d..e97334f 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -9206167147441cda84a56c338de9ebaa rpm-4.9.90.git11505.tar.bz2 +7e59625daeda485a9aef80c175712d1a rpm-4.9.90.git11519.tar.bz2