commit
ba40b00fa2
@ -0,0 +1 @@
|
|||||||
|
SOURCES/rpm-4.19.1.1.tar.bz2
|
@ -0,0 +1 @@
|
|||||||
|
5ff9a545a18cd7183854b7ec6de675969fd9b1ec SOURCES/rpm-4.19.1.1.tar.bz2
|
@ -0,0 +1,27 @@
|
|||||||
|
From 65fa582b5cb267bb73c3e2b4c502f456d50c41f0 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Michal Domonkos <mdomonko@redhat.com>
|
||||||
|
Date: Mon, 12 Aug 2024 17:15:48 +0200
|
||||||
|
Subject: [PATCH] Fix memory leak in rpmsign
|
||||||
|
|
||||||
|
Found by Coverity.
|
||||||
|
|
||||||
|
Fixes: RHEL-37564
|
||||||
|
---
|
||||||
|
tools/rpmsign.c | 1 +
|
||||||
|
1 file changed, 1 insertion(+)
|
||||||
|
|
||||||
|
diff --git a/tools/rpmsign.c b/tools/rpmsign.c
|
||||||
|
index a47b2c109..c5e3e11b4 100644
|
||||||
|
--- a/tools/rpmsign.c
|
||||||
|
+++ b/tools/rpmsign.c
|
||||||
|
@@ -152,6 +152,7 @@ static int doSign(poptContext optCon, struct rpmSignArgs *sargs)
|
||||||
|
char *key = rpmExpand("%{?_file_signing_key}", NULL);
|
||||||
|
if (rstreq(key, "")) {
|
||||||
|
fprintf(stderr, _("You must set \"%%_file_signing_key\" in your macro file or on the command line with --fskpath\n"));
|
||||||
|
+ free(key);
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
2.46.0
|
||||||
|
|
@ -0,0 +1,32 @@
|
|||||||
|
From 1b90b8c7d176026b669ce28c6e185724a4b208b0 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Michal Domonkos <mdomonko@redhat.com>
|
||||||
|
Date: Fri, 7 Jun 2024 10:14:25 +0200
|
||||||
|
Subject: [PATCH] Fix potential use of uninitialized pgp struct
|
||||||
|
|
||||||
|
We only call initPgpData() after base64 encoding the pubkey so if the
|
||||||
|
latter fails, the kd struct will be left uninitialized and subsequently
|
||||||
|
read from after skipping to the exit label. Fix by initializing it.
|
||||||
|
|
||||||
|
Found by Coverity.
|
||||||
|
|
||||||
|
Fixes: RHEL-22605
|
||||||
|
---
|
||||||
|
lib/rpmts.c | 2 ++
|
||||||
|
1 file changed, 2 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/lib/rpmts.c b/lib/rpmts.c
|
||||||
|
index 3070b97e6..76964c60a 100644
|
||||||
|
--- a/lib/rpmts.c
|
||||||
|
+++ b/lib/rpmts.c
|
||||||
|
@@ -508,6 +508,8 @@ static int makePubkeyHeader(rpmts ts, rpmPubkey key, rpmPubkey *subkeys,
|
||||||
|
int rc = -1;
|
||||||
|
int i;
|
||||||
|
|
||||||
|
+ memset(&kd, 0, sizeof(kd));
|
||||||
|
+
|
||||||
|
if ((enc = rpmPubkeyBase64(key)) == NULL)
|
||||||
|
goto exit;
|
||||||
|
|
||||||
|
--
|
||||||
|
2.46.0
|
||||||
|
|
@ -0,0 +1,32 @@
|
|||||||
|
From bff65aad8af719542c7b0c6429e09223c014a909 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Michal Domonkos <mdomonko@redhat.com>
|
||||||
|
Date: Thu, 6 Jun 2024 09:15:02 +0200
|
||||||
|
Subject: [PATCH] Fix potential use of uninitialized pipe array
|
||||||
|
|
||||||
|
We only call pipe(2) after the script is written to disk so if the
|
||||||
|
latter fails, the array will be left uninitialized and subsequently read
|
||||||
|
after skipping to the exit label. Fix by initializing it.
|
||||||
|
|
||||||
|
Found by Coverity.
|
||||||
|
|
||||||
|
Fixes: RHEL-22604
|
||||||
|
---
|
||||||
|
lib/rpmscript.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/lib/rpmscript.c b/lib/rpmscript.c
|
||||||
|
index 281c55c53..1de4acf8e 100644
|
||||||
|
--- a/lib/rpmscript.c
|
||||||
|
+++ b/lib/rpmscript.c
|
||||||
|
@@ -316,7 +316,7 @@ static rpmRC runExtScript(rpmPlugins plugins, ARGV_const_t prefixes,
|
||||||
|
char * fn = NULL;
|
||||||
|
pid_t pid, reaped;
|
||||||
|
int status;
|
||||||
|
- int inpipe[2];
|
||||||
|
+ int inpipe[2] = { -1, -1 };
|
||||||
|
FILE *in = NULL;
|
||||||
|
const char *line;
|
||||||
|
char *mline = NULL;
|
||||||
|
--
|
||||||
|
2.46.0
|
||||||
|
|
@ -0,0 +1,12 @@
|
|||||||
|
diff '--color=auto' -rup rpm-4.17.0-orig/macros.in rpm-4.17.0/macros.in
|
||||||
|
--- rpm-4.17.0-orig/macros.in 2021-08-20 04:44:56.264259007 -0400
|
||||||
|
+++ rpm-4.17.0/macros.in 2022-01-26 20:11:26.864195884 -0500
|
||||||
|
@@ -140,7 +140,7 @@
|
||||||
|
%_buildshell /bin/sh
|
||||||
|
|
||||||
|
# The location of the rpm database file(s).
|
||||||
|
-%_dbpath %{_var}/lib/rpm
|
||||||
|
+%_dbpath %{_usr}/lib/sysimage/rpm
|
||||||
|
|
||||||
|
# The location of the rpm database file(s) after "rpm --rebuilddb".
|
||||||
|
%_dbpath_rebuild %{_dbpath}
|
@ -0,0 +1,11 @@
|
|||||||
|
--- rpm-4.18.90/macros.in.orig 2023-04-17 14:48:14.802719586 +0200
|
||||||
|
+++ rpm-4.18.90/macros.in 2023-04-17 14:48:25.268852972 +0200
|
||||||
|
@@ -236,7 +236,7 @@
|
||||||
|
%clamp_mtime_to_source_date_epoch 0
|
||||||
|
|
||||||
|
# If enabled, dilute user() and group() requires into recommends
|
||||||
|
-#%_use_weak_usergroup_deps 1
|
||||||
|
+%_use_weak_usergroup_deps 1
|
||||||
|
|
||||||
|
# The directory where newly built binary packages will be written.
|
||||||
|
%_rpmdir %{_topdir}/RPMS
|
@ -0,0 +1,12 @@
|
|||||||
|
diff -up rpm-4.18.92/macros.in.orig rpm-4.18.92/macros.in
|
||||||
|
--- rpm-4.18.92/macros.in.orig 2023-08-02 17:56:49.858065935 +0200
|
||||||
|
+++ rpm-4.18.92/macros.in 2023-08-02 17:57:01.967988065 +0200
|
||||||
|
@@ -138,7 +138,7 @@
|
||||||
|
|
||||||
|
# sysusers helper binary (or a replacement script), uncomment to disable
|
||||||
|
#%__systemd_sysusers @__SYSTEMD_SYSUSERS@
|
||||||
|
-%__systemd_sysusers %{_rpmconfigdir}/sysusers.sh
|
||||||
|
+#%__systemd_sysusers %{_rpmconfigdir}/sysusers.sh
|
||||||
|
|
||||||
|
#
|
||||||
|
# Path to script that creates debug symbols in a /usr/lib/debug
|
@ -0,0 +1,14 @@
|
|||||||
|
diff -up rpm-4.18.1/macros.in.orig rpm-4.18.1/macros.in
|
||||||
|
--- rpm-4.18.1/macros.in.orig 2023-03-15 13:52:55.211928040 +0100
|
||||||
|
+++ rpm-4.18.1/macros.in 2023-03-15 13:55:04.113129930 +0100
|
||||||
|
@@ -746,7 +746,9 @@ package or when debugging this package.\
|
||||||
|
%{?_javaclasspath:CLASSPATH=\"%{_javaclasspath}\"\
|
||||||
|
export CLASSPATH}\
|
||||||
|
PKG_CONFIG_PATH=\"${PKG_CONFIG_PATH}:%{_libdir}/pkgconfig:%{_datadir}/pkgconfig\"\
|
||||||
|
- export PKG_CONFIG_PATH
|
||||||
|
+ export PKG_CONFIG_PATH\
|
||||||
|
+ CONFIG_SITE=${CONFIG_SITE:-NONE}\
|
||||||
|
+ export CONFIG_SITE
|
||||||
|
|
||||||
|
%___build_pre \
|
||||||
|
%{___build_pre_env} \
|
@ -0,0 +1,14 @@
|
|||||||
|
diff --git a/rpmrc.in b/rpmrc.in
|
||||||
|
index 4a6cca9..d62ddaf 100644
|
||||||
|
--- a/rpmrc.in
|
||||||
|
+++ b/rpmrc.in
|
||||||
|
@@ -281,7 +281,7 @@ arch_compat: alphaev5: alpha
|
||||||
|
arch_compat: alpha: axp noarch
|
||||||
|
|
||||||
|
arch_compat: athlon: i686
|
||||||
|
-arch_compat: geode: i586
|
||||||
|
+arch_compat: geode: i686
|
||||||
|
arch_compat: pentium4: pentium3
|
||||||
|
arch_compat: pentium3: i686
|
||||||
|
arch_compat: i686: i586
|
||||||
|
|
@ -0,0 +1,12 @@
|
|||||||
|
diff -up rpm-4.9.90.git11486/scripts/find-lang.sh.no-man-dirs rpm-4.9.90.git11486/scripts/find-lang.sh
|
||||||
|
--- rpm-4.9.90.git11486/scripts/find-lang.sh.no-man-dirs 2012-03-07 11:31:10.000000000 +0200
|
||||||
|
+++ rpm-4.9.90.git11486/scripts/find-lang.sh 2012-03-07 15:11:57.465801075 +0200
|
||||||
|
@@ -181,7 +181,7 @@ s:%lang(C) ::
|
||||||
|
find "$TOP_DIR" -type d|sed '
|
||||||
|
s:'"$TOP_DIR"'::
|
||||||
|
'"$ALL_NAME$MAN"'s:\(.*/man/\([^/_]\+\).*/man[a-z0-9]\+/\)::
|
||||||
|
-'"$ALL_NAME$MAN"'s:\(.*/man/\([^/_]\+\).*/man[a-z0-9]\+$\):%lang(\2) \1*:
|
||||||
|
+'"$ALL_NAME$MAN"'s:\(.*/man/\([^/_]\+\).*/man[a-z0-9]\+$\):%lang(\2) \1/*:
|
||||||
|
s:^\([^%].*\)::
|
||||||
|
s:%lang(C) ::
|
||||||
|
/^$/d' >> $MO_NAME
|
@ -0,0 +1,18 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=RPM database migration to /usr
|
||||||
|
ConditionPathExists=/var/lib/rpm/.migratedb
|
||||||
|
|
||||||
|
# This should run before any daemons that may open the rpmdb
|
||||||
|
DefaultDependencies=no
|
||||||
|
After=sysinit.target
|
||||||
|
Before=basic.target shutdown.target
|
||||||
|
Conflicts=shutdown.target
|
||||||
|
# In case /var is remote-mounted
|
||||||
|
RequiresMountsFor=/var
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
ExecStart=/usr/lib/rpm/rpmdb_migrate
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=basic.target
|
@ -0,0 +1,19 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=RPM database rebuild
|
||||||
|
ConditionPathExists=/usr/lib/sysimage/rpm/.rebuilddb
|
||||||
|
|
||||||
|
# This should run before any daemons that may open the rpmdb
|
||||||
|
DefaultDependencies=no
|
||||||
|
After=sysinit.target
|
||||||
|
Before=basic.target shutdown.target
|
||||||
|
Conflicts=shutdown.target
|
||||||
|
# In case /usr is remote-mounted
|
||||||
|
RequiresMountsFor=/usr
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
ExecStart=/usr/bin/rpmdb --rebuilddb
|
||||||
|
ExecStartPost=rm -f /usr/lib/sysimage/rpm/.rebuilddb
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=basic.target
|
@ -0,0 +1,40 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# Script to migrate rpmdb from /var/lib/rpm to new rpmdb path in /usr
|
||||||
|
|
||||||
|
# Copyright (C) 2022 Neal Gompa <ngompa@fedoraproject.org>.
|
||||||
|
#
|
||||||
|
# Fedora-License-Identifier: GPLv2+
|
||||||
|
# SPDX-2.0-License-Identifier: GPL-2.0+
|
||||||
|
# SPDX-3.0-License-Identifier: GPL-2.0-or-later
|
||||||
|
#
|
||||||
|
# This program is free software.
|
||||||
|
# For more information on the license, see COPYING or
|
||||||
|
# <https://www.gnu.org/licenses/gpl-2.0.en.html>.
|
||||||
|
# For more information on free software, see
|
||||||
|
# <https://www.gnu.org/philosophy/free-sw.en.html>.
|
||||||
|
|
||||||
|
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
# Script to migrate the rpmdb to /usr
|
||||||
|
rpmdb_path="$(rpm --eval '%_dbpath')"
|
||||||
|
rpmdb_path_old="/var/lib/rpm"
|
||||||
|
rpmdb_path_new="${rpmdb_path}"
|
||||||
|
|
||||||
|
|
||||||
|
if [ "${rpmdb_path}" = "${rpmdb_path_old}" ]; then
|
||||||
|
echo "The rpmdb path is still in /var, exiting!"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -L "${rpmdb_path_old}" ]; then
|
||||||
|
echo "The rpmdb has already been migrated, exiting!"
|
||||||
|
rm -v "${rpmdb_path_old}/.migratedb"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
rpm --verbose --rebuilddb
|
||||||
|
|
||||||
|
rm -rfv ${rpmdb_path_old}
|
||||||
|
|
||||||
|
ln -srv ${rpmdb_path_new} ${rpmdb_path_old}
|
File diff suppressed because it is too large
Load Diff
Loading…
Reference in new issue