rpms
/
transmission
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

PAtch for CVE-2018-10756

Browse Source
epel9
Gwyn Ciesla 5 years ago
parent 709d5e53a9
commit ec98cd4071
2 changed files with 67 additions and 1 deletions
Show Stats Download Patch File Download Diff File

62
2123adf8e5e1c2b48791f9d22fc8c747e974180e.patch
Unescape View File

@ -0,0 +1,62 @@
--- libtransmission/variant.c~ 2018-05-01 12:21:08.000000000 -0500
+++ libtransmission/variant.c 2020-05-18 10:21:27.554214128 -0500
@@ -820,7 +820,7 @@
struct SaveNode
{
const tr_variant * v;
- tr_variant sorted;
+ tr_variant* sorted;
size_t childIndex;
bool isVisited;
};
@@ -849,26 +849,33 @@
qsort (tmp, n, sizeof (struct KeyIndex), compareKeyIndex);
- tr_variantInitDict (&node->sorted, n);
+ node->sorted = tr_new(tr_variant, 1);
+ tr_variantInitDict (node->sorted, n);
for (i=0; i<n; ++i)
- node->sorted.val.l.vals[i] = *tmp[i].val;
+ node->sorted->val.l.vals[i] = *tmp[i].val;
node->sorted.val.l.count = n;
tr_free (tmp);
- node->v = &node->sorted;
+ v = node->sorted;
}
else
{
- node->v = v;
+ node->sorted = NULL;
}
+
+ node->v = v;
}
static void
nodeDestruct (struct SaveNode * node)
{
- if (node->v == &node->sorted)
- tr_free (node->sorted.val.l.vals);
+ //TR_ASSERT(node != NULL);
+ if (node->sorted != NULL)
+ {
+ tr_free(node->sorted->val.l.vals);
+ tr_free(node->sorted);
+ }
}
/**
--- libtransmission/variant.c~ 2020-05-18 10:21:49.000000000 -0500
+++ libtransmission/variant.c 2020-05-18 10:24:34.673648865 -0500
@@ -853,7 +853,7 @@
tr_variantInitDict (node->sorted, n);
for (i=0; i<n; ++i)
node->sorted->val.l.vals[i] = *tmp[i].val;
- node->sorted.val.l.count = n;
+ node->sorted->val.l.count = n;
tr_free (tmp);

6
transmission.spec
Unescape View File

@ -2,7 +2,7 @@
Name: transmission Name: transmission
Version: 2.94 Version: 2.94
Release: 8%{?dist} Release: 9%{?dist}
Summary: A lightweight GTK+ BitTorrent client Summary: A lightweight GTK+ BitTorrent client
# See COPYING. This licensing situation is... special. # See COPYING. This licensing situation is... special.
License: MIT and GPLv2 License: MIT and GPLv2
@ -16,6 +16,7 @@ Patch2: transmission-fdlimits.patch
# Fix the DBus name to match the app name for flatpak builds # Fix the DBus name to match the app name for flatpak builds
# https://github.com/transmission/transmission/pull/847 # https://github.com/transmission/transmission/pull/847
Patch3: 0001-gtk-use-com.transmissionbt.Transmission.-D-Bus-names.patch Patch3: 0001-gtk-use-com.transmissionbt.Transmission.-D-Bus-names.patch
Patch4: 2123adf8e5e1c2b48791f9d22fc8c747e974180e.patch
BuildRequires: openssl-devel >= 1.1.0 BuildRequires: openssl-devel >= 1.1.0
BuildRequires: glib2-devel >= 2.32.0 BuildRequires: glib2-devel >= 2.32.0
@ -226,6 +227,9 @@ EOF
%doc %{_mandir}/man1/transmission-qt.* %doc %{_mandir}/man1/transmission-qt.*
%changelog %changelog
* Mon May 18 2020 Gwyn Ciesla <gwync@protonmail.com> - 2.94-9
- Backported patch for CVE-2018-10756
* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.94-8 * Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.94-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild

Write Preview
Loading…
Cancel
Save