rpms
/
yajl
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: rpms:c9
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i10cs
rpms:cs10
rpms:i8c
rpms:c8
rpms:i9c
rpms:c9
rpms:i9c-beta
rpms:c9-beta
...
pull from: rpms:cs10
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i10cs
rpms:cs10
rpms:i8c
rpms:c8
rpms:i9c
rpms:c9
rpms:i9c-beta
rpms:c9-beta

No commits in common. 'c9' and 'cs10' have entirely different histories.
c9 ... cs10

12 changed files with 278 additions and 144 deletions
Show Stats

23
SOURCES/yajl-2.1.0-pkgconfig-location.patch → SOURCES/0001-pkg-config-file-should-be-in-lib-dir-not-shared-data.patch
Unescape View File

@ -1,6 +1,20 @@
diff -rup yajl-2.1.0.orig/src/CMakeLists.txt yajl-2.1.0.new/src/CMakeLists.txt
--- yajl-2.1.0.orig/src/CMakeLists.txt 2014-03-19 04:58:29.000000000 +0000
+++ yajl-2.1.0.new/src/CMakeLists.txt 2014-04-28 11:19:28.431492533 +0100
From a319e9c853d787a9033e14436a5a80381e954a26 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Mon, 10 Jul 2023 13:42:30 +0100
Subject: [PATCH 1/8] pkg-config file should be in lib dir, not shared data dir
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
src/CMakeLists.txt | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 99cf9e9..789ddf9 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -30,7 +30,7 @@ ADD_DEFINITIONS(-DYAJL_BUILD)
# set up some paths
SET (libDir ${CMAKE_CURRENT_BINARY_DIR}/../${YAJL_DIST_NAME}/lib)
@ -25,3 +39,6 @@ diff -rup yajl-2.1.0.orig/src/CMakeLists.txt yajl-2.1.0.new/src/CMakeLists.txt
INSTALL(FILES ${incDir}/yajl_version.h DESTINATION include/yajl)
-INSTALL(FILES ${shareDir}/yajl.pc DESTINATION share/pkgconfig)
+INSTALL(FILES ${pkgconfigDir}/yajl.pc DESTINATION lib${LIB_SUFFIX}/pkgconfig)
--
2.41.0

30
SOURCES/0002-pkg-config-include-dir-should-not-have-the-yajl-suff.patch
Unescape View File

@ -0,0 +1,30 @@
From 0eaa8db35c9e580f27ba0c90d11b173cb1d96687 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Mon, 10 Jul 2023 13:43:25 +0100
Subject: [PATCH 2/8] pkg-config include dir should not have the 'yajl' suffix
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Apps use '#include <yajl/yajl.h>' for includes historically.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
src/yajl.pc.cmake | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/yajl.pc.cmake b/src/yajl.pc.cmake
index 6eaca14..485ded9 100644
--- a/src/yajl.pc.cmake
+++ b/src/yajl.pc.cmake
@@ -1,6 +1,6 @@
prefix=${CMAKE_INSTALL_PREFIX}
libdir=${dollar}{prefix}/lib${LIB_SUFFIX}
-includedir=${dollar}{prefix}/include/yajl
+includedir=${dollar}{prefix}/include
Name: Yet Another JSON Library
Description: A Portable JSON parsing and serialization library in ANSI C
--
2.41.0

31
SOURCES/yajl-2.1.0-test-location.patch → SOURCES/0003-fix-patch-to-test-files-to-take-account-of-vpath.patch
Unescape View File

@ -1,6 +1,21 @@
diff -rup yajl-2.1.0.orig/test/api/run_tests.sh yajl-2.1.0.new/test/api/run_tests.sh
--- yajl-2.1.0.orig/test/api/run_tests.sh 2014-03-19 04:58:29.000000000 +0000
+++ yajl-2.1.0.new/test/api/run_tests.sh 2014-04-28 11:27:26.006405320 +0100
From 39b9c104275a5eac498f5d2a92b462d10381a9eb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Mon, 10 Jul 2023 13:44:26 +0100
Subject: [PATCH 3/8] fix patch to test files to take account of vpath
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
test/api/run_tests.sh | 2 +-
test/parsing/run_tests.sh | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/test/api/run_tests.sh b/test/api/run_tests.sh
index 6655152..88e43fb 100755
--- a/test/api/run_tests.sh
+++ b/test/api/run_tests.sh
@@ -5,7 +5,7 @@ echo Running api tests:
tests=0
passed=0
@ -10,9 +25,10 @@ diff -rup yajl-2.1.0.orig/test/api/run_tests.sh yajl-2.1.0.new/test/api/run_test
[ ! -x $file -o -d $file ] && continue
tests=`expr 1 + $tests`
printf " test(%s): " $file
diff -rup yajl-2.1.0.orig/test/parsing/run_tests.sh yajl-2.1.0.new/test/parsing/run_tests.sh
--- yajl-2.1.0.orig/test/parsing/run_tests.sh 2014-03-19 04:58:29.000000000 +0000
+++ yajl-2.1.0.new/test/parsing/run_tests.sh 2014-04-28 11:25:51.239025722 +0100
diff --git a/test/parsing/run_tests.sh b/test/parsing/run_tests.sh
index b37e4dd..ceb2e7a 100755
--- a/test/parsing/run_tests.sh
+++ b/test/parsing/run_tests.sh
@@ -16,11 +16,11 @@ fi
# find test binary on both platforms. allow the caller to force a
# particular test binary (useful for non-cmake build systems).
@ -28,3 +44,6 @@ diff -rup yajl-2.1.0.orig/test/parsing/run_tests.sh yajl-2.1.0.new/test/parsing/
if [ ! -x $testBin ] ; then
${ECHO} "cannot execute test binary: '$testBin'"
exit 1;
--
2.41.0

43
SOURCES/0004-drop-bogus-_s-suffix-from-yajl-dynamic-library.patch
Unescape View File

@ -0,0 +1,43 @@
From c98c00d6957601b95f3982f3d9460868469a299e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Mon, 10 Jul 2023 13:45:36 +0100
Subject: [PATCH 4/8] drop bogus '_s' suffix from yajl dynamic library
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
reformatter/CMakeLists.txt | 2 +-
verify/CMakeLists.txt | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/reformatter/CMakeLists.txt b/reformatter/CMakeLists.txt
index 52a9bee..4b7b3fa 100644
--- a/reformatter/CMakeLists.txt
+++ b/reformatter/CMakeLists.txt
@@ -26,7 +26,7 @@ LINK_DIRECTORIES(${CMAKE_CURRENT_BINARY_DIR}/../${YAJL_DIST_NAME}/lib)
ADD_EXECUTABLE(json_reformat ${SRCS})
-TARGET_LINK_LIBRARIES(json_reformat yajl_s)
+TARGET_LINK_LIBRARIES(json_reformat yajl)
# In some environments, we must explicitly link libm (like qnx,
# thanks @shahbag)
diff --git a/verify/CMakeLists.txt b/verify/CMakeLists.txt
index 967fca1..2bceb26 100644
--- a/verify/CMakeLists.txt
+++ b/verify/CMakeLists.txt
@@ -26,7 +26,7 @@ LINK_DIRECTORIES(${CMAKE_CURRENT_BINARY_DIR}/../${YAJL_DIST_NAME}/lib)
ADD_EXECUTABLE(json_verify ${SRCS})
-TARGET_LINK_LIBRARIES(json_verify yajl_s)
+TARGET_LINK_LIBRARIES(json_verify yajl)
# copy in the binary
GET_TARGET_PROPERTY(binPath json_verify LOCATION)
--
2.41.0

43
SOURCES/0005-Fix-for-CVE-2017-16516.patch
Unescape View File

@ -0,0 +1,43 @@
From 0b5e73c4321de0ba1d495fdc0967054b2a77931c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Mon, 10 Jul 2023 13:36:10 +0100
Subject: [PATCH 5/8] Fix for CVE-2017-16516
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Description: Fix for CVE-2017-16516
Potential buffer overread: A JSON file can cause denial of service.
Origin: https://github.com/brianmario/yajl-ruby/commit/a8ca8f476655adaa187eedc60bdc770fff3c51ce
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040036
Bug: https://github.com/lloyd/yajl/issues/248
Patch taken from Debian package source
NB, Fedora code can't trigger the reported aborts since it passes the
-DNDEBUG flag, but pulling the fix for robustness in case a future
change enables the assert()s.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
src/yajl_encode.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/yajl_encode.c b/src/yajl_encode.c
index fd08258..0d97cc5 100644
--- a/src/yajl_encode.c
+++ b/src/yajl_encode.c
@@ -139,8 +139,8 @@ void yajl_string_decode(yajl_buf buf, const unsigned char * str,
end+=3;
/* check if this is a surrogate */
if ((codepoint & 0xFC00) == 0xD800) {
- end++;
- if (str[end] == '\\' && str[end + 1] == 'u') {
+ if (end + 2 < len && str[end + 1] == '\\' && str[end + 2] == 'u') {
+ end++;
unsigned int surrogate = 0;
hexToDigit(&surrogate, str + end + 2);
codepoint =
--
2.41.0

60
SOURCES/0006-Fix-CVE-2022-24795.patch
Unescape View File

@ -0,0 +1,60 @@
From 17de4d15687aa30c49660dc4b792b1fb4d38b569 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Thu, 7 Apr 2022 17:29:54 +0200
Subject: [PATCH 6/8] Fix CVE-2022-24795
There was an integer overflow in yajl_buf_ensure_available() leading
to allocating less memory than requested. Then data were written past
the allocated heap buffer in yajl_buf_append(), the only caller of
yajl_buf_ensure_available(). Another result of the overflow was an
infinite loop without a return from yajl_buf_ensure_available().
yajl-ruby project, which bundles yajl, fixed it
<https://github.com/brianmario/yajl-ruby/pull/211> by checking for the
integer overflow, fortifying buffer allocations, and report the
failures to a caller. But then the caller yajl_buf_append() skips
a memory write if yajl_buf_ensure_available() failed leading to a data
corruption.
A yajl fork mainter recommended calling memory allocation callbacks with
the large memory request and let them to handle it. But that has the
problem that it's not possible pass the overely large size to the
callbacks.
This patch catches the integer overflow and terminates the process
with abort().
https://github.com/lloyd/yajl/issues/239
https://github.com/brianmario/yajl-ruby/security/advisories/GHSA-jj47-x69x-mxrm
(cherry picked from commit 23cea2d7677e396efed78bbf1bf153961fab6bad
in https://github.com/ppisar/yajl)
---
src/yajl_buf.c | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/src/yajl_buf.c b/src/yajl_buf.c
index 1aeafde..55c11ad 100644
--- a/src/yajl_buf.c
+++ b/src/yajl_buf.c
@@ -45,7 +45,17 @@ void yajl_buf_ensure_available(yajl_buf buf, size_t want)
need = buf->len;
- while (want >= (need - buf->used)) need <<= 1;
+ if (((buf->used > want) ? buf->used : want) > (size_t)(buf->used + want)) {
+ /* We cannot allocate more memory than SIZE_MAX. */
+ abort();
+ }
+ while (want >= (need - buf->used)) {
+ if (need >= (size_t)((size_t)(-1)<<1)>>1) {
+ /* need would overflow. */
+ abort();
+ }
+ need <<= 1;
+ }
if (need != buf->len) {
buf->data = (unsigned char *) YA_REALLOC(buf->alloc, buf->data, need);
--
2.41.0

13
SOURCES/3d65cb0c6db4d433e5e42ee7d91d8a04e21337cf.patch → SOURCES/0007-yajl-fix-memory-leak-problem.patch
Unescape View File

@ -1,15 +1,19 @@
From 3d65cb0c6db4d433e5e42ee7d91d8a04e21337cf Mon Sep 17 00:00:00 2001
From c4304a2c04a1b392eb1464a9da892a9e0dff7683 Mon Sep 17 00:00:00 2001
From: wujing <wujing50@huawei.com>
Date: Thu, 14 Feb 2019 03:12:30 +0800
Subject: [PATCH] yajl: fix memory leak problem
Subject: [PATCH 7/8] yajl: fix memory leak problem
reason: fix memory leak problem
(cherry picked from commit 3d65cb0c6db4d433e5e42ee7d91d8a04e21337cf
in https://github.com/openEuler-BaseService)
Fixes: https://github.com/lloyd/yajl/issues/250 (CVE-2023-33460)
---
src/yajl_tree.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/yajl_tree.c b/src/yajl_tree.c
index 3d357a32..4b3cf2b1 100644
index 3d357a3..4b3cf2b 100644
--- a/src/yajl_tree.c
+++ b/src/yajl_tree.c
@@ -143,7 +143,7 @@ static yajl_val context_pop(context_t *ctx)
@ -32,3 +36,6 @@ index 3d357a32..4b3cf2b1 100644
yajl_free (handle);
return NULL;
}
--
2.41.0

15
SOURCES/23a122eddaa28165a6c219000adcc31ff9a8a698.patch → SOURCES/0008-fix-memory-leaks.patch
Unescape View File

@ -1,17 +1,21 @@
From 23a122eddaa28165a6c219000adcc31ff9a8a698 Mon Sep 17 00:00:00 2001
From 9cb871049261eeda844b8943d15580763a0ac3d3 Mon Sep 17 00:00:00 2001
From: "zhang.jiujiu" <282627424@qq.com>
Date: Tue, 7 Dec 2021 22:37:02 +0800
Subject: [PATCH] fix memory leaks
Subject: [PATCH 8/8] fix memory leaks
(cherry picked from commit 23a122eddaa28165a6c219000adcc31ff9a8a698
in https://github.com/openEuler-BaseService)
Fixes: https://github.com/lloyd/yajl/issues/250 (CVE-2023-33460)
---
src/yajl_tree.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/yajl_tree.c b/src/yajl_tree.c
index b9e66043..0e7bde98 100644
index 4b3cf2b..56c7012 100644
--- a/src/yajl_tree.c
+++ b/src/yajl_tree.c
@@ -456,6 +456,9 @@ yajl_val yajl_tree_parse (const char *input,
@@ -449,6 +449,9 @@ yajl_val yajl_tree_parse (const char *input,
yajl_tree_free(v);
}
yajl_free (handle);
@ -21,3 +25,6 @@ index b9e66043..0e7bde98 100644
return NULL;
}
--
2.41.0

54
SOURCES/49923ccb2143e36850bcdeb781e2bcdf5ce22f15.patch
Unescape View File

@ -1,54 +0,0 @@
From 49923ccb2143e36850bcdeb781e2bcdf5ce22f15 Mon Sep 17 00:00:00 2001
From: John Hawthorn <john@hawthorn.email>
Date: Wed, 2 Mar 2022 14:17:59 -0800
Subject: [PATCH] Check need < buf->used
We're guaranteed a power of 2 so that this becomes 0, but we might as
well use a check for overflow that works in more cases.
Unsigned integer overflow is defined behaviour, so this should be safe.
(cherry picked from commit 36410d536b676e836637bb20574a56ebc920eb83)
---
src/yajl_buf.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/src/yajl_buf.c b/src/yajl_buf.c
index 1aeafde0..8bd1bea7 100644
--- a/src/yajl_buf.c
+++ b/src/yajl_buf.c
@@ -30,7 +30,7 @@ struct yajl_buf_t {
};
static
-void yajl_buf_ensure_available(yajl_buf buf, size_t want)
+int yajl_buf_ensure_available(yajl_buf buf, size_t want)
{
size_t need;
@@ -46,11 +46,15 @@ void yajl_buf_ensure_available(yajl_buf buf, size_t want)
need = buf->len;
while (want >= (need - buf->used)) need <<= 1;
+ if (need < buf->used) {
+ return -1;
+ }
if (need != buf->len) {
buf->data = (unsigned char *) YA_REALLOC(buf->alloc, buf->data, need);
buf->len = need;
}
+ return 0;
}
yajl_buf yajl_buf_alloc(yajl_alloc_funcs * alloc)
@@ -70,7 +74,8 @@ void yajl_buf_free(yajl_buf buf)
void yajl_buf_append(yajl_buf buf, const void * data, size_t len)
{
- yajl_buf_ensure_available(buf, len);
+ if (yajl_buf_ensure_available(buf, len))
+ return;
if (len > 0) {
assert(data != NULL);
memcpy(buf->data + buf->used, data, len);

28
SOURCES/yajl-2.1.0-dynlink-binaries.patch
Unescape View File

@ -1,28 +0,0 @@
diff -rup yajl-2.1.0.orig/reformatter/CMakeLists.txt yajl-2.1.0.new/reformatter/CMakeLists.txt
--- yajl-2.1.0.orig/reformatter/CMakeLists.txt 2014-03-19 04:58:29.000000000 +0000
+++ yajl-2.1.0.new/reformatter/CMakeLists.txt 2014-04-28 11:36:11.909478329 +0100
@@ -26,7 +26,7 @@ LINK_DIRECTORIES(${CMAKE_CURRENT_BINARY_
ADD_EXECUTABLE(json_reformat ${SRCS})
-TARGET_LINK_LIBRARIES(json_reformat yajl_s)
+TARGET_LINK_LIBRARIES(json_reformat yajl)
# In some environments, we must explicitly link libm (like qnx,
# thanks @shahbag)
Only in yajl-2.1.0.new/reformatter: CMakeLists.txt.orig
Only in yajl-2.1.0.new/src: CMakeLists.txt~
Only in yajl-2.1.0.new/test/api: run_tests.sh~
Only in yajl-2.1.0.new/test/parsing: run_tests.sh~
diff -rup yajl-2.1.0.orig/verify/CMakeLists.txt yajl-2.1.0.new/verify/CMakeLists.txt
--- yajl-2.1.0.orig/verify/CMakeLists.txt 2014-03-19 04:58:29.000000000 +0000
+++ yajl-2.1.0.new/verify/CMakeLists.txt 2014-04-28 11:36:11.909478329 +0100
@@ -26,7 +26,7 @@ LINK_DIRECTORIES(${CMAKE_CURRENT_BINARY_
ADD_EXECUTABLE(json_verify ${SRCS})
-TARGET_LINK_LIBRARIES(json_verify yajl_s)
+TARGET_LINK_LIBRARIES(json_verify yajl)
# copy in the binary
GET_TARGET_PROPERTY(binPath json_verify LOCATION)

11
SOURCES/yajl-2.1.0-pkgconfig-includedir.patch
Unescape View File

@ -1,11 +0,0 @@
diff -rup yajl-2.1.0.orig/src/yajl.pc.cmake yajl-2.1.0.new/src/yajl.pc.cmake
--- yajl-2.1.0.orig/src/yajl.pc.cmake 2014-03-19 04:58:29.000000000 +0000
+++ yajl-2.1.0.new/src/yajl.pc.cmake 2014-04-28 11:12:23.505791003 +0100
@@ -1,6 +1,6 @@
prefix=${CMAKE_INSTALL_PREFIX}
libdir=${dollar}{prefix}/lib${LIB_SUFFIX}
-includedir=${dollar}{prefix}/include/yajl
+includedir=${dollar}{prefix}/include
Name: Yet Another JSON Library
Description: A Portable JSON parsing and serialization library in ANSI C

71
SPECS/yajl.spec
Unescape View File

@ -3,7 +3,7 @@
Name: yajl
Version: 2.1.0
Release: 22%{?dist}
Release: 24%{?dist}
Summary: Yet Another JSON Library (YAJL)
License: ISC
@ -19,16 +19,20 @@ URL: http://lloyd.github.com/yajl/
# https://github.com/lloyd/yajl/releases/tag/2.1.0
#
Source0: %{name}-%{version}.tar.gz
Patch1: %{name}-%{version}-pkgconfig-location.patch
Patch2: %{name}-%{version}-pkgconfig-includedir.patch
Patch3: %{name}-%{version}-test-location.patch
Patch4: %{name}-%{version}-dynlink-binaries.patch
Patch5: https://github.com/containers/yajl/commit/49923ccb2143e36850bcdeb781e2bcdf5ce22f15.patch
Patch6: https://github.com/openEuler-BaseService/yajl/commit/3d65cb0c6db4d433e5e42ee7d91d8a04e21337cf.patch
Patch7: https://github.com/openEuler-BaseService/yajl/commit/23a122eddaa28165a6c219000adcc31ff9a8a698.patch
BuildRequires: gcc
# Patches managed at https://github.com/berrange/yajl/tree/fedora-dist-git
Patch: 0001-pkg-config-file-should-be-in-lib-dir-not-shared-data.patch
Patch: 0002-pkg-config-include-dir-should-not-have-the-yajl-suff.patch
Patch: 0003-fix-patch-to-test-files-to-take-account-of-vpath.patch
Patch: 0004-drop-bogus-_s-suffix-from-yajl-dynamic-library.patch
Patch: 0005-Fix-for-CVE-2017-16516.patch
Patch: 0006-Fix-CVE-2022-24795.patch
Patch: 0007-yajl-fix-memory-leak-problem.patch
Patch: 0008-fix-memory-leaks.patch
BuildRequires: gcc
BuildRequires: cmake
BuildRequires: git
%package devel
Summary: Libraries, includes, etc to develop with YAJL
@ -48,14 +52,7 @@ This sub-package provides the libraries and includes
necessary for developing against the YAJL library
%prep
%setup -q
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%autosetup -S git_am
%build
# NB, we are not using upstream's 'configure'/'make'
@ -100,28 +97,32 @@ cd test
%changelog
* Wed Jul 12 2023 Jindrich Novy <jnovy@redhat.com> - 2.1.0-22
- fix CVE-2023-33460
- Resolves: #2221253
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 2.1.0-24
- Bump release for June 2024 mass rebuild
* Sat Jan 27 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-23
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-22
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Tue Apr 26 2022 Jindrich Novy <jnovy@redhat.com> - 2.1.0-21
- fix CVE-2022-24795
- Related: #2061316
* Mon Jul 10 2023 Daniel P. Berrangé <berrange@redhat.com> - 2.1.0-21
- Switch to using git for managing patches
- Fix potential buffer overread (CVE-2017-16516)
- Fix integer overflow leading to heap corruption (CVE-2022-24795)
- Fix multiple memory leaks (CVE-2023-33460)
* Fri Oct 01 2021 Jindrich Novy <jnovy@redhat.com> - 2.1.0-20
- perform only sanity/installability tests for now
- Related: #2000051
* Sat Jan 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-20
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Wed Sep 29 2021 Jindrich Novy <jnovy@redhat.com> - 2.1.0-19
- add gating.yaml
- Related: #2000051
* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-19
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 2.1.0-18
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-18
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.1.0-17
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-17
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Thu Jan 28 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

Write Preview
Loading…
Cancel
Save