kalev pushed to PackageKit (master). "Backport a crash fix from upstream (..more)"
notifications at fedoraproject.org
notifications at fedoraproject.org
Sat Mar 28 22:19:15 UTC 2015
>From 7ca2ef6f37ec5a6d5d43c69f9d056ea4cf936d80 Mon Sep 17 00:00:00 2001
From: Kalev Lember <kalevlember at gmail.com>
Date: Sat, 28 Mar 2015 21:06:51 +0100
Subject: Backport a crash fix from upstream
https://bugzilla.redhat.com/show_bug.cgi?id=1185544
diff --git a/0001-hif-Fix-use-after-free-during-untrusted-repo-check.patch b/0001-hif-Fix-use-after-free-during-untrusted-repo-check.patch
new file mode 100644
index 0000000..75de5e7
--- /dev/null
+++ b/0001-hif-Fix-use-after-free-during-untrusted-repo-check.patch
@@ -0,0 +1,44 @@
+From e3d857e50e2a9d587e59e377238adb7ed2e82a58 Mon Sep 17 00:00:00 2001
+From: Kalev Lember <kalevlember at gmail.com>
+Date: Fri, 13 Mar 2015 22:47:49 +0100
+Subject: [PATCH] hif: Fix use-after-free during untrusted repo check
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1185544
+---
+ backends/hif/pk-backend-hif.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/backends/hif/pk-backend-hif.c b/backends/hif/pk-backend-hif.c
+index 2e497cd..5988ab1 100644
+--- a/backends/hif/pk-backend-hif.c
++++ b/backends/hif/pk-backend-hif.c
+@@ -2090,7 +2090,7 @@ pk_backend_transaction_check_untrusted_repos (PkBackend *backend, GPtrArray *sou
+ HIF_PACKAGE_INFO_DOWNGRADE,
+ HIF_PACKAGE_INFO_UPDATE,
+ -1);
+- array = g_ptr_array_new ();
++ array = g_ptr_array_new_with_free_func ((GDestroyNotify) hy_package_free);
+ for (i = 0; i < install->len; i++) {
+ pkg = g_ptr_array_index (install, i);
+
+@@ -2098,7 +2098,7 @@ pk_backend_transaction_check_untrusted_repos (PkBackend *backend, GPtrArray *sou
+ * untrusted repo */
+ if (g_strcmp0 (hy_package_get_reponame (pkg),
+ HY_CMDLINE_REPO_NAME) == 0) {
+- g_ptr_array_add (array, pkg);
++ g_ptr_array_add (array, hy_package_link (pkg));
+ continue;
+ }
+
+@@ -2115,7 +2115,7 @@ pk_backend_transaction_check_untrusted_repos (PkBackend *backend, GPtrArray *sou
+
+ /* repo has no gpg key */
+ if (!hif_source_get_gpgcheck (src))
+- g_ptr_array_add (array, pkg);
++ g_ptr_array_add (array, hy_package_link (pkg));
+ }
+ out:
+ if (array != NULL && !ret) {
+--
+2.3.4
+
diff --git a/PackageKit.spec b/PackageKit.spec
index d6dd2f3..5d65183 100644
--- a/PackageKit.spec
+++ b/PackageKit.spec
@@ -7,7 +7,7 @@
Summary: Package management service
Name: PackageKit
Version: 1.0.5
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2+ and LGPLv2+
URL: http://www.freedesktop.org/software/PackageKit/
Source0: http://www.freedesktop.org/software/PackageKit/releases/%{name}-%{version}.tar.xz
@@ -19,6 +19,7 @@ Source1: cached-metadata.tar
Patch0: PackageKit-0.3.8-Fedora-Vendor.conf.patch
# Backported from upstream
Patch1: PackageKit-new-missing-codecs-API.patch
+Patch2: 0001-hif-Fix-use-after-free-during-untrusted-repo-check.patch
Requires: %{name}-glib%{?_isa} = %{version}-%{release}
Requires: shared-mime-info
@@ -176,6 +177,7 @@ using PackageKit.
%setup -q
%patch0 -p1 -b .fedora
%patch1 -p1 -b .new-missing-codecs-API
+%patch2 -p1
%build
%configure \
@@ -314,6 +316,9 @@ systemctl disable packagekit-offline-update.service > /dev/null 2>&1 || :
%{_datadir}/gtk-doc/html/PackageKit
%changelog
+* Sat Mar 28 2015 Kalev Lember <kalevlember at gmail.com> - 1.0.5-2
+- Backport a crash fix from upstream (#1185544)
+
* Sat Feb 21 2015 Kalev Lember <kalevlember at gmail.com> - 1.0.5-1
- Update to 1.0.5
- Backport new missing gstreamer codecs API
--
cgit v0.10.2
http://pkgs.fedoraproject.org/cgit/PackageKit.git/commit/?h=master&id=7ca2ef6f37ec5a6d5d43c69f9d056ea4cf936d80
More information about the scm-commits
mailing list