forked from rpms/flatpak
parent
f1aa71e084
commit
f3899ab853
1
.gitignore
vendored
1
.gitignore
vendored
@ -93,3 +93,4 @@
|
||||
/flatpak-1.10.1.tar.xz
|
||||
/flatpak-1.10.2.tar.xz
|
||||
/flatpak-1.10.3.tar.xz
|
||||
/flatpak-1.10.5.tar.xz
|
||||
|
31
0001-Fix-handling-of-syscalls-only-allowed-by-devel.patch
Normal file
31
0001-Fix-handling-of-syscalls-only-allowed-by-devel.patch
Normal file
@ -0,0 +1,31 @@
|
||||
From 24485224223b8ed41976ead5801cb04c4d961f93 Mon Sep 17 00:00:00 2001
|
||||
From: Simon McVittie <smcv@collabora.com>
|
||||
Date: Fri, 8 Oct 2021 19:00:13 +0100
|
||||
Subject: [PATCH] Fix handling of syscalls only allowed by --devel
|
||||
|
||||
This was incorrectly looking at errno instead of -r.
|
||||
|
||||
Fixes: 0b38b0f0 "run: Handle unknown syscalls as intended"
|
||||
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
||||
(cherry picked from commit 3fc8c672676ae016f8e7cc90481b2feecbad9861)
|
||||
(cherry picked from commit 97e128c2c1520202486b5e165e1734cbb421568a)
|
||||
---
|
||||
common/flatpak-run.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/common/flatpak-run.c b/common/flatpak-run.c
|
||||
index 6142daafa56d..4048476bf455 100644
|
||||
--- a/common/flatpak-run.c
|
||||
+++ b/common/flatpak-run.c
|
||||
@@ -2992,7 +2992,7 @@ setup_seccomp (FlatpakBwrap *bwrap,
|
||||
r = seccomp_rule_add (seccomp, SCMP_ACT_ERRNO (errnum), scall, 0);
|
||||
|
||||
/* See above for the meaning of EFAULT. */
|
||||
- if (errno == EFAULT)
|
||||
+ if (r == -EFAULT)
|
||||
flatpak_debug2 ("Unable to block syscall %d: syscall not known to libseccomp?",
|
||||
scall);
|
||||
else if (r < 0)
|
||||
--
|
||||
2.31.1
|
||||
|
@ -1,34 +0,0 @@
|
||||
From adbd286cef9a4c4bed76eb95337d5d6f5e42dd45 Mon Sep 17 00:00:00 2001
|
||||
From: Kalev Lember <klember@redhat.com>
|
||||
Date: Mon, 5 Apr 2021 10:40:26 +0200
|
||||
Subject: [PATCH] OCI: Switch to pax format for tar archives
|
||||
|
||||
For reasons unknown, libarchive appears to generate broken gnutar format
|
||||
tar archives when the archive contains files that are larger than 2 GB.
|
||||
This commit switches to the pax format to work this around.
|
||||
|
||||
This should be a better default as it also removes 256 char filename
|
||||
length limitation and matches what other libraries are doing, e.g.
|
||||
Python 3.8 switched to the pax format by default as well.
|
||||
|
||||
See https://pagure.io/fedora-infrastructure/issue/9840
|
||||
---
|
||||
common/flatpak-oci-registry.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/common/flatpak-oci-registry.c b/common/flatpak-oci-registry.c
|
||||
index 6aa68c27..2a7f3ba1 100644
|
||||
--- a/common/flatpak-oci-registry.c
|
||||
+++ b/common/flatpak-oci-registry.c
|
||||
@@ -1476,7 +1476,7 @@ flatpak_oci_registry_write_layer (FlatpakOciRegistry *self,
|
||||
}
|
||||
|
||||
a = archive_write_new ();
|
||||
- if (archive_write_set_format_gnutar (a) != ARCHIVE_OK ||
|
||||
+ if (archive_write_set_format_pax (a) != ARCHIVE_OK ||
|
||||
archive_write_add_filter_none (a) != ARCHIVE_OK)
|
||||
{
|
||||
propagate_libarchive_error (error, a);
|
||||
--
|
||||
2.30.2
|
||||
|
11
flatpak.spec
11
flatpak.spec
@ -2,7 +2,7 @@
|
||||
%global ostree_version 2020.8
|
||||
|
||||
Name: flatpak
|
||||
Version: 1.10.3
|
||||
Version: 1.10.5
|
||||
Release: 1%{?dist}
|
||||
Summary: Application deployment framework for desktop apps
|
||||
|
||||
@ -12,9 +12,8 @@ Source0: https://github.com/flatpak/flatpak/releases/download/%{version}/
|
||||
# Add Fedora flatpak repositories
|
||||
Source1: flatpak-add-fedora-repos.service
|
||||
|
||||
# https://github.com/flatpak/flatpak/pull/4210
|
||||
# https://pagure.io/fedora-infrastructure/issue/9840
|
||||
Patch0: 0001-OCI-Switch-to-pax-format-for-tar-archives.patch
|
||||
# https://github.com/flatpak/flatpak/pull/4473
|
||||
Patch0: 0001-Fix-handling-of-syscalls-only-allowed-by-devel.patch
|
||||
|
||||
BuildRequires: pkgconfig(appstream-glib)
|
||||
BuildRequires: pkgconfig(dconf)
|
||||
@ -268,6 +267,10 @@ fi
|
||||
|
||||
|
||||
%changelog
|
||||
* Tue Oct 26 2021 Debarshi Ray <rishi@fedoraproject.org> - 1.10.5-1
|
||||
- Update to 1.10.5 (CVE-2021-41133)
|
||||
Resolves: #2012862
|
||||
|
||||
* Wed Sep 22 2021 Debarshi Ray <rishi@fedoraproject.org> - 1.10.3-1
|
||||
- Update to 1.10.3
|
||||
Resolves: #2006554
|
||||
|
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (flatpak-1.10.3.tar.xz) = ff51383d4ead0f39926125eec706e5a4d38a739874a9d499adf432cfa05685643cfa411f7a247c8512ec10af8440deda0be06f4cc0808e8ba80941b07e49b633
|
||||
SHA512 (flatpak-1.10.5.tar.xz) = 8c2e365ce442a092c15178a8b39daecf21bfe162078c9a323e68d53194413f174e329812dd01d8da6bbfba3b0087aeb4d92a44067df3f6fa0253e33014d138ae
|
||||
|
Loading…
Reference in New Issue
Block a user