import createrepo_c-0.17.7-1.el9

2021-12-07 11:53:01 -05:00 · 2021-12-07 11:53:01 -05:00 · 8cc7a2578d
commit 8cc7a2578d
parent 7f67af4fd7
4 changed files with 12 additions and 83 deletions
--- a/.createrepo_c.metadata
+++ b/.createrepo_c.metadata
@ -1 +1 @@
-9feb9bf8e6a9812a08ef8156c3ccc1c4dac90b7a SOURCES/createrepo_c-0.17.2.tar.gz
+5f3e45a79255654c7315c8667197fd562fd2ff5c SOURCES/createrepo_c-0.17.7.tar.gz
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/createrepo_c-0.17.2.tar.gz
+SOURCES/createrepo_c-0.17.7.tar.gz
--- a/SOURCES/0001-Fix-additional-covscan-warnings.patch
+++ b/SOURCES/0001-Fix-additional-covscan-warnings.patch
@ -1,78 +0,0 @@
-From 949c391537a588bd7359a00a716359e37afcd4da Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Ale=C5=A1=20Mat=C4=9Bj?= <amatej@redhat.com>
-Date: Mon, 19 Jul 2021 09:56:31 +0200
-Subject: [PATCH] Fix additional covscan warnings
-
- check we actually got a filename in xml parsers and in decompression
-  function
- use g_malloc0 as we do in other places (it also takes care of checking
-  if allocation was successful)
---
- src/dumper_thread.c        | 2 +-
- src/misc.c                 | 6 ++++++
- src/xml_parser_filelists.c | 5 +++++
- src/xml_parser_primary.c   | 5 +++++
- 4 files changed, 17 insertions(+), 1 deletion(-)
-
-diff --git a/src/dumper_thread.c b/src/dumper_thread.c
-index 119f3bd8..ea10c774 100644
--- a/src/dumper_thread.c
-+++ b/src/dumper_thread.c
-@@ -562,7 +562,7 @@ cr_dumper_thread(gpointer data, gpointer user_data)
-         //  * this isn't the last task
-         // Then: save the task to the buffer
- 
-        struct BufferedTask *buf_task = malloc(sizeof(struct BufferedTask));
-+        struct BufferedTask *buf_task = g_malloc0(sizeof(struct BufferedTask));
-         buf_task->id  = task->id;
-         buf_task->res = res;
-         buf_task->pkg = pkg;
-diff --git a/src/misc.c b/src/misc.c
-index adbc4af0..b59f304a 100644
--- a/src/misc.c
-+++ b/src/misc.c
-@@ -622,6 +622,12 @@ cr_decompress_file_with_stat(const char *src,
- 
-     if (!in_dst || g_str_has_suffix(in_dst, "/")) {
-         char *filename = cr_get_filename(src);
-+        if (!filename) {
-+            g_debug("%s: Cannot get filename from: %s", __func__, src);
-+            g_set_error(err, ERR_DOMAIN, CRE_NOFILE,
-+                        "Cannot get filename from: %s", src);
-+            return CRE_NOFILE;
-+        }
-         if (g_str_has_suffix(filename, c_suffix)) {
-             filename = g_strndup(filename, strlen(filename) - strlen(c_suffix));
-         } else {
-diff --git a/src/xml_parser_filelists.c b/src/xml_parser_filelists.c
-index f4fe6c09..86ab6c80 100644
--- a/src/xml_parser_filelists.c
-+++ b/src/xml_parser_filelists.c
-@@ -259,6 +259,11 @@ cr_end_handler(void *pdata, G_GNUC_UNUSED const xmlChar *element)
-         cr_PackageFile *pkg_file = cr_package_file_new();
-         pkg_file->name = cr_safe_string_chunk_insert(pd->pkg->chunk,
-                                                 cr_get_filename(pd->content));
-+        if (!pkg_file->name) {
-+            g_set_error(&pd->err, ERR_DOMAIN, ERR_CODE_XML,
-+                        "Invalid <file> element: %s", pd->content);
-+            break;
-+        }
-         pd->content[pd->lcontent - strlen(pkg_file->name)] = '\0';
-         pkg_file->path = cr_safe_string_chunk_insert_const(pd->pkg->chunk,
-                                                            pd->content);
-diff --git a/src/xml_parser_primary.c b/src/xml_parser_primary.c
-index 86e20519..e83eb044 100644
--- a/src/xml_parser_primary.c
-+++ b/src/xml_parser_primary.c
-@@ -633,6 +633,11 @@ cr_end_handler(void *pdata, G_GNUC_UNUSED const xmlChar *element)
-         cr_PackageFile *pkg_file = cr_package_file_new();
-         pkg_file->name = cr_safe_string_chunk_insert(pd->pkg->chunk,
-                                                 cr_get_filename(pd->content));
-+        if (!pkg_file->name) {
-+            g_set_error(&pd->err, ERR_DOMAIN, ERR_CODE_XML,
-+                        "Invalid <file> element: %s", pd->content);
-+            break;
-+        }
-         pd->content[pd->lcontent - strlen(pkg_file->name)] = '\0';
-         pkg_file->path = cr_safe_string_chunk_insert_const(pd->pkg->chunk,
-                                                            pd->content);
--- a/SPECS/createrepo_c.spec
+++ b/SPECS/createrepo_c.spec
@ -24,12 +24,11 @@

 Summary:        Creates a common metadata repository
 Name:           createrepo_c
-Version:        0.17.2
-Release:        5%{?dist}
+Version:        0.17.7
+Release:        1%{?dist}
 License:        GPLv2+
 URL:            https://github.com/rpm-software-management/createrepo_c
 Source0:        %{url}/archive/%{version}/%{name}-%{version}.tar.gz
-Patch1:         0001-Fix-additional-covscan-warnings.patch

 BuildRequires:  cmake
 BuildRequires:  gcc
@ -176,6 +175,14 @@ ln -sr %{buildroot}%{_bindir}/modifyrepo_c %{buildroot}%{_bindir}/modifyrepo
 %{python3_sitearch}/%{name}-%{version}-py%{python3_version}.egg-info

 %changelog
+* Mon Oct 25 2021 Pavla Kratochvilova <pkratoch@redhat.com> - 0.17.7-1
+- Update to 0.17.7
+- Remove insecure hashes SHA-1 and MD5 from the default build (RhBug:1935486)
+- Fix error when updating repo with removed modules metadata
+- Exit with status code 1 when loading of repo's metadata fails
+- Fix memory leaks (RhBug:1998426)
+- Fix valgrind warnings caused by subprocess calls
+
 * Mon Aug 16 2021 Pavla Kratochvilova <pkratoch@redhat.com> - 0.17.2-5
 - Fix issues detected by static analyzers