- update to 4.9.1.2 (CVE-2011-3378)

- drop upstreamed rpmdb signal patch
This commit is contained in:
Panu Matilainen 2011-09-29 16:22:09 +03:00
parent 0d72de20ce
commit 6d748ba15f
4 changed files with 8 additions and 60 deletions

1
.gitignore vendored
View File

@ -4,3 +4,4 @@ rpm-4.8.1.tar.bz2
/rpm-4.9.0.tar.bz2 /rpm-4.9.0.tar.bz2
/rpm-4.9.1.tar.bz2 /rpm-4.9.1.tar.bz2
/rpm-4.9.1.1.tar.bz2 /rpm-4.9.1.1.tar.bz2
/rpm-4.9.1.2.tar.bz2

View File

@ -1,54 +0,0 @@
commit 36f6874fcf5222f4553fb5b7782af18c7b6ea92a
Author: Panu Matilainen <pmatilai@redhat.com>
Date: Fri Apr 15 09:18:15 2011 +0300
Only muck with signals on first and last db open/close
- Signals are per-process global, as long as there are other
databases open (or references to the same db) we shouldn't mess
with them. Less important on open, but if somebody is changing
rpmsq-handling we shouldn't override that either.
(cherry picked from commit dcf650f5a73846773c7b81de08e2608391f733b8)
diff --git a/lib/rpmdb.c b/lib/rpmdb.c
index 50bb6b1..44cdb2b 100644
--- a/lib/rpmdb.c
+++ b/lib/rpmdb.c
@@ -661,12 +661,14 @@ int rpmdbClose(rpmdb db)
db = _free(db);
+ if (rpmdbRock == NULL) {
+ (void) rpmsqEnable(-SIGHUP, NULL);
+ (void) rpmsqEnable(-SIGINT, NULL);
+ (void) rpmsqEnable(-SIGTERM, NULL);
+ (void) rpmsqEnable(-SIGQUIT, NULL);
+ (void) rpmsqEnable(-SIGPIPE, NULL);
+ }
exit:
- (void) rpmsqEnable(-SIGHUP, NULL);
- (void) rpmsqEnable(-SIGINT, NULL);
- (void) rpmsqEnable(-SIGTERM,NULL);
- (void) rpmsqEnable(-SIGQUIT,NULL);
- (void) rpmsqEnable(-SIGPIPE,NULL);
return rc;
}
@@ -728,11 +730,13 @@ static int openDatabase(const char * prefix,
/* Try to ensure db home exists, error out if we cant even create */
rc = rpmioMkpath(rpmdbHome(db), 0755, getuid(), getgid());
if (rc == 0) {
- (void) rpmsqEnable(SIGHUP, NULL);
- (void) rpmsqEnable(SIGINT, NULL);
- (void) rpmsqEnable(SIGTERM,NULL);
- (void) rpmsqEnable(SIGQUIT,NULL);
- (void) rpmsqEnable(SIGPIPE,NULL);
+ if (rpmdbRock == NULL) {
+ (void) rpmsqEnable(SIGHUP, NULL);
+ (void) rpmsqEnable(SIGINT, NULL);
+ (void) rpmsqEnable(SIGTERM, NULL);
+ (void) rpmsqEnable(SIGQUIT, NULL);
+ (void) rpmsqEnable(SIGPIPE, NULL);
+ }
/* Just the primary Packages database opened here */
rc = (rpmdbOpenIndex(db, RPMDBI_PACKAGES, db->db_flags) != NULL) ? 0 : -2;

View File

@ -11,7 +11,7 @@
%define rpmhome /usr/lib/rpm %define rpmhome /usr/lib/rpm
%define rpmver 4.9.1.1 %define rpmver 4.9.1.2
%define srcver %{rpmver}%{?snapver:-%{snapver}} %define srcver %{rpmver}%{?snapver:-%{snapver}}
%define bdbname db4 %define bdbname db4
@ -21,7 +21,7 @@
Summary: The RPM package management system Summary: The RPM package management system
Name: rpm Name: rpm
Version: %{rpmver} Version: %{rpmver}
Release: %{?snapver:0.%{snapver}.}3%{?dist} Release: %{?snapver:0.%{snapver}.}1%{?dist}
Group: System Environment/Base Group: System Environment/Base
Url: http://www.rpm.org/ Url: http://www.rpm.org/
Source0: http://rpm.org/releases/rpm-4.9.x/%{name}-%{srcver}.tar.bz2 Source0: http://rpm.org/releases/rpm-4.9.x/%{name}-%{srcver}.tar.bz2
@ -40,7 +40,6 @@ Patch3: rpm-4.8.0-no-man-dirs.patch
Patch4: rpm-4.8.1-use-gpg2.patch Patch4: rpm-4.8.1-use-gpg2.patch
# Patches already in upstream # Patches already in upstream
Patch100: rpm-4.9.1-rpmdb-signals.patch
# These are not yet upstream # These are not yet upstream
Patch301: rpm-4.6.0-niagara.patch Patch301: rpm-4.6.0-niagara.patch
@ -210,8 +209,6 @@ packages on a system.
%patch3 -p1 -b .no-man-dirs %patch3 -p1 -b .no-man-dirs
%patch4 -p1 -b .use-gpg2 %patch4 -p1 -b .use-gpg2
%patch100 -p1 -b .rpmdb-signals
%patch301 -p1 -b .niagara %patch301 -p1 -b .niagara
%patch302 -p1 -b .geode %patch302 -p1 -b .geode
%patch303 -p1 -b .debuginfo-allnames %patch303 -p1 -b .debuginfo-allnames
@ -429,6 +426,10 @@ exit 0
%doc COPYING doc/librpm/html/* %doc COPYING doc/librpm/html/*
%changelog %changelog
* Thu Sep 29 2011 Panu Matilainen <pmatilai@redhat.com> - 4.9.1.2-1
- update to 4.9.1.2 (CVE-2011-3378)
- drop upstreamed rpmdb signal patch
* Mon Sep 19 2011 Panu Matilainen <pmatilai@redhat.com> - 4.9.1.1-3 * Mon Sep 19 2011 Panu Matilainen <pmatilai@redhat.com> - 4.9.1.1-3
- fix signal blocking/unblocking regression on rpmdb open/close (#739492) - fix signal blocking/unblocking regression on rpmdb open/close (#739492)

View File

@ -1 +1 @@
529df3e2705d851e26a9d88d5bd2ddd3 rpm-4.9.1.1.tar.bz2 85cc5b7adb5806b5abf5b538b088dbdc rpm-4.9.1.2.tar.bz2