Michal Domonkos
671ef971c9
Fix root relocation regression
...
Resolves: RHEL-28967
2024-08-05 16:24:55 +02:00
Michal Domonkos
b3bd2e82c5
Revert "Don't confuse OpenScanHub with false array overrun"
...
Yikes. This was a rushed "fix" that caused a regression in --verify
mode with the following error message:
Header RSA signature: BAD (header tag 268: invalid OpenPGP signature)
This was immediately caught by the CI (thank god we have it!).
Since this patch was downstream-only (no internal OpenPGP parser in rpm
upstream anymore), it didn't go through the usual peer review. I should
have asked for it in GitLab still, no matter how innocent and tiny the
change appears to be (lesson learned).
Anyway, it's probably going to be safer to just mark this finding as a
false positive (which it really is), as opposed to touching the code.
Let's revisit later, for now, just revert.
This reverts commit ae9528bbef
.
Related: RHEL-22607
2024-07-12 16:50:10 +02:00
Michal Domonkos
cf0fff1708
Talk about rpmsign in the rpmsign(8) man page
...
Resolves: RHEL-40895
2024-07-11 17:51:58 +02:00
Michal Domonkos
a93a04ca0b
Add SourceLicense tag to spec syntax
...
Resolves: RHEL-28798
2024-07-11 17:49:47 +02:00
Michal Domonkos
ae9528bbef
Don't confuse OpenScanHub with false array overrun
...
We are intentionally skipping just past the header here (see RFC 4880
for details) so make that explicit by moving the pointer relative to the
header's start as opposed to relative to the pointer itself.
This is equivalent to the previous expression but makes OpenScanHub
happy.
Resolves: RHEL-22607
2024-07-11 17:49:43 +02:00
Michal Domonkos
e0ff81088a
Fix OpenScanHub findings
...
Resolves: RHEL-22604
Resolves: RHEL-22605
2024-07-11 14:00:47 +02:00
Michal Domonkos
19aad8075d
Rebuild against libimaevm.so.4
...
Resolves: RHEL-32505
2024-06-03 11:08:46 +02:00
Michal Domonkos
590afced8b
Use unsigned integers for buildtime too for Y2K38 safety
...
Resolves: RHEL-22602
2024-06-03 11:08:46 +02:00
Michal Domonkos
f3557c42a9
Don't segfault on missing priority tag
...
Resolves: RHEL-35249
2024-06-03 11:08:44 +02:00
Florian Festi
8126eec7e0
Don't warn about missing user/group on skipped files
...
Resolves: RHEL-18037
2023-12-13 12:24:28 +01:00
Florian Festi
056ea9da7e
Actually add --verifydb to the man page
...
Resolves: RHEL-14591
2023-12-13 12:22:21 +01:00
Florian Festi
3e052f3a74
Fix warning if file removal fails
...
Resolves: RHEL-14598 RHEL-14599 RHEL-14600
2023-12-11 16:01:23 +01:00
Florian Festi
6ae1932ef1
Fix issues with backported file handling
...
Resolves: RHEL-14598 RHEL-14599 RHEL-14600
2023-12-10 21:31:56 +01:00
Florian Festi
515f57c7ab
Expose and document rpmdb --verifydb operation
...
Resolves: RHEL-14591
2023-12-10 21:31:56 +01:00
Florian Festi
9f50765424
Fix description of whatconflicts in the man page
...
Resolves: RHEL-6303
2023-11-16 10:09:54 +01:00
Florian Festi
443474e208
Fix short circuiting of versions in expressions
...
Resolves: RHEL-15688
2023-11-16 09:40:03 +01:00
Florian Festi
94360abd84
Backport file handling code from rpm-4.19
...
Fixes CVE-2021-35937, CVE-2021-35938 and CVE-2021-35939
Patches include small changes found in other patches. See RHEL-8.10
patch set for intermediate steps.
Resolves: RHEL-14598 RHEL-14599 RHEL-14600
2023-11-11 10:22:18 +01:00
Florian Festi
f3da53eb6d
Followup on #2166383
...
- Add compat scripts calling external find-debug, sepdebugcrcfix and debugedit
- Add %%__find_debuginfo macro
Resolves : #2166383
2023-06-30 16:01:47 +02:00
Florian Festi
9bfd8d7033
Use external find-debug and debugedit
...
Delete tools and point macro to the external ones (instead of using
symlinks)
Resolves : #2166383
2023-05-04 14:21:10 +02:00
Florian Festi
1ff4308fe4
Use external find-debug and debugedit
...
Resolves : #2166383
2023-05-03 12:51:07 +02:00
Florian Festi
288f177357
Don't error out on IMA signatures
...
on files not supporting them
Resolves : #2157835
Resolves : #2157836
2023-05-03 11:13:41 +02:00
Florian Festi
31b00a05e3
Fix option parsing in rpm2archive
...
Related: #2150804
2022-12-19 19:00:32 +01:00
Yaakov Selkowitz
040ce1a127
Support long language names for QT
...
Resolves : #2144005
2022-12-05 14:40:40 +01:00
Florian Festi
b67be025eb
Add --nocompression to rpm2archive
...
Resolves : #2150804
2022-12-05 14:39:09 +01:00
Florian Festi
63a09f826d
Handle SELinux log messages
...
Resolves : #2123719
2022-12-05 12:15:30 +01:00
Florian Festi
e418fc901c
Remove spurious Python rpm module
...
Resolves : #2135731
2022-12-05 12:05:07 +01:00
Florian Festi
f27d9231a3
Fix db queries with carets
...
Resolves : #2129468
2022-12-05 12:04:59 +01:00
Florian Festi
d0e93abb8f
Add bcond macros
...
Resolves : #2129060
2022-11-07 17:30:21 +01:00
Michal Domonkos
7da4871c04
Bump release for rebuild
...
Resolves : #2136770
2022-10-21 15:13:33 +02:00
Michal Domonkos
6ea23edd58
Make write() nonblocking in fapolicyd plugin
...
Resolves : #2111251
2022-09-23 13:28:31 +02:00
Florian Festi
e3ce4eba28
Make rpm2cpio.sh more robust
...
Also reduce bytes read for checking the magic header to 4 as the zero
bytes read break on aarch64 for some reason.
Resolves : #1983015
2022-08-03 17:42:27 +02:00
Florian Festi
0a4ec89b01
Make rpm2cpio.sh more robust
...
Resolves : #1983015
2022-08-01 09:07:44 +02:00
Nick Clifton
a44688b636
Pass _find_debuginfo_vendor_opts to the find-debuginfo script.
...
Resolves : #2099617
2022-06-30 11:49:55 +01:00
Florian Festi
a654ea1b9c
Give warning on not supported hash for RSA keys
...
Resolves : #2069877
2022-06-29 08:56:02 +02:00
Florian Festi
5a103aa493
Give error message for failed PGP key import
...
due to missing SHA1 support
Resolves : #2069877
2022-06-16 14:42:05 +02:00
Michal Domonkos
60b30271bc
Fix minor ABI regression in rpmcli.h
...
Upstream commit:
f62b6d27cd741406a52a7e9c5b1d6f581dbd3af8
Related: #2037352
Resolves : #2072175
2022-04-05 20:33:27 +02:00
Michal Domonkos
0b3e36cfc6
Add patches for release 11
...
Resolves : #2037186
Resolves : #2018937
Resolves : #2023692
2022-02-15 10:38:13 +01:00
Michal Domonkos
1a9baff802
Add patches for release 10
...
Resolves : #1943724
Resolves : #2048455
Resolves : #2037352
Resolves : #2025906
2022-02-01 15:38:08 +01:00
Michal Domonkos
43a9b03766
Fix-up IMA signature lengths patch
...
Related: #2018937
2021-12-13 16:15:05 +01:00
Michal Domonkos
e2e5e2b2d1
Add patches for release 8
...
Resolves : #1965147 , #1999009 , #1999012 , #2015407 , #2026079 , #2018937
Resolves : #1943724
2021-12-10 14:51:49 +01:00
Michal Domonkos
6a3e594a7c
Fix dist tag
...
Related: #1991667
2021-08-19 16:35:31 +02:00
Michal Domonkos
df26668d42
Unblock signals in forked scriptlets
...
Resolves : #1991667
2021-08-19 16:30:08 +02:00
Mohan Boddu
f44c30341f
Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
...
Related: rhbz#1991688
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
2021-08-10 00:39:19 +00:00
Florian Weimer
c168e50528
Rebuild to pick up OpenSSL 3.0 Beta ABI ( #1984097 )
...
Related: #1984097
2021-07-28 11:07:34 +02:00
Michal Domonkos
4d65fa1daf
Rebuild for gating.yaml
...
Related: #1942549
2021-07-23 12:08:18 +02:00
Aleksandra Fedorova
5a6e013789
Add RHEL gating configuration
2021-07-22 15:48:09 +00:00
Michal Domonkos
205cd9b1fc
Add fapolicyd plugin
...
Resolves : #1942549
2021-07-22 16:27:19 +02:00
Michal Domonkos
44ada860a5
Add support for EdDSA signatures to rpmsign
...
Resolves : #1962234
2021-07-22 13:04:51 +02:00
Michal Domonkos
b08bb75da3
Release bump for a rebuild
...
Related: #1938861
2021-07-12 17:29:02 +02:00
Michal Domonkos
3b3295a9de
Add forgotten sqlite patch
...
Related: #1938861
2021-07-01 16:21:14 +02:00