From 26b5741206551108daae9e4935d9e3148da8f09b Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 5 Nov 2019 14:45:50 -0500 Subject: [PATCH] import udisks2-2.8.3-2.el8 --- .gitignore | 2 +- .udisks2.metadata | 2 +- ...0001-Fix-string-format-vulnerability.patch | 35 ---------- ...-new-location-of-D-Bus-service-files.patch | 70 +++++++++++++++++++ ...ition-Fix-potential-NULL-dereference.patch | 25 +++++++ ...-Do-not-copy-config-files-when-testi.patch | 46 ++++++++++++ SPECS/udisks2.spec | 28 ++++++-- 7 files changed, 165 insertions(+), 43 deletions(-) delete mode 100644 SOURCES/0001-Fix-string-format-vulnerability.patch create mode 100644 SOURCES/0001-tests-Reflect-new-location-of-D-Bus-service-files.patch create mode 100644 SOURCES/0001-udiskslinuxpartition-Fix-potential-NULL-dereference.patch create mode 100644 SOURCES/0002-integration-test-Do-not-copy-config-files-when-testi.patch diff --git a/.gitignore b/.gitignore index 8cf5223..282adc9 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/udisks-2.8.0.tar.bz2 +SOURCES/udisks-2.8.3.tar.bz2 diff --git a/.udisks2.metadata b/.udisks2.metadata index ae5ca5a..1345bc1 100644 --- a/.udisks2.metadata +++ b/.udisks2.metadata @@ -1 +1 @@ -7a12a2174d28a480710870a842e46c22c80236df SOURCES/udisks-2.8.0.tar.bz2 +47a9d8bc386271bbbb8d77999e0a0c8bb8e38f84 SOURCES/udisks-2.8.3.tar.bz2 diff --git a/SOURCES/0001-Fix-string-format-vulnerability.patch b/SOURCES/0001-Fix-string-format-vulnerability.patch deleted file mode 100644 index 7a32994..0000000 --- a/SOURCES/0001-Fix-string-format-vulnerability.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 76a6754bf0d97628f54081e3d83bdc3c690af0fd Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Kai=20L=C3=BCke?= -Date: Tue, 18 Sep 2018 13:12:14 +0200 -Subject: [PATCH] Fix string format vulnerability - -If the message in g_log_structured itself -contained format sequences like %d or %n they -were applied again, leading to leaked stack contents -and possibly memory corruption. It can be triggered -e.g. by a volume label containing format sequences. - -Print the message argument itself into a "%s" string -to avoid intepreting format sequences. - -https://github.com/storaged-project/udisks/issues/578 ---- - src/udiskslogging.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/udiskslogging.c b/src/udiskslogging.c -index ab49fcbf..47a3af23 100644 ---- a/src/udiskslogging.c -+++ b/src/udiskslogging.c -@@ -60,7 +60,7 @@ udisks_log (UDisksLogLevel level, - - #if GLIB_CHECK_VERSION(2, 50, 0) - g_log_structured ("udisks", (GLogLevelFlags) level, -- "MESSAGE", message, "THREAD_ID", "%d", (gint) syscall (SYS_gettid), -+ "MESSAGE", "%s", message, "THREAD_ID", "%d", (gint) syscall (SYS_gettid), - "CODE_FUNC", function, "CODE_FILE", location); - #else - g_log ("udisks", level, "[%d]: %s [%s, %s()]", (gint) syscall (SYS_gettid), message, location, function); --- -2.17.1 - diff --git a/SOURCES/0001-tests-Reflect-new-location-of-D-Bus-service-files.patch b/SOURCES/0001-tests-Reflect-new-location-of-D-Bus-service-files.patch new file mode 100644 index 0000000..dfcbaa8 --- /dev/null +++ b/SOURCES/0001-tests-Reflect-new-location-of-D-Bus-service-files.patch @@ -0,0 +1,70 @@ +From ffa52f4c674477795a756bbe5983b5a20929ce94 Mon Sep 17 00:00:00 2001 +From: Tomas Bzatek +Date: Fri, 14 Jun 2019 16:03:49 +0200 +Subject: [PATCH 1/2] tests: Reflect new location of D-Bus service files + +Related to the following change: + + commit f9d9b4e89915fdc87f8d9b56269def24f709b2da + Author: Michael Biebl + Date: Tue Nov 27 00:48:15 2018 +0100 + + Move D-Bus policy file to /usr/share/dbus-1/system.d/ + + To better support stateless systems with an empty /etc, the old location + in /etc/dbus-1/system.d/ should only be used for local admin changes. + Package provided D-Bus policy files are supposed to be installed in + /usr/share/dbus-1/system.d/. + + This is supported since dbus 1.9.18. + + https://lists.freedesktop.org/archives/dbus/2015-July/016746.html +--- + README.md | 2 +- + src/tests/dbus-tests/run_tests.py | 2 +- + src/tests/install-udisks/runtest.sh | 2 +- + src/tests/integration-test | 2 +- + 4 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/README.md b/README.md +index b4fa385c..cf2207cf 100644 +--- a/README.md ++++ b/README.md +@@ -88,7 +88,7 @@ Please report bugs via the GitHub's issues tracker at + sudo cp data/*.policy /usr/share/polkit-1/actions/ + sudo cp modules/*/data/*.policy /usr/share/polkit-1/actions/ + +- sudo cp data/org.freedesktop.UDisks2.conf /etc/dbus-1/system.d/ ++ sudo cp data/org.freedesktop.UDisks2.conf /usr/share/dbus-1/system.d/ + + sudo cp data/80-udisks2.rules /usr/lib/udev/rules.d/ + ``` +diff --git a/src/tests/dbus-tests/run_tests.py b/src/tests/dbus-tests/run_tests.py +index e730346a..3dc3c631 100755 +--- a/src/tests/dbus-tests/run_tests.py ++++ b/src/tests/dbus-tests/run_tests.py +@@ -96,7 +96,7 @@ def install_config_files(projdir, tmpdir): + + # dbus config files + copied.extend(_copy_files((os.path.join(projdir, 'data/org.freedesktop.UDisks2.conf'),), +- '/etc/dbus-1/system.d/', tmpdir)) ++ '/usr/share/dbus-1/system.d/', tmpdir)) + + # polkit policies + policies = glob.glob(projdir + '/data/*.policy') + glob.glob(projdir + '/modules/*/data/*.policy') +diff --git a/src/tests/integration-test b/src/tests/integration-test +index 19087bbc..2bc78a2b 100755 +--- a/src/tests/integration-test ++++ b/src/tests/integration-test +@@ -1866,7 +1866,7 @@ def install_config_files(projdir, tmpdir): + + # dbus config files + copied.extend(_copy_files((os.path.join(projdir, 'data/org.freedesktop.UDisks2.conf'),), +- '/etc/dbus-1/system.d/', tmpdir)) ++ '/usr/share/dbus-1/system.d/', tmpdir)) + + # polkit policies + policies = glob(projdir + '/data/*.policy') + glob(projdir + '/modules/*/data/*.policy') +-- +2.21.0 + diff --git a/SOURCES/0001-udiskslinuxpartition-Fix-potential-NULL-dereference.patch b/SOURCES/0001-udiskslinuxpartition-Fix-potential-NULL-dereference.patch new file mode 100644 index 0000000..7f931df --- /dev/null +++ b/SOURCES/0001-udiskslinuxpartition-Fix-potential-NULL-dereference.patch @@ -0,0 +1,25 @@ +From 9c87ed1f7a5daab0864b22be89ff58ffde51b5af Mon Sep 17 00:00:00 2001 +From: Tomas Bzatek +Date: Fri, 14 Jun 2019 17:11:16 +0200 +Subject: [PATCH] udiskslinuxpartition: Fix potential NULL dereference + +--- + src/udiskslinuxpartition.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/udiskslinuxpartition.c b/src/udiskslinuxpartition.c +index c29cf0fa..d00e6519 100644 +--- a/src/udiskslinuxpartition.c ++++ b/src/udiskslinuxpartition.c +@@ -198,7 +198,7 @@ static void update_partitions_list (UDisksObject *disk_object, + /* this partition is already in the property */ + goto out; + +- num_parts = g_strv_length (partitions); ++ num_parts = partitions ? g_strv_length (partitions) : 0; + partitions = g_realloc (partitions, (num_parts + 2) * sizeof (gchar *)); + partitions[num_parts] = g_strdup (object_path); + partitions[num_parts + 1] = NULL; +-- +2.21.0 + diff --git a/SOURCES/0002-integration-test-Do-not-copy-config-files-when-testi.patch b/SOURCES/0002-integration-test-Do-not-copy-config-files-when-testi.patch new file mode 100644 index 0000000..eb6cbfd --- /dev/null +++ b/SOURCES/0002-integration-test-Do-not-copy-config-files-when-testi.patch @@ -0,0 +1,46 @@ +From 6e4fdd7d353b9171d164dcee2ec434a1b55c7e27 Mon Sep 17 00:00:00 2001 +From: Tomas Bzatek +Date: Fri, 14 Jun 2019 16:36:34 +0200 +Subject: [PATCH 2/2] integration-test: Do not copy config files when testing + system instance + +--- + src/tests/integration-test | 15 +++++++-------- + 1 file changed, 7 insertions(+), 8 deletions(-) + +diff --git a/src/tests/integration-test b/src/tests/integration-test +index 2bc78a2b..4652a8c2 100755 +--- a/src/tests/integration-test ++++ b/src/tests/integration-test +@@ -129,6 +129,13 @@ class UDisksTestCase(unittest.TestCase): + if (os.access(cls.daemon_path, os.X_OK)): + print('Testing binaries from local build tree') + cls.check_build_tree_config() ++ # copy required system files ++ testdir = os.path.abspath(os.path.dirname(__file__)) ++ projdir = os.path.abspath(os.path.normpath(os.path.join(testdir, '..', '..'))) ++ tmpdir = tempfile.mkdtemp(prefix='udisks-tst-') ++ atexit.register(shutil.rmtree, tmpdir) ++ files_to_restore = install_config_files(projdir, tmpdir) ++ atexit.register(restore_files, files_to_restore, tmpdir) + else: + print('Testing installed system binaries') + cls.daemon_path = None +@@ -1899,14 +1906,6 @@ if __name__ == '__main__': + help='name of test class or method (e. g. "Drive", "FS.test_ext2")') + cli_args = argparser.parse_args() + +- testdir = os.path.abspath(os.path.dirname(__file__)) +- projdir = os.path.abspath(os.path.normpath(os.path.join(testdir, '..', '..'))) +- tmpdir = tempfile.mkdtemp(prefix='udisks-tst-') +- atexit.register(shutil.rmtree, tmpdir) +- +- files_to_restore = install_config_files(projdir, tmpdir) +- atexit.register(restore_files, files_to_restore, tmpdir) +- + UDisksTestCase.init(logfile=cli_args.logfile) + if cli_args.testname: + tests = unittest.TestLoader().loadTestsFromNames( +-- +2.21.0 + diff --git a/SPECS/udisks2.spec b/SPECS/udisks2.spec index a7f433d..1c4d565 100644 --- a/SPECS/udisks2.spec +++ b/SPECS/udisks2.spec @@ -55,25 +55,27 @@ Name: udisks2 Summary: Disk Manager -Version: 2.8.0 +Version: 2.8.3 Release: 2%{?dist} License: GPLv2+ Group: System Environment/Libraries URL: https://github.com/storaged-project/udisks Source0: https://github.com/storaged-project/udisks/releases/download/udisks-%{version}/udisks-%{version}.tar.bz2 -Patch0: 0001-Fix-string-format-vulnerability.patch +Patch0: 0001-tests-Reflect-new-location-of-D-Bus-service-files.patch +Patch1: 0002-integration-test-Do-not-copy-config-files-when-testi.patch +Patch2: 0001-udiskslinuxpartition-Fix-potential-NULL-dereference.patch BuildRequires: glib2-devel >= %{glib2_version} BuildRequires: gobject-introspection-devel >= %{gobject_introspection_version} BuildRequires: libgudev1-devel >= %{systemd_version} BuildRequires: libatasmart-devel >= %{libatasmart_version} BuildRequires: polkit-devel >= %{polkit_version} +BuildRequires: systemd >= %{systemd_version} BuildRequires: systemd-devel >= %{systemd_version} -BuildRequires: gnome-common BuildRequires: libacl-devel BuildRequires: chrpath BuildRequires: gtk-doc -BuildRequires: intltool +BuildRequires: gettext-devel BuildRequires: redhat-rpm-config BuildRequires: libblockdev-devel >= %{libblockdev_version} BuildRequires: libblockdev-part-devel >= %{libblockdev_version} @@ -265,8 +267,10 @@ This package contains module for VDO management. %prep %setup -q -n udisks-%{version} -sed -i udisks/udisks2.conf.in -e "s/encryption=luks1/encryption=%{default_luks_encryption}/" %patch0 -p1 +%patch1 -p1 +%patch2 -p1 +sed -i udisks/udisks2.conf.in -e "s/encryption=luks1/encryption=%{default_luks_encryption}/" %build autoreconf -ivf @@ -351,8 +355,9 @@ udevadm trigger %endif %{_sysconfdir}/udisks2/udisks2.conf -%{_sysconfdir}/dbus-1/system.d/org.freedesktop.UDisks2.conf +%{_datadir}/dbus-1/system.d/org.freedesktop.UDisks2.conf %{_datadir}/bash-completion/completions/udisksctl +%{_tmpfilesdir}/%{name}.conf %{_unitdir}/udisks2.service %{_unitdir}/clean-mount-point@.service %{_udevrulesdir}/80-udisks2.rules @@ -439,6 +444,17 @@ udevadm trigger %endif %changelog +* Fri Jun 14 2019 Tomas Bzatek - 2.8.3-2 +- Minor test fixes +- Fix potential NULL dereference in UDisksLinuxPartition + +* Thu Jun 13 2019 Tomas Bzatek - 2.8.3-1 +- Rebased to upstream 2.8.3 release (#1685210) +- Fix leaking filedescriptors (#1614774) +- Fix udisksctl pager scrolling (#1662336) +- Fix LVM2 plugin CreateSnapshot() error (#1668291) +- Add ISCSI plugin GetInitiatorNameRaw() method (#1710257) + * Mon Oct 08 2018 Vojtech Trefny - 2.8.0-2 - Fix string format vulnerability Resolves: rhbz#1632831