Hello community, here is the log from the commit of package s3backer for openSUSE:Factory checked in at 2015-05-11 20:41:41 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/s3backer (Old) and /work/SRC/openSUSE:Factory/.s3backer.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "s3backer" Changes: -------- --- /work/SRC/openSUSE:Factory/s3backer/s3backer.changes 2015-04-25 11:26:31.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.s3backer.new/s3backer.changes 2015-05-11 20:41:42.000000000 +0200 @@ -1,0 +2,6 @@ +Mon May 4 16:05:10 UTC 2015 - [email protected] + +- Update to release 1.4.1 + + Fix use-after-free bug configuring base URL (github issue #44) + +------------------------------------------------------------------- Old: ---- s3backer-1.4.0.tar.gz New: ---- s3backer-1.4.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ s3backer.spec ++++++ --- /var/tmp/diff_new_pack.OUT1AY/_old 2015-05-11 20:41:42.000000000 +0200 +++ /var/tmp/diff_new_pack.OUT1AY/_new 2015-05-11 20:41:42.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package s3backer # -# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright 2008 Archie L. Cobbs. # # All modifications and additions to the file contributed by third parties @@ -18,7 +18,7 @@ Name: s3backer -Version: 1.4.0 +Version: 1.4.1 Release: 0 Summary: FUSE-based single file backing store via Amazon S3 License: GPL-2.0+ ++++++ s3backer-1.4.0.tar.gz -> s3backer-1.4.1.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/s3backer-1.4.0/CHANGES new/s3backer-1.4.1/CHANGES --- old/s3backer-1.4.0/CHANGES 2015-04-17 22:36:01.000000000 +0200 +++ new/s3backer-1.4.1/CHANGES 2015-05-04 17:49:52.000000000 +0200 @@ -1,3 +1,7 @@ +Version 1.4.1 released May 4, 2015 + + - Fix use-after-free bug configuring base URL (github issue #44) + Version 1.4.0 released April 17, 2015 - Added support for authentication version 4 (issue #51) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/s3backer-1.4.0/configure new/s3backer-1.4.1/configure --- old/s3backer-1.4.0/configure 2015-04-17 22:38:15.000000000 +0200 +++ new/s3backer-1.4.1/configure 2015-05-04 17:53:05.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for s3backer FUSE filesystem backed by Amazon S3 1.4.0. +# Generated by GNU Autoconf 2.69 for s3backer FUSE filesystem backed by Amazon S3 1.4.1. # # Report bugs to <https://github.com/archiecobbs/s3backer>. # @@ -580,8 +580,8 @@ # Identity of this package. PACKAGE_NAME='s3backer FUSE filesystem backed by Amazon S3' PACKAGE_TARNAME='s3backer' -PACKAGE_VERSION='1.4.0' -PACKAGE_STRING='s3backer FUSE filesystem backed by Amazon S3 1.4.0' +PACKAGE_VERSION='1.4.1' +PACKAGE_STRING='s3backer FUSE filesystem backed by Amazon S3 1.4.1' PACKAGE_BUGREPORT='https://github.com/archiecobbs/s3backer' PACKAGE_URL='' @@ -1279,7 +1279,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures s3backer FUSE filesystem backed by Amazon S3 1.4.0 to adapt to many kinds of systems. +\`configure' configures s3backer FUSE filesystem backed by Amazon S3 1.4.1 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1345,7 +1345,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of s3backer FUSE filesystem backed by Amazon S3 1.4.0:";; + short | recursive ) echo "Configuration of s3backer FUSE filesystem backed by Amazon S3 1.4.1:";; esac cat <<\_ACEOF @@ -1446,7 +1446,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -s3backer FUSE filesystem backed by Amazon S3 configure 1.4.0 +s3backer FUSE filesystem backed by Amazon S3 configure 1.4.1 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1794,7 +1794,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by s3backer FUSE filesystem backed by Amazon S3 $as_me 1.4.0, which was +It was created by s3backer FUSE filesystem backed by Amazon S3 $as_me 1.4.1, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2657,7 +2657,7 @@ # Define the identity of the package. PACKAGE='s3backer' - VERSION='1.4.0' + VERSION='1.4.1' cat >>confdefs.h <<_ACEOF @@ -5388,7 +5388,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by s3backer FUSE filesystem backed by Amazon S3 $as_me 1.4.0, which was +This file was extended by s3backer FUSE filesystem backed by Amazon S3 $as_me 1.4.1, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -5454,7 +5454,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -s3backer FUSE filesystem backed by Amazon S3 config.status 1.4.0 +s3backer FUSE filesystem backed by Amazon S3 config.status 1.4.1 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/s3backer-1.4.0/configure.ac new/s3backer-1.4.1/configure.ac --- old/s3backer-1.4.0/configure.ac 2015-04-17 22:34:04.000000000 +0200 +++ new/s3backer-1.4.1/configure.ac 2015-05-04 17:50:05.000000000 +0200 @@ -19,7 +19,7 @@ # 02110-1301, USA. # -AC_INIT([s3backer FUSE filesystem backed by Amazon S3], [1.4.0], [https://github.com/archiecobbs/s3backer], [s3backer]) +AC_INIT([s3backer FUSE filesystem backed by Amazon S3], [1.4.1], [https://github.com/archiecobbs/s3backer], [s3backer]) AC_CONFIG_AUX_DIR(scripts) AM_INIT_AUTOMAKE dnl AM_MAINTAINER_MODE diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/s3backer-1.4.0/gitrev.c new/s3backer-1.4.1/gitrev.c --- old/s3backer-1.4.0/gitrev.c 2015-04-17 22:38:20.000000000 +0200 +++ new/s3backer-1.4.1/gitrev.c 2015-05-04 17:53:11.000000000 +0200 @@ -1 +1 @@ -const char *const s3backer_version = "1.4.0"; +const char *const s3backer_version = "1.4.1"; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/s3backer-1.4.0/http_io.c new/s3backer-1.4.1/http_io.c --- old/s3backer-1.4.0/http_io.c 2015-04-17 21:20:11.000000000 +0200 +++ new/s3backer-1.4.1/http_io.c 2015-04-30 23:07:05.000000000 +0200 @@ -1957,6 +1957,10 @@ int r; int i; + /* Initialize */ + EVP_MD_CTX_init(&hash_ctx); + HMAC_CTX_init(&hmac_ctx); + /* Snapshot current credentials */ pthread_mutex_lock(&priv->mutex); snprintf(access_id, sizeof(access_id), "%s", config->accessId); @@ -1981,10 +1985,6 @@ query_params_len = 0; } - /* Initialize */ - EVP_MD_CTX_init(&hash_ctx); - HMAC_CTX_init(&hmac_ctx); - /* Format date */ strftime(datebuf, sizeof(datebuf), AWS_DATE_BUF_FMT, gmtime_r(&now, &tm)); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/s3backer-1.4.0/s3b_config.c new/s3backer-1.4.1/s3b_config.c --- old/s3backer-1.4.0/s3b_config.c 2015-04-17 21:20:11.000000000 +0200 +++ new/s3backer-1.4.1/s3b_config.c 2015-05-01 15:32:39.000000000 +0200 @@ -989,7 +989,10 @@ snprintf(urlbuf, sizeof(urlbuf), "http%s://s3-%s.%s/", config.ssl ? "s" : "", config.http_io.region, S3_DOMAIN); else snprintf(urlbuf, sizeof(urlbuf), "http%s://s3.%s/", config.ssl ? "s" : "", S3_DOMAIN); - config.http_io.baseURL = urlbuf; + if ((config.http_io.baseURL = strdup(urlbuf)) == NULL) { + warn("malloc"); + return -1; + } } /* Check base URL */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/s3backer-1.4.0/s3backer.spec new/s3backer-1.4.1/s3backer.spec --- old/s3backer-1.4.0/s3backer.spec 2015-04-17 22:38:20.000000000 +0200 +++ new/s3backer-1.4.1/s3backer.spec 2015-05-04 17:53:11.000000000 +0200 @@ -15,7 +15,7 @@ # Name: s3backer -Version: 1.4.0 +Version: 1.4.1 Release: 1 License: GNU General Public License, Version 2 Summary: FUSE-based single file backing store via Amazon S3
