Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package libite for openSUSE:Factory checked in at 2025-12-29 15:16:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libite (Old) and /work/SRC/openSUSE:Factory/.libite.new.1928 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libite" Mon Dec 29 15:16:59 2025 rev:13 rq:1324606 version:2.6.2 Changes: -------- --- /work/SRC/openSUSE:Factory/libite/libite.changes 2023-11-14 21:42:10.422712381 +0100 +++ /work/SRC/openSUSE:Factory/.libite.new.1928/libite.changes 2025-12-29 15:17:55.077756390 +0100 @@ -1,0 +2,7 @@ +Sun Dec 28 22:59:51 UTC 2025 - Dirk Müller <[email protected]> + +- update to 2.6.2: + * Fix memory leak in `which()` on `realloc()` failure + * Fix `pidfile()` to handle missing trailing slash in prefix + +------------------------------------------------------------------- Old: ---- libite-2.6.1.tar.gz New: ---- libite-2.6.2.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libite.spec ++++++ --- /var/tmp/diff_new_pack.OjsRRy/_old 2025-12-29 15:17:57.325848792 +0100 +++ /var/tmp/diff_new_pack.OjsRRy/_new 2025-12-29 15:17:57.337849285 +0100 @@ -1,7 +1,7 @@ # # spec file for package libite # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2025 SUSE LLC and contributors # Copyright (c) 2018-2023, Martin Hauke <[email protected]> # # All modifications and additions to the file contributed by third parties @@ -19,7 +19,7 @@ %define sover 5 Name: libite -Version: 2.6.1 +Version: 2.6.2 Release: 0 Summary: BSD function library License: MIT AND X11 ++++++ libite-2.6.1.tar.gz -> libite-2.6.2.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libite-2.6.1/.github/SECURITY.md new/libite-2.6.2/.github/SECURITY.md --- old/libite-2.6.1/.github/SECURITY.md 1970-01-01 01:00:00.000000000 +0100 +++ new/libite-2.6.2/.github/SECURITY.md 2025-11-22 21:59:46.000000000 +0100 @@ -0,0 +1,12 @@ +# Security Policy + +## Supported Versions + +libite (-lite) is a small project, as such we have no possibility to support older versions. +The only supported version is the latest released on GitHub: + +<https://github.com/troglobit/libite/releases> + +## Reporting a Vulnerability + +Contact the project's main author and owner to report and discuss vulnerabilities. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libite-2.6.1/.github/workflows/build.yml new/libite-2.6.2/.github/workflows/build.yml --- old/libite-2.6.1/.github/workflows/build.yml 2023-10-15 10:22:36.000000000 +0200 +++ new/libite-2.6.2/.github/workflows/build.yml 2025-11-22 21:59:46.000000000 +0100 @@ -28,7 +28,7 @@ run: | sudo apt-get -y update sudo apt-get -y install tree doxygen - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Configure run: | ./autogen.sh @@ -44,7 +44,7 @@ run: | make check || (cat test/test-suite.log; false) - name: Upload Test Results - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: libite-test-${{ matrix.compiler }} path: test/* @@ -55,7 +55,7 @@ env: MAKEFLAGS: -j3 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Installing dependencies run: | apt-get update diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libite-2.6.1/.github/workflows/coverity.yml new/libite-2.6.2/.github/workflows/coverity.yml --- old/libite-2.6.1/.github/workflows/coverity.yml 2023-10-15 10:22:36.000000000 +0200 +++ new/libite-2.6.2/.github/workflows/coverity.yml 2025-11-22 21:59:46.000000000 +0100 @@ -15,7 +15,7 @@ coverity: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Fetch latest Coverity Scan MD5 id: var env: @@ -25,7 +25,7 @@ --post-data "token=$TOKEN&project=${COVERITY_PROJ}&md5=1" \ -O coverity-latest.tar.gz.md5 echo "md5=$(cat coverity-latest.tar.gz.md5)" | tee -a $GITHUB_OUTPUT - - uses: actions/cache@v3 + - uses: actions/cache@v4 id: cache with: path: coverity-latest.tar.gz @@ -74,7 +74,7 @@ --form description="${PROJECT_NAME} $(git rev-parse HEAD)" \ https://scan.coverity.com/builds?project=${COVERITY_PROJ} - name: Upload build.log - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: coverity-build.log path: cov-int/build-log.txt diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libite-2.6.1/.github/workflows/release.yml new/libite-2.6.2/.github/workflows/release.yml --- old/libite-2.6.1/.github/workflows/release.yml 2023-10-15 10:22:36.000000000 +0200 +++ new/libite-2.6.2/.github/workflows/release.yml 2025-11-22 21:59:46.000000000 +0100 @@ -11,7 +11,7 @@ if: startsWith(github.ref, 'refs/tags/') runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Installing dependencies ... run: | sudo apt-get -y update diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libite-2.6.1/ChangeLog.md new/libite-2.6.2/ChangeLog.md --- old/libite-2.6.1/ChangeLog.md 2023-10-15 10:22:36.000000000 +0200 +++ new/libite-2.6.2/ChangeLog.md 2025-11-22 21:59:46.000000000 +0100 @@ -4,6 +4,14 @@ All notable changes to the project are documented in this file. +[v2.6.2][] - 2025-11-22 +----------------------- + +### Fixes +- Fix memory leak in `which()` on `realloc()` failure +- Fix `pidfile()` to handle missing trailing slash in prefix path + + [v2.6.1][] - 2023-10-15 ----------------------- @@ -511,7 +519,8 @@ Initial extraction of frog DNA from [Finit][]. See [README][] for API details. -[UNRELEASED]: https://github.com/troglobit/libite/compare/v2.6.1...HEAD +[UNRELEASED]: https://github.com/troglobit/libite/compare/v2.6.2...HEAD +[v2.6.2]: https://github.com/troglobit/libite/compare/v2.6.1...v2.6.2 [v2.6.1]: https://github.com/troglobit/libite/compare/v2.6.0...v2.6.1 [v2.6.0]: https://github.com/troglobit/libite/compare/v2.5.3...v2.6.0 [v2.5.3]: https://github.com/troglobit/libite/compare/v2.5.2...v2.5.3 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libite-2.6.1/TODO.org new/libite-2.6.2/TODO.org --- old/libite-2.6.1/TODO.org 2023-10-15 10:22:36.000000000 +0200 +++ new/libite-2.6.2/TODO.org 2025-11-22 21:59:46.000000000 +0100 @@ -1 +1,15 @@ * TODO Write tests for new APIs + +* More formatted variants? +- symlinkf() +- accessf() +- statf() / lstatf() + +* Relocate from Finit + +- fnread() +- fnwrite() +- fngetint() +- paste() +- unquote() + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libite-2.6.1/configure.ac new/libite-2.6.2/configure.ac --- old/libite-2.6.1/configure.ac 2023-10-15 10:22:36.000000000 +0200 +++ new/libite-2.6.2/configure.ac 2025-11-22 21:59:46.000000000 +0100 @@ -1,4 +1,4 @@ -AC_INIT(libite, 2.6.1, https://github.com/troglobit/libite/issues) +AC_INIT(libite, 2.6.2, https://github.com/troglobit/libite/issues) AC_CONFIG_AUX_DIR(aux) AM_INIT_AUTOMAKE([1.11 foreign dist-xz]) AM_SILENT_RULES([yes]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libite-2.6.1/src/pidfile.c new/libite-2.6.2/src/pidfile.c --- old/libite-2.6.1/src/pidfile.c 2023-10-15 10:22:36.000000000 +0200 +++ new/libite-2.6.2/src/pidfile.c 2025-11-22 21:59:46.000000000 +0100 @@ -45,6 +45,7 @@ #include <paths.h> #include <stdio.h> #include <stdlib.h> +#include <string.h> #include <unistd.h> #ifndef pidfile @@ -93,7 +94,10 @@ } if (basename[0] != '/') { - if (asprintf(&pidfile_path, "%s%s.pid", __pidfile_path, basename) == -1) + size_t len = strlen(__pidfile_path); + int slash = __pidfile_path[len > 0 ? len - 1 : 0] != '/'; + + if (asprintf(&pidfile_path, "%s%s%s.pid", __pidfile_path, slash ? "/" : "", basename) == -1) return (-1); } else { if (asprintf(&pidfile_path, "%s", basename) == -1) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libite-2.6.1/src/which.c new/libite-2.6.2/src/which.c --- old/libite-2.6.1/src/which.c 2023-10-15 10:22:36.000000000 +0200 +++ new/libite-2.6.2/src/which.c 2025-11-22 21:59:46.000000000 +0100 @@ -53,8 +53,9 @@ */ char *which(const char *cmd) { + char *ptr, *env, *path = NULL; size_t pathlen = 0; - char *ptr, *tok, *env, *path = NULL; + const char *tok; if (!cmd) { errno = EINVAL; @@ -69,9 +70,7 @@ if (!access(path, X_OK)) return path; - if (path) - free(path); - + free(path); return NULL; } @@ -88,11 +87,15 @@ size_t len = strlen(tok) + strlen(cmd) + 2; if (pathlen < len) { - path = realloc(path, len); - if (!path) { + char *tmp = realloc(path, len); + + if (!tmp) { + free(path); free(env); return NULL; } + + path = tmp; pathlen = len; }
