Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package radare2 for openSUSE:Factory checked in at 2026-05-19 17:49:10 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/radare2 (Old) and /work/SRC/openSUSE:Factory/.radare2.new.1966 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "radare2" Tue May 19 17:49:10 2026 rev:14 rq:1353910 version:6.1.4 Changes: -------- --- /work/SRC/openSUSE:Factory/radare2/radare2.changes 2026-04-15 20:42:19.142701757 +0200 +++ /work/SRC/openSUSE:Factory/.radare2.new.1966/radare2.changes 2026-05-19 17:49:32.962578470 +0200 @@ -1,0 +2,5 @@ +Tue May 19 00:36:32 UTC 2026 - Eyad Issa <[email protected]> + +- Add CVE-2026-8695.patch (bsc#1265403) + +------------------------------------------------------------------- New: ---- CVE-2026-8695.patch ----------(New B)---------- New: - Add CVE-2026-8695.patch (bsc#1265403) ----------(New E)---------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ radare2.spec ++++++ --- /var/tmp/diff_new_pack.cYfAxB/_old 2026-05-19 17:49:34.294633571 +0200 +++ /var/tmp/diff_new_pack.cYfAxB/_new 2026-05-19 17:49:34.298633737 +0200 @@ -35,6 +35,7 @@ Source2: https://github.com/quickjs-ng/quickjs/archive/%{qjs_rev}/quickjs-%{qjs_rev}.tar.gz Source3: https://github.com/radareorg/radare2-testbins/archive/%{tests_rev}/radare2-testbins-%{tests_rev}.tar.gz Patch0: pkgconfig.patch +Patch1: https://github.com/radareorg/radare2/commit/c213ad6894a1eb9086ac8bf5fae35757e9e1683c.patch#/CVE-2026-8695.patch BuildRequires: chrpath BuildRequires: dos2unix BuildRequires: fdupes ++++++ CVE-2026-8695.patch ++++++ >From c213ad6894a1eb9086ac8bf5fae35757e9e1683c Mon Sep 17 00:00:00 2001 From: pancake <[email protected]> Date: Thu, 16 Apr 2026 18:55:05 +0200 Subject: [PATCH] Fix #25835 and #25836 - UAFs in the gdb remote protocol ##crash --- shlr/gdb/src/gdbclient/core.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/shlr/gdb/src/gdbclient/core.c b/shlr/gdb/src/gdbclient/core.c index 8e5189cc450d1..e65b8d928487e 100644 --- a/shlr/gdb/src/gdbclient/core.c +++ b/shlr/gdb/src/gdbclient/core.c @@ -1765,6 +1765,7 @@ RList* gdbr_pids_list(libgdbr_t *g, int pid) { dpid->runnable = true; dpid->status = R_DBG_PROC_STOP; r_list_append (list, dpid); + dpid = NULL; ptr = ptr2; } if (send_msg (g, "qsThreadInfo") < 0 || read_packet (g, false) < 0 @@ -1782,7 +1783,10 @@ RList* gdbr_pids_list(libgdbr_t *g, int pid) { end: gdbr_lock_leave (g); if (ret != 0) { - free (dpid); + if (dpid) { + free (dpid->path); + free (dpid); + } // We can't use r_debug_pid_free here if (list) { r_list_foreach (list, iter, dpid) { @@ -1857,6 +1861,7 @@ RList* gdbr_threads_list(libgdbr_t *g, int pid) { // TODO: Implement getting correct thread status from GDB dpid->status = R_DBG_PROC_STOP; r_list_append (list, dpid); + dpid = NULL; ptr = ptr2; } if (send_msg (g, "qsThreadInfo") < 0 || read_packet (g, false) < 0 @@ -1880,7 +1885,10 @@ RList* gdbr_threads_list(libgdbr_t *g, int pid) { end: gdbr_lock_leave (g); if (ret != 0) { - free (dpid); + if (dpid) { + free (dpid->path); + free (dpid); + } // We can't use r_debug_pid_free here if (list) { r_list_foreach (list, iter, dpid) {
