Hello community, here is the log from the commit of package efivar for openSUSE:Factory checked in at 2018-07-27 10:50:19 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/efivar (Old) and /work/SRC/openSUSE:Factory/.efivar.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "efivar" Fri Jul 27 10:50:19 2018 rev:14 rq:625007 version:35 Changes: -------- --- /work/SRC/openSUSE:Factory/efivar/efivar.changes 2018-07-21 14:59:23.789687277 +0200 +++ /work/SRC/openSUSE:Factory/.efivar.new/efivar.changes 2018-07-27 10:50:27.660982428 +0200 @@ -1,0 +2,5 @@ +Tue Jul 24 07:45:35 UTC 2018 - [email protected] + +- Add reproducible.patch to initialize memory (boo#1061219) + +------------------------------------------------------------------- New: ---- reproducible.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ efivar.spec ++++++ --- /var/tmp/diff_new_pack.CwA44E/_old 2018-07-27 10:50:29.916986749 +0200 +++ /var/tmp/diff_new_pack.CwA44E/_new 2018-07-27 10:50:29.916986749 +0200 @@ -36,6 +36,8 @@ Url: https://github.com/rhinstaller/efivar Source: https://github.com/rhinstaller/%{name}/releases/download/%{version}/%{name}-%{version}.tar.bz2 Patch0: libefiboot-export-disk_get_partition_info.patch +# PATCH-FIX-UPSTREAM https://github.com/rhboot/efivar/pull/115 +Patch1: reproducible.patch %if "0%{?buildroot}" == "0" # set a sane value for buildroot, unless it's already there! BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -78,6 +80,7 @@ perl -pi -e 's{\#include \<uchar\.h\>}{typedef __CHAR16_TYPE__ char16_t;}' \ src/export.c %endif +%patch1 -p1 %build CFLAGS="%{optflags} -Wno-nonnull -flto" ++++++ reproducible.patch ++++++ >From a02f33199a3c28a655178d35188efda71406a6a0 Mon Sep 17 00:00:00 2001 From: "Bernhard M. Wiedemann" <[email protected]> Date: Tue, 24 Jul 2018 09:34:21 +0200 Subject: [PATCH] makeguids: initialize memory so that we do not write uninitialized memory into guids.bin and names.bin which made the resulting libefivar.so.1.36 unreproducible. See https://reproducible-builds.org/ for why this matters. --- src/makeguids.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/makeguids.c b/src/makeguids.c index f84fbb8..a15356b 100644 --- a/src/makeguids.c +++ b/src/makeguids.c @@ -147,6 +147,7 @@ main(int argc, char *argv[]) outbuf = realloc(outbuf, line * sizeof (struct guidname)); if (!outbuf) err(1, "makeguids"); + memset(outbuf + line - 1, 0, sizeof(struct guidname)); char *symbol = strchr(guidstr, '\t'); if (symbol == NULL)
