[Rpm-maint] [rpm-software-management/rpm] Add --verifysig flag to rpmkeys (#1588)
It’s equivalent to `rpmkeys --define _pkgverify_level all --checksig`, but more convienent and less error-prone. You can view, comment on, or merge this pull request online at: https://github.com/rpm-software-management/rpm/pull/1588 -- Commit Summary -- * Add --verifysig flag to rpmkeys -- File Changes -- M rpmkeys.c (9) -- Patch Links -- https://github.com/rpm-software-management/rpm/pull/1588.patch https://github.com/rpm-software-management/rpm/pull/1588.diff -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1588 ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Use int64_t for lengths (#1492)
Closed #1492. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1492#event-4482927352___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add --dwz-single-file-mode argument for find-debuginfo.sh. (#1579)
@mlschroe : May I please ping this? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1579#issuecomment-802919085___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Translations update from Weblate (#1569)
@weblate pushed 2 commits. c9c02eceea537b8312fc3157135f7b4c46bd314a Translated using Weblate (Finnish) 321322aa71b7f8ed0a84e6289a3ea89764b0fca0 Translated using Weblate (Korean) -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/rpm-software-management/rpm/pull/1569/files/fcae845b3b2f38a78b729e5b3c8d64fe745fa6a4..321322aa71b7f8ed0a84e6289a3ea89764b0fca0 ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] RPM 4.15.1.1 (#1587)
(needed a little massaging to build...) -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1587#issuecomment-802807782___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] RPM 4.15.1.1 (#1587)
It's been a while since the last 4.15 update, and this is likely to be the last one that branch gets. If I missed some other *critical* fixes in the interim then feel free to make noises. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1587#issuecomment-802787508___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
[Rpm-maint] [rpm-software-management/rpm] RPM 4.15.1.1 (#1587)
This is primarily a security release for CVE-2021-3421, CVE-2021-20271 and CVE-2021-20266. Some additional hardening, and couple of other important fixes included, details in commits. You can view, comment on, or merge this pull request online at: https://github.com/rpm-software-management/rpm/pull/1587 -- Commit Summary -- * Add test for libtool versioning sanity * Always close libelf handle (#1313) * Verify that data does not overlap region trailer * Tag data must have count greater than zero * rpmio: Fix lzopen_internal mode parsing when Tn is used * Avoid incrementing a pointer past the end * Fix regression from commit 165330b7bf0757e30fa8a6de9998a564fb62796f * Fix a tiny memory leak * hdrblobInit() needs bounds checks too * Be much more careful about copying data from the signature header * Optimize signature header merge a bit * Update credits for a change * Restore (some) compiler sanity * Better sanity check for header entry counts * Preparing for rpm 4.15.1.1 -- File Changes -- M .mailmap (2) M CREDITS (45) M build/files.c (2) M configure.ac (4) M lib/header.c (80) M lib/headerutil.c (4) M lib/package.c (116) M po/ar.po (48) M po/br.po (48) M po/ca.po (51) M po/cmn.po (48) M po/cs.po (48) M po/da.po (48) M po/de.po (48) M po/el.po (48) M po/eo.po (55) M po/es.po (48) M po/fi.po (48) M po/fr.po (48) M po/id.po (48) M po/is.po (48) M po/it.po (48) M po/ja.po (48) M po/ko.po (48) M po/ms.po (48) M po/nb.po (48) M po/nl.po (48) M po/pl.po (55) M po/pt.po (48) M po/pt_BR.po (48) M po/rpm.pot (48) M po/ru.po (48) M po/sk.po (48) M po/sl.po (48) M po/sr.po (48) M po/s...@latin.po (48) M po/sv.po (55) M po/te.po (48) M po/tr.po (48) M po/uk.po (55) M po/vi.po (55) M po/zh_CN.po (55) M po/zh_TW.po (55) M rpm.am (2) M rpmio/rpmio.c (1) M tests/atlocal.in (4) M tests/rpmgeneral.at (15) M tests/rpmsigdig.at (7) -- Patch Links -- https://github.com/rpm-software-management/rpm/pull/1587.patch https://github.com/rpm-software-management/rpm/pull/1587.diff -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1587 ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] RPM 4.16.1.3 (#1586)
Thank you! -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1586#issuecomment-802707266___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
[Rpm-maint] [rpm-software-management/rpm] RPM 4.16.1.3 (#1586)
This is primarily a security release for CVE-2021-3421 and CVE-2021-20271. Some additional hardening, and couple of other important fixes included, details in commits. You can view, comment on, or merge this pull request online at: https://github.com/rpm-software-management/rpm/pull/1586 -- Commit Summary -- * Add test for libtool versioning sanity * Verify that data does not overlap region trailer * Tag data must have count greater than zero * rpmio: Fix lzopen_internal mode parsing when Tn is used * Avoid incrementing a pointer past the end * Fix regression from commit 165330b7bf0757e30fa8a6de9998a564fb62796f * Fix regression causing access to already closed sqlite handle * Fix a tiny memory leak * Eliminate remaining uses of unsafe headerCopyLoad() in the codebase * hdrblobInit() needs bounds checks too * Be much more careful about copying data from the signature header * Optimize signature header merge a bit * Update credits for a change * Restore (some) compiler sanity * Fix bdb_ro index open error handling * Permit secondary index open to fail for bdb_ro * Better sanity check for header entry counts * Preparing for rpm 4.16.1.3 -- File Changes -- M .mailmap (2) M CREDITS (45) M configure.ac (4) M lib/backend/bdb_ro.c (17) M lib/backend/sqlite.c (2) M lib/header.c (80) M lib/headerutil.c (4) M lib/package.c (116) M po/ar.po (50) M po/br.po (50) M po/ca.po (53) M po/cmn.po (50) M po/cs.po (50) M po/da.po (50) M po/de.po (50) M po/el.po (50) M po/eo.po (57) M po/es.po (50) M po/fi.po (50) M po/fr.po (50) M po/id.po (50) M po/is.po (50) M po/it.po (50) M po/ja.po (50) M po/ko.po (50) M po/ms.po (50) M po/nb.po (50) M po/nl.po (50) M po/pl.po (57) M po/pt.po (50) M po/pt_BR.po (50) M po/rpm.pot (52) M po/ru.po (50) M po/sk.po (50) M po/sl.po (50) M po/sr.po (50) M po/s...@latin.po (50) M po/sv.po (57) M po/te.po (50) M po/tr.po (50) M po/uk.po (57) M po/vi.po (57) M po/zh_CN.po (57) M po/zh_TW.po (57) M python/header-py.c (5) M rpm.am (2) M rpmio/rpmio.c (1) M sign/rpmgensig.c (2) M tests/atlocal.in (4) M tests/rpmgeneral.at (15) M tests/rpmsigdig.at (6) -- Patch Links -- https://github.com/rpm-software-management/rpm/pull/1586.patch https://github.com/rpm-software-management/rpm/pull/1586.diff -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1586 ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Better sanity check for header entry counts (#1585)
Merged #1585 into master. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1585#event-4480595360___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Implement a real stack for parametric macro locals (#1409)
This isn't moving anywhere, closing. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1409#issuecomment-802604852___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Implement a real stack for parametric macro locals (#1409)
Closed #1409. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1409#event-4480430884___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Check for overflow in computing region length (#1548)
Closed #1548. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1548#event-4480422902___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Check for overflow in computing region length (#1548)
Hmm, realized where the sense of dejavu is coming from: this was already concluded as harmless in #1544, so why do we have total of three pull-requests on this? Especially with the wraparound behavior now explicit since commit 5ee567ebd600c1dec4a9ceb6161d877d891d8594. I realize I said "or find another way" so apologies for asking you to do futile work, but this really isn't worth all the time that has been put into it. Let's just let it be. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1548#issuecomment-802603735___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
[Rpm-maint] [rpm-software-management/rpm] Better sanity check for header entry counts (#1585)
The count can never be larger than header data size, which can never be larger than 256MB. Most datatypes have further restrictions of course, this is merely an outer perimeter check to catch impossibly large values that could otherwise overflow all manner of trivial calculations. Addresses the point I missed in PR #1493 but with a much tighter limit. You can view, comment on, or merge this pull request online at: https://github.com/rpm-software-management/rpm/pull/1585 -- Commit Summary -- * Better sanity check for header entry counts -- File Changes -- M lib/header.c (7) -- Patch Links -- https://github.com/rpm-software-management/rpm/pull/1585.patch https://github.com/rpm-software-management/rpm/pull/1585.diff -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1585 ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Permit secondary index open to fail for bdb_ro (#1578)
Merged #1578 into master. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1578#event-4480394413___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Failure to read rpmdb from CentOS 7.5.1804 with the bdb_ro backend (#1576)
Closed #1576 via #1578. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1576#event-4480394421___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Restore (some) compiler sanity (#1584)
Merged #1584 into master. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1584#event-4480391638___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
