Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package libdnf for openSUSE:Factory checked in at 2023-03-01 16:13:32 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libdnf (Old) and /work/SRC/openSUSE:Factory/.libdnf.new.31432 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "libdnf" Wed Mar 1 16:13:32 2023 rev:32 rq:1068047 version:0.70.0 Changes: -------- --- /work/SRC/openSUSE:Factory/libdnf/libdnf.changes 2023-02-25 19:55:04.359252142 +0100 +++ /work/SRC/openSUSE:Factory/.libdnf.new.31432/libdnf.changes 2023-03-01 16:13:32.678442357 +0100 @@ -1,0 +2,11 @@ +Mon Feb 27 18:10:01 UTC 2023 - Andreas Stieger <andreas.stieger@gmx.de> + +- libdnf 0.70.0: + * Allow change of architecture for packages during security + updates with noarch involved + * "dnf_keyring_add_public_keys": reset localError to NULL after + free + * context: Get RPM db path from RPM + * Fix memory leak of SolvUserdata + +------------------------------------------------------------------- Old: ---- libdnf-0.69.0.tar.gz New: ---- libdnf-0.70.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libdnf.spec ++++++ --- /var/tmp/diff_new_pack.Tuvnc7/_old 2023-03-01 16:13:33.514446681 +0100 +++ /var/tmp/diff_new_pack.Tuvnc7/_new 2023-03-01 16:13:33.522446723 +0100 @@ -1,7 +1,7 @@ # # spec file for package libdnf # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2023 SUSE LLC # Copyright (c) 2021 Neal Gompa <ngompa13@gmail.com>. # # All modifications and additions to the file contributed by third parties @@ -34,7 +34,7 @@ %define devname %{name}-devel Name: libdnf -Version: 0.69.0 +Version: 0.70.0 Release: 0 Summary: Library providing C and Python APIs atop libsolv License: LGPL-2.1-or-later ++++++ libdnf-0.69.0.tar.gz -> libdnf-0.70.0.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libdnf-0.69.0/.github/workflows/ci.yml new/libdnf-0.70.0/.github/workflows/ci.yml --- old/libdnf-0.69.0/.github/workflows/ci.yml 2022-09-09 12:26:26.000000000 +0200 +++ new/libdnf-0.70.0/.github/workflows/ci.yml 2023-02-21 09:37:36.000000000 +0100 @@ -15,6 +15,8 @@ uses: actions/checkout@v2 with: repository: rpm-software-management/ci-dnf-stack + ref: dnf-4-stack + - name: Setup CI id: setup-ci @@ -52,6 +54,7 @@ uses: actions/checkout@v2 with: repository: rpm-software-management/ci-dnf-stack + ref: dnf-4-stack - name: Run Integration Tests uses: ./.github/actions/integration-tests @@ -70,6 +73,7 @@ uses: actions/checkout@v2 with: repository: rpm-software-management/ci-dnf-stack + ref: dnf-4-stack - name: Run Ansible Tests uses: ./.github/actions/ansible-tests diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libdnf-0.69.0/VERSION.cmake new/libdnf-0.70.0/VERSION.cmake --- old/libdnf-0.69.0/VERSION.cmake 2022-09-09 12:26:26.000000000 +0200 +++ new/libdnf-0.70.0/VERSION.cmake 2023-02-21 09:37:36.000000000 +0100 @@ -1,5 +1,5 @@ set (DEFAULT_LIBDNF_MAJOR_VERSION 0) -set (DEFAULT_LIBDNF_MINOR_VERSION 69) +set (DEFAULT_LIBDNF_MINOR_VERSION 70) set (DEFAULT_LIBDNF_MICRO_VERSION 0) if(DEFINED LIBDNF_MAJOR_VERSION) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libdnf-0.69.0/docs/release_notes.rst new/libdnf-0.70.0/docs/release_notes.rst --- old/libdnf-0.69.0/docs/release_notes.rst 2022-09-09 12:26:26.000000000 +0200 +++ new/libdnf-0.70.0/docs/release_notes.rst 2023-02-21 09:37:36.000000000 +0100 @@ -20,6 +20,23 @@ ###################### ==================== +0.70.0 Release Notes +==================== + +- Security fixes: + - Allow change of architecture for packages during security updates with noarch involved (RhBug:2124483) + +- Bug fixes: + - "dnf_keyring_add_public_keys": reset localError to NULL after free (RhBug:2121222) + - context: Get RPM db path from RPM + - Fix memory leak of SolvUserdata + +Bugs fixed in 0.70.0: + +* :rhbug:`2124483` +* :rhbug:`2121222` + +==================== 0.69.0 Release Notes ==================== diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libdnf-0.69.0/libdnf/dnf-context.cpp new/libdnf-0.70.0/libdnf/dnf-context.cpp --- old/libdnf-0.69.0/libdnf/dnf-context.cpp 2022-09-09 12:26:26.000000000 +0200 +++ new/libdnf-0.70.0/libdnf/dnf-context.cpp 2023-02-21 09:37:36.000000000 +0100 @@ -2182,8 +2182,6 @@ GHashTableIter hashiter; gpointer hashkey, hashval; g_autoptr(GString) buf = NULL; - g_autofree char *rpmdb_path = NULL; - g_autoptr(GFile) file_rpmdb = NULL; if (libdnf::getGlobalMainConfig().plugins().getValue() && !pluginsDir.empty()) { priv->plugins->loadPlugins(pluginsDir); @@ -2271,16 +2269,44 @@ /* setup a file monitor on the rpmdb, if we're operating on the native / */ if (g_strcmp0(priv->install_root, "/") == 0) { - rpmdb_path = g_build_filename(priv->install_root, "var/lib/rpm/Packages", NULL); - file_rpmdb = g_file_new_for_path(rpmdb_path); - priv->monitor_rpmdb = g_file_monitor_file(file_rpmdb, - G_FILE_MONITOR_NONE, - NULL, - error); - if (priv->monitor_rpmdb == NULL) - return FALSE; - g_signal_connect(priv->monitor_rpmdb, "changed", - G_CALLBACK(dnf_context_rpmdb_changed_cb), context); + g_autofree char *rpmdb_path = rpmGetPath("%{_dbpath}", NULL); + g_autofree char *rpmdb_backend = rpmExpand("%{?_db_backend}", NULL); + + if (rpmdb_path && rpmdb_backend) { + /* List of known RPM backends with their db files names; keep in sync + with RPM project's lib/backend/dbi.c:backends[] and its members. + or add public API to get to the actual DB file name into RPM */ + struct _rpm_backends { + const char *name; + const char *filename; + } rpm_backends[] = { + { "sqlite", "rpmdb.sqlite" }, + { "ndb", "Packages.db" }, + { "bdb_ro", "Packages" }, + { "bdb", "Packages" } + }; + guint ii; + + for (ii = 0; ii < G_N_ELEMENTS (rpm_backends); ii++) { + if (g_str_equal(rpm_backends[ii].name, rpmdb_backend)) { + g_autofree char *filename = g_build_filename(rpmdb_path, rpm_backends[ii].filename, NULL); + if (g_file_test(filename, G_FILE_TEST_EXISTS)) { + g_autoptr(GFile) file_rpmdb = NULL; + + file_rpmdb = g_file_new_for_path(filename); + priv->monitor_rpmdb = g_file_monitor_file(file_rpmdb, + G_FILE_MONITOR_NONE, + NULL, + error); + if (priv->monitor_rpmdb == NULL) + return FALSE; + g_signal_connect(priv->monitor_rpmdb, "changed", + G_CALLBACK(dnf_context_rpmdb_changed_cb), context); + } + break; + } + } + } } /* copy any vendor distributed cached metadata */ @@ -3196,7 +3222,7 @@ messages.emplace_back(std::make_tuple( libdnf::ModulePackageContainer::ModuleErrorType::CANNOT_ENABLE_MULTIPLE_STREAMS, tfm::format(_("Cannot enable more streams from module '%s' at the same time"), name), name)); - return messages;; + return messages; } if (enable) { try { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libdnf-0.69.0/libdnf/dnf-keyring.cpp new/libdnf-0.70.0/libdnf/dnf-keyring.cpp --- old/libdnf-0.69.0/libdnf/dnf-keyring.cpp 2022-09-09 12:26:26.000000000 +0200 +++ new/libdnf-0.70.0/libdnf/dnf-keyring.cpp 2023-02-21 09:37:36.000000000 +0100 @@ -213,6 +213,7 @@ if (!ret) { g_warning("%s", localError->message); g_error_free(localError); + localError = NULL; } } while (true); return TRUE; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libdnf-0.69.0/libdnf/dnf-sack.cpp new/libdnf-0.70.0/libdnf/dnf-sack.cpp --- old/libdnf-0.69.0/libdnf/dnf-sack.cpp 2022-09-09 12:26:26.000000000 +0200 +++ new/libdnf-0.70.0/libdnf/dnf-sack.cpp 2023-02-21 09:37:36.000000000 +0100 @@ -239,7 +239,7 @@ } return FALSE; } - std::unique_ptr<SolvUserdata> solv_userdata = solv_userdata_read(fp_cache); + std::unique_ptr<SolvUserdata, decltype(solv_free)*> solv_userdata = solv_userdata_read(fp_cache); gboolean ret = TRUE; if (solv_userdata && solv_userdata_verify(solv_userdata.get(), checksum)) { // after reading the header rewind to the begining diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libdnf-0.69.0/libdnf/hy-iutil-private.hpp new/libdnf-0.70.0/libdnf/hy-iutil-private.hpp --- old/libdnf-0.69.0/libdnf/hy-iutil-private.hpp 2022-09-09 12:26:26.000000000 +0200 +++ new/libdnf-0.70.0/libdnf/hy-iutil-private.hpp 2023-02-21 09:37:36.000000000 +0100 @@ -46,7 +46,7 @@ }__attribute__((packed)); ; int solv_userdata_fill(SolvUserdata *solv_userdata, const unsigned char *checksum, GError** error); -std::unique_ptr<SolvUserdata> solv_userdata_read(FILE *fp); +std::unique_ptr<SolvUserdata, decltype(solv_free)*> solv_userdata_read(FILE *fp); int solv_userdata_verify(const SolvUserdata *solv_userdata, const unsigned char *checksum); /* crypto utils */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libdnf-0.69.0/libdnf/hy-iutil.cpp new/libdnf-0.70.0/libdnf/hy-iutil.cpp --- old/libdnf-0.69.0/libdnf/hy-iutil.cpp 2022-09-09 12:26:26.000000000 +0200 +++ new/libdnf-0.70.0/libdnf/hy-iutil.cpp 2023-02-21 09:37:36.000000000 +0100 @@ -199,28 +199,30 @@ } -std::unique_ptr<SolvUserdata> +std::unique_ptr<SolvUserdata, decltype(solv_free)*> solv_userdata_read(FILE *fp) { unsigned char *dnf_solvfile_userdata_read = NULL; int dnf_solvfile_userdata_len_read; if (!fp) { - return nullptr; + return {NULL, solv_free}; } int ret_code = solv_read_userdata(fp, &dnf_solvfile_userdata_read, &dnf_solvfile_userdata_len_read); // The userdata layout has to match our struct exactly so we can just cast the memory // allocated by libsolv - std::unique_ptr<SolvUserdata> uniq_userdata(reinterpret_cast<SolvUserdata *>(dnf_solvfile_userdata_read)); + std::unique_ptr<SolvUserdata, decltype(solv_free)*> uniq_userdata( + reinterpret_cast<SolvUserdata *>(dnf_solvfile_userdata_read), + solv_free); if(ret_code) { g_warning("Failed to read solv userdata: solv_read_userdata returned: %i", ret_code); - return nullptr; + return uniq_userdata; } if (dnf_solvfile_userdata_len_read != solv_userdata_size) { g_warning("Solv userdata length mismatch, read: %i vs expected: %i", dnf_solvfile_userdata_len_read, solv_userdata_size); - return nullptr; + return uniq_userdata; } return uniq_userdata; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libdnf-0.69.0/libdnf/repo/solvable/Dependency.hpp new/libdnf-0.70.0/libdnf/repo/solvable/Dependency.hpp --- old/libdnf-0.69.0/libdnf/repo/solvable/Dependency.hpp 2022-09-09 12:26:26.000000000 +0200 +++ new/libdnf-0.70.0/libdnf/repo/solvable/Dependency.hpp 2023-02-21 09:37:36.000000000 +0100 @@ -63,6 +63,7 @@ const char *getVersion() const; const char *toString() const; Id getId() const noexcept; + DnfSack * getSack() const noexcept; private: friend DependencyContainer; @@ -92,6 +93,7 @@ }; inline Id Dependency::getId() const noexcept { return id; } +inline DnfSack * Dependency::getSack() const noexcept { return sack; } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libdnf-0.69.0/libdnf/sack/query.cpp new/libdnf-0.70.0/libdnf/sack/query.cpp --- old/libdnf-0.69.0/libdnf/sack/query.cpp 2022-09-09 12:26:26.000000000 +0200 +++ new/libdnf-0.70.0/libdnf/sack/query.cpp 2023-02-21 09:37:36.000000000 +0100 @@ -190,6 +190,13 @@ } static bool +NameSolvableComparator(const Solvable * first, const Solvable * second) +{ + return first->name < second->name; +} + + +static bool NamePrioritySolvableKey(const Solvable * first, const Solvable * second) { if (first->name != second->name) @@ -1878,11 +1885,14 @@ std::vector<Solvable *> installed_solvables; if (cmp_type & HY_UPGRADE) { - // When doing HY_UPGRADE consider only candidate pkgs that have matching Name and Arch with: - // * some already installed pkg (in other words: some other version of the pkg is already installed) - // or - // * with pkg that obsoletes some already installed (or to be installed in this transaction) pkg - // Otherwise a pkg with different Arch than installed can end up in upgrade set which is wrong. + // When doing HY_UPGRADE consider only candidate pkgs that: + // * have matching Name and Arch with some already installed pkg + // (in other words: some other version of the pkg is already installed) + // * have matching Name with some already installed pkg and either the candidate or the installed pkg is noarch. + // This matches upgrade behavior where we allow architecture change only when noarch is involved. + // Details: RhBug:2124483, RhBug:2101398 and RhBug:1171543 + // * obsoletes some already installed (or to be installed in this transaction) pkg + // Otherwise a pkg with different Arch than installed (and than noarch) can end up in upgrade set which is wrong. // It can result in dependency issues, reported as: RhBug:2088149. Query installed(sack, ExcludeFlags::IGNORE_EXCLUDES); @@ -1893,7 +1903,7 @@ while ((installed_id = installed.pImpl->result->next(installed_id)) != -1) { installed_solvables.push_back(pool_id2solvable(pool, installed_id)); } - std::sort(installed_solvables.begin(), installed_solvables.end(), NameArchSolvableComparator); + std::sort(installed_solvables.begin(), installed_solvables.end(), NameSolvableComparator); Query obsoletes(sack, ExcludeFlags::IGNORE_EXCLUDES); obsoletes.addFilter(HY_PKG, HY_EQ, resultPset); @@ -1915,12 +1925,16 @@ } Id id = -1; - // Add to candidates resultPset pkgs that match name and arch with some already installed pkg + // Add to candidates resultPset pkgs that match name and arch with some already installed pkg or match name and either the installed or candidate are NOARCH while ((id = resultPset->next(id)) != -1) { Solvable * s = pool_id2solvable(pool, id); - auto low = std::lower_bound(installed_solvables.begin(), installed_solvables.end(), s, NameArchSolvableComparator); - if (low != installed_solvables.end() && s->name == (*low)->name && s->arch == (*low)->arch) { - candidates.push_back(s); + auto low = std::lower_bound(installed_solvables.begin(), installed_solvables.end(), s, NameSolvableComparator); + while (low != installed_solvables.end() && (*low)->name == s->name) { + if (s->arch == (*low)->arch || s->arch == ARCH_NOARCH || (*low)->arch == ARCH_NOARCH) { + candidates.push_back(s); + break; + } + ++low; } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libdnf-0.69.0/libdnf.spec new/libdnf-0.70.0/libdnf.spec --- old/libdnf-0.69.0/libdnf.spec 2022-09-09 12:26:26.000000000 +0200 +++ new/libdnf-0.70.0/libdnf.spec 2023-02-21 09:37:36.000000000 +0100 @@ -4,7 +4,7 @@ %global dnf_conflict 4.11.0 %global swig_version 3.0.12 %global libdnf_major_version 0 -%global libdnf_minor_version 69 +%global libdnf_minor_version 70 %global libdnf_micro_version 0 %define __cmake_in_source_build 1 @@ -58,7 +58,7 @@ Version: %{libdnf_major_version}.%{libdnf_minor_version}.%{libdnf_micro_version} Release: 1%{?dist} Summary: Library providing simplified C and Python API to libsolv -License: LGPLv2+ +License: LGPL-2.1-or-later URL: https://github.com/rpm-software-management/libdnf Source0: %{url}/archive/%{version}/%{name}-%{version}.tar.gz diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libdnf-0.69.0/plugins/example_plugin.c new/libdnf-0.70.0/plugins/example_plugin.c --- old/libdnf-0.69.0/plugins/example_plugin.c 2022-09-09 12:26:26.000000000 +0200 +++ new/libdnf-0.70.0/plugins/example_plugin.c 2023-02-21 09:37:36.000000000 +0100 @@ -78,9 +78,11 @@ break; } handle = malloc(sizeof(*handle)); - handle->mode = mode; - handle->context = pluginGetContext(initData); - handle->outStream = outStream; + if (handle) { + handle->mode = mode; + handle->context = pluginGetContext(initData); + handle->outStream = outStream; + } } while (0); fprintf(outStream, "%s: %s: exit =========================\n", info.name, __func__); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libdnf-0.69.0/python/hawkey/nevra-py.cpp new/libdnf-0.70.0/python/hawkey/nevra-py.cpp --- old/libdnf-0.69.0/python/hawkey/nevra-py.cpp 2022-09-09 12:26:26.000000000 +0200 +++ new/libdnf-0.70.0/python/hawkey/nevra-py.cpp 2023-02-21 09:37:36.000000000 +0100 @@ -181,7 +181,7 @@ static PyObject * evr(_NevraObject *self, PyObject *unused) try { - return PyString_FromString(self->nevra->getEvr().c_str());; + return PyString_FromString(self->nevra->getEvr().c_str()); } CATCH_TO_PYTHON int diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libdnf-0.69.0/python/hawkey/query-py.cpp new/libdnf-0.70.0/python/hawkey/query-py.cpp --- old/libdnf-0.69.0/python/hawkey/query-py.cpp 2022-09-09 12:26:26.000000000 +0200 +++ new/libdnf-0.70.0/python/hawkey/query-py.cpp 2023-02-21 09:37:36.000000000 +0100 @@ -345,6 +345,16 @@ } if (reldepObject_Check(match)) { DnfReldep *reldep = reldepFromPyObject(match); + + /* A reldep cannot be used across sack objects. If there is an attempt + * to do so, the underlying libsolv structures are incomplete and a SEGFAULT is + * likely to occur. */ + + if (query->getSack() != reldep->getSack()) { + PyErr_SetString(HyExc_Query, "Direct dependency lookups must originate from the same sack."); + return 0; + } + if (cmp_type != HY_EQ || query->addFilter(keyname, reldep)) return raise_bad_filter(); return 1; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libdnf-0.69.0/python/hawkey/tests/tests/test_query.py new/libdnf-0.70.0/python/hawkey/tests/tests/test_query.py --- old/libdnf-0.69.0/python/hawkey/tests/tests/test_query.py 2022-09-09 12:26:26.000000000 +0200 +++ new/libdnf-0.70.0/python/hawkey/tests/tests/test_query.py 2023-02-21 09:37:36.000000000 +0100 @@ -403,13 +403,21 @@ self.sack3.load_test_repo("test_ppc", "ppc.repo") def test_provides_all_arch_query(self): - ppc_pkgs = hawkey.Query(self.sack1) - self.assertGreater(len(ppc_pkgs), 0) - pkg1 = ppc_pkgs[0] + # Reldep objects are per-sack, queries across are disallowed. So + # it is necessary to create 3 queries below. + # + # See "query-py: Ensure reldep is from the same sack" for details + ppc_pkgs_1 = hawkey.Query(self.sack1) + ppc_pkgs_2 = hawkey.Query(self.sack2) + ppc_pkgs_3 = hawkey.Query(self.sack3) + self.assertGreater(len(ppc_pkgs_1), 0) + pkg1 = ppc_pkgs_1[0] + pkg2 = ppc_pkgs_2[0] + pkg3 = ppc_pkgs_3[0] query_ppc = hawkey.Query(self.sack1).filter(provides=pkg1.provides[0]) - query_x86 = hawkey.Query(self.sack2).filter(provides=pkg1.provides[0]) - query_all = hawkey.Query(self.sack3).filter(provides=pkg1.provides[0]) + query_x86 = hawkey.Query(self.sack2).filter(provides=pkg2.provides[0]) + query_all = hawkey.Query(self.sack3).filter(provides=pkg3.provides[0]) self.assertEqual(len(query_ppc), 1) self.assertEqual(len(query_x86), 0) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libdnf-0.69.0/tests/hawkey/test_iutil.cpp new/libdnf-0.70.0/tests/hawkey/test_iutil.cpp --- old/libdnf-0.69.0/tests/hawkey/test_iutil.cpp 2022-09-09 12:26:26.000000000 +0200 +++ new/libdnf-0.70.0/tests/hawkey/test_iutil.cpp 2023-02-21 09:37:36.000000000 +0100 @@ -123,7 +123,7 @@ fclose(fp); fp = fopen(new_file, "r"); - std::unique_ptr<SolvUserdata> dnf_solvfile = solv_userdata_read(fp); + std::unique_ptr<SolvUserdata, decltype(solv_free)*> dnf_solvfile = solv_userdata_read(fp); fail_unless(dnf_solvfile); fail_unless(solv_userdata_verify(dnf_solvfile.get(), cs_computed)); fclose(fp);
participants (1)
-
Source-Sync