From 8e522ba65ae592a3fb27bb79a1dfe3c0ad2305ea Mon Sep 17 00:00:00 2001 From: linker Date: Sat, 15 May 2021 18:08:29 +0800 Subject: [PATCH 1/2] restore libdb support --- ...he-dbenv-in-the-rpmdb-if-the-last-re.patch | 6 +- rpm.spec | 94 +++++++------------ 2 files changed, 34 insertions(+), 66 deletions(-) diff --git a/backport-ndb-only-clear-the-dbenv-in-the-rpmdb-if-the-last-re.patch b/backport-ndb-only-clear-the-dbenv-in-the-rpmdb-if-the-last-re.patch index e896a48..09a8b0f 100644 --- a/backport-ndb-only-clear-the-dbenv-in-the-rpmdb-if-the-last-re.patch +++ b/backport-ndb-only-clear-the-dbenv-in-the-rpmdb-if-the-last-re.patch @@ -5,14 +5,12 @@ Subject: [PATCH] ndb: only clear the dbenv in the rpmdb if the last reference is gone Otherwise we will segfault if just one index is closed. - -URL:https://github.com/rpm-software-management/rpm/commit/52c3ee60a1ce0e7e527dc396dd1e1a0e29b7b0ed --- lib/backend/ndb/glue.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/backend/ndb/glue.c b/lib/backend/ndb/glue.c -index 376e360..841c2fe 100644 +index 376e360e3..841c2fe42 100644 --- a/lib/backend/ndb/glue.c +++ b/lib/backend/ndb/glue.c @@ -52,8 +52,8 @@ static void closeEnv(rpmdb rdb) @@ -26,5 +24,5 @@ index 376e360..841c2fe 100644 static struct ndbEnv_s *openEnv(rpmdb rdb) -- -1.8.3.1 +2.27.0 diff --git a/rpm.spec b/rpm.spec index 9263dcd..84770aa 100644 --- a/rpm.spec +++ b/rpm.spec @@ -1,6 +1,6 @@ Name: rpm Version: 4.15.1 -Release: 24 +Release: 26 Summary: RPM Package Manager License: GPLv2+ URL: http://www.rpm.org/ @@ -28,63 +28,32 @@ Patch17: backport-Fix-resource-leaks-on-zstd-open-error-paths.patch Patch18: backport-rpmio-initialise-libgcrypt.patch Patch19: backport-fix-zstd-magic.patch Patch20: backport-Don-t-require-signature-header-to-be-in-single-conti.patch -Patch21: backport-Fix-regression-on-v3-package-handling-on-database-re.patch -Patch22: backport-Fix-a-minor-memory-leak-on-suppressed-inhibition-loc.patch -Patch23: backport-Fix-POPT_ARG_STRING-memleaks-in-librpmbuild.patch -Patch24: backport-Fix-build-regression-in-commit-307872f71b357a3839fd0.patch -Patch25: backport-Fix-isUnorderedReq-for-multiple-qualifiers.patch -Patch26: backport-If-fork-fails-in-getOutputFrom-close-opened-unused-p.patch -Patch27: backport-Fix-pointer-dereference-before-testing-for-NULL-in-r.patch -Patch28: backport-Don-t-look-into-source-package-provides-in-depsolvin.patch -Patch29: backport-rpmfiArchiveRead-use-signed-return-value-to-handle-1.patch -Patch30: backport-Fix-bump-up-the-limit-of-signature-header-to-64MB.patch -Patch31: backport-Remove-compare-of-global-array-tagsByName-to-NULL.patch -Patch32: backport-Always-close-libelf-handle-1313.patch -Patch33: backport-Add-missing-terminator-to-copyTagsFromMainDebug-arra.patch -Patch34: backport-Fix-possible-read-beyond-buffer-in-rstrnlenhash.patch -Patch35: backport-Make-fdSeek-return-0-on-success-1-on-error.patch -Patch36: backport-Fix-logic-error-in-grabArgs.patch -Patch37: backport-Use-libelf-for-determining-file-colors.patch - -Patch38: backport-Add-backend-name-and-path-of-main-database-file-to-d.patch -Patch39: backport-Use-paths-from-db_ops-in-the-backends-too-where-poss.patch -Patch40: backport-Use-the-new-backend-struct-data-for-backend-configur.patch -Patch41: backport-Add-support-for-reading-BDB-without-the-library.patch -Patch42: backport-Fix-building-with-no-BerkeleyDB-support.patch -Patch43: backport-Implement-a-key-only-rpmdb-index-iterator.patch -Patch44: backport-ndb-remove-unused-lzo-compression-code.patch -Patch45: backport-ndb-make-ordered-slots-flag-a-boolean.patch -Patch46: backport-ndb-drop-unused-number-of-allocated-slots.patch -Patch47: backport-ndb-no-longer-free-the-pkgid-hash-all-the-time.patch -Patch48: backport-ndb-add-a-verify-method.patch -Patch49: backport-ndb-use-the-generation-instead-of-the-current-time-i.patch -Patch50: backport-ndb-only-clear-the-dbenv-in-the-rpmdb-if-the-last-re.patch -Patch51: backport-ndb-add-a-rpmxdbDelAllBlobs-method.patch -Patch52: backport-ndb-implement-index-regeneration-if-the-index-is-out.patch -Patch53: backport-Remove-the-experimental-status-from-the-ndb-database.patch -Patch54: backport-ndb-fix-ftruncate-return-value-warning.patch -Patch55: backport-Permit-ndb-database-queries-on-read-only-media.patch -Patch56: backport-ndb-add-a-rpmpkgSalvage-method.patch -Patch57: backport-Add-a-salvagedb-option-to-the-rpmdb-tool.patch -Patch58: backport-Flush-1998-vintage-dirent.h-compatibility-mess-from-.patch -Patch59: backport-ndb-also-copy-the-mapped-pointer-when-keeping-a-slot.patch -Patch60: backport-ndb-do-not-map-the-index-databases-read-write-all-th.patch -Patch61: backport-ndb-do-not-map-xdb-s-header-read-write-all-the-time.patch -Patch62: backport-ndb-unmap-xdb-s-header-when-closing-the-xdb-database.patch -Patch63: backport-ndb-make-rpmxdbWriteHeader-a-void-function.patch -Patch64: backport-Add-an-index-sync-call-at-the-end-of-a-database-rebu.patch -Patch65: backport-Deprecate-Berkeley-DB-database-backend.patch -Patch66: backport-Always-open-and-initialize-the-entire-database-at-on.patch -Patch67: backport-Stop-on-first-failure-when-trying-to-open-a-database.patch -Patch68: backport-Only-attempt-loading-the-keyring-once-the-rpmdb-is-o.patch -patch69: backport-CVE-2021-20271.patch - -BuildRequires: gcc autoconf automake libtool make gawk popt-devel openssl-devel readline-devel +Patch21: backport-ndb-only-clear-the-dbenv-in-the-rpmdb-if-the-last-re.patch +Patch22: backport-Fix-regression-on-v3-package-handling-on-database-re.patch +Patch23: backport-Fix-a-minor-memory-leak-on-suppressed-inhibition-loc.patch +Patch24: backport-Fix-POPT_ARG_STRING-memleaks-in-librpmbuild.patch +Patch25: backport-Fix-build-regression-in-commit-307872f71b357a3839fd0.patch +Patch26: backport-Fix-isUnorderedReq-for-multiple-qualifiers.patch +Patch27: backport-If-fork-fails-in-getOutputFrom-close-opened-unused-p.patch +Patch28: backport-Fix-pointer-dereference-before-testing-for-NULL-in-r.patch +Patch29: backport-Don-t-look-into-source-package-provides-in-depsolvin.patch +Patch30: backport-rpmfiArchiveRead-use-signed-return-value-to-handle-1.patch +Patch31: backport-Fix-bump-up-the-limit-of-signature-header-to-64MB.patch +Patch32: backport-Remove-compare-of-global-array-tagsByName-to-NULL.patch +Patch33: backport-Always-close-libelf-handle-1313.patch +Patch34: backport-Add-missing-terminator-to-copyTagsFromMainDebug-arra.patch +Patch35: backport-Fix-possible-read-beyond-buffer-in-rstrnlenhash.patch +Patch36: backport-Make-fdSeek-return-0-on-success-1-on-error.patch +Patch37: backport-Fix-logic-error-in-grabArgs.patch +Patch38: backport-Use-libelf-for-determining-file-colors.patch + + +BuildRequires: gcc autoconf automake libtool make gawk popt-devel openssl-devel readline-devel libdb-devel BuildRequires: zlib-devel libzstd-devel xz-devel bzip2-devel libarchive-devel ima-evm-utils-devel BuildRequires: dbus-devel fakechroot elfutils-devel elfutils-libelf-devel ima-evm-utils BuildRequires: lua-devel libcap-devel libacl-devel libselinux-devel file-devel gettext-devel ncurses-devel BuildRequires: system-rpm-config gdb dwz -Requires: coreutils popt curl zstd libcap gnupg2 crontabs logrotate +Requires: coreutils popt curl zstd libcap gnupg2 crontabs logrotate libdb-utils Obsoletes: %{name}-build-libs %{name}-sign-libs %{name}-sign %{name}-cron Provides: %{name}-build-libs %{name}-sign-libs %{name}-sign %{name}-cron Obsoletes: %{name}-plugin-selinux %{name}-plugin-syslog %{name}-plugin-systemd-inhibit %{name}-plugin-ima %{name}-plugin-prioreset @@ -163,7 +132,6 @@ Obsoletes: apidocs %autosetup -n %{name}-%{version} -p1 sed -ie 's:^python test:python2 test:g' tests/rpmtests tests/local.at -sed -i -e "/_db_backend/ s/ bdb/ ndb/g" macros.in %build CPPFLAGS="$CPPFLAGS -DLUA_COMPAT_APIINTCASTS" @@ -191,9 +159,6 @@ done; --with-selinux \ --with-cap \ --with-acl \ - --enable-ndb \ - --enable-bdb-ro \ - --enable-bdb=no \ --with-imaevm \ --enable-zstd \ --enable-python \ @@ -227,8 +192,14 @@ mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/rpm mkdir -p $RPM_BUILD_ROOT%{_rpmconfigdir}/macros.d mkdir -p $RPM_BUILD_ROOT/var/lib/rpm -./rpmdb --define "_db_backend ndb" --dbpath=${PWD}/ndb --initdb -cp -va ndb/. $RPM_BUILD_ROOT/var/lib/rpm/ +for dbi in \ + Basenames Conflictname Dirnames Group Installtid Name Obsoletename \ + Packages Providename Requirename Triggername Sha1header Sigmd5 \ + __db.001 __db.002 __db.003 __db.004 __db.005 __db.006 __db.007 \ + __db.008 __db.009 +do + touch $RPM_BUILD_ROOT/var/lib/rpm/$dbi +done #./rpmdb --dbpath=$RPM_BUILD_ROOT/var/lib/rpm --initdb @@ -265,8 +236,7 @@ make check || (cat tests/rpmtests.log; exit 0) %config(noreplace) %{_sysconfdir}/logrotate.d/rpm %dir %{_sysconfdir}/rpm %dir /var/lib/rpm -%attr(0644, root, root) %ghost %config(missingok,noreplace) /var/lib/rpm/* -%attr(0644, root, root) %ghost /var/lib/rpm/.*.lock +%attr(0644, root, root) %verify(not md5 size mtime) %ghost %config(missingok,noreplace) /var/lib/rpm/* %lang(fr) %{_mandir}/fr/man[18]/*.[18]* %lang(ko) %{_mandir}/ko/man[18]/*.[18]* %lang(ja) %{_mandir}/ja/man[18]/*.[18]* -- Gitee From 79c15358d4b96ffcadc5b18003b0e7d97176f3b3 Mon Sep 17 00:00:00 2001 From: linker Date: Sat, 15 May 2021 18:10:45 +0800 Subject: [PATCH 2/2] restore libdb support --- rpm.spec | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/rpm.spec b/rpm.spec index 84770aa..90ccab6 100644 --- a/rpm.spec +++ b/rpm.spec @@ -1,6 +1,6 @@ Name: rpm Version: 4.15.1 -Release: 26 +Release: 25 Summary: RPM Package Manager License: GPLv2+ URL: http://www.rpm.org/ @@ -316,6 +316,12 @@ make check || (cat tests/rpmtests.log; exit 0) %{_mandir}/man1/gendiff.1* %changelog +* Sat May 15 2021 tianwei - 4.15.1-25 +- Type:bugfix +- ID:NA +- SUG:NA +- DESC:restore libdb support + * Tue Apr 20 2021 liudabo - 4.15.1-24 - Type:CVE - ID:CVE-2021-20271 -- Gitee