diff --git a/0001-Fix-potential-uninitialized-variable-use-in-rpmtsImp.patch b/0001-Fix-potential-uninitialized-variable-use-in-rpmtsImp.patch new file mode 100644 index 0000000..c2b2341 --- /dev/null +++ b/0001-Fix-potential-uninitialized-variable-use-in-rpmtsImp.patch @@ -0,0 +1,31 @@ +From a3d11f7a53811e42cbe36a91a1583a723c2fe108 Mon Sep 17 00:00:00 2001 +Message-Id: +From: Panu Matilainen +Date: Mon, 6 Jun 2022 12:04:15 +0300 +Subject: [PATCH] Fix potential uninitialized variable use in + rpmtsImportPubkey() + +Commit d703160334ff545ce8bf7475da5689422f43dacc introduced a new step +to key import which can fail before keyring is initialized. + +Always initialize your variables, never need "fixes" like this. +--- + lib/rpmts.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/rpmts.c b/lib/rpmts.c +index 0b6b7ac6b..b1c80b9c8 100644 +--- a/lib/rpmts.c ++++ b/lib/rpmts.c +@@ -609,7 +609,7 @@ rpmRC rpmtsImportPubkey(const rpmts ts, const unsigned char * pkt, size_t pktlen + rpmPubkey *subkeys = NULL; + int subkeysCount = 0; + rpmVSFlags oflags = rpmtsVSFlags(ts); +- rpmKeyring keyring; ++ rpmKeyring keyring = NULL; + rpmtxn txn = rpmtxnBegin(ts, RPMTXN_WRITE); + int krc, i; + +-- +2.38.1 + diff --git a/rpm.spec b/rpm.spec index 24f98da..e0eda0d 100644 --- a/rpm.spec +++ b/rpm.spec @@ -32,7 +32,7 @@ %global rpmver 4.18.0 #global snapver rc1 -%global baserelease 7 +%global baserelease 8 %global sover 9 %global srcver %{rpmver}%{?snapver:-%{snapver}} @@ -135,6 +135,7 @@ rpm-4.9.90-no-man-dirs.patch # Patches already upstream: # ... +0001-Fix-potential-uninitialized-variable-use-in-rpmtsImp.patch # These are not yet upstream rpm-4.7.1-geode-i686.patch @@ -623,6 +624,9 @@ fi %doc docs/librpm/html/* %changelog +* Wed Dec 07 2022 Panu Matilainen - 4.18.0-8 +- Fix hang-up on failed key import (related to #2149762) + * Thu Nov 24 2022 Panu Matilainen - 4.18.0-7 - Require rpm-sequoia >= 1.2.0 for V3 signature support, re-enable (#2141686)