[arch-commits] Commit in gnupg/trunk (2 files)

Gaëtan Bisson bisson at archlinux.org
Sun Dec 8 09:06:28 UTC 2019 

    Date: Sunday, December 8, 2019 @ 09:06:27
  Author: bisson
Revision: 370531

upstream update

Modified:
  gnupg/trunk/PKGBUILD
Deleted:
  gnupg/trunk/0001-gpg-Fix-double-free-with-anonymous-recipients.patch

----------------------------------------------------------+
 0001-gpg-Fix-double-free-with-anonymous-recipients.patch |   84 -------------
 PKGBUILD                                                 |    9 -
 2 files changed, 3 insertions(+), 90 deletions(-)

Deleted: 0001-gpg-Fix-double-free-with-anonymous-recipients.patch
===================================================================
--- 0001-gpg-Fix-double-free-with-anonymous-recipients.patch	2019-12-08 01:05:11 UTC (rev 370530)
+++ 0001-gpg-Fix-double-free-with-anonymous-recipients.patch	2019-12-08 09:06:27 UTC (rev 370531)
@@ -1,84 +0,0 @@
-From 9ac182f376abf910a7b737b0e1ebd447eaa582f1 Mon Sep 17 00:00:00 2001
-From: Werner Koch <wk at gnupg.org>
-Date: Fri, 29 Nov 2019 17:44:12 +0100
-Subject: [PATCH GnuPG] gpg: Fix double free with anonymous recipients.
-
-* g10/pubkey-enc.c (get_session_key): Do not release SK.
---
-
-Bug is in 2.2.18 only.
-
-The semantics of the enum_secret_keys function changed in master.
-When back porting this for 2.2.18 I missed this change and thus we ran
-into a double free.  The patches fixes the regression but is it clumsy.
-We need to change the enum_secret_keys interface to avoid such a
-surprising behaviour; this needs to be done in master first.
-
-Regression-due-to: 9a317557c58d2bdcc504b70c366b77f4cac71df7
-GnuPG-bug-id: 4762
-Signed-off-by: Werner Koch <wk at gnupg.org>
----
- g10/pubkey-enc.c | 8 ++++++--
- g10/skclist.c    | 7 +++++--
- 2 files changed, 11 insertions(+), 4 deletions(-)
-
-diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c
-index 71a48cc41..4e6f893f3 100644
---- a/g10/pubkey-enc.c
-+++ b/g10/pubkey-enc.c
-@@ -114,11 +114,11 @@ get_session_key (ctrl_t ctrl, PKT_pubkey_enc * k, DEK * dek)
- 
-       for (;;)
-         {
--          free_public_key (sk);
-           sk = xmalloc_clear (sizeof *sk);
-           rc = enum_secret_keys (ctrl, &enum_context, sk);
-           if (rc)
-             {
-+              sk = NULL;  /* enum_secret_keys turns SK into a shallow copy! */
-               rc = GPG_ERR_NO_SECKEY;
-               break;
-             }
-@@ -148,10 +148,14 @@ get_session_key (ctrl_t ctrl, PKT_pubkey_enc * k, DEK * dek)
-             {
-               if (!opt.quiet)
-                 log_info (_("okay, we are the anonymous recipient.\n"));
-+              sk = NULL;
-               break;
-             }
-           else if (gpg_err_code (rc) == GPG_ERR_FULLY_CANCELED)
--            break; /* Don't try any more secret keys.  */
-+            {
-+              sk = NULL;
-+              break; /* Don't try any more secret keys.  */
-+            }
-         }
-       enum_secret_keys (ctrl, &enum_context, NULL);  /* free context */
-     }
-diff --git a/g10/skclist.c b/g10/skclist.c
-index 8817ee904..5a32b6a17 100644
---- a/g10/skclist.c
-+++ b/g10/skclist.c
-@@ -292,14 +292,17 @@ build_sk_list (ctrl_t ctrl,
-  * --default-key and --try-secret-key).  Use the following procedure:
-  *
-  *  1) Initialize a void pointer to NULL
-- *  2) Pass a reference to this pointer to this function (content)
-- *     and provide space for the secret key (sk)
-+ *  2) Pass a reference to this pointer to this function (CONTEXT)
-+ *     and provide space for the secret key (SK)
-  *  3) Call this function as long as it does not return an error (or
-  *     until you are done).  The error code GPG_ERR_EOF indicates the
-  *     end of the listing.
-  *  4) Call this function a last time with SK set to NULL,
-  *     so that can free it's context.
-  *
-+ *  TAKE CARE: When the function returns SK belongs to CONTEXT and may
-+ *  not be freed by the caller; neither on success nor on error.
-+ *
-  * In pseudo-code:
-  *
-  *   void *ctx = NULL;
--- 
-2.11.0
-

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2019-12-08 01:05:11 UTC (rev 370530)
+++ PKGBUILD	2019-12-08 09:06:27 UTC (rev 370531)
@@ -4,8 +4,8 @@
 # Contributor: Judd Vinet <jvinet at zeroflux.org>
 
 pkgname=gnupg
-pkgver=2.2.18
-pkgrel=2
+pkgver=2.2.19
+pkgrel=1
 pkgdesc='Complete and free implementation of the OpenPGP standard'
 url='https://www.gnupg.org/'
 license=('GPL')
@@ -22,11 +22,9 @@
               '031EC2536E580D8EA286A9F22071B08A33BD3F06'
               '5B80C5754298F0CB55D8ED6ABCEF7E294B092E28')
 source=("https://gnupg.org/ftp/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig}
-        '0001-gpg-Fix-double-free-with-anonymous-recipients.patch'
         'self-sigs-only.patch')
-sha256sums=('30d37ce2ca55b2b9b61480b2a175a3b22066ab41cd3f84688448919b566dec0a'
+sha256sums=('242554c0e06f3a83c420b052f750b65ead711cc3fddddb5e7274fcdbb4e9dec0'
             'SKIP'
-            'f7f533c37354e1fbafd7c9db67f5b5792745f7b0a68a5132a09f241896942903'
             '0130c43321c16f53ab2290833007212f8a26b1b73bd4edc2b2b1c9db2b2d0218')
 
 install=install
@@ -35,7 +33,6 @@
 	cd "${srcdir}/${pkgname}-${pkgver}"
 	sed '/noinst_SCRIPTS = gpg-zip/c sbin_SCRIPTS += gpg-zip' -i tools/Makefile.in
 	patch -R -p1 -i ../self-sigs-only.patch
-	patch -p1 -i ../0001-gpg-Fix-double-free-with-anonymous-recipients.patch # FS#64663
 }
 
 build() {

More information about the arch-commits mailing list