packages/colord
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:8457bce6307afbebb3241fd15775e3479490adc5
Branches Tags
packages:main
..
compare: packages:04ac64820b50c7b3708d3146fa0f044c5ec072f9
Branches Tags
packages:main

10 Commits
8457bce630 ... 04ac64820b

Author SHA1 Message Date
openeuler-ci-bot
04ac64820b
!26 [sync] PR-23: fix CVE-2021-42523 
From: @openeuler-sync-bot 
Reviewed-by: @t_feng 
Signed-off-by: @t_feng
 2022-09-07 09:28:09 +00:00
wangkerong
32835fda83 fix CVE-2021-42523 
(cherry picked from commit 90a33611c1cade02b5bccb8f8f11a7c58f04edee)
 2022-09-07 16:53:51 +08:00
openeuler-ci-bot
9512673c0b
!21 [sync] PR-17: fix CVE-2021-42523 
From: @openeuler-sync-bot 
Reviewed-by: @t_feng 
Signed-off-by: @t_feng
 2022-08-29 07:41:34 +00:00
wangkerong
83dfe4789e fix CVE-2021-42523 
(cherry picked from commit 5d9b12b903023d9dfc69df4af391289c76623719)
 2022-08-29 14:29:40 +08:00
openeuler-ci-bot
f815f4a5f0
!16 [sync] PR-14: enable test case 
From: @openeuler-sync-bot 
Reviewed-by: @t_feng 
Signed-off-by: @t_feng
 2022-03-29 06:55:48 +00:00
wangkerong
10f3a846b4 enable test 
(cherry picked from commit 9848ca6a5588f812eabd38d43046cc40e67f2d7c)
 2022-03-29 10:52:02 +08:00
openeuler-ci-bot
34125d556f !13 Version upgrade to colord-1.4.5 
From: @yangl777
Reviewed-by: @orange-snn
Signed-off-by: @orange-snn
 2021-01-30 15:06:45 +08:00
renmingshuai
909281715e upgrade version to 1.4.5 2021-01-30 10:27:40 +08:00
openeuler-ci-bot
a2b6065f8f !12 update yaml file to package 
From: @zzm_567
Reviewed-by: @orange-snn
Signed-off-by: @orange-snn
 2020-10-16 14:10:37 +08:00
zhanzhimin
74218047e9 update yaml file 2020-10-16 11:44:50 +08:00
6 changed files with 81 additions and 4 deletions
Show Stats Expand all files Collapse all files

27
backport-0001-CVE-2021-42523.patch Normal file
View File

@ -0,0 +1,27 @@
From adf41f36cf7214d7d6fa8d528b74eba47c377405 Mon Sep 17 00:00:00 2001
From: Zero0one1 <arya_lee@qq.com>
Date: Fri, 2 Apr 2021 16:45:56 +0800
Subject: [PATCH] Fix a small memory leak in sqlite3_exec()
Fixes https://github.com/hughsie/colord/issues/110
Conflict:NA
Reference:https://github.com/hughsie/colord/commit/adf41f36cf7214d7d6fa8d528b74eba47c377405
---
src/cd-device-db.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/cd-device-db.c b/src/cd-device-db.c
index a212c83d..3ae44ef2 100644
--- a/src/cd-device-db.c
+++ b/src/cd-device-db.c
@@ -91,7 +91,7 @@ cd_device_db_load (CdDeviceDb *ddb,
/* check properties version 2 */
rc = sqlite3_exec (priv->db, "SELECT * FROM properties_v2 LIMIT 1",
- NULL, NULL, &error_msg);
+ NULL, NULL, NULL);
if (rc != SQLITE_OK) {
statement = "CREATE TABLE properties_v2 ("
"device_id TEXT,"

25
backport-0002-CVE-2021-42523.patch Normal file
View File

@ -0,0 +1,25 @@
From 1452a975ecae14299fb27d41522dfd32305481ce Mon Sep 17 00:00:00 2001
From: Richard Hughes <richard@hughsie.com>
Date: Wed, 13 Apr 2022 14:21:32 +0100
Subject: [PATCH] trivial: Fix a small memory leak on db open failure
Conflict:Using g_autofree will make the testcase fail, so here we use sqlite3_free to free the memory
Reference:https://github.com/hughsie/colord/commit/1452a975ecae14299fb27d41522dfd32305481ce
---
src/cd-profile-db.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/cd-profile-db.c b/src/cd-profile-db.c
index 5661d09..d6361ac 100644
--- a/src/cd-profile-db.c
+++ b/src/cd-profile-db.c
@@ -87,6 +87,7 @@ cd_profile_db_load (CdProfileDb *pdb,
"uid INTEGER,"
"value TEXT,"
"PRIMARY KEY (profile_id, property, uid));";
+ sqlite3_free (error_msg);
sqlite3_exec (priv->db, statement, NULL, NULL, NULL);
}
return TRUE;
--
2.33.0

BIN
colord-1.4.4.tar.xz
View File

Binary file not shown.

BIN
colord-1.4.5.tar.xz Normal file
View File

Binary file not shown.

31
colord.spec
View File

@ -1,11 +1,14 @@
Name: colord
Version: 1.4.4
Release: 1
Version: 1.4.5
Release: 4
Summary: A system activated daemon
License: GPLv2+ and LGPLv2+
URL: https://www.freedesktop.org/software/colord/
Source0: https://www.freedesktop.org/software/colord/releases/%{name}-%{version}.tar.xz
Patch6000: backport-0001-CVE-2021-42523.patch
Patch6001: backport-0002-CVE-2021-42523.patch
BuildRequires: color-filesystem dbus-devel docbook5-style-xsl gettext glib2-devel
BuildRequires: gobject-introspection-devel gtk-doc libgudev1-devel
BuildRequires: libxslt meson sqlite-devel systemd systemd-devel vala-tools
@ -57,8 +60,12 @@ This help package contains help documents for color.
%build
ulimit -Sv 2000000
# colord-test-private test cases always fail, so we don't run this case
# https://github.com/hughsie/colord/issues/139 use this link to track bugs
sed -i 's/test('"'"'colord-test-private'"'"'/# test('"'"'colord-test-private'"'"'/g' %{_builddir}/%{name}-%{version}/lib/colord/meson.build
%meson -Dargyllcms_sensor=false -Dbash_completion=false -Ddaemon_user=colord \
-Dprint_profiles=false -Dvapi=true -Dinstalled_tests=true
-Dprint_profiles=false -Dvapi=true -Dinstalled_tests=true -Dtests=true
%meson_build
%install
@ -75,6 +82,9 @@ cat /etc/passwd | grep colord >/dev/null || useradd -r -g colord \
-s /sbin/nologin -d /var/lib/colord -c "User for colord" colord
exit 0
%check
%meson_test
%preun
%systemd_preun colord.service
@ -161,6 +171,21 @@ exit 0
%{_datadir}/man/man1/*.1.gz
%changelog
* Wed Aug 31 2022 wangkerong <wangkerong@h-partners.com> - 1.4.5-4
- fix CVE-2021-42523
* Mon Aug 29 2022 wangkerong <wangkerong@h-partners.com> - 1.4.5-3
- fix CVE-2021-42523
* Mon Mar 28 2022 wangkerong <wangkerong@h-partners.com> - 1.4.5-2
- enable test case
* Sat Jan 30 2021 yanglu <yanglu60@huawei.com> - 1.4.5-1
- Type:enhancement
- ID:NA
- SUG:NA
- DESC:upgrade to version 1.4.5
* Sat Jul 25 2020 zhangqiumiao <zhangqiumiao1@huawei.com> - 1.4.4-1
- Type:enhancement
- ID:NA

2
colord.yaml
View File

@ -1,4 +1,4 @@
version_control: github
src_repo: hughsize/colord
tag_prefix:
seperator: "."
separator: "."