diff --git a/.gitignore b/.gitignore index f6c2c70..d527b6f 100644 --- a/.gitignore +++ b/.gitignore @@ -13,3 +13,36 @@ squashfs-4.1.tar.bz2 /squashfs-tools-4.5.tar.gz /4.5.tar.gz /squashfs-tools-e0485802ec72996c20026da320650d8362f555bd.tar.gz +/squashfs-tools-5ae7238a0ae6fc420f55227d052ce9b1c66a9d0f.tar.gz +/squashfs-tools-d5a583e4edce3df9f0c3bca84bff4f1d5ad3d09c.tar.gz +/squashfs-tools-11c9591260599b7874841db6f69ae570708a4077.tar.gz +/squashfs-tools-8a9d02e0027c69e6f47d8c2ed995d8c755c9581b.tar.gz +/squashfs-tools-d61eb68d75b32977b6c5a8b2d2fe57cbef0d6b4a.tar.gz +/squashfs-tools-7f9203e31bae003d12c0fc81a4b32097d17b5618.tar.gz +/squashfs-tools-bd186a77fe670d635e65b021b3d05fc6e67f8d07.tar.gz +/squashfs-tools-9e46a75985f0b236797976e387e8bce717e7a2d5.tar.gz +/squashfs-tools-0425d3d2d87a7775864bc6d04a4c8c45b93fa9b2.tar.gz +/squashfs-tools-e7e96fe6ecd5c01aada20908188d9d0096ad0bd8.tar.gz +/squashfs-tools-a8f61e2a38992d4cd967303a61277123fcd66681.tar.gz +/squashfs-tools-de944c3e6fc8861d8a8844186983d1295415fdaf.tar.gz +/squashfs-tools-f491ad858bcacf32dab2b37b3b0b325aa0ea6668.tar.gz +/squashfs-tools-75951fb96de64e8062306359c87d987b527a42d0.tar.gz +/squashfs-tools-f3783bbec5b0f105c6571699d3fd38803a345b12.tar.gz +/squashfs-tools-bc0c097be93154997fe0576181e5c12d746a1420.tar.gz +/squashfs-tools-2dfbcdac38bc42af4b200a1a1e86d3154e079e04.tar.gz +/squashfs-tools-c883f3212cf5004c49121e0803f12d26d0db6a97.tar.gz +/squashfs-tools-263a14e4d1ec93fbd192289bc3aae0cac2485221.tar.gz +/squashfs-tools-2baf12e55af5a519e1285437343d3a606962a4b6.tar.gz +/squashfs-tools-580b4e122471c11dffb7dcf1e392a72c8dcb6512.tar.gz +/squashfs-tools-8b6ee895c763f0b8e2f394d83e93fc5a3e51942f.tar.gz +/squashfs-tools-2ac40ca6d23cad73fb5b5da0c915382eaa31378d.tar.gz +/squashfs-tools-de61d00ffd2689d122696d4fc39f584c72fb24cf.tar.gz +/squashfs-tools-76624e1e6be8e16ca08273eaadb82d7b38f3d5a5.tar.gz +/squashfs-tools-4.5.1.tar.gz +/squashfs-tools-7cf6cee6acfa61a423d63168ad198a3bfafacda8.tar.gz +/squashfs-tools-746a81c8ea15e0573cc6abca9dc52e265d43a049.tar.gz +/squashfs-tools-1eaad6d730604131f0da0c675e547cfe544ddcfa.tar.gz +/squashfs-tools-aaf011a868c786b06e74cbdaf860d45793939f35.tar.gz +/squashfs-tools-36abab0ad661247498834c2e7f5e1ec476f2081d.tar.gz +/squashfs-tools-squashfs-tools-4.6.tar.gz +/squashfs-tools-4.6.1.tar.gz diff --git a/0001-xattrs-fix-out-of-bounds-access-again.patch b/0001-xattrs-fix-out-of-bounds-access-again.patch new file mode 100644 index 0000000..471a632 --- /dev/null +++ b/0001-xattrs-fix-out-of-bounds-access-again.patch @@ -0,0 +1,33 @@ +From 5b2b9acd762e859822c99c5262d0bcbccff619de Mon Sep 17 00:00:00 2001 +From: Adam Williamson +Date: Wed, 15 Mar 2023 12:35:38 -0700 +Subject: [PATCH] xattrs: fix out of bounds access (again) + +This restores the fix from c5db34e , which was somehow lost in +83b2f3a . `j` is not available after the loop is done, we need +to use i. We use `i - 1` because, of course, list indexes start +at 0. + +Fixes https://github.com/plougher/squashfs-tools/issues/230 + +Signed-off-by: Adam Williamson +--- + squashfs-tools/xattr.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/squashfs-tools/xattr.c b/squashfs-tools/xattr.c +index d48d950..32343f5 100644 +--- a/squashfs-tools/xattr.c ++++ b/squashfs-tools/xattr.c +@@ -838,7 +838,7 @@ int read_xattrs(void *d, int type) + for(j = 1; j < i; j++) + xattr_list[j - 1].vnext = &xattr_list[j]; + +- xattr_list[j].vnext = NULL; ++ xattr_list[i - 1].vnext = NULL; + head = xattr_list; + + sort_xattr_list(&head, i); +-- +2.39.2 + diff --git a/sources b/sources index 8b17b0e..6f632b5 100644 --- a/sources +++ b/sources @@ -1,3 +1 @@ -SHA512 (squashfs-tools-e0485802ec72996c20026da320650d8362f555bd.tar.gz) = e72ccb09d6fd725f1ff4d87d9b81f783dbc3b614e45517f28a9978922467af765e8e04c5d0081a7ca76345bc606f365e39dd28b6a2e2a2dbe73a2c6998f5fd2b -SHA512 (mksquashfs.1) = 4dc03bccf5842791abf6ca437ada03c331942a9a37fcacdbf136443db11a7f26121f6e8ba742aaffc9fda9a5e220b171c5223ee3ab0474dde6b300a63ee32f92 -SHA512 (unsquashfs.1) = fbf7c96454584fb844572a43af8781688186e3854c0d0acb9dfd83c5d0e3b6f49b58fbd68407b66ff573f82d8d16ecd10a4c319e49e809428fe65068f0c48bf2 +SHA512 (squashfs-tools-4.6.1.tar.gz) = 10e8a4b1e2327e062aef4f85860e76ebcd7a29e4c19e152ff7edec4a38316982b5bcfde4ab69da6bcb931258d264c2b6cb40cb5f635f9e6f6eba1ed5976267cb diff --git a/squashfs-tools.spec b/squashfs-tools.spec index c24d302..4e93a7b 100644 --- a/squashfs-tools.spec +++ b/squashfs-tools.spec @@ -1,19 +1,18 @@ Name: squashfs-tools -Version: 4.5 +Version: 4.6.1 Summary: Utility for the creation of squashfs filesystems %global forgeurl https://github.com/plougher/%{name} -%global date 20210913 -%global commit e0485802ec72996c20026da320650d8362f555bd -%forgemeta -i +%global tag %{version} +%forgemeta URL: %{forgeurl} Source: %{forgesource} -Release: 3%{?dist} -License: GPLv2+ -# manpages from http://ftp.debian.org/debian/pool/main/s/squashfs-tools/squashfs-tools_4.2+20121212-1.debian.tar.xz -# The man pages have been modified for 4.3 for Fedora. -# Man pages still need a lot of changes for 4.5 -Source1: mksquashfs.1 -Source2: unsquashfs.1 +# https://github.com/plougher/squashfs-tools/pull/231 +# https://github.com/plougher/squashfs-tools/issues/230 +# https://bugzilla.redhat.com/show_bug.cgi?id=2178510 +# Fix a crash caused by an out-of-bounds access that was inadvertently +# re-introduced in a memory leak fix +Release: 7%{dist} +License: GPL-2.0-or-later BuildRequires: make BuildRequires: gcc @@ -23,6 +22,7 @@ BuildRequires: lzo-devel BuildRequires: libattr-devel BuildRequires: lz4-devel BuildRequires: libzstd-devel +BuildRequires: help2man %description Squashfs is a highly compressed read-only filesystem for Linux. This package @@ -34,22 +34,19 @@ contains the utilities for manipulating squashfs filesystems. %build %set_build_flags pushd squashfs-tools -CFLAGS="%{optflags}" XZ_SUPPORT=1 LZO_SUPPORT=1 LZMA_XZ_SUPPORT=1 LZ4_SUPPORT=1 ZSTD_SUPPORT=1 make %{?_smp_mflags} +CFLAGS="%optflags" XZ_SUPPORT=1 LZO_SUPPORT=1 LZMA_XZ_SUPPORT=1 LZ4_SUPPORT=1 ZSTD_SUPPORT=1 make %{?_smp_mflags} %install -mkdir -p %{buildroot}%{_sbindir} %{buildroot}%{_mandir}/man1 -install -m 755 squashfs-tools/mksquashfs %{buildroot}%{_sbindir}/mksquashfs -install -m 755 squashfs-tools/unsquashfs %{buildroot}%{_sbindir}/unsquashfs -install -m 644 %{SOURCE1} %{buildroot}%{_mandir}/man1/mksquashfs.1 -install -m 644 %{SOURCE2} %{buildroot}%{_mandir}/man1/unsquashfs.1 -ln -s mksquashfs %{buildroot}%{_sbindir}/sqfstar -ln -s unsquashfs %{buildroot}%{_sbindir}/sqfscat +pushd squashfs-tools +make INSTALL_PREFIX=%{buildroot}/usr INSTALL_DIR=%{buildroot}%{_sbindir} INSTALL_MANPAGES_DIR=%{buildroot}%{_mandir}/man1 install %files -%doc README ACKNOWLEDGEMENTS README-4.5 CHANGES COPYING USAGE +%doc ACKNOWLEDGEMENTS README* CHANGES COPYING USAGE* ACTIONS-README -%doc README -%{_mandir}/man1/* +%{_mandir}/man1/mksquashfs.1.gz +%{_mandir}/man1/unsquashfs.1.gz +%{_mandir}/man1/sqfstar.1.gz +%{_mandir}/man1/sqfscat.1.gz %{_sbindir}/mksquashfs %{_sbindir}/unsquashfs @@ -57,6 +54,171 @@ ln -s unsquashfs %{buildroot}%{_sbindir}/sqfscat %{_sbindir}/sqfscat %changelog +* Fri Jul 25 2025 Fedora Release Engineering - 4.6.1-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild + +* Sun Jan 19 2025 Fedora Release Engineering - 4.6.1-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + +* Sat Jul 20 2024 Fedora Release Engineering - 4.6.1-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Sat Jan 27 2024 Fedora Release Engineering - 4.6.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Oct 16 2023 Pavel Reichl - 4.6.1-3 +- Convert License tag to SPDX format + +* Sat Jul 22 2023 Fedora Release Engineering - 4.6.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Wed Mar 29 2023 Bruno Wolff III - 4.6.1-1 +- Phillip is now doing two tags per release and we can +- use the one that works better with forgemeta +- There are a few fixes after the 4.6 release. I think only +- one applies to Fedora because of the build options we use. +- It was not something that affects image builds. + +* Fri Mar 17 2023 Bruno Wolff III - 4.6-2 +- Remove the dist prefix from the release + +* Fri Mar 17 2023 Bruno Wolff III - 4.6-1 +- 4.6 release +- PR #231 was merged +- See https://github.com/plougher/squashfs-tools/blob/master/CHANGES + +* Wed Mar 15 2023 Adam Williamson - 4.6-0.7.20230314git36abab0 +- Backport PR #231 to fix a crash (#2178510) + +* Tue Mar 14 2023 Bruno Wolff III - 4.6-0.6^20230314git36abab0 +- A few minor memory leaks were fixed + +* Sun Mar 12 2023 Bruno Wolff III - 4.6-0.5^20230312gitaaf011a +- Doc updates +- Probably the last version before the official release (tentatively tomorrow) + +* Mon Mar 06 2023 Bruno Wolff III - 4.6-0.4^20230306git1eaad6d +- Doc updates and unanchored search improvemebts + +* Tue Feb 28 2023 Bruno Wolff III - 4.6-0.3^20230228git746a81c +- Doc updates and minor bug fix + +* Thu Feb 23 2023 Bruno Wolff III - 4.6-0.2^20230323git7cf6cee +- Remove the -i and -v forgemeta flags to get rid of the extra noise + +* Thu Feb 23 2023 Bruno Wolff III - 4.6-0.1^20230323git7cf6cee +- Prerelease snapshot of 4.6 + +* Sat Jan 21 2023 Fedora Release Engineering - Packaging variables read or set by %forgemeta +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Sat Jul 23 2022 Fedora Release Engineering - Packaging variables read or set by %forgemeta +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Sat Mar 19 2022 Bruno Wolff III - 4.5-1 +- 4.5.1 release +- Up to date man pages +- Lots of little fixes + +* Fri Mar 11 2022 Bruno Wolff III - 4.5-27.20220311git76624e1 +- Continue testing upstream patches prior to 4.5.1 release. +- Minor fixes + +* Thu Mar 10 2022 Bruno Wolff III - 4.5-26.20220310gitde61d0a +- Continue testing upstream patches prior to 4.5.1 release. +- Minor fixes +- Doc updates + +* Tue Mar 08 2022 Bruno Wolff III - 4.5-25.20220308git2ac40ca +- Upstream fix for unsquashfs breakage from recent commit + +* Tue Mar 08 2022 Bruno Wolff III - 4.5-24.20220308git8b6ee89 +- Continue testing upstream patches prior to 4.5.1 release. +- Minor fixes +- Man page tweaks +- Tentative 4.5.1 change log + +* Mon Mar 07 2022 Bruno Wolff III - 4.5-23.20220307git580b4e1 +- Continue testing upstream patches prior to 4.5.1 release. +- Minor fixes + +* Fri Mar 04 2022 Bruno Wolff III - 4.5-22.20220304git2baf12e +- Continue testing upstream patches prior to 4.5.1 release. +- Minor fixes + +* Mon Feb 28 2022 Bruno Wolff III - 4.5-21.20220228git263a14e +- Continue testing upstream patches prior to 4.5.1 release. +- Man page improvement + +* Fri Feb 25 2022 Bruno Wolff III - 4.5-20.20220225gitc883f32 +- Continue testing upstream patches prior to 4.5.1 release. +- Man page improvement + +* Wed Feb 23 2022 Bruno Wolff III - 4.5-19.20220223git2dfbcda +- Continue testing upstream patches prior to 4.5.1 release. +- Man page improvement + +* Mon Feb 21 2022 Bruno Wolff III - 4.5-18.20220221gitbc0c097 +- Continue testing upstream patches prior to 4.5.1 release. +- Some minor fixes. + +* Fri Feb 18 2022 Bruno Wolff III - 4.5-17.20220218gitf3783bb +- Continue testing upstream patches prior to 4.5.1 release. +- Some minor fixes. + +* Thu Feb 17 2022 Bruno Wolff III - 4.5-16.20220217git75951fb +- Continue testing upstream patches prior to 4.5.1 release. +- Some minor fixes. + +* Tue Feb 15 2022 Bruno Wolff III - 4.5-15.20220215gitf491ad8 +- Continue testing upstream patches prior to 4.5.1 release. +- Some minor fixes. + +* Mon Feb 14 2022 Bruno Wolff III - 4.5-14.20220214gitde944c3 +- Continue testing upstream patches prior to 4.5.1 release. +- Some minor fixes. + +* Thu Feb 10 2022 Bruno Wolff III - 4.5-13.20220210gita8f61e2 +- Continue testing upstream patches prior to 4.5.1 release. +- Some code cleanups for stuff noted by gcc. + +* Thu Feb 10 2022 Bruno Wolff III - 4.5-12.20220210gite7e96fe +- Continue testing upstream patches prior to 4.5.1 release. +- Add man page for sqfscat. + +* Wed Feb 09 2022 Bruno Wolff III - 4.5-11.20220209git0425d3d +- Continue testing upstream patches prior to 4.5.1 release. +- Add man page for sqfstar. + +* Tue Feb 08 2022 Bruno Wolff III - 4.5-10.20220208git9e46a75 +- Continue testing upstream patches prior to 4.5.1 release. +- Upstream man page for unsquashfs replaces out of date one froom Debian. + +* Mon Feb 07 2022 Bruno Wolff III - 4.5-9.20220207gitbd186a7 +- Continue testing upstream patches +- The deprecated lzma support options are improved in the man page + +* Mon Feb 07 2022 Bruno Wolff III - 4.5-8.20220207git7f9203e +- Continue testing upstream patches +- Man pages are now built during the build process + +* Fri Feb 04 2022 Bruno Wolff III - 4.5-7.20220204git8a9d02e +- Continue testing upstream patches +- A makefile for mksquashfs is now included + +* Wed Feb 02 2022 Bruno Wolff III - 4.5-6.20220202git11c9591 +- Continue testing upstream patches +- This includes help text changes + +* Fri Jan 28 2022 Bruno Wolff III - 4.5-5.20220128gitd5a583e +- Test a few changes before upstream tags a new point release + +* Sat Jan 22 2022 Fedora Release Engineering - Packaging variables read or set by %forgemeta +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Mon Dec 27 2021 Bruno Wolff III - 4.5-4.20211227git5ae7238 +- Get fixes for a few minor bugs + * Mon Sep 13 2021 Bruno Wolff III - 4.5-3.20210913gite048580 - Fix bug 2003701 (additional write outside destination directory exploit)