IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
- Fixes the first case crash of RhBug:741606 / CVE-2011-3378 where
immutable region offset is way out of bounds.
(cherry picked from commit a48f0e20cbe2ababc88b2fc52fb7a281d6fc1656)
- Region offsets are supposed to be negative when when an entry
is involved, otherwise zero. Fixes some cases of crash'n'burn on
malformed headers having bogus offsets (CVE-2011-3378)
(cherry picked from commit 11a7e5d95a8ca8c7d4eaff179094afd8bb74fc3f)
It can be observed that, while packages require their dependencies,
the dependencies in turn are not always required by their packages:
$ rpm -qa --requires |awk '{print$1}' |sort -u |xargs rpm -q --whatrequires >/dev/null
warning: no package requires /bin/chgrp
warning: no package requires /bin/chmod
warning: no package requires /bin/mv
warning: no package requires /etc/rc.d/init.d/postfix
warning: no package requires /sbin/pidof
warning: no package requires /sbin/post_ldconfig
warning: no package requires /usr/bin/alt-docs-genextras
warning: no package requires /usr/bin/gpasswd
warning: no package requires /usr/bin/gtk-query-immodules-2.0
warning: no package requires /usr/bin/mkfontdir
warning: no package requires /usr/sbin/alternatives-update
warning: no package requires /usr/sbin/control-dump
warning: no package requires /usr/sbin/control-restore
warning: no package requires /usr/sbin/gconf_install_schema
warning: no package requires /usr/sbin/groupadd
warning: no package requires /usr/sbin/indexhtml-update
warning: no package requires /usr/sbin/post_service
warning: no package requires /usr/sbin/useradd
warning: no package requires /usr/sbin/usermod
warning: no package requires /usr/share/php/scripts/php_postin.sh
warning: no package requires dvdrwtools-control
warning: no package requires libguile-vhttpd
warning: no package requires php5-suhosin
warning: no package requires rpmlib(CompressedFileNames)
warning: no package requires rpmlib(PartialHardlinkSets)
warning: no package requires rpmlib(PayloadFilesHavePrefix)
warning: no package requires rpmlib(PayloadIsLzma)
warning: no package requires rpmlib(SetVersions)
warning: no package requires rpmlib(VersionedDependencies)
warning: no package requires x11presetdrv
$
This is because rpm removes "install prerequisites" from rpmdb index.
As a consequence, rpm will allow (but apt will not) to remove packages
with "not required" dependencies:
$ rpm -e --test x11presetdrv
$
This is possibly wrong, and it makes dependency optimization hard (e.g.
can't merge duplicate names with different flags). Also, the code was
buggy: testing isInstallPreReq was not enough as it is not mutually
exclusive with isErasePreReq - e.g. Requries(pre,preun) dependencies
can be used in specfile.
Header instance is its number in /var/lib/rpm/Packages database.
When a header comes from the database, it is sometimes useful to know
its instance (I need this to adjust verify.c:verifyDependencies() for
self-conflicting packages). On the contrary, setting instance numbers
should happen only within librpmdb, which is why headerSetInstance()
comes with hidden visibility.
based rpm.org changes by Panu Matilainen:
fb2a6cb Make rpmdb index list hard-wired
e23a2bf Remove unused require- and provideversion indexes
2a52cc8 Remove unused _DBI defines
Some code (e.g. apt/genpkglist) explicitly relies on the fact that
header file list is represented with baseNames+dirNames+dirIndexes
arrays. Thus, generating legacy headers might have issues, and should
be disabled.