From 7bde7d3a2728c817a7dac5233931c33441541da3 Mon Sep 17 00:00:00 2001 From: zgzxx Date: Wed, 22 Feb 2023 15:12:38 +0800 Subject: [PATCH] backport patch fix another krb5 memory leak --- audit.spec | 7 +++++- backport-Fix-another-krb5-memory-leak.patch | 24 +++++++++++++++++++++ 2 files changed, 30 insertions(+), 1 deletion(-) create mode 100644 backport-Fix-another-krb5-memory-leak.patch diff --git a/audit.spec b/audit.spec index 9018baa..d051d1c 100644 --- a/audit.spec +++ b/audit.spec @@ -4,7 +4,7 @@ Summary: User space tools for kernel auditing Name: audit Epoch: 1 Version: 3.0 -Release: 7 +Release: 8 License: GPLv2+ and LGPLv2+ URL: https://people.redhat.com/sgrubb/audit/ Source0: https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz @@ -43,6 +43,7 @@ Patch29: backport-time_t-is-not-an-int-anymore.patch Patch30: backport-krb5_cc_store_cred-takes-custody-of-my_creds-so-we-do-not-need-to-keep-it-around.patch Patch31: backport-asprintf-can-return-a-negative-number.patch Patch32: backport-Cleanup-gssapi-code.patch +Patch33: backport-Fix-another-krb5-memory-leak.patch BuildRequires: gcc swig libtool systemd kernel-headers >= 2.6.29 BuildRequires: openldap-devel krb5-devel libcap-ng-devel @@ -397,6 +398,10 @@ fi %attr(644,root,root) %{_mandir}/man8/*.8.gz %changelog +* Wed Feb 15 2023 zhangguangzhi - 1:3.0-8 +- backport patch + fix another krb5 memory leak + * Tue Feb 14 2023 zhangguangzhi - 1:3.0-7 - backport some patches asprintf can return a negative number patch diff --git a/backport-Fix-another-krb5-memory-leak.patch b/backport-Fix-another-krb5-memory-leak.patch new file mode 100644 index 0000000..30fbc13 --- /dev/null +++ b/backport-Fix-another-krb5-memory-leak.patch @@ -0,0 +1,24 @@ +From e95722695a1d3dc6ac266af8871069da74471999 Mon Sep 17 00:00:00 2001 +From: Steve Grubb +Date: Thu, 6 Oct 2022 13:34:15 -0400 +Subject: Fix another krb5 memory leak + +--- + src/auditd-listen.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/auditd-listen.c b/src/auditd-listen.c +index 61a3480..171974c 100644 +--- a/src/auditd-listen.c ++++ b/src/auditd-listen.c +@@ -358,6 +358,7 @@ static int server_acquire_creds(const char *service_name, + if (major_status != GSS_S_COMPLETE) { + gss_failure("acquiring credentials", + major_status, minor_status); ++ (void) gss_release_name(&minor_status, &server_name); + return -1; + } + +-- +2.27.0 +