backport patch fix another krb5 memory leak

2023-02-22 15:12:38 +08:00 · 2023-02-22 15:12:38 +08:00 · 7bde7d3a27
commit 7bde7d3a27
parent e6a8e8a1bf
2 changed files with 30 additions and 1 deletions
--- a/audit.spec
+++ b/audit.spec
@ -4,7 +4,7 @@ Summary:            User space tools for kernel auditing
 Name:               audit
 Epoch:              1
 Version:            3.0
-Release:            7
+Release:            8
 License:            GPLv2+ and LGPLv2+
 URL:                https://people.redhat.com/sgrubb/audit/
 Source0:            https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
@ -43,6 +43,7 @@ Patch29:            backport-time_t-is-not-an-int-anymore.patch
 Patch30:            backport-krb5_cc_store_cred-takes-custody-of-my_creds-so-we-do-not-need-to-keep-it-around.patch
 Patch31:            backport-asprintf-can-return-a-negative-number.patch
 Patch32:            backport-Cleanup-gssapi-code.patch
+Patch33:            backport-Fix-another-krb5-memory-leak.patch

 BuildRequires:      gcc swig libtool systemd kernel-headers >= 2.6.29
 BuildRequires:      openldap-devel krb5-devel libcap-ng-devel
@ -397,6 +398,10 @@ fi
 %attr(644,root,root) %{_mandir}/man8/*.8.gz

 %changelog
+* Wed Feb 15 2023 zhangguangzhi <zhangguangzhi3@huawei.com> - 1:3.0-8
+- backport patch
+  fix another krb5 memory leak
+
 * Tue Feb 14 2023 zhangguangzhi <zhangguangzhi3@huawei.com> - 1:3.0-7
 - backport some patches
  asprintf can return a negative number patch
--- a/backport-Fix-another-krb5-memory-leak.patch
+++ b/backport-Fix-another-krb5-memory-leak.patch
@ -0,0 +1,24 @@
+From e95722695a1d3dc6ac266af8871069da74471999 Mon Sep 17 00:00:00 2001
+From: Steve Grubb <sgrubb@redhat.com>
+Date: Thu, 6 Oct 2022 13:34:15 -0400
+Subject: Fix another krb5 memory leak
+
+---
+ src/auditd-listen.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/auditd-listen.c b/src/auditd-listen.c
+index 61a3480..171974c 100644
+--- a/src/auditd-listen.c
+++ b/src/auditd-listen.c
+@@ -358,6 +358,7 @@ static int server_acquire_creds(const char *service_name,
+ 	if (major_status != GSS_S_COMPLETE) {
+ 		gss_failure("acquiring credentials",
+ 				major_status, minor_status);
+		(void) gss_release_name(&minor_status, &server_name);
+ 		return -1;
+ 	}
+ 
+-- 
+2.27.0
+