Hello community, here is the log from the commit of package geoclue2 for openSUSE:Factory checked in at 2019-12-23 22:35:38 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/geoclue2 (Old) and /work/SRC/openSUSE:Factory/.geoclue2.new.6675 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "geoclue2" Mon Dec 23 22:35:38 2019 rev:36 rq:755686 version:2.5.4 Changes: -------- --- /work/SRC/openSUSE:Factory/geoclue2/geoclue2.changes 2019-06-12 13:03:09.061262958 +0200 +++ /work/SRC/openSUSE:Factory/.geoclue2.new.6675/geoclue2.changes 2019-12-23 22:37:28.453821101 +0100 @@ -1,0 +2,8 @@ +Tue Dec 10 20:11:13 UTC 2019 - Bjørn Lie <bjorn....@gmail.com> + +- Update to version 2.5.4: + + Plug a leak that becomes pretty huge after a while of running + Geoclue. + + Fix a buffer-overflow. + +------------------------------------------------------------------- Old: ---- geoclue-2.5.3.tar.bz2 New: ---- geoclue-2.5.4.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ geoclue2.spec ++++++ --- /var/tmp/diff_new_pack.NP9rvC/_old 2019-12-23 22:37:29.505821558 +0100 +++ /var/tmp/diff_new_pack.NP9rvC/_new 2019-12-23 22:37:29.517821563 +0100 @@ -1,7 +1,7 @@ # # spec file for package geoclue2 # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %define _name geoclue Name: geoclue2 -Version: 2.5.3 +Version: 2.5.4 Release: 0 Summary: GeoLocation Framework License: GPL-2.0-or-later ++++++ geoclue-2.5.3.tar.bz2 -> geoclue-2.5.4.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/geoclue-2.5.3/NEWS new/geoclue-2.5.4/NEWS --- old/geoclue-2.5.3/NEWS 2019-05-16 16:21:43.000000000 +0200 +++ new/geoclue-2.5.4/NEWS 2019-09-27 18:26:59.000000000 +0200 @@ -1,3 +1,9 @@ +2.5.4 +===== + +- Plug a leak that becomes pretty huge after a while of running Geoclue. +- Fix a buffer-overflow. + 2.5.3 ===== diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/geoclue-2.5.3/docs/meson.build new/geoclue-2.5.4/docs/meson.build --- old/geoclue-2.5.3/docs/meson.build 2019-05-16 16:21:43.000000000 +0200 +++ new/geoclue-2.5.4/docs/meson.build 2019-09-27 18:26:59.000000000 +0200 @@ -1,7 +1,3 @@ -if get_option('libgeoclue') - subdir('lib') -endif - if get_option('enable-backend') conf = configuration_data() conf.set_quoted('VERSION', gclue_version) @@ -26,3 +22,7 @@ dependencies: libgeoclue_dep, install: true) endif + +if get_option('libgeoclue') + subdir('lib') +endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/geoclue-2.5.3/src/gclue-mozilla.c new/geoclue-2.5.4/src/gclue-mozilla.c --- old/geoclue-2.5.3/src/gclue-mozilla.c 2019-05-16 16:21:43.000000000 +0200 +++ new/geoclue-2.5.4/src/gclue-mozilla.c 2019-09-27 18:26:59.000000000 +0200 @@ -77,7 +77,7 @@ get_bssid_from_bss (WPABSS *bss) { GVariant *variant; - char *raw_bssid; + g_autofree char *raw_bssid = NULL; char *bssid; guint raw_len, len, i, j; @@ -86,13 +86,16 @@ return NULL; raw_bssid = variant_to_string (variant, &raw_len); - len = raw_len * 2 + raw_len; + if (raw_bssid == NULL) + return NULL; + + len = raw_len * 2; bssid = g_malloc (len); - for (i = 0, j = 0; i < len; i = i + 3, j++) - g_snprintf (bssid + i, - 4, - "%02x:", - (unsigned char) raw_bssid[j]); + for (i = 0, j = 0; i < len - 3; i = i + 2, j++) { + unsigned char c = (unsigned char) raw_bssid[j]; + + g_snprintf (bssid + i, 3, "%02x:", c); + } bssid[len - 1] = '\0'; return bssid; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/geoclue-2.5.3/src/gclue-service-manager.c new/geoclue-2.5.4/src/gclue-service-manager.c --- old/geoclue-2.5.3/src/gclue-service-manager.c 2019-05-16 16:21:43.000000000 +0200 +++ new/geoclue-2.5.4/src/gclue-service-manager.c 2019-09-27 18:26:59.000000000 +0200 @@ -258,6 +258,7 @@ GError *error = NULL; guint32 user_id; gint64 now; + gboolean system_app; info = gclue_client_info_new_finish (res, &error); if (info == NULL) { @@ -277,7 +278,10 @@ agent_proxy = g_hash_table_lookup (priv->agents, GINT_TO_POINTER (user_id)); now = g_get_monotonic_time (); + + system_app = (gclue_client_info_get_xdg_id (info) == NULL); if (agent_proxy == NULL && + !system_app && now < (priv->init_time + AGENT_WAIT_TIMEOUT_USEC)) { /* Its possible that geoclue was just launched on GetClient * call, in which case agents need some time to register