[Pkg-gnupg-maint] [SRM] Update of gnupg/gnupg2 to fix a memory leak

Eric Dorland eric at kuroneko.ca
Wed Jun 17 07:29:13 UTC 2009 

* Daniel Leidert (daniel.leidert at wgdd.de) wrote:
> Am Dienstag, den 16.06.2009, 04:15 -0400 schrieb Eric Dorland:
> > * Daniel Leidert (daniel.leidert.spam at gmx.net) wrote:
> > > Am Samstag, den 23.05.2009, 17:30 -0400 schrieb Eric Dorland:
> > > 
> > > [gnupg update for stable]
> > > > I didn't see any response to this, did anything come of it?
> > > 
> > > Hi Eric,
> > > 
> > > We already uploaded a gnupg update for stable and oldstable. The patches
> > > are here:
> > > 
> > > http://svn.debian.org/wsvn/pkg-gnupg/gnupg/branches/lenny/debian/patches/101_172115_fix_keyring_memory_leak.dpatch
> > > http://svn.debian.org/wsvn/pkg-gnupg/gnupg/branches/lenny/debian/patches/101_321871_unset_noecho_on_sigint.dpatch
> > > 
> > > IMO you can use both for gnupg2 too. As the point releaes date was
> > > announced today, you probably have to hurry up a bit, if you want to get
> > > these issues fixed for gnupg2 in stable/oldstable too.
> > 
> > The second patch is not applying well to the version we have in
> > lenny. In fact the code has changed enough that I not sure where to
> > call the cleanup from. Could someone take a look and give me an
> > opinion?
> 
> Seems, it was fixed in revision 5022 in upstream SVN with this simple
> patch:
> 
> > Index: packages/cvs/gnupg_2/g10/signal.c
> > ===================================================================
> > --- packages/cvs/gnupg_2/g10/signal.c	(Revision 5021)
> > +++ packages/cvs/gnupg_2/g10/signal.c	(Revision 5022)
> > @@ -81,6 +81,7 @@
> >      gcry_control (GCRYCTL_TERM_SECMEM );
> >  
> >      tty_cleanup_rl_after_signal ();
> > +    tty_cleanup_after_signal ();
> >  
> >      /* Better don't translate these messages. */
> >      write(2, "\n", 1 );

Except that 2.0.9 in stable doesn't have a g10/signal.c file. And it's
unclear where it should land. It doesn't even call
tty_cleanup_rl_after_signal (the context from the patch) anywhere. So
I'm still at a bit of a loss.

-- 
Eric Dorland <eric at kuroneko.ca>
ICQ: #61138586, Jabber: hooty at jabber.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20090617/4fecbc19/attachment.pgp>

More information about the Pkg-gnupg-maint mailing list