diff --git a/backport-agent-Fix-a-memory-leak.patch b/backport-agent-Fix-a-memory-leak.patch new file mode 100644 index 0000000000000000000000000000000000000000..3a29ed3647ad2270a1a8ba9d33961b779e0ad6dd --- /dev/null +++ b/backport-agent-Fix-a-memory-leak.patch @@ -0,0 +1,33 @@ +From ff30683418695f5d2cc9e6cf8c9418e09378ebe4 Mon Sep 17 00:00:00 2001 +From: Sorah Fukumori +Date: Tue, 14 Jan 2025 11:01:05 +0900 +Subject: [PATCH] agent: Fix a memory leak. + +* agent/findkey.c (read_key_file): Free BUF. + +-- + +Cherry pick the master commit of: + 137481fa1002c417cd2c0661b9eefd893b0149d3 + +Fixes-commit: 434a641d40cbff82beb9f485e0adca72419bfdf2 +Signed-off-by: Sorah Fukumori +--- + agent/findkey.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/agent/findkey.c b/agent/findkey.c +index 1f2938ea3..7a3e90e35 100644 +--- a/agent/findkey.c ++++ b/agent/findkey.c +@@ -1182,6 +1182,7 @@ read_key_file (ctrl_t ctrl, const unsigned char *grip, + } + + leave: ++ xfree (buf); + if (!err && r_keymeta) + *r_keymeta = pk; + else +-- +2.43.0 + diff --git a/gnupg2.spec b/gnupg2.spec index a2da316aaabc8b09ed957af7d335a4621a7e8b08..b2e4c86d0fbf21e5e3ce8cdc4747522207842dfb 100644 --- a/gnupg2.spec +++ b/gnupg2.spec @@ -1,6 +1,6 @@ Name: gnupg2 Version: 2.4.8 -Release: 3 +Release: 4 Summary: Utility for secure communication and data storage License: CC0-1.0 AND GPL-2.0-or-later AND GPL-3.0-or-later AND LGPL-2.1-or-later AND LGPL-3.0-or-later AND (BSD-3-Clause OR LGPL-3.0-or-later OR GPL-2.0-or-later) AND CC-BY-4.0 AND MIT @@ -22,6 +22,7 @@ Patch10: gnupg-2.4.5-do-install-expired-ca.patch Patch13: supports-sm2-algorithm-signature-and-uses-sm3-hash-algorithm.patch Patch14: backport-common-Fix-read-buffer-over-read-in-uncompress_ecc_q.patch Patch15: backport-gpg-Avoid-potential-downgrade-to-SHA1-in-3rd-party-k.patch +Patch16: backport-agent-Fix-a-memory-leak.patch BuildRequires: gcc BuildRequires: autoconf automake @@ -127,6 +128,9 @@ rm -f %{buildroot}%{_infodir}/dir %changelog +* Thu Nov 20 2025 yixiangzhike - 2.4.8-4 +- fix a memory leak in agent + * Thu Oct 23 2025 yixiangzhike - 2.4.8-3 - avoid potential downgrade to SHA1 in 3rd party key signatures