Update devel/gpatch to 2.7.3, uh, make that 2.7.4:
* Patch no longer follows symbolic links to input and output files. This
ensures that symbolic links created by git-style patches cannot cause
patch to write outside the working directory (CVE-2015-1196).
While there, I've looked at the dependencies.
* USE_GROFF: There are quite a few indentation differences, but
they don't affect the organization of the page. I can't even
decide if groff's or mandoc's output is better. => Drop
* USE_GMAKE: No idea why this is here. => Drop
* TEST_DEPENDS+=textproc/gdiff: This is a very soft dependency. The
regression tests check if GNU diff is available and skip 4 out of
38 tests if not. Drop?
* TEST_DEPENDS+=shells/bash: There is a stupid bashism in
read-only-files (it even fails with bash --posix), for which I
sent a fix upstream. => Drop...
Oops, 2.7.4 is out and adds a blatant bashism in the new
deep-directories test. Another fix for upstream. I'd still like
to drop the dependency.
Regression tests:
* Gotta face the facts: The fifo test hangs. I'm not sure if this
is a bug or a simple reflection of OpenBSD's named pipe semantics.
I doubt that it is a bug in patch itself.
* If you manually remove the fifo test, then the rest of the
regression suite passes... Oops, 2.7.4 adds a new test,
no-mode-change-git-diff, that fails because it relies on a
completely unportable invocation of stat(1). Reported upstream.
At this point, I'm not sure it's still worth fixing the two bashisms,
or if we should just write off the regression tests...
Opinions, comments, okays?
diff -uNrxCVS /usr/ports/devel/gpatch/Makefile gpatch/Makefile
--- /usr/ports/devel/gpatch/Makefile Thu Sep 18 12:43:29 2014
+++ gpatch/Makefile Mon Feb 2 00:02:02 2015
@@ -2,7 +2,7 @@
COMMENT= GNU patch
-VERSION= 2.7.1
+VERSION= 2.7.4
DISTNAME= patch-${VERSION}
PKGNAME= gpatch-${VERSION}
CATEGORIES= devel
@@ -15,19 +15,11 @@
WANTLIB= c
MASTER_SITES= ${MASTER_SITE_GNU:=patch/}
+EXTRACT_SUFX= .tar.xz
-USE_GMAKE= Yes
-USE_GROFF= Yes
-
CONFIGURE_STYLE= gnu
-CONFIGURE_ARGS+= --program-prefix=g
-
-TEST_DEPENDS= shells/bash \
- textproc/gdiff
-TEST_FLAGS= SHELL=${LOCALBASE}/bin/bash
-
-pre-test:
- @ln -fs ${LOCALBASE}/bin/gdiff ${WRKDIR}/bin/diff
+CONFIGURE_ARGS= --program-prefix=g
+MODGNU_CONFIG_GUESS_DIRS=${WRKSRC}/build-aux
post-install:
@rm ${PREFIX}/lib/charset.alias
diff -uNrxCVS /usr/ports/devel/gpatch/distinfo gpatch/distinfo
--- /usr/ports/devel/gpatch/distinfo Thu Sep 18 12:43:29 2014
+++ gpatch/distinfo Sun Feb 1 23:21:44 2015
@@ -1,2 +1,2 @@
-SHA256 (patch-2.7.1.tar.gz) = wF8oZow0dLxjrc1Iq66SHRXnHCVPvr267aQEVtZAOdU=
-SIZE (patch-2.7.1.tar.gz) = 1014347
+SHA256 (patch-2.7.4.tar.xz) = Dqy7B84Qb+Tcv75sBS5VtQvz344bsWIoydp3tmWf8Qk=
+SIZE (patch-2.7.4.tar.xz) = 714392
diff -uNrxCVS /usr/ports/devel/gpatch/patches/patch-tests_deep-directories
gpatch/patches/patch-tests_deep-directories
--- /usr/ports/devel/gpatch/patches/patch-tests_deep-directories Thu Jan
1 01:00:00 1970
+++ gpatch/patches/patch-tests_deep-directories Mon Feb 2 00:02:57 2015
@@ -0,0 +1,15 @@
+$OpenBSD$
+
+Bash-ism.
+
+--- tests/deep-directories.orig Sat Jan 31 22:14:01 2015
++++ tests/deep-directories Sun Feb 1 23:52:39 2015
+@@ -14,7 +14,7 @@ use_tmpdir
+ # Exercise the directory file descriptor cache
+
+ # Artificially limit to 8 cache entries
+-ulimit -n 32 >& /dev/null || exit 77
++ulimit -n 32 > /dev/null 2>&1 || exit 77
+
+ cat > ab.diff <<EOF
+ --- /dev/null
diff -uNrxCVS /usr/ports/devel/gpatch/patches/patch-tests_read-only-files
gpatch/patches/patch-tests_read-only-files
--- /usr/ports/devel/gpatch/patches/patch-tests_read-only-files Thu Jan 1
01:00:00 1970
+++ gpatch/patches/patch-tests_read-only-files Sun Feb 1 21:46:52 2015
@@ -0,0 +1,15 @@
+$OpenBSD$
+
+A redirection error for a special built-in causes the shell to exit. (POSIX)
+
+--- tests/read-only-files.orig Wed Nov 26 14:17:55 2014
++++ tests/read-only-files Sun Feb 1 21:44:58 2015
+@@ -16,7 +16,7 @@ use_tmpdir
+
+ : > read-only
+ chmod a-w read-only
+-if : 2> /dev/null > read-only; then
++if ( : 2> /dev/null > read-only ); then
+ echo "Files with read-only permissions are writable" \
+ "(probably running as superuser)" >&2
+ exit 77
--
Christian "naddy" Weisgerber na...@mips.inka.de
