commit patch for openSUSE:Factory
Hello community,
here is the log from the commit of package patch for openSUSE:Factory checked
in at 2018-05-13 15:53:43
Comparing /work/SRC/openSUSE:Factory/patch (Old)
and /work/SRC/openSUSE:Factory/.patch.new (New)
Package is "patch"
Sun May 13 15:53:43 2018 rev:43 rq:605717 version:2.7.6
Changes:
--- /work/SRC/openSUSE:Factory/patch/patch.changes 2018-04-22
14:42:29.814764469 +0200
+++ /work/SRC/openSUSE:Factory/.patch.new/patch.changes 2018-05-13
15:53:53.838780878 +0200
@@ -1,0 +2,8 @@
+Wed May 9 09:52:04 UTC 2018 - jdelv...@suse.de
+
+- ed-style-07-dont-leak-tmp-file.patch,
+ ed-style-08-dont-leak-tmp-file-multi.patch: Fix temporary file
+ leak when applying ed-style patches (bsc#1092500,
+ savannah#53820).
+
+---
New:
ed-style-07-dont-leak-tmp-file.patch
ed-style-08-dont-leak-tmp-file-multi.patch
Other differences:
--
++ patch.spec ++
--- /var/tmp/diff_new_pack.2lLUXY/_old 2018-05-13 15:53:55.102734753 +0200
+++ /var/tmp/diff_new_pack.2lLUXY/_new 2018-05-13 15:53:55.106734607 +0200
@@ -33,6 +33,8 @@
Patch5: ed-style-04-invoke-ed-directly.patch
Patch6: ed-style-05-minor-cleanups.patch
Patch7: ed-style-06-fix-test-failure.patch
+Patch8: ed-style-07-dont-leak-tmp-file.patch
+Patch9: ed-style-08-dont-leak-tmp-file-multi.patch
# See bnc#662957. The fix for CVE-2010-4651 breaks the way interdiff was
# invoking patch, so interdiff had to be fixed too.
Conflicts: patchutils < 0.3.2
@@ -54,6 +56,8 @@
%patch5 -p1
%patch6 -p1
%patch7 -p1
+%patch8 -p1
+%patch9 -p1
%build
export CFLAGS="%{optflags} -Wall -O2 -pipe"
++ ed-style-07-dont-leak-tmp-file.patch ++
From: Jean Delvare
Date: Thu, 3 May 2018 14:31:55 +0200
Subject: Don't leak temporary file on failed ed-style patch
Git-commit: 19599883ffb6a450d2884f081f8ecf68edbed7ee
Patch-mainline: yes
References: bsc#1092500, savannah#53820
Now that we write ed-style patches to a temporary file before we
apply them, we need to ensure that the temporary file is removed
before we leave, even on fatal error.
* src/pch.c (do_ed_script): Use global TMPEDNAME instead of local
tmpname. Don't unlink the file directly, instead tag it for removal
at exit time.
* src/patch.c (cleanup): Unlink TMPEDNAME at exit.
This closes bug #53820:
https://savannah.gnu.org/bugs/index.php?53820
Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches
(CVE-2018-1000156)")
---
src/common.h |2 ++
src/patch.c |1 +
src/pch.c| 11 +--
3 files changed, 8 insertions(+), 6 deletions(-)
--- a/src/common.h
+++ b/src/common.h
@@ -94,10 +94,12 @@ XTERN char const *origsuff;
XTERN char const * TMPINNAME;
XTERN char const * TMPOUTNAME;
XTERN char const * TMPPATNAME;
+XTERN char const * TMPEDNAME;
XTERN bool TMPINNAME_needs_removal;
XTERN bool TMPOUTNAME_needs_removal;
XTERN bool TMPPATNAME_needs_removal;
+XTERN bool TMPEDNAME_needs_removal;
#ifdef DEBUGGING
XTERN int debug;
--- a/src/patch.c
+++ b/src/patch.c
@@ -1999,6 +1999,7 @@ cleanup (void)
remove_if_needed (TMPINNAME, _needs_removal);
remove_if_needed (TMPOUTNAME, _needs_removal);
remove_if_needed (TMPPATNAME, _needs_removal);
+ remove_if_needed (TMPEDNAME, _needs_removal);
remove_if_needed (TMPREJNAME, _needs_removal);
output_files (NULL);
}
--- a/src/pch.c
+++ b/src/pch.c
@@ -2392,7 +2392,6 @@ do_ed_script (char const *inname, char c
file_offset beginning_of_this_line;
size_t chars_read;
FILE *tmpfp = 0;
-char const *tmpname;
int tmpfd;
pid_t pid;
int exclusive = *outname_needs_removal ? 0 : O_EXCL;
@@ -2406,12 +2405,13 @@ do_ed_script (char const *inname, char c
invalid commands and treats the next line as a new command, which
can lead to arbitrary command execution. */
- tmpfd = make_tempfile (, 'e', NULL, O_RDWR | O_BINARY, 0);
+ tmpfd = make_tempfile (, 'e', NULL, O_RDWR | O_BINARY, 0);
if (tmpfd == -1)
- pfatal ("Can't create temporary file %s", quotearg (tmpname));
+ pfatal ("Can't create temporary file %s", quotearg (TMPEDNAME));
+ TMPEDNAME_needs_removal = true;
tmpfp = fdopen (tmpfd, "w+b");
if (! tmpfp)
- pfatal ("Can't open stream for file %s", quotearg (tmpname));
+ pfatal ("Can't open stream for file %s", quotearg (TMPEDNAME));
}
for (;;) {
@@ -2451,7 +2451,7 @@ do_ed_script (char const *inname, char c
write_fatal ();
if (lseek (tmpfd, 0, SEEK_SET) == -1)
- pfatal ("Can't rewind to the beginning of file %s", quotearg (tmpname));
+ pfatal ("Can't rewind to the
commit patch for openSUSE:Factory
Hello community,
here is the log from the commit of package patch for openSUSE:Factory checked
in at 2018-04-22 14:42:28
Comparing /work/SRC/openSUSE:Factory/patch (Old)
and /work/SRC/openSUSE:Factory/.patch.new (New)
Package is "patch"
Sun Apr 22 14:42:28 2018 rev:42 rq:597758 version:2.7.6
Changes:
--- /work/SRC/openSUSE:Factory/patch/patch.changes 2018-03-30
11:55:15.032143755 +0200
+++ /work/SRC/openSUSE:Factory/.patch.new/patch.changes 2018-04-22
14:42:29.814764469 +0200
@@ -1,0 +2,20 @@
+Wed Apr 18 11:16:34 CEST 2018 - jdelv...@suse.de
+
+- Add ed as BuildRequires so ed-style patches can be checked by
+ the test suite.
+
+---
+Wed Apr 18 08:53:00 UTC 2018 - jdelv...@suse.de
+
+Fix CVE-2018-1000156 (bsc#1088420, savannah#53566).
+- ed-style-01-missing-input-files.patch: Allow input files to be
+ missing for ed-style patches.
+- ed-style-02-fix-arbitrary-command-execution.patch,
+ ed-style-03-update-test-Makefile.patch: Fix arbitrary command
+ execution in ed-style patches.
+- ed-style-04-invoke-ed-directly.patch: Invoke ed directly instead
+ of using the shell.
+- ed-style-05-minor-cleanups.patch: Minor cleanups in do_ed_script.
+- ed-style-06-fix-test-failure.patch: Fix 'ed-style' test failure.
+
+---
New:
ed-style-01-missing-input-files.patch
ed-style-02-fix-arbitrary-command-execution.patch
ed-style-03-update-test-Makefile.patch
ed-style-04-invoke-ed-directly.patch
ed-style-05-minor-cleanups.patch
ed-style-06-fix-test-failure.patch
Other differences:
--
++ patch.spec ++
--- /var/tmp/diff_new_pack.jQWbB2/_old 2018-04-22 14:42:30.450741458 +0200
+++ /var/tmp/diff_new_pack.jQWbB2/_new 2018-04-22 14:42:30.450741458 +0200
@@ -27,9 +27,16 @@
Source2:http://ftp.gnu.org/gnu/patch/%{name}-%{version}.tar.xz.sig
Source3:
http://savannah.gnu.org/project/memberlist-gpgkeys.php?group=patch=1#/patch.keyring
Patch1: fix-segfault-mangled-rename.patch
+Patch2: ed-style-01-missing-input-files.patch
+Patch3: ed-style-02-fix-arbitrary-command-execution.patch
+Patch4: ed-style-03-update-test-Makefile.patch
+Patch5: ed-style-04-invoke-ed-directly.patch
+Patch6: ed-style-05-minor-cleanups.patch
+Patch7: ed-style-06-fix-test-failure.patch
# See bnc#662957. The fix for CVE-2010-4651 breaks the way interdiff was
# invoking patch, so interdiff had to be fixed too.
Conflicts: patchutils < 0.3.2
+BuildRequires: ed
%if 0%{?suse_version} < 1220
BuildRequires: xz
%endif
@@ -41,6 +48,12 @@
%prep
%setup -q
%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
%build
export CFLAGS="%{optflags} -Wall -O2 -pipe"
@@ -55,11 +68,7 @@
%files
%doc AUTHORS NEWS README
-%if 0%{?suse_version} >= 1500
%license COPYING
-%else
-%doc COPYING
-%endif
%{_bindir}/patch
%{_mandir}/man1/patch.1%{ext_man}
++ ed-style-01-missing-input-files.patch ++
From: Andreas Gruenbacher
Date: Fri, 6 Apr 2018 11:34:51 +0200
Subject: Allow input files to be missing for ed-style patches
Patch-mainline: yes
Git-commit: b5a91a01e5d0897facdd0f49d64b76b0f02b43e1
References: bsc#1088420, savannah#53566, CVE-2018-1000156
* src/pch.c (do_ed_script): Allow input files to be missing so that new
files will be created as with non-ed-style patches.
---
src/pch.c |8 +---
1 file changed, 5 insertions(+), 3 deletions(-)
--- a/src/pch.c
+++ b/src/pch.c
@@ -2394,9 +2394,11 @@ do_ed_script (char const *inname, char c
if (! dry_run && ! skip_rest_of_patch) {
int exclusive = *outname_needs_removal ? 0 : O_EXCL;
- assert (! inerrno);
- *outname_needs_removal = true;
- copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
+ if (inerrno != ENOENT)
+ {
+ *outname_needs_removal = true;
+ copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
+ }
sprintf (buf, "%s %s%s", editor_program,
verbosity == VERBOSE ? "" : "- ",
outname);
++ ed-style-02-fix-arbitrary-command-execution.patch ++
From: Andreas Gruenbacher
Date: Fri, 6 Apr 2018 12:14:49 +0200
Subject: Fix arbitrary command execution in ed-style patches
Patch-mainline: yes
Git-commit: 123eaff0d5d1aebe128295959435b9ca5909c26d
References: bsc#1088420, savannah#53566, CVE-2018-1000156
* src/pch.c (do_ed_script): Write ed script to a temporary file instead
of piping it to ed: this will cause ed to abort on invalid commands
instead of rejecting them and carrying on.
* tests/ed-style: New test
commit patch for openSUSE:Factory
Hello community,
here is the log from the commit of package patch for openSUSE:Factory checked
in at 2018-03-30 11:55:13
Comparing /work/SRC/openSUSE:Factory/patch (Old)
and /work/SRC/openSUSE:Factory/.patch.new (New)
Package is "patch"
Fri Mar 30 11:55:13 2018 rev:41 rq:590591 version:2.7.6
Changes:
--- /work/SRC/openSUSE:Factory/patch/patch.changes 2015-03-16
06:55:04.0 +0100
+++ /work/SRC/openSUSE:Factory/.patch.new/patch.changes 2018-03-30
11:55:15.032143755 +0200
@@ -1,0 +2,24 @@
+Thu Mar 22 09:43:43 CET 2018 - jdelv...@suse.de
+
+- Move COPYING from %doc to %license.
+
+---
+Wed Mar 21 16:44:09 CET 2018 - jdelv...@suse.de
+
+- Add AUTHORS and COPYING to %doc.
+- fix-segfault-mangled-rename.patch: Fix segfault with mangled
+ rename patch (bsc#1080951, CVE-2018-6951, savannah#53132).
+
+---
+Wed Feb 7 18:43:51 UTC 2018 - astie...@suse.com
+
+- patch 2.7.6:
+ * Files specified on the command line are no longer verified to
+be inside the current working directory, so commands like
+"patch -i foo.diff ../foo" will work again
+ * Fixes CVE-2016-10713 (Out-of-bounds access within
+pch_write_line() in pch.c could possibly lead to DoS via a
+crafted input file; bsc#1080918)
+ * Various fixes
+
+---
Old:
patch-2.7.5.tar.xz
patch-2.7.5.tar.xz.sig
New:
fix-segfault-mangled-rename.patch
patch-2.7.6.tar.xz
patch-2.7.6.tar.xz.sig
Other differences:
--
++ patch.spec ++
--- /var/tmp/diff_new_pack.fLnRZr/_old 2018-03-30 11:55:15.904112220 +0200
+++ /var/tmp/diff_new_pack.fLnRZr/_new 2018-03-30 11:55:15.904112220 +0200
@@ -1,7 +1,7 @@
#
# spec file for package patch
#
-# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: patch
-Version:2.7.5
+Version:2.7.6
Release:0
Summary:GNU patch
License:GPL-3.0+
@@ -26,13 +26,13 @@
Source: http://ftp.gnu.org/gnu/patch/%{name}-%{version}.tar.xz
Source2:http://ftp.gnu.org/gnu/patch/%{name}-%{version}.tar.xz.sig
Source3:
http://savannah.gnu.org/project/memberlist-gpgkeys.php?group=patch=1#/patch.keyring
-%if 0%{?suse_version} < 1220
-BuildRequires: xz
-%endif
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
+Patch1: fix-segfault-mangled-rename.patch
# See bnc#662957. The fix for CVE-2010-4651 breaks the way interdiff was
# invoking patch, so interdiff had to be fixed too.
Conflicts: patchutils < 0.3.2
+%if 0%{?suse_version} < 1220
+BuildRequires: xz
+%endif
%description
The GNU patch program is used to apply diffs between original and
@@ -40,6 +40,7 @@
%prep
%setup -q
+%patch1 -p1
%build
export CFLAGS="%{optflags} -Wall -O2 -pipe"
@@ -53,9 +54,13 @@
make install DESTDIR=%{buildroot} %{verbose:V=1}
%files
-%defattr(-,root,root)
-%doc NEWS README
+%doc AUTHORS NEWS README
+%if 0%{?suse_version} >= 1500
+%license COPYING
+%else
+%doc COPYING
+%endif
%{_bindir}/patch
-%doc %{_mandir}/man1/patch.1.gz
+%{_mandir}/man1/patch.1%{ext_man}
%changelog
++ fix-segfault-mangled-rename.patch ++
From: Andreas Gruenbacher
Date: Mon, 12 Feb 2018 16:48:24 +0100
Subject: Fix segfault with mangled rename patch
Patch-mainline: yes
Git-commit: f290f48a621867084884bfff87f8093c15195e6a
References: bsc#1080951, CVE-2018-6951, savannah#53133
http://savannah.gnu.org/bugs/?53132
* src/pch.c (intuit_diff_type): Ensure that two filenames are specified
for renames and copies (fix the existing check).
diff --git a/src/pch.c b/src/pch.c
index ff9ed2c..bc6278c 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -974,7 +974,8 @@ intuit_diff_type (bool need_header, mode_t *p_file_type)
if ((pch_rename () || pch_copy ())
&& ! inname
&& ! ((i == OLD || i == NEW) &&
- p_name[! reverse] &&
+ p_name[reverse] && p_name[! reverse] &&
+ name_is_valid (p_name[reverse]) &&
name_is_valid (p_name[! reverse])))
{
say ("Cannot %s file without two valid file names\n", pch_rename () ?
"rename" : "copy");
++ patch-2.7.5.tar.xz -> patch-2.7.6.tar.xz ++
62545 lines of diff (skipped)
++ patch.keyring ++
Binary files /var/tmp/diff_new_pack.fLnRZr/_old and
/var/tmp/diff_new_pack.fLnRZr/_new differ
commit patch for openSUSE:Factory
Hello community,
here is the log from the commit of package patch for openSUSE:Factory checked
in at 2015-03-16 06:55:02
Comparing /work/SRC/openSUSE:Factory/patch (Old)
and /work/SRC/openSUSE:Factory/.patch.new (New)
Package is patch
Changes:
--- /work/SRC/openSUSE:Factory/patch/patch.changes 2015-03-01
14:45:28.0 +0100
+++ /work/SRC/openSUSE:Factory/.patch.new/patch.changes 2015-03-16
06:55:04.0 +0100
@@ -1,0 +2,8 @@
+Sat Mar 7 10:42:46 CET 2015 - jdelv...@suse.de
+
+- patch 2.7.5
+ Fixes a functional regression introduced by the previous update.
+ + Patching through symbolic links works again, as long as the
+target is within the working tree.
+
+---
Old:
patch-2.7.4.tar.bz2
patch-2.7.4.tar.bz2.sig
New:
patch-2.7.5.tar.xz
patch-2.7.5.tar.xz.sig
Other differences:
--
++ patch.spec ++
--- /var/tmp/diff_new_pack.mCdNdj/_old 2015-03-16 06:55:05.0 +0100
+++ /var/tmp/diff_new_pack.mCdNdj/_new 2015-03-16 06:55:05.0 +0100
@@ -17,15 +17,18 @@
Name: patch
-Version:2.7.4
+Version:2.7.5
Release:0
Summary:GNU patch
License:GPL-3.0+
Group: Productivity/Text/Utilities
Url:http://ftp.gnu.org/gnu/patch/
-Source: http://ftp.gnu.org/gnu/patch/%{name}-%{version}.tar.bz2
-Source2:http://ftp.gnu.org/gnu/patch/%{name}-%{version}.tar.bz2.sig
+Source: http://ftp.gnu.org/gnu/patch/%{name}-%{version}.tar.xz
+Source2:http://ftp.gnu.org/gnu/patch/%{name}-%{version}.tar.xz.sig
Source3:
http://savannah.gnu.org/project/memberlist-gpgkeys.php?group=patchdownload=1#/patch.keyring
+%if 0%{?suse_version} 1220
+BuildRequires: xz
+%endif
BuildRoot: %{_tmppath}/%{name}-%{version}-build
# See bnc#662957. The fix for CVE-2010-4651 breaks the way interdiff was
# invoking patch, so interdiff had to be fixed too.
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit patch for openSUSE:Factory
Hello community,
here is the log from the commit of package patch for openSUSE:Factory checked
in at 2015-03-01 14:45:27
Comparing /work/SRC/openSUSE:Factory/patch (Old)
and /work/SRC/openSUSE:Factory/.patch.new (New)
Package is patch
Changes:
--- /work/SRC/openSUSE:Factory/patch/patch.changes 2014-11-24
11:08:01.0 +0100
+++ /work/SRC/openSUSE:Factory/.patch.new/patch.changes 2015-03-01
14:45:28.0 +0100
@@ -1,0 +2,41 @@
+Mon Feb 16 11:51:58 CET 2015 - jdelv...@suse.de
+
+- patch 2.7.4
+ Fixes a functional regression introduced by the previous security
+ fix. The security fix would forbid legitimate use cases of
+ relative symbolic links.
+ [boo#918058]
+ + Allow arbitrary symlink targets again.
+ + Do not change permissions if there isn't an explicit mode
+change.
+ + Fix indentation heuristic for context diffs.
+- Please also note that the previous update fixed security bugs
+ boo#915328 and boo#915329 even though it did not say so.
+
+---
+Fri Jan 23 00:58:35 UTC 2015 - andreas.stie...@gmx.de
+
+- patch 2.7.3
+ Contains a security fix for a directory traversal flaw when
+ handling git-style patches. This could allow an attacker to
+ overwrite arbitrary files by applying a specially crafted patch.
+ [boo#913678] [CVE-2015-1196]
+ + With git-style patches, symlinks that point outside the working
+directory will no longer be created (CVE-2015-1196).
+ + When a file isn't being deleted because the file contents don't
+match the patch, the resulting message is now Not deleting
+file ... as content differs from patch instead of File ...
+is not empty after patch; not deleting.
+ + Function names in hunks (from diff -p) are now preserved in
+reject files
+This change was previously added as a patch. [boo#904519]
+- Version 2.7.2 differed from the above only slightly.
+- packaging changes:
+ + Verify source signatures
+ + Removed patches now upstream:
+* error-report-crash.patch
+* reject-print-function-01-drop-useless-test.patch
+* reject-print-function-02-handle-unified-format.patch
+ + run spec-cleaner
+
+---
Old:
error-report-crash.patch
patch-2.7.1.tar.bz2
reject-print-function-01-drop-useless-test.patch
reject-print-function-02-handle-unified-format.patch
New:
patch-2.7.4.tar.bz2
patch-2.7.4.tar.bz2.sig
patch.keyring
Other differences:
--
++ patch.spec ++
--- /var/tmp/diff_new_pack.yV58dr/_old 2015-03-01 14:45:30.0 +0100
+++ /var/tmp/diff_new_pack.yV58dr/_new 2015-03-01 14:45:30.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package patch
#
-# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -16,55 +16,43 @@
#
-Url:http://ftp.gnu.org/gnu/patch/
-
Name: patch
-# See bnc#662957. The fix for CVE-2010-4651 breaks the way interdiff was
-# invoking patch, so interdiff had to be fixed too.
-Conflicts: patchutils 0.3.2
-Version:2.7.1
+Version:2.7.4
Release:0
Summary:GNU patch
License:GPL-3.0+
Group: Productivity/Text/Utilities
-Source: http://ftp.gnu.org/gnu/patch/patch-%version.tar.bz2
-Patch: error-report-crash.patch
-Patch1: reject-print-function-01-drop-useless-test.patch
-Patch2: reject-print-function-02-handle-unified-format.patch
+Url:http://ftp.gnu.org/gnu/patch/
+Source: http://ftp.gnu.org/gnu/patch/%{name}-%{version}.tar.bz2
+Source2:http://ftp.gnu.org/gnu/patch/%{name}-%{version}.tar.bz2.sig
+Source3:
http://savannah.gnu.org/project/memberlist-gpgkeys.php?group=patchdownload=1#/patch.keyring
BuildRoot: %{_tmppath}/%{name}-%{version}-build
+# See bnc#662957. The fix for CVE-2010-4651 breaks the way interdiff was
+# invoking patch, so interdiff had to be fixed too.
+Conflicts: patchutils 0.3.2
%description
The GNU patch program is used to apply diffs between original and
changed files (generated by the diff command) to the original files.
-
-
-Authors:
-
-Larry Wall
-Paul Eggert
-
%prep
%setup -q
-%patch -p1
-%patch1 -p1
-%patch2 -p1
%build
-export CFLAGS=$RPM_OPT_FLAGS -Wall -O2 -pipe
-%configure --prefix=%{_prefix}
+export CFLAGS=%{optflags} -Wall -O2 -pipe
+%configure
make %{?_smp_mflags} %{verbose:V=1};
%check
-make check %{verbose:V=1}
+make %{?_smp_mflags} check
commit patch for openSUSE:Factory
Hello community,
here is the log from the commit of package patch for openSUSE:Factory checked
in at 2014-11-24 11:08:00
Comparing /work/SRC/openSUSE:Factory/patch (Old)
and /work/SRC/openSUSE:Factory/.patch.new (New)
Package is patch
Changes:
--- /work/SRC/openSUSE:Factory/patch/patch.changes 2014-06-18
22:04:31.0 +0200
+++ /work/SRC/openSUSE:Factory/.patch.new/patch.changes 2014-11-24
11:08:01.0 +0100
@@ -1,0 +2,8 @@
+Mon Nov 10 11:37:03 CET 2014 - jdelv...@suse.de
+
+- reject-print-function-01-drop-useless-test.patch: Drop useless
+ test in another_hunk().
+- reject-print-function-02-handle-unified-format.patch: Preserve C
+ function name in unified rejects (bnc#904519).
+
+---
New:
reject-print-function-01-drop-useless-test.patch
reject-print-function-02-handle-unified-format.patch
Other differences:
--
++ patch.spec ++
--- /var/tmp/diff_new_pack.yFvBAh/_old 2014-11-24 11:08:02.0 +0100
+++ /var/tmp/diff_new_pack.yFvBAh/_new 2014-11-24 11:08:02.0 +0100
@@ -29,6 +29,8 @@
Group: Productivity/Text/Utilities
Source: http://ftp.gnu.org/gnu/patch/patch-%version.tar.bz2
Patch: error-report-crash.patch
+Patch1: reject-print-function-01-drop-useless-test.patch
+Patch2: reject-print-function-02-handle-unified-format.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
@@ -45,6 +47,8 @@
%prep
%setup -q
%patch -p1
+%patch1 -p1
+%patch2 -p1
%build
export CFLAGS=$RPM_OPT_FLAGS -Wall -O2 -pipe
++ reject-print-function-01-drop-useless-test.patch ++
From: Jean Delvare jdelv...@suse.de
Subject: Drop useless test in another_hunk()
Upstream: Committed (65193f1cc1bf38bdd63d1f3087b0d7e16ad3f082)
This test will always succeed so it is either broken or useless. The
equivalent code path for context patches doesn't have this test so I
suppose it's OK to just remove it.
---
src/pch.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/src/pch.c
+++ b/src/pch.c
@@ -1651,7 +1651,7 @@ another_hunk (enum diff difftype, bool r
if (*s == ' ') s++;
if (*s++ != '@')
malformed ();
- if (*s++ == '@' *s == ' ' *s != '\0')
+ if (*s++ == '@' *s == ' ')
{
p_c_function = s;
while (*s != '\n')
++ reject-print-function-02-handle-unified-format.patch ++
From: Steven Rostedt rost...@goodmis.org
Subject: Preserve function names in reject files
Upstream: Committed (a2f4bfe0f3f54181a8f1077cde9ebef0b4f891c0)
References: bnc#904519
* src/patch.c (main): Preserve function names in reject files.
* tests/reject-format: Update the test case.
---
src/patch.c |3 ++-
tests/reject-format |4 ++--
2 files changed, 4 insertions(+), 3 deletions(-)
--- a/src/patch.c
+++ b/src/patch.c
@@ -1237,6 +1237,7 @@ abort_hunk_unified (bool header, bool re
lin old = 1;
lin lastline = pch_ptrn_lines ();
lin new = lastline + 1;
+ char const *c_function = pch_c_function();
if (header)
{
@@ -1251,7 +1252,7 @@ abort_hunk_unified (bool header, bool re
print_unidiff_range (rejfp, pch_first () + out_offset, lastline);
fprintf (rejfp, +);
print_unidiff_range (rejfp, pch_newfirst () + out_offset, pch_repl_lines ());
- fprintf (rejfp, @@\n);
+ fprintf (rejfp, @@%s\n, c_function ? c_function : );
while (pch_char (new) == '=' || pch_char (new) == '\n')
new++;
--- a/tests/reject-format
+++ b/tests/reject-format
@@ -79,7 +79,7 @@ check 'cat f.rej' EOF
Index: f
--- f.orig
+++ f
-@@ -2,6 +2,6 @@
+@@ -2,6 +2,6 @@ a() {
2
3
$preserve_trailing_blank
@@ -102,7 +102,7 @@ EOF
check 'cat f.rej' EOF
--- f.orig
+++ f
-@@ -2,6 +2,6 @@
+@@ -2,6 +2,6 @@ a() {
2
3
$preserve_trailing_blank
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit patch for openSUSE:Factory
Hello community,
here is the log from the commit of package patch for openSUSE:Factory checked
in at 2014-06-18 22:04:30
Comparing /work/SRC/openSUSE:Factory/patch (Old)
and /work/SRC/openSUSE:Factory/.patch.new (New)
Package is patch
Changes:
--- /work/SRC/openSUSE:Factory/patch/patch.changes 2012-12-10
12:20:31.0 +0100
+++ /work/SRC/openSUSE:Factory/.patch.new/patch.changes 2014-06-18
22:04:31.0 +0200
@@ -1,0 +2,6 @@
+Tue May 20 07:44:03 UTC 2014 - sch...@suse.de
+
+- error-report-crash.patch: fix crash after reporting error during option
+ parsing
+
+---
New:
error-report-crash.patch
Other differences:
--
++ patch.spec ++
--- /var/tmp/diff_new_pack.kLKS9s/_old 2014-06-18 22:04:32.0 +0200
+++ /var/tmp/diff_new_pack.kLKS9s/_new 2014-06-18 22:04:32.0 +0200
@@ -1,7 +1,7 @@
#
# spec file for package patch
#
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -28,6 +28,7 @@
License:GPL-3.0+
Group: Productivity/Text/Utilities
Source: http://ftp.gnu.org/gnu/patch/patch-%version.tar.bz2
+Patch: error-report-crash.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
@@ -43,6 +44,7 @@
%prep
%setup -q
+%patch -p1
%build
export CFLAGS=$RPM_OPT_FLAGS -Wall -O2 -pipe
++ error-report-crash.patch ++
From 291ec175812b7ba291d124e4cf2fbf9efec590c8 Mon Sep 17 00:00:00 2001
From: Andreas Gruenbacher agr...@linbit.com
Date: Thu, 4 Oct 2012 12:33:09 +0200
Subject: [PATCH] Initialize data structures early enough
* src/patch.c (main): Initialize data structures early enough, before error
paths can access them.
* tests/bad-usage: Test bad command line usage.
* tests/Makefile.am (TESTS): Add bad-usage here.
---
src/patch.c | 8
tests/Makefile.am | 1 +
tests/bad-usage | 18 ++
3 files changed, 23 insertions(+), 4 deletions(-)
create mode 100644 tests/bad-usage
Index: patch-2.7.1/src/patch.c
===
--- patch-2.7.1.orig/src/patch.c
+++ patch-2.7.1/src/patch.c
@@ -150,6 +150,10 @@ main (int argc, char **argv)
else if ((version_control = getenv (VERSION_CONTROL)))
version_control_context = $VERSION_CONTROL;
+init_backup_hash_table ();
+init_files_to_delete ();
+init_files_to_output ();
+
/* parse switches */
Argc = argc;
Argv = argv;
@@ -162,10 +166,6 @@ main (int argc, char **argv)
if (make_backups | backup_if_mismatch)
backup_type = get_version (version_control_context, version_control);
-init_backup_hash_table ();
-init_files_to_delete ();
-init_files_to_output ();
-
init_output (outstate);
if (outfile)
outstate.ofp = open_outfile (outfile);
Index: patch-2.7.1/tests/Makefile.am
===
--- patch-2.7.1.orig/tests/Makefile.am
+++ patch-2.7.1/tests/Makefile.am
@@ -20,6 +20,7 @@ TESTS = \
asymmetric-hunks \
backup-prefix-suffix \
bad-filenames \
+ bad-usage \
concat-git-diff \
copy-rename \
corrupt-reject-files \
Index: patch-2.7.1/tests/Makefile.in
===
--- patch-2.7.1.orig/tests/Makefile.in
+++ patch-2.7.1/tests/Makefile.in
@@ -1075,6 +1075,7 @@ TESTS = \
asymmetric-hunks \
backup-prefix-suffix \
bad-filenames \
+ bad-usage \
concat-git-diff \
copy-rename \
corrupt-reject-files \
@@ -1294,6 +1295,8 @@ backup-prefix-suffix.log: backup-prefix-
@p='backup-prefix-suffix'; $(am__check_pre) $(LOG_COMPILE) $$tst
$(am__check_post)
bad-filenames.log: bad-filenames
@p='bad-filenames'; $(am__check_pre) $(LOG_COMPILE) $$tst
$(am__check_post)
+bad-usage.log: bad-usage
+ @p='bad-usage'; $(am__check_pre) $(LOG_COMPILE) $$tst
$(am__check_post)
concat-git-diff.log: concat-git-diff
@p='concat-git-diff'; $(am__check_pre) $(LOG_COMPILE) $$tst
$(am__check_post)
copy-rename.log: copy-rename
Index: patch-2.7.1/tests/bad-usage
===
--- /dev/null
+++ patch-2.7.1/tests/bad-usage
@@ -0,0 +1,18 @@
+# Copyright (C) 2009, 2011-2012 Free Software Foundation, Inc.
+#
+# Copying and distribution of this file, with or without modification,
+# in any medium, are permitted
commit patch for openSUSE:Factory
Hello community,
here is the log from the commit of package patch for openSUSE:Factory checked
in at 2012-12-10 12:20:28
Comparing /work/SRC/openSUSE:Factory/patch (Old)
and /work/SRC/openSUSE:Factory/.patch.new (New)
Package is patch, Maintainer is orpha...@suse.de
Changes:
--- /work/SRC/openSUSE:Factory/patch/patch.changes 2012-09-13
07:07:30.0 +0200
+++ /work/SRC/openSUSE:Factory/.patch.new/patch.changes 2012-12-10
12:20:31.0 +0100
@@ -1,0 +2,51 @@
+Thu Dec 6 16:19:25 CET 2012 - jdelv...@suse.de
+
+- Back to bz2 archive format as old products lack xz.
+
+---
+Thu Dec 6 15:34:14 CET 2012 - jdelv...@suse.de
+
+- Version 2.7.1
+ + Patch no longer gets a failed assertion for certain mangled
+patches.
+ + Ignore destination file names that are absolute or that contain
+a component of .., except when working in the root directory.
+This addresses CVE-2010-4651.
+ + Support for most features of the diff --git format, including
+renames and copies, permission changes, and symlink diffs.
+Binary diffs are not supported yet; patch will complain and
+skip them.
+ + Support for double-quoted filenames: when a filename starts
+with a double quote, it is interpreted as a C string literal.
+The escape sequences \\, \, \a, \b, \f, \n, \r, \t, \v, and
+\ooo (a three-digit octal number between 0 and 255) are
+recognized.
+ + Refuse to apply a normal patch to a symlink. (Previous versions
+of patch were replacing the symlink with a regular file.)
+ + New --follow-symlinks option to allow to treat symlinks as
+files: this was patch's behavior before version 2.7.
+ + When trying to modify a read-only file, warn about the
+potential problem by default. The --read-only command line
+option allows to change this behavior.
+ + Files to be deleted are deleted once the entire input has been
+processed, not immediately. This fixes a bug with numbered
+backup files.
+ + When a timestamp specifies a time zone, honor that instead of
+assuming the local time zone (--set-date) or Universal
+Coordinated Time (--set-utc).
+ + Support for nanosecond precision timestamps.
+ + Many bug fixes.
+ + Clarify the message printed when a patch is expected to empty
+out and delete a file, but the file does not become empty.
+ + Various improvements to messages when applying a patch to a
+file of different type (regular file vs. symlink), when there
+are line ending differences (LF vs. CRLF), and when in
+--dry-run mode.
+ + Ignore when extended attributes cannot be preserved because
+they are unsupported or because permission to set them is
+denied.
+- patch-revert-e0f70752.patch: Dropped, original bug fixed
+ upstream.
+- patch-stdio.in.patch: Dropped, merged upstream.
+
+---
Old:
patch-2.6.1.136-31a7.tar.bz2
patch-revert-e0f70752.patch
patch-stdio.in.patch
New:
patch-2.7.1.tar.bz2
Other differences:
--
++ patch.spec ++
--- /var/tmp/diff_new_pack.7bxqLK/_old 2012-12-10 12:20:32.0 +0100
+++ /var/tmp/diff_new_pack.7bxqLK/_new 2012-12-10 12:20:32.0 +0100
@@ -16,21 +16,18 @@
#
-Url:ftp://alpha.gnu.org/gnu/diffutils/
-%define hash -31a7
+Url:http://ftp.gnu.org/gnu/patch/
Name: patch
# See bnc#662957. The fix for CVE-2010-4651 breaks the way interdiff was
# invoking patch, so interdiff had to be fixed too.
Conflicts: patchutils 0.3.2
-Version:2.6.1.136
+Version:2.7.1
Release:0
Summary:GNU patch
License:GPL-3.0+
Group: Productivity/Text/Utilities
-Source: ftp://alpha.gnu.org/gnu/patch/patch-%version%hash.tar.bz2
-Patch1: patch-revert-e0f70752.patch
-Patch2: patch-stdio.in.patch
+Source: http://ftp.gnu.org/gnu/patch/patch-%version.tar.bz2
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
@@ -45,9 +42,7 @@
Paul Eggert
%prep
-%setup -q -n patch-%version%hash
-%patch1 -p1
-%patch2 -p1
+%setup -q
%build
export CFLAGS=$RPM_OPT_FLAGS -Wall -O2 -pipe
++ patch-2.6.1.136-31a7.tar.bz2 - patch-2.7.1.tar.bz2 ++
63241 lines of diff (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit patch for openSUSE:Factory
Hello community,
here is the log from the commit of package patch for openSUSE:Factory checked
in at 2012-09-13 07:07:24
Comparing /work/SRC/openSUSE:Factory/patch (Old)
and /work/SRC/openSUSE:Factory/.patch.new (New)
Package is patch, Maintainer is agr...@novell.com
Changes:
--- /work/SRC/openSUSE:Factory/patch/patch.changes 2012-04-12
09:45:00.0 +0200
+++ /work/SRC/openSUSE:Factory/.patch.new/patch.changes 2012-09-13
07:07:30.0 +0200
@@ -1,0 +2,6 @@
+Tue Jul 17 08:40:27 UTC 2012 - a...@suse.de
+
+- patch-stdio.in.patch:
+ Fix build with missing gets declaration (glibc 2.16)
+
+---
New:
patch-stdio.in.patch
Other differences:
--
++ patch.spec ++
--- /var/tmp/diff_new_pack.8AopaT/_old 2012-09-13 07:07:32.0 +0200
+++ /var/tmp/diff_new_pack.8AopaT/_new 2012-09-13 07:07:32.0 +0200
@@ -1,7 +1,7 @@
#
# spec file for package patch
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -15,23 +15,22 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
-# norootforbuild
Url:ftp://alpha.gnu.org/gnu/diffutils/
%define hash -31a7
Name: patch
-License:GPL-3.0+
-Group: Productivity/Text/Utilities
-AutoReqProv:on
# See bnc#662957. The fix for CVE-2010-4651 breaks the way interdiff was
# invoking patch, so interdiff had to be fixed too.
Conflicts: patchutils 0.3.2
Version:2.6.1.136
-Release:1
+Release:0
Summary:GNU patch
+License:GPL-3.0+
+Group: Productivity/Text/Utilities
Source: ftp://alpha.gnu.org/gnu/patch/patch-%version%hash.tar.bz2
Patch1: patch-revert-e0f70752.patch
+Patch2: patch-stdio.in.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
@@ -48,6 +47,7 @@
%prep
%setup -q -n patch-%version%hash
%patch1 -p1
+%patch2 -p1
%build
export CFLAGS=$RPM_OPT_FLAGS -Wall -O2 -pipe
++ patch-stdio.in.patch ++
Index: patch-2.6.1.136-31a7/lib/stdio.in.h
===
--- patch-2.6.1.136-31a7.orig/lib/stdio.in.h
+++ patch-2.6.1.136-31a7/lib/stdio.in.h
@@ -164,7 +164,9 @@ _GL_WARN_ON_USE (fflush, fflush is not
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
#undef gets
+#if HAVE_RAW_DECL_GETS
_GL_WARN_ON_USE (gets, gets is a security hole - use fgets instead);
+#endif
#if @GNULIB_FOPEN@
# if @REPLACE_FOPEN@
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit patch for openSUSE:Factory
Hello community,
here is the log from the commit of package patch for openSUSE:Factory checked
in at 2012-04-12 09:44:52
Comparing /work/SRC/openSUSE:Factory/patch (Old)
and /work/SRC/openSUSE:Factory/.patch.new (New)
Package is patch, Maintainer is agr...@novell.com
Changes:
--- /work/SRC/openSUSE:Factory/patch/patch.changes 2011-10-06
16:45:15.0 +0200
+++ /work/SRC/openSUSE:Factory/.patch.new/patch.changes 2012-04-12
09:45:00.0 +0200
@@ -1,0 +2,11 @@
+Fri Apr 6 14:22:12 CEST 2012 - jdelv...@suse.de
+
+- patch-revert-e0f70752.patch: Revert broken upstream commit
+ (bnc#755136).
+
+---
+Wed Apr 4 19:03:25 CEST 2012 - jdelv...@suse.de
+
+- Version 2.6.1.136
+
+---
Old:
patch-2.6.1.116-33c4.tar.bz2
New:
patch-2.6.1.136-31a7.tar.bz2
patch-revert-e0f70752.patch
Other differences:
--
++ patch.spec ++
--- /var/tmp/diff_new_pack.HhTCf6/_old 2012-04-12 09:45:01.0 +0200
+++ /var/tmp/diff_new_pack.HhTCf6/_new 2012-04-12 09:45:01.0 +0200
@@ -18,7 +18,7 @@
# norootforbuild
Url:ftp://alpha.gnu.org/gnu/diffutils/
-%define hash -33c4
+%define hash -31a7
Name: patch
License:GPL-3.0+
@@ -27,10 +27,11 @@
# See bnc#662957. The fix for CVE-2010-4651 breaks the way interdiff was
# invoking patch, so interdiff had to be fixed too.
Conflicts: patchutils 0.3.2
-Version:2.6.1.116
+Version:2.6.1.136
Release:1
Summary:GNU patch
Source: ftp://alpha.gnu.org/gnu/patch/patch-%version%hash.tar.bz2
+Patch1: patch-revert-e0f70752.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
@@ -46,6 +47,7 @@
%prep
%setup -q -n patch-%version%hash
+%patch1 -p1
%build
export CFLAGS=$RPM_OPT_FLAGS -Wall -O2 -pipe
++ patch-2.6.1.116-33c4.tar.bz2 - patch-2.6.1.136-31a7.tar.bz2 ++
49311 lines of diff (skipped)
++ patch-revert-e0f70752.patch ++
References: bnc#755136
Revert upstream commit e0f707523cab26f74ec23f4a20a27add8702ed5b.
--- patch-2.6.1.136-31a7.orig/src/pch.c
+++ patch-2.6.1.136-31a7/src/pch.c
@@ -379,18 +379,11 @@ skip_hex_digits (char const *str)
static bool
name_is_valid (char const *name)
{
- static char const *bad[2];
- char const *n;
-
- if (bad[0] ! strcmp (bad[0], name))
-return false;
- if (bad[1] ! strcmp (bad[1], name))
-return false;
+ const char *n = name;
if (IS_ABSOLUTE_FILE_NAME (name))
{
say (Ignoring potentially dangerous file name %s\n, quotearg (name));
- bad[!! bad[0]] = name;
return false;
}
for (n = name; *n; )
@@ -398,7 +391,6 @@ name_is_valid (char const *name)
if (*n == '.' *++n == '.' ( ! *++n || ISSLASH (*n)))
{
say (Ignoring potentially dangerous file name %s\n, quotearg
(name));
- bad[!! bad[0]] = name;
return false;
}
while (*n ! ISSLASH (*n))
--- patch-2.6.1.136-31a7.orig/tests/bad-filenames
+++ patch-2.6.1.136-31a7/tests/bad-filenames
@@ -114,27 +114,3 @@ echo 1 g
check 'patch -f -p1 --dry-run d.diff || echo status: $?' EOF
patching file g
EOF
-
-mkdir d
-cd d
-cat d.diff EOF
../h
-+++ ../h
-@@ -0,0 +1 @@
-+x
-EOF
-
-touch ../h
-check 'patch -f -p0 d.diff || echo status: $?' EOF
-Ignoring potentially dangerous file name ../h
-can't find file to patch at input line 3
-Perhaps you used the wrong -p or --strip option?
-The text leading up to this was:
---
-|--- ../h
-|+++ ../h
---
-No file to patch. Skipping patch.
-1 out of 1 hunk ignored
-status: 1
-EOF
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit patch for openSUSE:Factory
Hello community, here is the log from the commit of package patch for openSUSE:Factory checked in at 2011-12-06 18:36:03 Comparing /work/SRC/openSUSE:Factory/patch (Old) and /work/SRC/openSUSE:Factory/.patch.new (New) Package is patch, Maintainer is agr...@novell.com Changes: Other differences: -- ++ patch.spec ++ --- /var/tmp/diff_new_pack.cn99gB/_old 2011-12-06 19:03:13.0 +0100 +++ /var/tmp/diff_new_pack.cn99gB/_new 2011-12-06 19:03:13.0 +0100 @@ -21,7 +21,7 @@ %define hash -33c4 Name: patch -License:GPLv3+ +License:GPL-3.0+ Group: Productivity/Text/Utilities AutoReqProv:on # See bnc#662957. The fix for CVE-2010-4651 breaks the way interdiff was -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit patch for openSUSE:Factory
Hello community,
here is the log from the commit of package patch for openSUSE:Factory
checked in at Thu Oct 6 16:44:44 CEST 2011.
--- openSUSE:Factory/patch/patch.changes2011-09-23 12:21:42.0
+0200
+++ /mounts/work_src_done/STABLE/patch/patch.changes2011-10-05
14:34:03.0 +0200
@@ -1,0 +2,5 @@
+Wed Oct 5 12:33:53 UTC 2011 - u...@suse.com
+
+- cross-build fix: use %configure macro
+
+---
calling whatdependson for head-i586
Other differences:
--
++ patch.spec ++
--- /var/tmp/diff_new_pack.ImIuU5/_old 2011-10-06 16:44:41.0 +0200
+++ /var/tmp/diff_new_pack.ImIuU5/_new 2011-10-06 16:44:41.0 +0200
@@ -48,8 +48,8 @@
%setup -q -n patch-%version%hash
%build
-CFLAGS=$RPM_OPT_FLAGS -Wall -O2 -pipe \
-./configure --prefix=%{_prefix}
+export CFLAGS=$RPM_OPT_FLAGS -Wall -O2 -pipe
+%configure --prefix=%{_prefix}
make %{?_smp_mflags} %{verbose:V=1};
%check
continue with q...
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit patch for openSUSE:Factory
Hello community,
here is the log from the commit of package patch for openSUSE:Factory
checked in at Thu Apr 7 10:07:30 CEST 2011.
--- patch/patch.changes 2010-07-02 08:57:54.0 +0200
+++ /mounts/work_src_done/STABLE/patch/patch.changes2011-04-04
15:15:18.0 +0200
@@ -1,0 +2,10 @@
+Mon Apr 4 15:11:04 CEST 2011 - jdelv...@suse.de
+
+- Version 2.6.1.116:
+ + Patch now ignores destination file names that are absolute or
+that contain a component of .. (CVE-2010-4651, bnc#662957).
+- Drop unified-reject-files-compat.diff. Compatibility has been
+ provided for the past 18 months, hopefully nobody is relying on
+ it any longer.
+
+---
calling whatdependson for head-i586
Old:
patch-2.6.1.81-5b68.tar.bz2
unified-reject-files-compat.diff
New:
patch-2.6.1.116-33c4.tar.bz2
Other differences:
--
++ patch.spec ++
--- /var/tmp/diff_new_pack.PwffJE/_old 2011-04-07 10:05:14.0 +0200
+++ /var/tmp/diff_new_pack.PwffJE/_new 2011-04-07 10:05:14.0 +0200
@@ -1,7 +1,7 @@
#
-# spec file for package patch (Version 2.6.1.81)
+# spec file for package patch
#
-# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -18,17 +18,19 @@
# norootforbuild
Url:ftp://alpha.gnu.org/gnu/diffutils/
-%define hash -5b68
+%define hash -33c4
Name: patch
License:GPLv3+
Group: Productivity/Text/Utilities
AutoReqProv:on
-Version:2.6.1.81
-Release:4
+# See bnc#662957. The fix for CVE-2010-4651 breaks the way interdiff was
+# invoking patch, so interdiff had to be fixed too.
+Conflicts: patchutils 0.3.2
+Version:2.6.1.116
+Release:1
Summary:GNU patch
Source: ftp://alpha.gnu.org/gnu/patch/patch-%version%hash.tar.bz2
-Patch: unified-reject-files-compat.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
@@ -44,7 +46,6 @@
%prep
%setup -q -n patch-%version%hash
-%patch -p1
%build
CFLAGS=$RPM_OPT_FLAGS -Wall -O2 -pipe \
++ patch-2.6.1.81-5b68.tar.bz2 - patch-2.6.1.116-33c4.tar.bz2 ++
1 lines of diff (skipped)
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
