diff --git a/diffutils-format-security.patch b/diffutils-format-security.patch new file mode 100644 index 0000000..9658644 --- /dev/null +++ b/diffutils-format-security.patch @@ -0,0 +1,17 @@ +diff -up diffutils-3.3/gnulib-tests/test-xvasprintf.c.format-security diffutils-3.3/gnulib-tests/test-xvasprintf.c +--- diffutils-3.3/gnulib-tests/test-xvasprintf.c.format-security 2013-03-22 04:20:50.000000000 +0000 ++++ diffutils-3.3/gnulib-tests/test-xvasprintf.c 2013-12-04 13:43:09.927443499 +0000 +@@ -16,6 +16,13 @@ + + /* Written by Bruno Haible , 2007. */ + ++/* Tell GCC not to warn about the specific edge cases tested here. */ ++#if (__GNUC__ == 4 && 3 <= __GNUC_MINOR__) || 4 < __GNUC__ ++# pragma GCC diagnostic ignored "-Wformat-zero-length" ++# pragma GCC diagnostic ignored "-Wformat-nonliteral" ++# pragma GCC diagnostic ignored "-Wformat-security" ++#endif ++ + #include + + #include "xvasprintf.h" diff --git a/diffutils.spec b/diffutils.spec index aaa1231..495e304 100644 --- a/diffutils.spec +++ b/diffutils.spec @@ -1,13 +1,14 @@ Summary: A GNU collection of diff utilities Name: diffutils Version: 3.3 -Release: 4%{?dist} +Release: 5%{?dist} Group: Applications/Text URL: http://www.gnu.org/software/diffutils/diffutils.html Source: ftp://ftp.gnu.org/gnu/diffutils/diffutils-%{version}.tar.xz Patch1: diffutils-cmp-s-empty.patch Patch2: diffutils-mkdir_p.patch Patch4: diffutils-i18n.patch +Patch5: diffutils-format-security.patch License: GPLv3+ Requires(post): info Requires(preun): info @@ -39,6 +40,10 @@ Install diffutils if you need to compare text files. %patch4 -p1 -b .i18n +# Applied upstream gnulib patch to avoid -Wformat-security warning +# (bug #1037038). +%patch5 -p1 -b .format-security + # Run autoreconf for aarch64 support (bug #925256). autoreconf @@ -75,6 +80,10 @@ rm -rf $RPM_BUILD_ROOT %{_infodir}/diffutils.info*gz %changelog +* Wed Dec 4 2013 Tim Waugh 3.3-5 +- Applied upstream gnulib patch to avoid -Wformat-security warning + (bug #1037038). + * Wed Oct 23 2013 Tim Waugh 3.3-4 - Fixed multibyte handling logic for diff -Z (bug #1012075).