Import from AlmaLinux stable repository

import UBI dnf-4.7.0-20.el8
2024-05-31 17:33:35 +00:00 · 2024-05-22 14:29:50 +00:00
6 changed files with 1402 additions and 4 deletions
--- a/.dnf.metadata
+++ b/.dnf.metadata
@ -1 +0,0 @@
-f9c31cf46094c4bbf021e1872a9eb72d8a3f2136 SOURCES/dnf-4.7.0.tar.gz
--- a/SOURCES/0045-RHEL-1245-Remove-usrbin-from-syspath-noimpor-garbage.patch
+++ b/SOURCES/0045-RHEL-1245-Remove-usrbin-from-syspath-noimpor-garbage.patch
@ -0,0 +1,85 @@
+From 29f4df4bf7bf7cb9099dbc7c834441ce4e75b623 Mon Sep 17 00:00:00 2001
+From: Miro Hrončok <miro@hroncok.cz>
+Date: Wed, 23 Feb 2022 13:25:12 +0100
+Subject: [PATCH] RHEL-1245: Remove /usr/bin from sys.path to avoid accidentally importing garbage
+
+See https://bugzilla.redhat.com/show_bug.cgi?id=2057340
+and https://github.com/benjaminp/six/issues/359
+
+dnf should never import Python modules from /usr/bin but users can
+have files in there that look like Python modules and Python will
+try to import them and fail.
+
+Consider a tool that is *not* written in Python and is called "copy.pyc".
+Naturally, it resides in /usr/bin/copy.pyc and dnf fails:
+
+    Traceback (most recent call last):
+      File "/usr/bin/dnf", line 57, in <module>
+        from dnf.cli import main
+      File "/usr/lib/python3.10/site-packages/dnf/__init__.py", line 30, in <module>
+        import dnf.base
+      File "/usr/lib/python3.10/site-packages/dnf/base.py", line 31, in <module>
+        from copy import deepcopy
+    ImportError: bad magic number in 'copy': b'...'
+
+Similarly, a tool actually written in Python, called "copy.py"
+might as well own /usr/bin/copy.py and dnf fails as well:
+
+    Traceback (most recent call last):
+      File "/usr/bin/dnf", line 57, in <module>
+        from dnf.cli import main
+      File "/usr/lib/python3.10/site-packages/dnf/__init__.py", line 30, in <module>
+        import dnf.base
+      File "/usr/lib/python3.10/site-packages/dnf/base.py", line 31, in <module>
+        from copy import deepcopy
+    ImportError: cannot import name 'deepcopy' from 'copy' (/usr/bin/copy.py)
+
+Either problem can happen for a variety of names.
+We better not let that happen.
+
+A more general solution that would prevent Python doing this entirely
+does not exists yet, see https://discuss.python.org/t/4235
+
+Hence, proposing this to dnf, which is a critical piece of the system.
+---
+ bin/dnf-automatic.in | 6 +++++-
+ bin/dnf.in           | 6 +++++-
+ 2 files changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/bin/dnf-automatic.in b/bin/dnf-automatic.in
+index 5b06aa2..17e35a0 100755
+--- a/bin/dnf-automatic.in
+++ b/bin/dnf-automatic.in
+@@ -23,7 +23,11 @@ import os
+ import sys
+ 
+ here = sys.path[0]
+-if here != '/usr/bin':
+if here == '/usr/bin':
+    # we never import Python modules from /usr/bin
+    # removing this lowers the risk of accidental imports of weird files
+    del sys.path[0]
+else:
+     # git checkout
+     dnf_toplevel = os.path.dirname(here)
+     sys.path[0] = dnf_toplevel
+diff --git a/bin/dnf.in b/bin/dnf.in
+index 645d0f0..55ceb3f 100755
+--- a/bin/dnf.in
+++ b/bin/dnf.in
+@@ -48,7 +48,11 @@ if __name__ != "__main__":
+     sys.exit(1)
+ 
+ here = sys.path[0]
+-if here != '/usr/bin':
+if here == '/usr/bin':
+    # we never import Python modules from /usr/bin
+    # removing this lowers the risk of accidental imports of weird files
+    del sys.path[0]
+else:
+     # git checkout
+     import os
+     dnf_toplevel = os.path.dirname(here)
+--
+libgit2 1.6.4
+
--- a/SOURCES/0046-RHEL-6393-Fix-japanese-translations.patch
+++ b/SOURCES/0046-RHEL-6393-Fix-japanese-translations.patch
--- a/SOURCES/0047-RHEL-11786-Fix-substitution-in-kvp-in-add_new_repo.patch
+++ b/SOURCES/0047-RHEL-11786-Fix-substitution-in-kvp-in-add_new_repo.patch
@ -0,0 +1,53 @@
+From 8bc3b7a217de41c0a9bc52cd9cac50cde9e9ee65 Mon Sep 17 00:00:00 2001
+From: Anish Bhatt <anish.bhatt@salesforce.com>
+Date: Mon, 10 Jul 2023 10:09:17 -0700
+Subject: [PATCH] When parsing over a KVP list, do not return till the whole
+ list is parsed
+
+---
+ dnf/repodict.py | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/dnf/repodict.py b/dnf/repodict.py
+index ffa0f8ed..82c05ac0 100644
+--- a/dnf/repodict.py
+++ b/dnf/repodict.py
+@@ -79,8 +79,8 @@ class RepoDict(dict):
+                     if isinstance(value, str):
+                         substituted.append(
+                             libdnf.conf.ConfigParser.substitute(value, conf.substitutions))
+-                    if substituted:
+-                        return substituted
+                if substituted:
+                    return substituted
+             return values
+ 
+         repo = dnf.repo.Repo(repoid, conf)
+-- 
+2.41.0
+
+
+From 89c6f3633f55acd31d44a487ce76dd89c12d795c Mon Sep 17 00:00:00 2001
+From: Anish Bhatt <anish.bhatt@salesforce.com>
+Date: Mon, 10 Jul 2023 10:10:30 -0700
+Subject: [PATCH] Add to authors
+
+---
+ AUTHORS | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/AUTHORS b/AUTHORS
+index 0077c7ea..eb1e0121 100644
+--- a/AUTHORS
+++ b/AUTHORS
+@@ -63,6 +63,7 @@ DNF CONTRIBUTORS
+     Adam Williamson <awilliam@redhat.com>
+     Albert Uchytil <auchytil@redhat.com>
+     Alberto Ruiz <aruiz@redhat.com>
+    Anish Bhatt <anish.bhatt@salesforce.com>
+     Baurzhan Muftakhidinov <baurthefirst@gmail.com>
+     Christopher Meng <cickumqt@gmail.com>
+     Daniel Mach <dmach@redhat.com>
+-- 
+2.41.0
+
--- a/SOURCES/almalinux_bugtracker.patch
+++ b/SOURCES/almalinux_bugtracker.patch
@ -0,0 +1,32 @@
+diff -aruN dnf-4.7.0/dnf/const.py.in dnf-4.7.0_alma/dnf/const.py.in
+--- dnf-4.7.0/dnf/const.py.in	2021-04-12 18:26:33.000000000 +0300
+++ dnf-4.7.0_alma/dnf/const.py.in	2021-12-30 10:30:33.806575400 +0300
+@@ -55,4 +55,4 @@
+ USER_AGENT = "dnf/%s" % VERSION
+ 
+ BUGTRACKER_COMPONENT=NAME.lower()
+-BUGTRACKER='https://bugzilla.redhat.com/enter_bug.cgi?product=Fedora&component=%s' % BUGTRACKER_COMPONENT
+BUGTRACKER='https://bugs.almalinux.org/'
+diff -aruN dnf-4.7.0/doc/conf.py.in dnf-4.7.0_alma/doc/conf.py.in
+--- dnf-4.7.0/doc/conf.py.in	2021-04-12 18:26:33.000000000 +0300
+++ dnf-4.7.0_alma/doc/conf.py.in	2021-12-30 10:34:07.810855800 +0300
+@@ -267,5 +267,5 @@
+ .. _DNF: https://github.com/rpm-software-management/dnf/
+ .. _hawkey: http://rpm-software-management.github.io/hawkey/
+ .. _YUM: http://yum.baseurl.org/
+-.. _bugzilla: https://bugzilla.redhat.com/enter_bug.cgi?product=Fedora&component=dnf
+.. _bugzilla: https://bugs.almalinux.org/
+ """
+diff -aruN dnf-4.7.0/tests/test_config.py dnf-4.7.0_alma/tests/test_config.py
+--- dnf-4.7.0/tests/test_config.py	2021-04-12 18:26:33.000000000 +0300
+++ dnf-4.7.0_alma/tests/test_config.py	2021-12-30 10:33:24.147815500 +0300
+@@ -55,8 +55,7 @@
+     def test_bugtracker(self):
+         conf = Conf()
+         self.assertEqual(conf.bugtracker_url,
+-                         "https://bugzilla.redhat.com/enter_bug.cgi" +
+-                         "?product=Fedora&component=dnf")
+                         "https://bugs.almalinux.org/")
+ 
+     def test_conf_from_file(self):
+         conf = Conf()
--- a/SPECS/dnf.spec
+++ b/SPECS/dnf.spec
@ -66,7 +66,7 @@ It supports RPMs, modules and comps groups & environments.

 Name:           dnf
 Version:        4.7.0
-Release:        19%{?dist}
+Release:        20%{?dist}.alma
 Summary:        %{pkg_summary}
 # For a breakdown of the licensing, see PACKAGE-LICENSING
 License:        GPLv2+
@ -120,8 +120,14 @@ Patch0041:      0041-Omit-src-RPMs-from-check-update-RhBug-2151910.patch
 Patch0042:      0042-Backport-automatic-Fix-onl-detect-proxy-RhBz2022440.patch
 Patch0043:      0043-automatic-Return-an-error-when-transaction-fails-RhB.patch
 Patch0044:      0044-Document-symbols-in-dnf-history-list-output.patch
+Patch0045:      0045-RHEL-1245-Remove-usrbin-from-syspath-noimpor-garbage.patch
+Patch0046:      0046-RHEL-6393-Fix-japanese-translations.patch
+Patch0047:      0047-RHEL-11786-Fix-substitution-in-kvp-in-add_new_repo.patch


+#Almalinux patches
+Patch10000:     almalinux_bugtracker.patch
+
 BuildArch:      noarch
 BuildRequires:  cmake
 BuildRequires:  gettext
@ -420,9 +426,15 @@ popd
 %{python3_sitelib}/%{name}/automatic/

 %changelog
+* Wed Mar 27 2024 Eduard Abdullin <eabdullin@almalinux.org> - 4.7.0-20.alma
+- AlmaLinux changes
+
+* Mon Oct 16 2023 Jaroslav Rohel <jrohel@redhat.com> - 4.7.0-20
+- Remove /usr/bin from sys.path to avoid accidentally importing garbage (RHEL-1245)
+- Fix japanese translations (RHEL-6393)
+- Fix substitution in kay-value-pair list in add_new_repo (RHEL-11786)
 * Wed Jun 28 2023 Jaroslav Rohel <jrohel@redhat.com> - 4.7.0-19
 - Document symbols in `dnf history list` output (RhBug:2172067)
-
 * Wed May 31 2023 Nicola Sella <nsella@redhat.com> - 4.7.0-18
 - Return an error when transaction fails (RhBug:2170093)

@ -436,7 +448,6 @@ popd
 * Thu Jan 05 2023 Nicola Sella <nsella@redhat.com> - 4.7.0-15
 - Ignore processing variable files with unsupported encoding (RhBug:2141215)
 - Better explain traceback of rpm.error with dnf
-
 * Wed Nov 30 2022 Nicola Sella <nsella@redhat.com> - 4.7.0-14
 - Document changes to offline-upgrade command (RhBug:1939975,2139324)
Author	SHA1	Message	Date
eabdullin	bd2abd9099	Import from AlmaLinux stable repository	2024-05-31 17:33:35 +00:00
eabdullin	79a532a9b3	import UBI dnf-4.7.0-20.el8	2024-05-22 14:29:50 +00:00
				`@ -1 +0,0 @@`
				`f9c31cf46094c4bbf021e1872a9eb72d8a3f2136 SOURCES/dnf-4.7.0.tar.gz`