Compare commits

...

No commits in common. "c8" and "c9s" have entirely different histories.
c8 ... c9s

21 changed files with 243 additions and 44 deletions

7
.gitignore vendored
View File

@ -1 +1,6 @@
SOURCES/less-530.tar.gz /less-530.tar.gz
/less-550.tar.gz
/less-551.tar.gz
/less-568.tar.gz
/less-575.tar.gz
/less-590.tar.gz

View File

@ -1 +0,0 @@
d8ba1f43e88b706ef701f978cd3262b5b44dffd6 SOURCES/less-530.tar.gz

6
gating.yaml Normal file
View File

@ -0,0 +1,6 @@
--- !Policy
product_versions:
- rhel-9
decision_context: osci_compose_gate
rules:
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional}

View File

@ -1,22 +1,24 @@
diff -up less-466/less.nro.filters-man less-466/less.nro diff -up less-466/less.nro.filters-man less-466/less.nro
--- less-466/less.nro.filters-man 2014-09-18 14:32:32.124111631 +0200 --- less-466/less.nro.filters-man 2014-09-18 14:32:32.124111631 +0200
+++ less-466/less.nro 2014-09-18 14:32:39.548177152 +0200 +++ less-466/less.nro 2014-09-18 14:32:39.548177152 +0200
@@ -1234,6 +1234,18 @@ Similarly, if the first two characters o @@ -1323,7 +1323,19 @@ Similarly, if the first two characters of LESSOPEN are vertical bar and dash
the input pipe is used on standard input as well as other files. the input pipe is used on standard input as well as other files.
Again, in this case the dash is not considered to be part of Again, in this case the dash is not considered to be part of
the input pipe command. the input pipe command.
-.
+.PP +.PP
+There are used following files to set up default preprocessor: +There are used following files to set up default preprocessor:
+.br +.br
+ /etc/profile.d/less.sh + /etc/profile.d/less.sh
+.br +.br
+ /etc/profile.d/less.csh + /etc/profile.d/less.csh
+.br +.br
+These files set up /usr/bin/lesspipe.sh as a default filter. An user defined +These files set up /usr/bin/lesspipe.sh as a default filter. An user defined
+filter can be specified in ~/.lessfilter. This file should have an execute bit +filter can be specified in ~/.lessfilter. This file should have an execute bit
+set and accept only one parameter, which represents a filename. If +set and accept only one parameter, which represents a filename. If
+the user defined filter process the file, zero should be returned. Otherwise +the user defined filter process the file, zero should be returned. Otherwise
+~/.lessfilter tries to handle the file. +~/.lessfilter tries to handle the file.
+
.SH "NATIONAL CHARACTER SETS" .SH "NATIONAL CHARACTER SETS"
There are three types of characters in the input file: There are three types of characters in the input file:
.IP "normal characters"

View File

@ -2,7 +2,7 @@ diff -upr less-458_orig/lessecho.c less-458_work/lessecho.c
--- less-458_orig/lessecho.c 2013-05-07 14:03:52.091104655 +0200 --- less-458_orig/lessecho.c 2013-05-07 14:03:52.091104655 +0200
+++ less-458_work/lessecho.c 2013-05-07 11:21:10.883991862 +0200 +++ less-458_work/lessecho.c 2013-05-07 11:21:10.883991862 +0200
@@ -41,7 +41,27 @@ static int num_metachars = 0; @@ -41,7 +41,27 @@ static int num_metachars = 0;
pr_usage() pr_usage(VOID_PARAM)
{ {
fprintf(stderr, fprintf(stderr,
- "usage: lessecho [-ox] [-cx] [-pn] [-dn] [-mx] [-nn] [-ex] [-fn] [-a] file ...\n"); - "usage: lessecho [-ox] [-cx] [-pn] [-dn] [-mx] [-nn] [-ex] [-fn] [-a] file ...\n");

View File

@ -2,8 +2,8 @@ diff -upr less-458_orig/lesskey.c less-458_work/lesskey.c
--- less-458_orig/lesskey.c 2013-05-07 14:03:52.062104533 +0200 --- less-458_orig/lesskey.c 2013-05-07 14:03:52.062104533 +0200
+++ less-458_work/lesskey.c 2013-05-07 11:21:10.881991855 +0200 +++ less-458_work/lesskey.c 2013-05-07 11:21:10.881991855 +0200
@@ -217,7 +217,15 @@ extern char version[]; @@ -217,7 +217,15 @@ extern char version[];
void static void
usage() usage(void)
{ {
- fprintf(stderr, "usage: lesskey [-o output] [input]\n"); - fprintf(stderr, "usage: lesskey [-o output] [input]\n");
+ fprintf(stderr, "usage: lesskey [-o output] [input]\n\n"); + fprintf(stderr, "usage: lesskey [-o output] [input]\n\n");

View File

@ -1,7 +1,15 @@
diff -ur less-418.orig/configure.ac less-418/configure.ac From 5396b6b77d0248678f716038dc747d6898acb0b3 Mon Sep 17 00:00:00 2001
--- less-418.orig/configure.ac 2008-12-22 07:10:44.000000000 -0500 From: Stephen Gallagher <sgallagh@redhat.com>
+++ less-418/configure.ac 2008-12-22 07:28:58.000000000 -0500 Date: Fri, 22 Jan 2021 09:49:13 -0500
@@ -203,6 +203,8 @@ Subject: [PATCH] Test for fsync on tty
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
Modified for less 581.2 Filip Januš <fjanus@redhat.com>
diff -ur less-581.2/configure.ac less_fsync/configure.ac
--- less-581.2/configure.ac 2021-04-28 17:00:08.000000000 +0200
+++ less_fsync/configure.ac 2021-05-06 10:59:07.560062397 +0200
@@ -221,6 +221,8 @@
[Define HAVE_TIME_T if your system supports the "time_t" type.]) [Define HAVE_TIME_T if your system supports the "time_t" type.])
AH_TEMPLATE([HAVE_STRERROR], AH_TEMPLATE([HAVE_STRERROR],
[Define HAVE_STRERROR if you have the strerror() function.]) [Define HAVE_STRERROR if you have the strerror() function.])
@ -10,16 +18,16 @@ diff -ur less-418.orig/configure.ac less-418/configure.ac
AH_TEMPLATE([HAVE_FILENO], AH_TEMPLATE([HAVE_FILENO],
[Define HAVE_FILENO if you have the fileno() macro.]) [Define HAVE_FILENO if you have the fileno() macro.])
AH_TEMPLATE([HAVE_ERRNO], AH_TEMPLATE([HAVE_ERRNO],
@@ -251,7 +253,7 @@ @@ -274,7 +276,7 @@
# Checks for library functions. # Checks for library functions.
AC_TYPE_SIGNAL AC_TYPE_SIGNAL
-AC_CHECK_FUNCS([fsync popen _setjmp sigprocmask sigsetmask snprintf stat system fchmod]) -AC_CHECK_FUNCS([fchmod fsync nanosleep poll popen realpath _setjmp sigprocmask sigsetmask snprintf stat system ttyname usleep])
+AC_CHECK_FUNCS([popen _setjmp sigprocmask sigsetmask snprintf stat system fchmod]) +AC_CHECK_FUNCS([fchmod nanosleep poll popen realpath _setjmp sigprocmask sigsetmask snprintf stat system ttyname usleep])
# AC_CHECK_FUNCS may not work for inline functions, so test these separately. # AC_CHECK_FUNCS may not work for inline functions, so test these separately.
AC_MSG_CHECKING(for memcpy) AC_MSG_CHECKING(for memcpy)
@@ -298,6 +300,16 @@ @@ -321,6 +323,16 @@
#endif], [static char *x; x = strerror(0);], #endif], [static char *x; x = strerror(0);],
[AC_MSG_RESULT(yes); AC_DEFINE(HAVE_STRERROR)], [AC_MSG_RESULT(no)]) [AC_MSG_RESULT(yes); AC_DEFINE(HAVE_STRERROR)], [AC_MSG_RESULT(no)])

View File

@ -0,0 +1,21 @@
commit a78e1351113cef564d790a730d657a321624d79c
Author: Mark Nudelman <markn@greenwoodsoftware.com>
Date: Fri Oct 7 19:25:46 2022 -0700
End OSC8 hyperlink on invalid embedded escape sequence.
diff --git a/line.c b/line.c
index 236c49a..cba7bdd 100644
--- a/line.c
+++ b/line.c
@@ -633,8 +633,8 @@ ansi_step(pansi, ch)
/* Hyperlink ends with \7 or ESC-backslash. */
if (ch == '\7')
return ANSI_END;
- if (pansi->prev_esc && ch == '\\')
- return ANSI_END;
+ if (pansi->prev_esc)
+ return (ch == '\\') ? ANSI_END : ANSI_ERR;
pansi->prev_esc = (ch == ESC);
return ANSI_MID;
}

26
less-590-fix_sast1.patch Normal file
View File

@ -0,0 +1,26 @@
diff -up less-590/command.c.fix_sast1 less-590/command.c
--- less-590/command.c.fix_sast1 2021-06-03 19:45:48.000000000 +0200
+++ less-590/command.c 2024-08-06 23:28:58.042048590 +0200
@@ -927,8 +927,8 @@ getcc_repl(orig, repl, gr_getc, gr_unget
LWCHAR (*gr_getc)(VOID_PARAM);
void (*gr_ungetc)(LWCHAR);
{
- LWCHAR c;
- LWCHAR keys[16];
+ char c;
+ char keys[16];
int ki = 0;
c = (*gr_getc)();
diff -up less-590/decode.c.fix_sast1 less-590/decode.c
--- less-590/decode.c.fix_sast1 2024-08-06 23:28:58.041048580 +0200
+++ less-590/decode.c 2024-08-06 23:29:55.715615701 +0200
@@ -934,7 +934,7 @@ add_hometable(call_lesskey, envname, def
char *def_filename;
int sysvar;
{
- char *filename;
+ char *filename = NULL;
int r;
if (envname != NULL && (filename = lgetenv(envname)) != NULL)

53
less-590-fix_sast2.patch Normal file
View File

@ -0,0 +1,53 @@
diff -up less-590/lesskey_parse.c.fix_sast2 less-590/lesskey_parse.c
--- less-590/lesskey_parse.c.fix_sast2 2024-08-06 23:42:33.839079731 +0200
+++ less-590/lesskey_parse.c 2024-08-06 23:47:17.433874330 +0200
@@ -548,9 +548,9 @@ parse_lesskey(infile, tables)
FILE *desc;
char line[1024];
- if (infile == NULL)
- infile = homefile(DEF_LESSKEYINFILE);
- lesskey_file = infile;
+ lesskey_file = (infile != NULL) ? strdup(infile) : homefile(DEF_LESSKEYINFILE);
+ if (lesskey_file == NULL)
+ return (-1);
init_tables(tables);
errors = 0;
@@ -559,22 +559,29 @@ parse_lesskey(infile, tables)
/*
* Open the input file.
*/
- if (strcmp(infile, "-") == 0)
+ if (strcmp(lesskey_file, "-") == 0)
desc = stdin;
- else if ((desc = fopen(infile, "r")) == NULL)
+ else if ((desc = fopen(lesskey_file, "r")) == NULL)
{
- /* parse_error("cannot open lesskey file ", infile); */
- return (-1);
+ /* parse_error("cannot open lesskey file %s", lesskey_file); */
+ errors = -1;
}
/*
* Read and parse the input file, one line at a time.
*/
- while (fgets(line, sizeof(line), desc) != NULL)
+ if (desc != NULL)
{
- ++linenum;
- parse_line(line, tables);
+ while (fgets(line, sizeof(line), desc) != NULL)
+ {
+ ++linenum;
+ parse_line(line, tables);
+ }
+ if (desc != stdin)
+ fclose(desc);
}
+ free(lesskey_file);
+ lesskey_file = NULL;
return (errors);
}

View File

@ -1,26 +1,36 @@
Summary: A text file browser similar to more, but better Summary: A text file browser similar to more, but better
Name: less Name: less
Version: 530 Version: 590
Release: 3%{?dist} Release: 5%{?dist}
License: GPLv3+ or BSD License: GPLv3+ or BSD
Group: Applications/Text Source0: https://www.greenwoodsoftware.com/less/%{name}-%{version}.tar.gz
Source: http://www.greenwoodsoftware.com/less/%{name}-%{version}.tar.gz
Source1: lesspipe.sh Source1: lesspipe.sh
Source2: less.sh Source2: less.sh
Source3: less.csh Source3: less.csh
Patch4: less-394-time.patch Patch4: less-394-time.patch
Patch5: less-418-fsync.patch Patch5: less-475-fsync.patch
Patch6: less-436-manpage-add-old-bot-option.patch Patch6: less-436-manpage-add-old-bot-option.patch
Patch7: less-436-help.patch Patch7: less-436-help.patch
Patch8: less-458-lessecho-usage.patch Patch8: less-458-lessecho-usage.patch
Patch9: less-458-less-filters-man.patch Patch9: less-458-less-filters-man.patch
Patch10: less-458-lesskey-usage.patch Patch10: less-458-lesskey-usage.patch
Patch11: less-458-old-bot-in-help.patch Patch11: less-458-old-bot-in-help.patch
Patch12: less-530-CVE-2022-48624.patch Patch12: less-590-CVE-2022-46663.patch
Patch13: less-530-CVE-2024-32487.patch Patch13: less-590-CVE-2022-48624.patch
URL: http://www.greenwoodsoftware.com/less/ # from upstream, for less < 661 , RHEL-32739
Patch14: less-590-CVE-2024-32487.patch
# from upstream, for less < 661, RHEL-51178
# based on https://github.com/gwsw/less/commit/2a79e5cd341f9c8437a71096c23c8fe8e94b7d0a
# based on https://github.com/gwsw/less/commit/987ebdc424c4865bf883eb0b11aea2b261b353f2
Patch15: less-590-fix_sast1.patch
# from upstream, for less < 661, based on commit#1649cc355a9eb824837feb4359828f5627e2eb69, RHEL-51178
Patch16: less-590-fix_sast2.patch
URL: https://www.greenwoodsoftware.com/less/
BuildRequires: ncurses-devel BuildRequires: ncurses-devel
BuildRequires: autoconf automake libtool BuildRequires: autoconf automake libtool
BuildRequires: make
%description %description
The less utility is a text file browser that resembles more, but has The less utility is a text file browser that resembles more, but has
@ -34,28 +44,31 @@ files, and you'll use it frequently.
%prep %prep
%setup -q %setup -q
%patch4 -p1 -b .time %patch -P 4 -p1 -b .time
%patch5 -p1 -b .fsync %patch -P 5 -p1 -b .fsync
%patch6 -p1 -b .manpage-add-old-bot-option %patch -P 6 -p1 -b .manpage-add-old-bot-option
%patch7 -p1 -b .help %patch -P 7 -p1 -b .help
%patch8 -p1 -b .lessecho-usage %patch -P 8 -p1 -b .lessecho-usage
%patch9 -p1 -b .less-filters-man %patch -P 9 -p1 -b .less-filters-man
%patch10 -p1 -b .lesskey-usage %patch -P 10 -p1 -b .lesskey-usage
%patch11 -p1 -b .old-bot %patch -P 11 -p1 -b .old-bot
%patch12 -p1 -b .CVE-2022-48624 %patch -P 12 -p1 -b .CVE-2022-46663
%patch13 -p1 -b .CVE-2024-32487 %patch -P 13 -p1 -b .CVE-2022-48624
%patch -P 14 -p1 -b .CVE-2024-32487
%patch -P 15 -p1 -b .fix_sast1
%patch -P 16 -p1 -b .fix_sast2
%build %build
rm -f ./configure rm -f ./configure
autoreconf -fiv autoreconf -fiv
%configure %configure
make %{?_smp_mflags} CFLAGS="%{optflags} -D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64" %make_build CFLAGS="%{optflags} -D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64"
%install %install
%make_install %make_install
mkdir -p $RPM_BUILD_ROOT/etc/profile.d mkdir -p $RPM_BUILD_ROOT/etc/profile.d
install -p %{SOURCE1} $RPM_BUILD_ROOT/%{_bindir} install -p %{SOURCE1} $RPM_BUILD_ROOT%{_bindir}
install -p -m 644 %{SOURCE2} $RPM_BUILD_ROOT/etc/profile.d install -p -m 644 %{SOURCE2} $RPM_BUILD_ROOT/etc/profile.d
install -p -m 644 %{SOURCE3} $RPM_BUILD_ROOT/etc/profile.d install -p -m 644 %{SOURCE3} $RPM_BUILD_ROOT/etc/profile.d
@ -67,13 +80,69 @@ install -p -m 644 %{SOURCE3} $RPM_BUILD_ROOT/etc/profile.d
%{_mandir}/man1/* %{_mandir}/man1/*
%changelog %changelog
* Tue Apr 23 2024 Matej Mužila <mmuzila@redhat.com> - 530-3 * Tue Aug 06 2024 Michal Hlavinka <mhlavink@redhat.com> - 590-5
- Fix CVE-2024-32487 - fix static analysis findings (RHEL-51178)
- Resolves: RHEL-32738
* Wed Feb 21 2024 Matej Mužila <mmuzila@redhat.com> - 530-2 * Tue Aug 06 2024 Michal Hlavinka <mhlavink@redhat.com> - 590-4
- fix less with LESSOPEN allowing command injection (CVE-2024-32487) (RHEL-32739)
* Wed Feb 21 2024 Matej Mužila <mmuzila@redhat.com> 590-3
- Fix CVE-2022-48624 - Fix CVE-2022-48624
- Resolves: RHEL-26124 - Resolves: RHEL-26265
* Thu Apr 20 2023 Matej Mužila <mmuzila@redhat.com> 590-2
- Fix CVE-2022-46663
- Resolves: CVE-2022-46663
* Tue Apr 19 2022 Honza Horak <hhorak@redhat.com> - 590-1
- Update to the version 590
- Also solves the "message overlay" in the terminal
Resolves: #2062188
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 575-4
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 575-3
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 575-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Fri Jan 22 2021 Stephen Gallagher <sgallagh@redhat.com> - 575-1
- Update to latest version (#1919119)
* Mon Nov 30 2020 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 568-1
- Update to latest version (#1818534)
* Thu Aug 20 2020 Andrew Schorr <ajschorr@fedoraproject.org> - 551-5
- Add zstd and brotli support to lesspipe.sh
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 551-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 551-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 551-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Wed Jul 17 2019 Matej Mužila <mmuzila@redhat.com> - 551-1
- Update to new upstream release
- Resolves: #1719419
* Tue Jun 04 2019 Matej Mužila <mmuzila@redhat.com> - 550-1
- Update to new upstream release
- Resolves: #1674080
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 530-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Jan 09 2019 Pavel Raiskup <praiskup@redhat.com> - 530-3
- add lzip compression support into lesspipe.sh (rhbz#1664383)
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 530-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Sat Feb 17 2018 Pavel Raiskup <praiskup@redhat.com> - 530-1 * Sat Feb 17 2018 Pavel Raiskup <praiskup@redhat.com> - 530-1
- new release, per upstream release notes: - new release, per upstream release notes:

View File

@ -51,10 +51,13 @@ manfilter ()
export MAN_KEEP_FORMATTING=1 export MAN_KEEP_FORMATTING=1
case "$1" in case "$1" in
*.[1-9n].bz2|*.[1-9]x.bz2|*.man.bz2|*.[1-9n].[gx]z|*.[1-9]x.[gx]z|*.man.[gx]z|*.[1-9n].lzma|*.[1-9]x.lzma|*.man.lzma) *.[1-9n].bz2|*.[1-9]x.bz2|*.man.bz2|*.[1-9n].[glx]z|*.[1-9]x.[glx]z|*.man.[glx]z|*.[1-9n].lzma|*.[1-9]x.lzma|*.man.lzma|*.[1-9n].zst|*.[1-9]x.zst|*.man.zst|*.[1-9n].br|*.[1-9]x.br|*.man.br)
case "$1" in case "$1" in
*.gz) DECOMPRESSOR="gzip -dc" ;; *.gz) DECOMPRESSOR="gzip -dc" ;;
*.bz2) DECOMPRESSOR="bzip2 -dc" ;; *.bz2) DECOMPRESSOR="bzip2 -dc" ;;
*.lz) DECOMPRESSOR="lzip -dc" ;;
*.zst) DECOMPRESSOR="zstd -dcq" ;;
*.br) DECOMPRESSOR="brotli -dc" ;;
*.xz|*.lzma) DECOMPRESSOR="xz -dc" ;; *.xz|*.lzma) DECOMPRESSOR="xz -dc" ;;
esac esac
if [ -n "$DECOMPRESSOR" ] && $DECOMPRESSOR -- "$1" | file - | grep -q troff; then if [ -n "$DECOMPRESSOR" ] && $DECOMPRESSOR -- "$1" | file - | grep -q troff; then
@ -70,6 +73,12 @@ case "$1" in
*.tgz|*.tar.gz|*.tar.[zZ]) tar tzvvf "$1"; exit $? ;; *.tgz|*.tar.gz|*.tar.[zZ]) tar tzvvf "$1"; exit $? ;;
*.tar.xz) tar Jtvvf "$1"; exit $? ;; *.tar.xz) tar Jtvvf "$1"; exit $? ;;
*.xz|*.lzma) xz -dc -- "$1"; exit $? ;; *.xz|*.lzma) xz -dc -- "$1"; exit $? ;;
*.tar.lz) tar --lzip -tvvf "$1"; exit $? ;;
*.lz) lzip -dc -- "$1"; exit $? ;;
*.tar.zst) tar --zstd -tvvf "$1"; exit $? ;;
*.zst) zstd -dcq -- "$1"; exit $? ;;
*.tar.br) brotli -dc -- "$1" | tar tvvf -; exit $? ;;
*.br) brotli -dc -- "$1"; exit $? ;;
*.tar.bz2|*.tbz2) bzip2 -dc -- "$1" | tar tvvf -; exit $? ;; *.tar.bz2|*.tbz2) bzip2 -dc -- "$1" | tar tvvf -; exit $? ;;
*.[zZ]|*.gz) gzip -dc -- "$1"; exit $? ;; *.[zZ]|*.gz) gzip -dc -- "$1"; exit $? ;;
*.bz2) bzip2 -dc -- "$1"; exit $? ;; *.bz2) bzip2 -dc -- "$1"; exit $? ;;

1
sources Normal file
View File

@ -0,0 +1 @@
SHA512 (less-590.tar.gz) = 426fa5840fd43c17bd5a452ad35ad24f2d6684623c6914403fd0059af62266bf2138e6828c7d73a1cef26a736c0d2b8ed4ab180eea8297281dae79a4228eb903