Compare commits

...

No commits in common. "c9s" and "c8" have entirely different histories.
c9s ... c8

21 changed files with 44 additions and 243 deletions

7
.gitignore vendored
View File

@ -1,6 +1 @@
/less-530.tar.gz
/less-550.tar.gz
/less-551.tar.gz
/less-568.tar.gz
/less-575.tar.gz
/less-590.tar.gz
SOURCES/less-530.tar.gz

1
.less.metadata Normal file
View File

@ -0,0 +1 @@
d8ba1f43e88b706ef701f978cd3262b5b44dffd6 SOURCES/less-530.tar.gz

View File

@ -1,15 +1,7 @@
From 5396b6b77d0248678f716038dc747d6898acb0b3 Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Fri, 22 Jan 2021 09:49:13 -0500
Subject: [PATCH] Test for fsync on tty
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
Modified for less 581.2 Filip Januš <fjanus@redhat.com>
diff -ur less-581.2/configure.ac less_fsync/configure.ac
--- less-581.2/configure.ac 2021-04-28 17:00:08.000000000 +0200
+++ less_fsync/configure.ac 2021-05-06 10:59:07.560062397 +0200
@@ -221,6 +221,8 @@
diff -ur less-418.orig/configure.ac less-418/configure.ac
--- less-418.orig/configure.ac 2008-12-22 07:10:44.000000000 -0500
+++ less-418/configure.ac 2008-12-22 07:28:58.000000000 -0500
@@ -203,6 +203,8 @@
[Define HAVE_TIME_T if your system supports the "time_t" type.])
AH_TEMPLATE([HAVE_STRERROR],
[Define HAVE_STRERROR if you have the strerror() function.])
@ -18,16 +10,16 @@ diff -ur less-581.2/configure.ac less_fsync/configure.ac
AH_TEMPLATE([HAVE_FILENO],
[Define HAVE_FILENO if you have the fileno() macro.])
AH_TEMPLATE([HAVE_ERRNO],
@@ -274,7 +276,7 @@
@@ -251,7 +253,7 @@
# Checks for library functions.
AC_TYPE_SIGNAL
-AC_CHECK_FUNCS([fchmod fsync nanosleep poll popen realpath _setjmp sigprocmask sigsetmask snprintf stat system ttyname usleep])
+AC_CHECK_FUNCS([fchmod nanosleep poll popen realpath _setjmp sigprocmask sigsetmask snprintf stat system ttyname usleep])
-AC_CHECK_FUNCS([fsync popen _setjmp sigprocmask sigsetmask snprintf stat system fchmod])
+AC_CHECK_FUNCS([popen _setjmp sigprocmask sigsetmask snprintf stat system fchmod])
# AC_CHECK_FUNCS may not work for inline functions, so test these separately.
AC_MSG_CHECKING(for memcpy)
@@ -321,6 +323,16 @@
@@ -298,6 +300,16 @@
#endif], [static char *x; x = strerror(0);],
[AC_MSG_RESULT(yes); AC_DEFINE(HAVE_STRERROR)], [AC_MSG_RESULT(no)])

View File

@ -1,24 +1,22 @@
diff -up less-466/less.nro.filters-man less-466/less.nro
--- less-466/less.nro.filters-man 2014-09-18 14:32:32.124111631 +0200
+++ less-466/less.nro 2014-09-18 14:32:39.548177152 +0200
@@ -1323,7 +1323,19 @@ Similarly, if the first two characters of LESSOPEN are vertical bar and dash
@@ -1234,6 +1234,18 @@ Similarly, if the first two characters o
the input pipe is used on standard input as well as other files.
Again, in this case the dash is not considered to be part of
the input pipe command.
-.
+.PP
+There are used following files to set up default preprocessor:
+.br
+ /etc/profile.d/less.sh
+ /etc/profile.d/less.sh
+.br
+ /etc/profile.d/less.csh
+ /etc/profile.d/less.csh
+.br
+These files set up /usr/bin/lesspipe.sh as a default filter. An user defined
+filter can be specified in ~/.lessfilter. This file should have an execute bit
+set and accept only one parameter, which represents a filename. If
+the user defined filter process the file, zero should be returned. Otherwise
+~/.lessfilter tries to handle the file.
+
.SH "NATIONAL CHARACTER SETS"
There are three types of characters in the input file:
.IP "normal characters"

View File

@ -2,7 +2,7 @@ diff -upr less-458_orig/lessecho.c less-458_work/lessecho.c
--- less-458_orig/lessecho.c 2013-05-07 14:03:52.091104655 +0200
+++ less-458_work/lessecho.c 2013-05-07 11:21:10.883991862 +0200
@@ -41,7 +41,27 @@ static int num_metachars = 0;
pr_usage(VOID_PARAM)
pr_usage()
{
fprintf(stderr,
- "usage: lessecho [-ox] [-cx] [-pn] [-dn] [-mx] [-nn] [-ex] [-fn] [-a] file ...\n");

View File

@ -2,8 +2,8 @@ diff -upr less-458_orig/lesskey.c less-458_work/lesskey.c
--- less-458_orig/lesskey.c 2013-05-07 14:03:52.062104533 +0200
+++ less-458_work/lesskey.c 2013-05-07 11:21:10.881991855 +0200
@@ -217,7 +217,15 @@ extern char version[];
static void
usage(void)
void
usage()
{
- fprintf(stderr, "usage: lesskey [-o output] [input]\n");
+ fprintf(stderr, "usage: lesskey [-o output] [input]\n\n");

View File

@ -51,13 +51,10 @@ manfilter ()
export MAN_KEEP_FORMATTING=1
case "$1" in
*.[1-9n].bz2|*.[1-9]x.bz2|*.man.bz2|*.[1-9n].[glx]z|*.[1-9]x.[glx]z|*.man.[glx]z|*.[1-9n].lzma|*.[1-9]x.lzma|*.man.lzma|*.[1-9n].zst|*.[1-9]x.zst|*.man.zst|*.[1-9n].br|*.[1-9]x.br|*.man.br)
*.[1-9n].bz2|*.[1-9]x.bz2|*.man.bz2|*.[1-9n].[gx]z|*.[1-9]x.[gx]z|*.man.[gx]z|*.[1-9n].lzma|*.[1-9]x.lzma|*.man.lzma)
case "$1" in
*.gz) DECOMPRESSOR="gzip -dc" ;;
*.bz2) DECOMPRESSOR="bzip2 -dc" ;;
*.lz) DECOMPRESSOR="lzip -dc" ;;
*.zst) DECOMPRESSOR="zstd -dcq" ;;
*.br) DECOMPRESSOR="brotli -dc" ;;
*.xz|*.lzma) DECOMPRESSOR="xz -dc" ;;
esac
if [ -n "$DECOMPRESSOR" ] && $DECOMPRESSOR -- "$1" | file - | grep -q troff; then
@ -73,12 +70,6 @@ case "$1" in
*.tgz|*.tar.gz|*.tar.[zZ]) tar tzvvf "$1"; exit $? ;;
*.tar.xz) tar Jtvvf "$1"; exit $? ;;
*.xz|*.lzma) xz -dc -- "$1"; exit $? ;;
*.tar.lz) tar --lzip -tvvf "$1"; exit $? ;;
*.lz) lzip -dc -- "$1"; exit $? ;;
*.tar.zst) tar --zstd -tvvf "$1"; exit $? ;;
*.zst) zstd -dcq -- "$1"; exit $? ;;
*.tar.br) brotli -dc -- "$1" | tar tvvf -; exit $? ;;
*.br) brotli -dc -- "$1"; exit $? ;;
*.tar.bz2|*.tbz2) bzip2 -dc -- "$1" | tar tvvf -; exit $? ;;
*.[zZ]|*.gz) gzip -dc -- "$1"; exit $? ;;
*.bz2) bzip2 -dc -- "$1"; exit $? ;;

View File

@ -1,36 +1,26 @@
Summary: A text file browser similar to more, but better
Name: less
Version: 590
Release: 5%{?dist}
Version: 530
Release: 3%{?dist}
License: GPLv3+ or BSD
Source0: https://www.greenwoodsoftware.com/less/%{name}-%{version}.tar.gz
Group: Applications/Text
Source: http://www.greenwoodsoftware.com/less/%{name}-%{version}.tar.gz
Source1: lesspipe.sh
Source2: less.sh
Source3: less.csh
Patch4: less-394-time.patch
Patch5: less-475-fsync.patch
Patch5: less-418-fsync.patch
Patch6: less-436-manpage-add-old-bot-option.patch
Patch7: less-436-help.patch
Patch8: less-458-lessecho-usage.patch
Patch9: less-458-less-filters-man.patch
Patch10: less-458-lesskey-usage.patch
Patch11: less-458-old-bot-in-help.patch
Patch12: less-590-CVE-2022-46663.patch
Patch13: less-590-CVE-2022-48624.patch
# from upstream, for less < 661 , RHEL-32739
Patch14: less-590-CVE-2024-32487.patch
# from upstream, for less < 661, RHEL-51178
# based on https://github.com/gwsw/less/commit/2a79e5cd341f9c8437a71096c23c8fe8e94b7d0a
# based on https://github.com/gwsw/less/commit/987ebdc424c4865bf883eb0b11aea2b261b353f2
Patch15: less-590-fix_sast1.patch
# from upstream, for less < 661, based on commit#1649cc355a9eb824837feb4359828f5627e2eb69, RHEL-51178
Patch16: less-590-fix_sast2.patch
URL: https://www.greenwoodsoftware.com/less/
Patch12: less-530-CVE-2022-48624.patch
Patch13: less-530-CVE-2024-32487.patch
URL: http://www.greenwoodsoftware.com/less/
BuildRequires: ncurses-devel
BuildRequires: autoconf automake libtool
BuildRequires: make
%description
The less utility is a text file browser that resembles more, but has
@ -44,31 +34,28 @@ files, and you'll use it frequently.
%prep
%setup -q
%patch -P 4 -p1 -b .time
%patch -P 5 -p1 -b .fsync
%patch -P 6 -p1 -b .manpage-add-old-bot-option
%patch -P 7 -p1 -b .help
%patch -P 8 -p1 -b .lessecho-usage
%patch -P 9 -p1 -b .less-filters-man
%patch -P 10 -p1 -b .lesskey-usage
%patch -P 11 -p1 -b .old-bot
%patch -P 12 -p1 -b .CVE-2022-46663
%patch -P 13 -p1 -b .CVE-2022-48624
%patch -P 14 -p1 -b .CVE-2024-32487
%patch -P 15 -p1 -b .fix_sast1
%patch -P 16 -p1 -b .fix_sast2
%patch4 -p1 -b .time
%patch5 -p1 -b .fsync
%patch6 -p1 -b .manpage-add-old-bot-option
%patch7 -p1 -b .help
%patch8 -p1 -b .lessecho-usage
%patch9 -p1 -b .less-filters-man
%patch10 -p1 -b .lesskey-usage
%patch11 -p1 -b .old-bot
%patch12 -p1 -b .CVE-2022-48624
%patch13 -p1 -b .CVE-2024-32487
%build
rm -f ./configure
autoreconf -fiv
%configure
%make_build CFLAGS="%{optflags} -D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64"
make %{?_smp_mflags} CFLAGS="%{optflags} -D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64"
%install
%make_install
mkdir -p $RPM_BUILD_ROOT/etc/profile.d
install -p %{SOURCE1} $RPM_BUILD_ROOT%{_bindir}
install -p %{SOURCE1} $RPM_BUILD_ROOT/%{_bindir}
install -p -m 644 %{SOURCE2} $RPM_BUILD_ROOT/etc/profile.d
install -p -m 644 %{SOURCE3} $RPM_BUILD_ROOT/etc/profile.d
@ -80,69 +67,13 @@ install -p -m 644 %{SOURCE3} $RPM_BUILD_ROOT/etc/profile.d
%{_mandir}/man1/*
%changelog
* Tue Aug 06 2024 Michal Hlavinka <mhlavink@redhat.com> - 590-5
- fix static analysis findings (RHEL-51178)
* Tue Apr 23 2024 Matej Mužila <mmuzila@redhat.com> - 530-3
- Fix CVE-2024-32487
- Resolves: RHEL-32738
* Tue Aug 06 2024 Michal Hlavinka <mhlavink@redhat.com> - 590-4
- fix less with LESSOPEN allowing command injection (CVE-2024-32487) (RHEL-32739)
* Wed Feb 21 2024 Matej Mužila <mmuzila@redhat.com> 590-3
* Wed Feb 21 2024 Matej Mužila <mmuzila@redhat.com> - 530-2
- Fix CVE-2022-48624
- Resolves: RHEL-26265
* Thu Apr 20 2023 Matej Mužila <mmuzila@redhat.com> 590-2
- Fix CVE-2022-46663
- Resolves: CVE-2022-46663
* Tue Apr 19 2022 Honza Horak <hhorak@redhat.com> - 590-1
- Update to the version 590
- Also solves the "message overlay" in the terminal
Resolves: #2062188
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 575-4
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 575-3
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 575-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Fri Jan 22 2021 Stephen Gallagher <sgallagh@redhat.com> - 575-1
- Update to latest version (#1919119)
* Mon Nov 30 2020 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 568-1
- Update to latest version (#1818534)
* Thu Aug 20 2020 Andrew Schorr <ajschorr@fedoraproject.org> - 551-5
- Add zstd and brotli support to lesspipe.sh
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 551-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 551-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 551-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Wed Jul 17 2019 Matej Mužila <mmuzila@redhat.com> - 551-1
- Update to new upstream release
- Resolves: #1719419
* Tue Jun 04 2019 Matej Mužila <mmuzila@redhat.com> - 550-1
- Update to new upstream release
- Resolves: #1674080
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 530-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Jan 09 2019 Pavel Raiskup <praiskup@redhat.com> - 530-3
- add lzip compression support into lesspipe.sh (rhbz#1664383)
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 530-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
- Resolves: RHEL-26124
* Sat Feb 17 2018 Pavel Raiskup <praiskup@redhat.com> - 530-1
- new release, per upstream release notes:

View File

@ -1,6 +0,0 @@
--- !Policy
product_versions:
- rhel-9
decision_context: osci_compose_gate
rules:
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional}

View File

@ -1,21 +0,0 @@
commit a78e1351113cef564d790a730d657a321624d79c
Author: Mark Nudelman <markn@greenwoodsoftware.com>
Date: Fri Oct 7 19:25:46 2022 -0700
End OSC8 hyperlink on invalid embedded escape sequence.
diff --git a/line.c b/line.c
index 236c49a..cba7bdd 100644
--- a/line.c
+++ b/line.c
@@ -633,8 +633,8 @@ ansi_step(pansi, ch)
/* Hyperlink ends with \7 or ESC-backslash. */
if (ch == '\7')
return ANSI_END;
- if (pansi->prev_esc && ch == '\\')
- return ANSI_END;
+ if (pansi->prev_esc)
+ return (ch == '\\') ? ANSI_END : ANSI_ERR;
pansi->prev_esc = (ch == ESC);
return ANSI_MID;
}

View File

@ -1,26 +0,0 @@
diff -up less-590/command.c.fix_sast1 less-590/command.c
--- less-590/command.c.fix_sast1 2021-06-03 19:45:48.000000000 +0200
+++ less-590/command.c 2024-08-06 23:28:58.042048590 +0200
@@ -927,8 +927,8 @@ getcc_repl(orig, repl, gr_getc, gr_unget
LWCHAR (*gr_getc)(VOID_PARAM);
void (*gr_ungetc)(LWCHAR);
{
- LWCHAR c;
- LWCHAR keys[16];
+ char c;
+ char keys[16];
int ki = 0;
c = (*gr_getc)();
diff -up less-590/decode.c.fix_sast1 less-590/decode.c
--- less-590/decode.c.fix_sast1 2024-08-06 23:28:58.041048580 +0200
+++ less-590/decode.c 2024-08-06 23:29:55.715615701 +0200
@@ -934,7 +934,7 @@ add_hometable(call_lesskey, envname, def
char *def_filename;
int sysvar;
{
- char *filename;
+ char *filename = NULL;
int r;
if (envname != NULL && (filename = lgetenv(envname)) != NULL)

View File

@ -1,53 +0,0 @@
diff -up less-590/lesskey_parse.c.fix_sast2 less-590/lesskey_parse.c
--- less-590/lesskey_parse.c.fix_sast2 2024-08-06 23:42:33.839079731 +0200
+++ less-590/lesskey_parse.c 2024-08-06 23:47:17.433874330 +0200
@@ -548,9 +548,9 @@ parse_lesskey(infile, tables)
FILE *desc;
char line[1024];
- if (infile == NULL)
- infile = homefile(DEF_LESSKEYINFILE);
- lesskey_file = infile;
+ lesskey_file = (infile != NULL) ? strdup(infile) : homefile(DEF_LESSKEYINFILE);
+ if (lesskey_file == NULL)
+ return (-1);
init_tables(tables);
errors = 0;
@@ -559,22 +559,29 @@ parse_lesskey(infile, tables)
/*
* Open the input file.
*/
- if (strcmp(infile, "-") == 0)
+ if (strcmp(lesskey_file, "-") == 0)
desc = stdin;
- else if ((desc = fopen(infile, "r")) == NULL)
+ else if ((desc = fopen(lesskey_file, "r")) == NULL)
{
- /* parse_error("cannot open lesskey file ", infile); */
- return (-1);
+ /* parse_error("cannot open lesskey file %s", lesskey_file); */
+ errors = -1;
}
/*
* Read and parse the input file, one line at a time.
*/
- while (fgets(line, sizeof(line), desc) != NULL)
+ if (desc != NULL)
{
- ++linenum;
- parse_line(line, tables);
+ while (fgets(line, sizeof(line), desc) != NULL)
+ {
+ ++linenum;
+ parse_line(line, tables);
+ }
+ if (desc != stdin)
+ fclose(desc);
}
+ free(lesskey_file);
+ lesskey_file = NULL;
return (errors);
}

View File

@ -1 +0,0 @@
SHA512 (less-590.tar.gz) = 426fa5840fd43c17bd5a452ad35ad24f2d6684623c6914403fd0059af62266bf2138e6828c7d73a1cef26a736c0d2b8ed4ab180eea8297281dae79a4228eb903