From 995b09129eb230d822ca34c9bb90e9dfd670a1f4 Mon Sep 17 00:00:00 2001 From: eabdullin Date: Wed, 14 May 2025 19:14:32 +0000 Subject: [PATCH] import UBI nano-8.1-3.el10 --- .gitignore | 3 +- bensberg.pgp | 111 ++++++++ nano-2.9.8-emergency-file-replace-vuln.patch | 110 -------- nano-2.9.8.tar.gz.asc | 16 -- nano-8.1-fix-leak-after-linter-failure.patch | 35 +++ nano-8.1.tar.xz.asc | 16 ++ nano.spec | 265 ++++++++++++++++--- sources | 2 +- 8 files changed, 394 insertions(+), 164 deletions(-) create mode 100644 bensberg.pgp delete mode 100644 nano-2.9.8-emergency-file-replace-vuln.patch delete mode 100644 nano-2.9.8.tar.gz.asc create mode 100644 nano-8.1-fix-leak-after-linter-failure.patch create mode 100644 nano-8.1.tar.xz.asc diff --git a/.gitignore b/.gitignore index 3a95680..a38cc5e 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1 @@ -/nano-2.*.*.tar.gz -/nano-2.*.*/ +nano-8.1.tar.xz diff --git a/bensberg.pgp b/bensberg.pgp new file mode 100644 index 0000000..2ea04ab --- /dev/null +++ b/bensberg.pgp @@ -0,0 +1,111 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFpIq0sBEACnE8sA9tDg2oxTqBdAHiPoXKF/dYrwQYunov9ex2fvjy0iAdvt +CGkonr9gMQp1baD9Mo4KziCbGLTDvSciCwUY4s60aIytxsd3csK2YS5Irq9yFzef +htgedDta0SFTEw/UpZ1RbJnXayrSrPCsHNJn64cg+eQKW7L6EYjgvxZERzfKgjbv +kVYPuJ1HY5Ij20nHRYT+uxOsp1DJudWxUH0Py+rS5FG06fB0cuQM1Z25gN0O1E5F +6aU5GWfoAHyuCu+pKQqVAcFgvYFrliXQRn/gv0RgdynwQCIDe1hMmy0L776EYVla +K4MEmgC75SA6zVpGPnfwWSJzxNavAr4/5qpsmMcEGxO17l0MKSXU5M7dsC1KLeUd +W/LmD/cVR0xJibQVriYSw5ialKCOCtrPQo6+JhOgEwRU/b1sFSb2sIYz+Rf8dnCt +wugeESJ3CRHhfpj5kmcmfogWkzOh7IlHG6b9rJhizVsvbYbaoxu8detyvff9u3JK +LDDiFEUIkpsApAUQ59d8MfqatLbt4VoE+IL+MrlVGQ4a28Va0QO2OJCi9HzY7Ujb +lWjhEtdR9zfE6NTJDDrhnpJxA5IhQCpgzKXssyn53sLAcozTVqZ7N048sX1w8wa2 +LqNUeN7MpLMbdpi4/OCIpFFMM+dJ10p4Y6dz42qzcRE2A3W+t8IkF4oskQARAQAB +tCdCZW5ubyBTY2h1bGVuYmVyZyA8YmVuc2JlcmdAdGVsZm9ydC5ubD6JAj0EEwEI +ACcFAlpIq0sCGyMFCQlmAYAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQDSjU +0qCs6IS3MQ//eSw0UCww5Atp201cMH1iK1dLEEO3HUvcpVmUKELcDYXZNSWXZm0H +wAxqEW0bEv7e2A2IbQqT5gxbdkC0NmBc3X0W/YJqKBB20T9Fj4IPZb60vpRfzhCj +9SnMzaP5RZmMPTkPa6Dtif77q02MugBR7YdH+DohO7Xw7bAnKVw9exje5m8KqjP+ +kbUr8glQevMlXUYK3QgYwttfMgW9ISNhsPUpM5YrTWhjuOZGs0+xugS6xWWNXDQK +Pp3viV2in8KDOX3CX7U0mZ5CKA0crNbDv7ewet19DG6sKioGnNi29m57CN0j/cDD +cEgJmsdUd4KdGR5RGDMp/hoQJ1P+vEI+l74dJ9FHr8y1284ob6otvV8jdinwN7eL +Hx3AZ4izy3iAYpjNDY+BK/P6DY94+eFcxFmKg5A8YmgcZhIpm32zlR2ffPqIw5RV +nEi7CoTMfd/o0f/WauHggqRIoZZcZiHEe/BPpLW6XzogM94m79r1hHsQTAiFzt/Q +5tTbUG07VYfE2FNjKY24Bbqpyy+fF0jfTPVyP5p3LVPaliMhpRZ25Uwu3CCEke3L +5S/OYSkhf/AHkL/SvIiGDKVyzvLaUub9hffnJUc1VXtU7sunP0s+VDl/Cv0jPqUk +QjGzTxEX1Ah6WtG3R1pQGVlEkBx6oPLiRMMXs0dQX2tzxO/zmyJBvjq5Ag0EWkir +SwEQAMkeIxoTyEq0VfKwwsDzpHtC69NNtwmKh+AOdccCOfH20ad5pzg0R7ZAqKmF +ZeiGR4m3NyHszJ7T1BIZ6AQ4fzuJy/sybQc1lNvVoLlea/zGjOtsFysY0KMjdLx/ +OVMlJI3bOMz08s0lWAJTS14qMfLZKMO0KVyNEIGkNg6yPYricLncGblJP6Uxwh5v +3PdNK9u7IxOHtCsjGu/6yQCrvOX/LgVvX7HdsQ8hRAwkjLv3LS1unvtZc5ejiYon +0+6lKPLnrr4IYnXdaP+z8Z0fycAf9Csqh0ttgHOlTwbULAj5nf0S/qICe4kNL6aX +q5/dY2k0K31Zrj+0UXKLU0Tcw5Dp1gIkXG2LLPCRQCMbUHlK/9wag65UWro1bymO +Jj24KQi9c7w0UZg90Z2+PcQPb8lG+Vo3rxk5PZjzmJiYPOKNoMNX0mQjrDDPKWhY +o4DyG+IZK1XiRI6YnnKH/Sp44XEQvdFP4MnbtobsO3P5vcEt9o905EG49dnZfXis +o8j8LF2aLKF33ZwWupxNVFx1QmS5GN22+JTJGnye8RkUjU/vrVI98VJs8Bo81NT+ +XvX6IiTN1pvSewDBpwE8M1QOzXqdzRHz+IoilA5N02fEO/MgrvjtiQxNdcbq7QL+ +WrVdAaOhkkOpiqpBKtyTb2adIiCSn6nbcr/NSAEMjzUyhmrHABEBAAGJAiUEGAEI +AA8FAlpIq0sCGwwFCQlmAYAACgkQDSjU0qCs6ISz/Q/+Nlsv7oPF1WY+y0Jij3p5 +BtMWZ7wcKi668LI2C31bGz8logHfoLRISACREJo4HaT1SXbi5eRSobwD2zFViW+K +7FZ9m7GPHefqqB3siTZ+G0lWMB32v9NZCA4CGB8rRzkmklQqyQOeRdvMBnRDyKWu +f5du6ED1cPNUTh/pqSWoz6gf5OyYaOUHQ/dF54Fnpp3IuBinUYtgWkgvo2L90OGu +RXfbujY3iXSlbYDS4aw4WmFAM+t4ACaQ467bil1eahNwH/lYOl9KUlRH28ioLLbB +3ZXWqSTyZzUNFis/j96nDyj6x2Lxd/Il4+sQh3uFqmj9xaMVB7TYNse0438Qw3W/ +EPO7OlSZr6FZ5UM2BDHUnEuoq0D53BubbmT6vI5hoo1ArTnLr3RYntfIzjGIFdAt +zlYqJ9rEJHEq3y8Bn2sHGP8+zOSzWRo3iN4afv49+vCDXKwIDMoH+GMKhZXaDRsc +GkrAKCyD9BSZmnCkkQ32VIAS6MUaqNujHzmEcNuwN7nUzeD365Nx5qaKVTwqWgmQ +g3QWkGdknaYMg7f+ca3fnyekRJwxpZtWmUMZ2ueMTCi1KaLAYA2pg7Yyz5jo6jo9 +I6FdNHf0/M8lFzQLx4xbNBasbdVX67sAevLkmqcv8H+gSP1Lv7xLE9Wy1asZfBKf +WVynD/YeN/rgZpx3Jh1ccMyZAg0EY1EdrgEQAPEy6OhJrbPKDWZOHbHFuGjAuMNh +YwSHrwK881woPHS2UR3fQB7Cn85J2goPxjK/QR2xH5Gz6z0SShBnHSh0ElAuu1s/ +z4XfGkirFZs431WUOkuIyCM2Zthn8j4tqsbs80200dsgxBvSOAet1jgAk+YoKTWw +8I2gMne7G6F0eGQApP0Z3gLaPHHiGks0CFrWnANKKiB/xp6ySOqIgMzrmCnkbq8r +heq9RfdnaSDJXGy46mGWbkmMnwMThjwZTtzpYYqeQXrmH8FZSACAhiuAxKlvXyHQ +LIOY3qfFKmEkGUnDB1rlHUwQReN5PHjqxhkcXKgDcUfZ34nJ2E/Hs9gP7rmO9YI5 +f4JStG+im/IngSoiYf3nem7Wy6qRPZxFooNzb9rh8Bi3RxMrIH3Ce5RBgzrJ6R70 +PYPb8Xr2FCsk7mRsHUzhbVPss99qL2y3PWFu1zgQgn2roXurMda4Qrd0Vcaqkqvk +M6NNhJNeUew8f/SdHzXNURRkOtzUS+iL1c5K5rODD5GnVOGe447o1dPFJCK7hekU +4jTItbS7Rm25Iu3tpz1C4okEOR2TMGheCZwajE6gw6HtNrZVQiWgdt0eliUqpQX4 +vtHX7B5W5IkM/UaHbMcUkw+8FrXpDPPkEywS0DaRffssSolZDbH5fLYt0nksLskm +noaZ7qDeVf+O0hZrABEBAAG0J0Jlbm5vIFNjaHVsZW5iZXJnIDxiZW5zYmVyZ0B0 +ZWxmb3J0Lm5sPokCVAQTAQoAPhYhBBaOb0KXv9enmv1EllFLvi644ZYfBQJjUR5g +AhsDBQkNh2EpBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEFFLvi644ZYfDrAQ +AMKs+BXtfz2AavSK1tO+loet+Gqao/QvS/ARM4zOxSinjSMHCO4z9NYnIRAio3Lv +kRf5KznEniiveRQLbqi94zjMEhhjdSXtmXqeQJaAiHIP/yArsHy3dcdYAly3rgJv +vCpYdSb6QKz4QYS0LtHnT8Pvmn1ZCq1f6vVQxIL5mefU7Ufiqf0kdpBUdTGbjTAo +1wlgL4SUKgcy3UPh1pJXHG+wZCKYd2MAS/XXjPFWRFQWVJdFXugRdpFNpCXAcyxv +OIV3lW9SqYvlJI7MTx23ecMvArliWOQErEIRK48+qXr07v+vkZXx1YCUxFDH+2wO +fJlA81Xwy7tJ/ZPXaJWFy+1YPU0EsMxEXbuCTb0VEjmQuiWg/j6gU70iooiAxywK +UustOLSCTVRCCCWk0GUir0477mebVtx8i1mCgebmzTtu3vxr6mvDY+SWVQ4yK7Dw +uR1QG3POpL0niZqjFEWfNO9OnYuTYoEt/x+aVjsJTsFszAMsGo9FHyiuZ/wVf8A1 +Qo8vwnsT68KFp+5jkfY75+0WXtxrCsK56PMW68B1lXKB74JFv+oTzQ1FJ+Gm58fz +hMzCENe5BjkwgKmINR79+JnLvNhW1zbUcBTCnCfpyJJWm7r8EUfm4+7rYRxdBfk1 +kwdJKucur9DjUCMxSpCSSLM/KNqsJoaIu2qyDMcQ71SQtCdCZW5ubyBTY2h1bGVu +YmVyZyA8YmVuc2JlcmdAY29ldmVybi5ubD6JAlQEEwEKAD4WIQQWjm9Cl7/Xp5r9 +RJZRS74uuOGWHwUCY1EdrgIbAwUJDYdhKQULCQgHAgYVCgkICwIEFgIDAQIeAQIX +gAAKCRBRS74uuOGWHxWlEACJM0rFKPJ3f//AKH5pIDFPLv8GilM5MXK8khPql0s6 +k2wNzqliOTxwAG55Sn7ddhHASlIzkhoATX+EfPXOsjdvByrhkIhdVxLpaiCbDAu2 +79tYoxMguNN+fC7db1dx0pqnKklWpRT7PkxZtoRV+DINB5K7kmtVaK+9QicTU5mP +80G1FzZAK7cUtPZgdH8N/MADug41eD+9/p4jrXRoNYajkcxoO/dbR2Miw+bkD0jr +E/1SHw6+7Fr4V8d5ecK/GjZNIlpg+GNMqBKiy23zx4bswBpwiuwUkobIfkJSHA3S +dIAickvGyyoynVisVQ6VNnj25IMyIgk9VsyeU1phpk+2ki+51VlBvGzDlR4aiPdq +2CpKCxaHXl/+9pNcZIuyOD3pz484bFFdm86G9q439hxQsH6/IBnPFZXeesM8HyLW +CpEyG/ntX08B56Ocy9mxaU+5/RDeWyJJFQ3D/sePOfhHaDrLpxWbQw7KQrIOK4bs +E1A0gcAGOoY51IDN4DrsKwhHFmPdNwC+67oIuhfEJOoEkV8ma8tywEWRDHEbGfP8 +2IHBtp+aSkFcQ2zmZKrHvQ5tUEOsFkxR8IFbCX1ba85R++ET3DjAKMgbdS9ENzLk +R/pzYiEI6rxNaQTKDjg6U+4FPELfaywT6bFCYTBQKCcSbXCxa9NNI/MyjSy+uZSX +pLkCDQRjUR2uARAA0Vh3Q3cG/5WE40etL7MSkOKpKHgkDJBLUGFxGw7kh0gEG00w +lcCzC7zbkl79NdstHT+wE3DAkczaDGyP1ODytzov7k4lIUkh9vFep+cyoMKEWCm9 +edl8Xjswz7K3Vf0hRTWwPzFo9UQ3zQJ8cUlSCm3lpCmcH4CU2SHnHHfCMJ5Gbnzf +DEqLWZVz8qOF5M018uzpQDTXW2PXlqG9Qdz3e4ujq8QpUyn+0NWpU9Iq6RmR7TDT +YFQiDVHG4KMG+G8CF5R7EhD3bwpRBb/yPGBu+S9pKh5DKWfUPGGwDeAdZvZ5NIPN +r7Ptgs1BNYB5+0/bG7OLync2v+1k05qybNeL8Z3Gn5Uvhr8R7yi1WqG7yDlRPYL/ +9220BMv/THykh263AdZxJ/hErJJ0zGWd+MlSPeeN0uvU4tc9o1G1+sih4+VtyZiz +A/vf/kG2VNi1d0UfEMmoytHH1UOJxHYJmbDYh7seXpZHVpWFDn/TDtPgoxguhUax +SRXEQAhPVSBoV9SoEgSr5I8Y7cgwu9ql5aYw7NbzXiy0hlgy7tBeStolr0IJuBNM +u3NnEZhJhFgjsWPMflydllVFT+0VoahKxS8IH7OGAV1LUeNMsK8itpr1EG4BX84F +hOCdUHMZpV+ldWxiBof39t2RDYWX1i0yg2Pv1R+nqt+iFb2cZbQIkcj89ysAEQEA +AYkCPAQYAQoAJhYhBBaOb0KXv9enmv1EllFLvi644ZYfBQJjUR2uAhsMBQkNh2Ep +AAoJEFFLvi644ZYf/mQQALa9HqcvhaH2R1ftxwI0CO/Uhem/NTLx1L8gwCLbAmyH ++tSOm0ybFhocTmvmCcZmTyKXkOuujr0oaFx0jktwJvegHU0heMdeEE92c3vMTlR4 +tpFGx8E0XU3Mj4J+kaMvwCUeozi4ZC9Csh4V9W+pIyJGaGQlD6ZJpgrIH+R3qIdr +O1hbZeijmgbciT7FyX8ht9KTK898IdwQM09w3HNDvNKpbux2QsWEdFbezUBto2KZ +Gek68oA7AQ8wDHmASp1ML6Jkl2JbyJz57Bazj+Fb47et2dHfF/3ISEwt+/9Q9U22 +aiT7JDFvdvChlezNFIVlrN89p1FO8LC6dSUaaoX7W3zRyydcxCNTpQv1HalwgEzx +IsL+msaPyrO5NVn40EmNSSsE0GPg15BgyhM9yjizJhaU74dgQECWuSHKFj29uVyV +S5Y2A1XbsPPqiB/yOFKq3kZBnT1sHX91k7EKK8dqxmXCIqkG9iMh/vId/gI6d9Ci +57nY0FluIrbE/L9z1Gei2eMFsFmSvnW9fIc3NtKfnvQRBOXedCw0kmvyScJ6EZ3z +noV0PFstgvmp4wSlnb2Dw74euRcBe5/wxX1VAHSYhqKWMnoe6snYnUQR9h5Wm7A5 +sq4D91+uMVHTr/1llbSDS+6J1tE6WNg5gpiULhOr0IoxlSTtUCDY2c49wqh850GA +=Txhj +-----END PGP PUBLIC KEY BLOCK----- diff --git a/nano-2.9.8-emergency-file-replace-vuln.patch b/nano-2.9.8-emergency-file-replace-vuln.patch deleted file mode 100644 index 7d8499a..0000000 --- a/nano-2.9.8-emergency-file-replace-vuln.patch +++ /dev/null @@ -1,110 +0,0 @@ -From 5e7a3c2e7e118c7f12d5dfda9f9140f638976aa2 Mon Sep 17 00:00:00 2001 -From: Benno Schulenberg -Date: Sun, 28 Apr 2024 10:51:52 +0200 -Subject: files: run `chmod` and `chown` on the descriptor, not on the filename - -This closes a window of opportunity where the emergency file could be -replaced by a malicious symlink. - -The issue was reported by `MartinJM` and `InvisibleMeerkat`. - -Problem existed since version 2.2.0, commit 123110c5, when chmodding -and chowning of the emergency .save file was added. - -Cherry-picked-by: Lukáš Zaoral -Upstream-commit: 5e7a3c2e7e118c7f12d5dfda9f9140f638976aa2 - ---- - src/files.c | 18 +++++++++++++++--- - src/nano.c | 12 +----------- - src/nano.h | 2 +- - 3 files changed, 17 insertions(+), 15 deletions(-) - -diff --git a/src/files.c b/src/files.c -index 8cdf195..e822068 100644 ---- a/src/files.c -+++ b/src/files.c -@@ -1551,7 +1551,7 @@ bool write_file(const char *name, FILE *f_open, bool tmp, - * set retval and then goto cleanup_and_exit. */ - size_t lineswritten = 0; - const filestruct *fileptr = openfile->fileage; -- int fd; -+ int fd = 0; - /* The file descriptor we use. */ - mode_t original_umask = 0; - /* Our umask, from when nano started. */ -@@ -1920,14 +1920,26 @@ bool write_file(const char *name, FILE *f_open, bool tmp, - goto cleanup_and_exit; - } - -- if (copy_file(f_source, f, TRUE) != 0) { -+ if (copy_file(f_source, f, FALSE) != 0) { - statusline(ALERT, _("Error writing %s: %s"), realname, - strerror(errno)); - goto cleanup_and_exit; - } - - unlink(tempname); -- } else if (fclose(f) != 0) { -+ } -+ -+#ifndef NANO_TINY -+ /* Change permissions and owner of an emergency save file to the values -+ * of the original file, but ignore any failure as we are in a hurry. */ -+ if (method == EMERGENCY && fd && openfile->current_stat) { -+ IGNORE_CALL_RESULT(fchmod(fd, openfile->current_stat->st_mode)); -+ IGNORE_CALL_RESULT(fchown(fd, openfile->current_stat->st_uid, -+ openfile->current_stat->st_gid)); -+ } -+#endif -+ -+ if (fclose(f) != 0) { - statusline(ALERT, _("Error writing %s: %s"), realname, - strerror(errno)); - goto cleanup_and_exit; -diff --git a/src/nano.c b/src/nano.c -index 79b5450..9b9c468 100644 ---- a/src/nano.c -+++ b/src/nano.c -@@ -644,7 +644,7 @@ void emergency_save(const char *die_filename, struct stat *die_stat) - targetname = get_next_filename(die_filename, ".save"); - - if (*targetname != '\0') -- failed = !write_file(targetname, NULL, TRUE, OVERWRITE, FALSE); -+ failed = !write_file(targetname, NULL, TRUE, EMERGENCY, FALSE); - - if (!failed) - fprintf(stderr, _("\nBuffer written to %s\n"), targetname); -@@ -655,16 +655,6 @@ void emergency_save(const char *die_filename, struct stat *die_stat) - fprintf(stderr, _("\nBuffer not written: %s\n"), - _("Too many backup files?")); - --#ifndef NANO_TINY -- /* Try to chmod/chown the saved file to the values of the original file, -- * but ignore any failure as we are in a hurry to get out. */ -- if (die_stat) { -- IGNORE_CALL_RESULT(chmod(targetname, die_stat->st_mode)); -- IGNORE_CALL_RESULT(chown(targetname, die_stat->st_uid, -- die_stat->st_gid)); -- } --#endif -- - free(targetname); - } - -diff --git a/src/nano.h b/src/nano.h -index 4fd186a..5e22fb7 100644 ---- a/src/nano.h -+++ b/src/nano.h -@@ -157,7 +157,7 @@ typedef enum { - } message_type; - - typedef enum { -- OVERWRITE, APPEND, PREPEND -+ OVERWRITE, APPEND, PREPEND, EMERGENCY - } kind_of_writing_type; - - typedef enum { --- -2.45.2 - diff --git a/nano-2.9.8.tar.gz.asc b/nano-2.9.8.tar.gz.asc deleted file mode 100644 index 8f88e03..0000000 --- a/nano-2.9.8.tar.gz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEEv9AJBh5TUFKtDfIVDSjU0qCs6IQFAlsSVMkACgkQDSjU0qCs -6IR99BAAnWR+QygOw1tCFHtCM83K3Z+Ufgjy/WuiJYRZVB3FUVM8L2sq+KY8DMHN -/8jW5ztibvZI7hTfEMCeaPOS+y4vkScSCW/qb6qK81rDswsDESvGulA1nHLayS++ -0b34A2PmgMpPsFf2qPac7TQ13xjUxCnV/Qt03yfRnKPoo3YoJRnxKw4vH2DJWIGz -/77IwUlGUufEaZZ0U5JzOKr35o1pPA+sP/wje976v28Qxv9e9WDEsc2ks3dNsKWu -aS0orQYHmHcxUy1vrxPwYrBt38CFzTOoBMPewe9d/mHMgDooX5HBhZ4fC4Ov0LIy -TRiXZeyx2ArVwsmgcPo8J2Ly5BDAIQnLEJdfSIU2qCckGmMrzQaGuuYRLqNGG8Up -/mYc/Xkfg8iYv/GN2UfwWPsWI1S3yaHhwgVjWXj5+Ma5agtZTvdLgIdRf0d/s2oh -oLNFv4DEhPE3jrliYNMqso5MP2E5Q5V6h7ubLRFyZr8fQmvMtU8gCqAsB8f/pTo1 -51wpM8S8I8U/PUFEoDH1Yjfno6XWnqeL0YmlLXMHVE065j/fNb5qn0xo6T+bCgrb -uyCzR33QvfEJMya8GkPW/KK+Q1Vk0BBg/d9loA0OcApkrHDOqDfZenHIE2t1vZ/V -Wdaq+VdodYHaY6YzTPrAYwkQwzV6EY/aJfgNyeAb8v/JgpQGpVA= -=JHeW ------END PGP SIGNATURE----- diff --git a/nano-8.1-fix-leak-after-linter-failure.patch b/nano-8.1-fix-leak-after-linter-failure.patch new file mode 100644 index 0000000..51279ef --- /dev/null +++ b/nano-8.1-fix-leak-after-linter-failure.patch @@ -0,0 +1,35 @@ +From 7fd38e88c12133859f48ca3191fe341795401982 Mon Sep 17 00:00:00 2001 +From: Lukáš Zaoral +Date: Tue, 10 Dec 2024 10:01:07 +0100 +Subject: memory: avoid a leak when linter aborts after producing parsable + output + +Any collected messages should be freed also after an +abnormal exit of the linter. + +Buglet existed since version 2.4.1, commit f225991b. +--- + src/text.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/src/text.c b/src/text.c +index e924e818..5ac9d4ca 100644 +--- a/src/text.c ++++ b/src/text.c +@@ -2755,6 +2755,13 @@ void do_linter(void) + + if (!WIFEXITED(lint_status) || WEXITSTATUS(lint_status) > 2) { + statusline(ALERT, _("Error invoking '%s'"), openfile->syntax->linter); ++ for (curlint = lints; curlint != NULL;) { ++ tmplint = curlint; ++ curlint = curlint->next; ++ free(tmplint->msg); ++ free(tmplint->filename); ++ free(tmplint); ++ } + return; + } + +-- +cgit v1.2.3-70-g09d2 + diff --git a/nano-8.1.tar.xz.asc b/nano-8.1.tar.xz.asc new file mode 100644 index 0000000..5aa3501 --- /dev/null +++ b/nano-8.1.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEFo5vQpe/16ea/USWUUu+Lrjhlh8FAmaQ9jIACgkQUUu+Lrjh +lh+rhw//YpfYgFX0DSQhfAQqvBiZrqp5pc3NwutW91K2lNfx00zq68FaHBmXMzrT +gqJVGM6p37rI7HXDPsmlM2WIovfr+GtxWRg3zG2x421zo0KaQvGEmwcZniGqKniY +8mvJi/16RppkNtINh1gcUYQbqzTesOyiEpDUG++Yhbeu/Hlk9PL0W8rIhEht5TOf +AAdwlT7G//l8mFawzG2m1t3AbDyk70E/2pB2jiRkz7ZyePK1ki8GU3ZAO+7+SkNI +g6JjQ1ki+Bk1mRmKR/R1lDXsr1JnD4mPdOUTD+VmlgKfvNmcjHnm++4Pc/pxglVs +wRzH9743GX2j7vHbLj1s0EJ+ubTTWzCYbp3xfDmtFqM4/sA51cFMAVOnUeQxRQYo +UzUVQfZJ9lrSY9401IZm1tquHVSAILBbWO56m0SlO8Yz1LLW1dJ/qPGfNoHX5ae0 +z7U8FWmziioudkgY1D4BPdPiY6wWSQBLP/Y+h3qZBIiQGVvBSNYqwiUWvzuiQFj1 +UOel0KlxbVrSgaOJNLr358UccWaekrtxQef0V/oLaGlo3VJ867Tt+hovsALdPy7j +N5/mrySZycx4R3xzlAK+dUkoOl1x7bokCLmI3NY50yTaxJSeY26RdfblY+rTNgob +nI1HjQWAkMPfhE+hz2JIM2nkgLCsZy1g/+MuzjMds4L6FnFIuaA= +=Ah76 +-----END PGP SIGNATURE----- diff --git a/nano.spec b/nano.spec index 7b130ec..65b25cf 100644 --- a/nano.spec +++ b/nano.spec @@ -1,31 +1,39 @@ Summary: A small text editor Name: nano -Version: 2.9.8 +Version: 8.1 Release: 3%{?dist} -License: GPLv3+ +License: GPL-3.0-or-later URL: https://www.nano-editor.org -Source: https://www.nano-editor.org/dist/v2.9/%{name}-%{version}.tar.gz -Source2: nanorc -# fix emergency file replacement vulnerability (CVE-2024-5742) -Patch0: nano-2.9.8-emergency-file-replace-vuln.patch +Source0: https://www.nano-editor.org/dist/latest/%{name}-%{version}.tar.xz +Source1: https://www.nano-editor.org/dist/latest/%{name}-%{version}.tar.xz.asc +# gpg --keyserver keyserver.ubuntu.com --recv-key 168E6F4297BFD7A79AFD4496514BBE2EB8E1961F +# gpg --output bensberg.pgp --armor --export bensberg@telfort.nl +Source2: bensberg.pgp + +# Additional sources +Source3: nanorc + +# avoid a leak when linter aborts after producing parsable output (RHEL-36769) +Patch0: nano-8.1-fix-leak-after-linter-failure.patch BuildRequires: file-devel BuildRequires: gettext-devel BuildRequires: gcc BuildRequires: git +BuildRequires: gnupg2 BuildRequires: groff +BuildRequires: make BuildRequires: ncurses-devel BuildRequires: sed BuildRequires: texinfo Conflicts: filesystem < 3 -Requires(post): /sbin/install-info -Requires(preun): /sbin/install-info %description GNU nano is a small and friendly text editor. %prep +%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}' %autosetup -S git %build @@ -33,16 +41,14 @@ mkdir build cd build %global _configure ../configure %configure -make %{?_smp_mflags} +%make_build # generate default /etc/nanorc -# - disable line wrapping by default # - set hunspell as the default spell-checker # - enable syntax highlighting by default (#1270712) -sed -e 's/# set nowrap/set nowrap/' \ - -e 's/^#.*set speller.*$/set speller "hunspell"/' \ +sed -e 's/^#.*set speller.*$/set speller "hunspell"/' \ -e 's|^# \(include "/usr/share/nano/\*.nanorc"\)|\1|' \ - %{SOURCE2} doc/sample.nanorc > ./nanorc + %{SOURCE3} doc/sample.nanorc > ./nanorc %install cd build @@ -56,39 +62,228 @@ rm -f %{buildroot}%{_docdir}/nano/{nano,nano.1,nanorc.5,rnano.1}.html mkdir -p %{buildroot}%{_sysconfdir} install -m 0644 ./nanorc %{buildroot}%{_sysconfdir}/nanorc +# enable all extra syntax highlighting files by default +mv %{buildroot}%{_datadir}/nano/extra/* %{buildroot}%{_datadir}/nano +rm -rf %{buildroot}%{_datadir}/nano/extra + %find_lang %{name} -%post -if [ -f %{_infodir}/%{name}.info.gz ]; then - /sbin/install-info %{_infodir}/%{name}.info.gz %{_infodir}/dir -fi -exit 0 - -%preun -if [ $1 -eq 0 ]; then - if [ -f %{_infodir}/%{name}.info.gz ]; then - /sbin/install-info --delete %{_infodir}/%{name}.info.gz %{_infodir}/dir - fi -fi -exit 0 - %files -f build/%{name}.lang -%doc AUTHORS COPYING ChangeLog INSTALL NEWS README THANKS TODO +%license COPYING +%doc AUTHORS ChangeLog NEWS README THANKS TODO %doc build/doc/sample.nanorc %doc doc/{faq,nano}.html -%{_bindir}/* +%{_bindir}/{,r}nano %config(noreplace) %{_sysconfdir}/nanorc -%{_mandir}/man*/* +%{_mandir}/man1/{,r}nano.1* +%{_mandir}/man5/nanorc.5* %{_infodir}/nano.info* %{_datadir}/nano %changelog -* Thu Jul 11 2024 Lukáš Zaoral - 2.9.8-3 -- fix incomplete backport of the fix for the emergency file replacement - vulnerability (RHEL-35236) +* Wed Dec 11 2024 Lukáš Zaoral - 8.1-3 +- avoid a leak when linter aborts after producing parsable output (RHEL-36769) -* Thu Jul 04 2024 Lukáš Zaoral - 2.9.8-2 -- fix emergency file replacement vulnerability (RHEL-35236) +* Tue Oct 29 2024 Troy Dawson - 8.1-2 +- Bump release for October 2024 mass rebuild: + Resolves: RHEL-64018 + +* Thu Jul 18 2024 Lukáš Zaoral - 8.1-1 +- rebase to latest upstream release (RHEL-35944) + +* Mon Jul 01 2024 Lukáš Zaoral - 8.0-1 +- rebase to latest upstream version (RHEL-35944) +- remove `nano-default-editor` from the specfile (RHEL-30790) + +* Mon Jun 24 2024 Troy Dawson - 7.2-7 +- Bump release for June 2024 mass rebuild + +* Thu Jan 25 2024 Fedora Release Engineering - 7.2-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 7.2-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Thu Jul 20 2023 Fedora Release Engineering - 7.2-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Tue Mar 21 2023 Lukáš Zaoral - 7.2-3 +- migrated to SPDX license + +* Thu Jan 19 2023 Fedora Release Engineering - 7.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Wed Jan 18 2023 Lukáš Zaoral - 7.2-1 +- Update to 7.2 (rhbz#2161916) +- Do not use %%{_bindir}/* and %%{_mandir}/* as suggested by the packaging + guidelines. + +* Wed Dec 14 2022 Lukáš Zaoral - 7.1-1 +- new upstream release (#2153268) + +* Tue Nov 15 2022 Lukáš Zaoral - 7.0-1 +- new upstream release (#2142885) +- update GPG signature key + +* Tue Aug 02 2022 Lukáš Zaoral - 6.4-1 +- new upstream release (#2113894) + +* Fri Jul 22 2022 Fedora Release Engineering - 6.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Thu Apr 28 2022 Kamil Dudka - 6.3-1 +- new upstream release + +* Sat Feb 19 2022 Kamil Dudka - 6.2-1 +- new upstream release + +* Wed Feb 09 2022 Kamil Dudka - 6.1-1 +- new upstream release + +* Thu Jan 20 2022 Fedora Release Engineering - 6.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Wed Dec 15 2021 Kamil Dudka - 6.0-1 +- new upstream release + +* Wed Oct 06 2021 Kamil Dudka - 5.9-1 +- new upstream release + +* Thu Jul 22 2021 Fedora Release Engineering - 5.8-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Wed Jul 07 2021 Kamil Dudka - 5.8-3 +- fix infinite recursion when handling an error (#1976410) + +* Wed Jun 16 2021 Zdenek Dohnal - 5.8-2 +- introduce 'default-editor' subpackage to support smooth non-nano upgrades (#1955884) + +* Tue Jun 15 2021 Kamil Dudka - 5.8-1 +- new upstream release + +* Tue May 25 2021 Florian Weimer - 5.7-3 +- Rebuild with new binutils to fix ppc64le corruption (#1960730) + +* Wed May 05 2021 Kamil Dudka - 5.7-2 +- build nano-default-editor by default only on fedora + +* Thu Apr 29 2021 Kamil Dudka - 5.7-1 +- new upstream release + +* Wed Mar 03 2021 Kamil Dudka - 5.6.1-1 +- new upstream release + +* Wed Feb 24 2021 Kamil Dudka - 5.6-1 +- new upstream release + +* Tue Jan 26 2021 Fedora Release Engineering - 5.5-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Thu Jan 14 2021 Kamil Dudka - 5.5-1 +- new upstream release + +* Wed Dec 02 2020 Kamil Dudka - 5.4-1 +- new upstream release + +* Thu Oct 15 2020 Zdenek Dohnal - 5.3-4 +- fix nano-default-editor.fish - don't give EDITOR an universal scope + +* Mon Oct 12 2020 Neal Gompa - 5.3-3 +- Ensure default-editor subpackage is easily swappable + +* Thu Oct 08 2020 Neal Gompa - 5.3-2 +- Enable all extra definitions for syntax highlighting (#1886561) + +* Wed Oct 07 2020 Kamil Dudka - 5.3-1 +- new upstream release + +* Mon Aug 24 2020 Kamil Dudka - 5.2-1 +- new upstream release + +* Sat Aug 15 2020 Kamil Dudka - 5.1-1 +- new upstream release + +* Thu Jul 30 2020 Kamil Dudka - 5.0-1 +- new upstream release + +* Tue Jul 28 2020 Fedora Release Engineering - 4.9.3-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Thu Jul 23 2020 Tom Stellard - 4.9.3-3 +- Use make macros +- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro + +* Thu Jul 16 2020 Neal Gompa - 4.9.3-2 +- Add default-editor subpackage (#1854444) + +* Mon May 25 2020 Kamil Dudka - 4.9.3-1 +- new upstream release + +* Tue Apr 07 2020 Kamil Dudka - 4.9.2-1 +- new upstream release + +* Tue Mar 31 2020 Kamil Dudka - 4.9.1-1 +- new upstream release + +* Tue Mar 24 2020 Kamil Dudka - 4.9-1 +- new upstream release + +* Fri Feb 07 2020 Kamil Dudka - 4.8-1 +- new upstream release + +* Wed Jan 29 2020 Fedora Release Engineering - 4.7-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Mon Dec 23 2019 Kamil Dudka - 4.7-1 +- new upstream release + +* Fri Nov 29 2019 Kamil Dudka - 4.6-1 +- new upstream release + +* Fri Oct 04 2019 Kamil Dudka - 4.5-1 +- new upstream release + +* Mon Aug 26 2019 Kamil Dudka - 4.4-1 +- new upstream release + +* Thu Jul 25 2019 Fedora Release Engineering - 4.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Tue Jun 18 2019 Kamil Dudka - 4.3-1 +- new upstream release + +* Tue May 28 2019 Kamil Dudka - 4.2-2 +- fix possible crash while opening help + +* Wed Apr 24 2019 Kamil Dudka - 4.2-1 +- new upstream release + +* Mon Apr 15 2019 Kamil Dudka - 4.1-1 +- new upstream release + +* Tue Apr 02 2019 Kamil Dudka - 4.0-2 +- make sure that variables on stack are initialized + +* Mon Mar 25 2019 Kamil Dudka - 4.0-1 +- new upstream release + +* Fri Feb 01 2019 Fedora Release Engineering - 3.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Mon Nov 12 2018 Kamil Dudka - 3.2-1 +- new upstream release + +* Wed Sep 19 2018 Kamil Dudka - 3.1-1 +- new upstream release + +* Fri Sep 14 2018 Kamil Dudka - 3.0-2 +- when Ctrl+Shift+Delete has no key code, do not fall back to KEY_BACKSPACE + +* Mon Sep 10 2018 Kamil Dudka - 3.0-1 +- new upstream release + +* Fri Jul 13 2018 Fedora Release Engineering - 2.9.8-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Mon Jun 04 2018 Kamil Dudka - 2.9.8-1 - new upstream release diff --git a/sources b/sources index dd705e1..275cabe 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (nano-2.9.8.tar.gz) = dcc7b074b585135e34339648fc725f54964488813d49fac50cf88c11d7cfcb8514907dbc2631ce7664ab0241717e8c42833e3c037070c80c8e7bee68fc280a2d +SHA512 (nano-8.1.tar.xz) = cb7d696bd18322ba1e713282e3156934e2c7f2a8abc17c99b2d5ae91fa40ea1478758853d4ad391f72039f01cfe0db79fd7302f3e67ed2afeff3a447b6f975ec