425 lines
14 KiB
RPMSpec
425 lines
14 KiB
RPMSpec
%global gnulib_ver 20180203
|
|
|
|
Summary: Utility for modifying/upgrading files
|
|
Name: patch
|
|
Version: 2.7.6
|
|
Release: 11%{?dist}
|
|
License: GPLv3+
|
|
URL: http://www.gnu.org/software/patch/patch.html
|
|
Group: Development/Tools
|
|
Source: ftp://ftp.gnu.org/gnu/patch/patch-%{version}.tar.xz
|
|
Patch1: patch-2.7.6-CVE-2018-6951.patch
|
|
Patch2: patch-CVE-2018-1000156.patch
|
|
Patch3: patch-2.7.6-gcc8.patch
|
|
Patch4: patch-2.7.6-CVE-2018-6952.patch
|
|
Patch5: patch-2.7.6-CVE-2018-20969.patch
|
|
Patch6: patch-2.7.6-CVE-2019-13636-symlinks.patch
|
|
Patch7: patch-2.7.x-abort_when_cleaning_up_fails.patch
|
|
Patch100: patch-selinux.patch
|
|
BuildRequires: libselinux-devel
|
|
BuildRequires: libattr-devel
|
|
BuildRequires: ed
|
|
BuildRequires: automake autoconf
|
|
|
|
Provides: bundled(gnulib) = %{gnulib_ver}
|
|
|
|
%description
|
|
The patch program applies diff files to originals. The diff command
|
|
is used to compare an original to a changed file. Diff lists the
|
|
changes made to the file. A person who has the original file can then
|
|
use the patch command with the diff file to add the changes to their
|
|
original file (patching the file).
|
|
|
|
Patch should be installed because it is a common way of upgrading
|
|
applications.
|
|
|
|
%prep
|
|
%setup -q
|
|
|
|
# CVE-2018-6951, NULL pointer dereference causes a crash
|
|
%patch1 -p1 -b .CVE-2018-6951
|
|
|
|
# CVE-2018-1000156, Malicious patch files cause ed to execute arbitrary commands
|
|
%patch2 -p1 -b .CVE-2018-1000156
|
|
|
|
# Fix to build with gcc8
|
|
%patch3 -p1 -b .gcc8
|
|
|
|
# CVE-2018-6952, Double free of memory
|
|
%patch4 -p1 -b .CVE-2018-6952
|
|
|
|
# CVE-2018-20969, do_ed_script in pch.c does not block strings beginning with a ! character
|
|
%patch5 -p1 -b .CVE-2018-20969
|
|
|
|
# CVE-2019-13636, Don't follow symlinks unless --follow-symlinks is given
|
|
%patch6 -p1 -b .CVE-2019-13636
|
|
|
|
# bz#1665928, Abort when cleaning up fails
|
|
%patch7 -p1 -b .abort_when_cleaning_up_fails
|
|
|
|
# SELinux support.
|
|
%patch100 -p1 -b .selinux
|
|
|
|
%build
|
|
CFLAGS="$RPM_OPT_FLAGS -D_GNU_SOURCE"
|
|
%ifarch sparcv9
|
|
CFLAGS=`echo $CFLAGS|sed -e 's|-fstack-protector||g'`
|
|
%endif
|
|
%configure --disable-silent-rules
|
|
make %{?_smp_mflags}
|
|
|
|
%check
|
|
make check
|
|
|
|
%install
|
|
rm -rf $RPM_BUILD_ROOT
|
|
%makeinstall
|
|
|
|
%files
|
|
%defattr(-,root,root,-)
|
|
%license COPYING
|
|
%doc NEWS README
|
|
%{_bindir}/*
|
|
%{_mandir}/*/*
|
|
|
|
%changelog
|
|
* Tue Nov 19 2019 Than Ngo <than@redhat.com> - 2.7.6-11
|
|
- Related: #1733565, apply the patch correctly
|
|
|
|
* Tue Nov 19 2019 Than Ngo <than@redhat.com> - 2.7.6-10
|
|
- CVE-2019-13636 , Don't follow symlinks unless --follow-symlinks is given
|
|
- Resolves: #1665928, patch has a huge error output and segfaults when the file to be patched does not exist
|
|
|
|
* Mon Sep 02 2019 Than Ngo <than@redhat.com> - 2.7.6-9
|
|
- CVE-2018-20969, invoke ed directly instead of using the shell
|
|
|
|
* Tue Nov 27 2018 Than Ngo <than@redhat.com> - 2.7.6-8
|
|
- Added virtual provides for bundled gnulib library
|
|
|
|
* Wed Sep 12 2018 Than Ngo <than@redhat.com> - 2.7.6-7
|
|
- Resolves: #1554752, CVE-2018-6952 Double free of memory
|
|
|
|
* Mon Jun 18 2018 Than Ngo <than@redhat.com> - 2.7.6-6
|
|
- avoid warnings from GCC8
|
|
|
|
* Mon Apr 09 2018 Than Ngo <than@redhat.com> - 2.7.6-5
|
|
- fixed CVE-2018-1000156
|
|
|
|
* Tue Mar 13 2018 Than Ngo <than@redhat.com> - 2.7.6-4
|
|
- apply the patch for CVE-2018-6951
|
|
|
|
* Mon Feb 12 2018 Tim Waugh <twaugh@redhat.com> - 2.7.6-3
|
|
- 2.7.6 (CVE-2016-10713, CVE-2018-6951, CVE-2018-6952).
|
|
|
|
* Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.5-7
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
|
|
|
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.5-6
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
|
|
|
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.5-5
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
|
|
|
* Wed Feb 01 2017 Stephen Gallagher <sgallagh@redhat.com> - 2.7.5-4
|
|
- Add missing %%license macro
|
|
|
|
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.5-3
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
|
|
|
* Thu Jun 18 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.7.5-2
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
|
|
|
* Mon Mar 9 2015 Tim Waugh <twaugh@redhat.com> - 2.7.5-1
|
|
- Fixed memory leak in selinux patch.
|
|
- 2.7.5, including an even better fix for CVE-2015-1196 that still
|
|
allows relative symlinks to be created/used.
|
|
|
|
* Sat Feb 21 2015 Till Maas <opensource@till.name> - 2.7.4-2
|
|
- Rebuilt for Fedora 23 Change
|
|
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
|
|
|
|
* Sun Feb 1 2015 Tim Waugh <twaugh@redhat.com> - 2.7.4-1
|
|
- 2.7.4, including a better fix for CVE-2015-1196 that still allows
|
|
symlinks referencing ".." to be created.
|
|
|
|
* Fri Jan 23 2015 Tim Waugh <twaugh@redhat.com> - 2.7.3-1
|
|
- 2.7.3 (bug #1182157, CVE-2015-1196, bug #1184491, CVE-2014-9637).
|
|
|
|
* Tue Jan 20 2015 Tim Waugh <twaugh@redhat.com> - 2.7.1-12
|
|
- Apply upstream patch to fix line numbering integer overflow.
|
|
|
|
* Tue Jan 20 2015 Tim Waugh <twaugh@redhat.com> - 2.7.1-11
|
|
- Apply upstream patch to fix directory traversal via symlinks
|
|
(bug #1182157, CVE-2015-1196).
|
|
|
|
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.7.1-9
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
|
|
|
* Fri Jun 06 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.7.1-8
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
|
|
|
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.7.1-7
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
|
|
|
* Wed Jun 12 2013 Tim Waugh <twaugh@redhat.com> 2.7.1-6
|
|
- Don't segfault when given bad arguments (bug #972330).
|
|
|
|
* Thu Apr 11 2013 Tim Waugh <twaugh@redhat.com> 2.7.1-5
|
|
- Don't document unsupported -m option; document -x option (bug #948972).
|
|
|
|
* Mon Mar 25 2013 Ville Skyttä <ville.skytta@iki.fi> - 2.7.1-4
|
|
- Build with xattr support.
|
|
- Make build output more verbose.
|
|
- Fix bogus date in %%changelog.
|
|
|
|
* Mon Mar 11 2013 Tim Waugh <twaugh@redhat.com> 2.7.1-3
|
|
- Upstream patch to fix removal of empty directories (bug #919489).
|
|
|
|
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.7.1-2
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
|
|
|
|
* Thu Oct 18 2012 Tim Waugh <twaugh@redhat.com> 2.7.1-1
|
|
- Fixed license (since 2.6 it has been GPLv3+).
|
|
- 2.7.1.
|
|
|
|
* Thu Oct 18 2012 Tim Waugh <twaugh@redhat.com> 2.7-1
|
|
- 2.7. No longer need sigsegv, get-arg, CVE-2010-4651,
|
|
backup-if-mismatch or coverity-leak patches.
|
|
|
|
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6.1-13
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
|
|
|
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6.1-12
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
|
|
|
* Fri Nov 25 2011 Tim Waugh <twaugh@redhat.com> 2.6.1-11
|
|
- Fixed NULL dereference in selinux patch.
|
|
|
|
* Mon May 16 2011 Tim Waugh <twaugh@redhat.com> 2.6.1-10
|
|
- Applied Jiri Popelka's fixes from Coverity scan (bug #704554):
|
|
- Avoid unchecked return from getfilecon() in patch-selinux.patch.
|
|
- Fix memory leak.
|
|
|
|
* Wed Feb 16 2011 Tim Waugh <twaugh@redhat.com> 2.6.1-9
|
|
- Let --posix cause --no-backup-if-mismatch (bug #678016).
|
|
|
|
* Thu Feb 10 2011 Tim Waugh <twaugh@redhat.com> 2.6.1-8
|
|
- Incorporate upstream fix for CVE-2010-4651 patch so that a target
|
|
name given on the command line is not validated (bug #667529).
|
|
|
|
* Tue Feb 8 2011 Tim Waugh <twaugh@redhat.com> 2.6.1-7
|
|
- Applied upstream patch to fix CVE-2010-4651 so that malicious
|
|
patches cannot create files above the current directory
|
|
(bug #667529).
|
|
|
|
* Tue Jan 4 2011 Tim Waugh <twaugh@redhat.com> 2.6.1-6
|
|
- Use smp_mflags correctly (bug #665770).
|
|
|
|
* Mon Aug 16 2010 Tim Waugh <twaugh@redhat.com> 2.6.1-5
|
|
- Another fix for the selinux patch (bug #618215).
|
|
|
|
* Fri Aug 6 2010 Tim Waugh <twaugh@redhat.com> 2.6.1-4
|
|
- Fixed interpretation of return value from getfilecon().
|
|
- Fixed argument type for --get (bug #553624).
|
|
|
|
* Fri Aug 6 2010 Dennis Gilmore <dennis@ausil.us>
|
|
- using -fstack-projector causes weirdness on 32 bit sparc so disabling for now
|
|
|
|
* Tue Jul 27 2010 Tim Waugh <twaugh@redhat.com> 2.6.1-3
|
|
- Fixed argument type for --get (bug #553624).
|
|
|
|
* Wed Mar 3 2010 Tim Waugh <twaugh@redhat.com> 2.6.1-2
|
|
- Added comments for all patches.
|
|
- Ship COPYING file.
|
|
- Removed sparc ifdefs in spec file.
|
|
|
|
* Mon Jan 4 2010 Tim Waugh <twaugh@redhat.com> 2.6.1-1
|
|
- 2.6.1 (bug #551569). No longer need best-name patch.
|
|
|
|
* Thu Dec 24 2009 Tim Waugh <twaugh@redhat.com> 2.6-2
|
|
- Applied upstream patch to prevent incorrect filename being chosen
|
|
when adding a new file (bug #549122).
|
|
|
|
* Mon Nov 16 2009 Tim Waugh <twaugh@redhat.com> 2.6-1
|
|
- 2.6. No longer need stderr, suffix, stripcr, parse, allow-spaces,
|
|
ifdef, program_name, or posix-backup patches.
|
|
|
|
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.5.4-40
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
|
|
|
|
* Wed Apr 29 2009 Tim Waugh <twaugh@redhat.com> 2.5.4-39
|
|
- Fixed operation when SELinux is disabled (bug #498102). Patch from
|
|
Jan Kratochvil.
|
|
|
|
* Thu Feb 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.5.4-38
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
|
|
|
|
* Tue Feb 17 2009 Tim Waugh <twaugh@redhat.com> 2.5.4-37
|
|
- Don't set SELinux file context if it is already correct.
|
|
|
|
* Mon Nov 24 2008 Tim Waugh <twaugh@redhat.com> 2.5.4-36
|
|
- Better summary.
|
|
|
|
* Mon Jun 30 2008 Tim Waugh <twaugh@redhat.com> 2.5.4-35
|
|
- Don't fail if setfilecon() returns EPERM (bug #453365), although the
|
|
setfilecon man page suggests that ENOTSUP will be returned in this
|
|
case.
|
|
|
|
* Mon Jun 16 2008 Tim Waugh <twaugh@redhat.com> 2.5.4-34
|
|
- Only write simple backups for each file once during a run
|
|
(bug #234822).
|
|
|
|
* Thu Jun 12 2008 Tim Waugh <twaugh@redhat.com> 2.5.4-33
|
|
- Fix selinux patch and apply it. Build requires libselinux-devel.
|
|
|
|
* Fri Feb 8 2008 Tim Waugh <twaugh@redhat.com> 2.5.4-32
|
|
- Applied patch from 2.5.9 to allow spaces in filenames (bug #431887).
|
|
|
|
* Mon Dec 3 2007 Tim Waugh <twaugh@redhat.com> 2.5.4-31
|
|
- Convert spec file to UTF-8 (bug #226233).
|
|
- Use _bindir macro in %%files (bug #226233).
|
|
- Parallel make (bug #226233).
|
|
- Better defattr declaration (bug #226233).
|
|
|
|
* Thu Oct 4 2007 Tim Waugh <twaugh@redhat.com>
|
|
- Beginnings of an SELinux patch (bug #165799); not applied yet.
|
|
|
|
* Wed Aug 29 2007 Tim Waugh <twaugh@redhat.com> 2.5.4-30
|
|
- Added dist tag.
|
|
- More specific license tag.
|
|
- Fixed summary.
|
|
- Better buildroot tag.
|
|
|
|
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 2.5.4-29.2.2
|
|
- rebuild
|
|
|
|
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 2.5.4-29.2.1
|
|
- bump again for double-long bug on ppc(64)
|
|
|
|
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 2.5.4-29.2
|
|
- rebuilt for new gcc4.1 snapshot and glibc changes
|
|
|
|
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
|
|
- rebuilt
|
|
|
|
* Thu Sep 8 2005 Tim Waugh <twaugh@redhat.com> 2.5.4-29
|
|
- Remove SELinux patch for now (bug #167822).
|
|
|
|
* Wed Sep 7 2005 Tim Waugh <twaugh@redhat.com> 2.5.4-27
|
|
- Applied patch from Ulrich Drepper to fix string overread (bug #167675).
|
|
|
|
* Tue Sep 6 2005 Tim Waugh <twaugh@redhat.com> 2.5.4-26
|
|
- Preserve SELinux file contexts (bug #165799).
|
|
|
|
* Thu Aug 11 2005 Tim Waugh <twaugh@redhat.com> 2.5.4-25
|
|
- Fixed CRLF detection (bug #154283).
|
|
|
|
* Wed May 4 2005 Tim Waugh <twaugh@redhat.com> 2.5.4-24
|
|
- Reverted last change (bug #154283, bug #156762).
|
|
|
|
* Fri Apr 29 2005 Tim Waugh <twaugh@redhat.com> 2.5.4-23
|
|
- Applied patch from Toshio Kuratomi to avoid problems with DOS-format
|
|
newlines (bug #154283).
|
|
|
|
* Wed Mar 2 2005 Tim Waugh <twaugh@redhat.com> 2.5.4-22
|
|
- Rebuild for new GCC.
|
|
|
|
* Wed Feb 9 2005 Tim Waugh <twaugh@redhat.com> 2.5.4-21
|
|
- Rebuilt.
|
|
|
|
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
|
|
- rebuilt
|
|
|
|
* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
|
|
- rebuilt
|
|
|
|
* Sat Oct 25 2003 Tim Waugh <twaugh@redhat.com> 2.5.4-18
|
|
- Rebuilt.
|
|
|
|
* Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
|
|
- rebuilt
|
|
|
|
* Wed Jan 22 2003 Tim Powers <timp@redhat.com>
|
|
- rebuilt
|
|
|
|
* Wed Nov 20 2002 Tim Powers <timp@redhat.com>
|
|
- rebuilt in current collinst
|
|
|
|
* Fri Jun 21 2002 Tim Powers <timp@redhat.com>
|
|
- automated rebuild
|
|
|
|
* Thu May 23 2002 Tim Powers <timp@redhat.com>
|
|
- automated rebuild
|
|
|
|
* Tue Apr 9 2002 Tim Waugh <twaugh@redhat.com> 2.5.4-12
|
|
- Fix error reporting when given bad options (bug #62981).
|
|
|
|
* Tue Mar 5 2002 Tim Waugh <twaugh@redhat.com> 2.5.4-11
|
|
- s/Copyright:/License:/.
|
|
- Fix -D behaviour (bug #60688).
|
|
|
|
* Tue May 29 2001 Tim Waugh <twaugh@redhat.com> 2.5.4-10
|
|
- Merge Mandrake patch:
|
|
- fix possible segfault
|
|
|
|
* Fri Dec 1 2000 Tim Waugh <twaugh@redhat.com>
|
|
- Rebuild because of fileutils bug.
|
|
|
|
* Thu Nov 2 2000 Tim Waugh <twaugh@redhat.com>
|
|
- use .orig as default suffix, as per man page and previous behaviour
|
|
(bug #20202).
|
|
- use better patch for this, from maintainer.
|
|
|
|
* Wed Oct 4 2000 Tim Waugh <twaugh@redhat.com>
|
|
- actually use the RPM_OPT_FLAGS
|
|
|
|
* Wed Jul 12 2000 Prospector <bugzilla@redhat.com>
|
|
- automatic rebuild
|
|
|
|
* Tue Jun 13 2000 Trond Eivind Glomsrød <teg@redhat.com>
|
|
- Use %%makeinstall, %%{_tmppath} and %%{_mandir}
|
|
|
|
* Fri May 12 2000 Trond Eivind Glomsrød <teg@redhat.com>
|
|
- added URL
|
|
|
|
* Wed Feb 16 2000 Bernhard Rosenkraenzer <bero@redhat.com>
|
|
- 2.5.4
|
|
- Fix up LFS support on Alpha (Bug #5732)
|
|
|
|
* Mon Feb 7 2000 Bill Nottingham <notting@redhat.com>
|
|
- handle compressed manpages
|
|
|
|
* Sun Jun 06 1999 Alan Cox <alan@redhat.com>
|
|
- Fix the case where stderr isnt flushed for ask(). Now the 'no such file'
|
|
appears before the skip patch question, not at the very end, Doh!
|
|
|
|
* Mon Mar 22 1999 Jeff Johnson <jbj@redhat.com>
|
|
- (ultra?) sparc was getting large file system support.
|
|
|
|
* Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com>
|
|
- auto rebuild in the new build environment (release 7)
|
|
|
|
* Fri Dec 18 1998 Cristian Gafton <gafton@redhat.com>
|
|
- build against glibc 2.1
|
|
|
|
* Tue Sep 1 1998 Jeff Johnson <jbj@redhat.com>
|
|
- bump release to preserve newer than back-ported 4.2.
|
|
|
|
* Tue Jun 09 1998 Prospector System <bugs@redhat.com>
|
|
- translations modified for de, fr
|
|
|
|
* Tue Jun 9 1998 Jeff Johnson <jbj@redhat.com>
|
|
- Fix for problem #682 segfault.
|
|
|
|
* Fri Apr 24 1998 Prospector System <bugs@redhat.com>
|
|
- translations modified for de, fr, tr
|
|
|
|
* Tue Apr 07 1998 Cristian Gafton <gafton@redhat.com>
|
|
- added buildroot
|
|
|
|
* Tue Oct 21 1997 Cristian Gafton <gafton@redhat.com>
|
|
- updated to 2.5
|
|
|
|
* Mon Jun 02 1997 Erik Troan <ewt@redhat.com>
|
|
- built against glibc
|