From cdeda364a3e7a2cd5fb51365dffd18bf64fb8285 Mon Sep 17 00:00:00 2001 From: Jan Rybar Date: Wed, 6 Jun 2018 17:54:55 +0200 Subject: [PATCH] Revert "Rebase to 3.3.15 (contains a LOT of CVE fixes)" This reverts commit ed8cb30556429410204053bba62194fbed3d12ce. Found hidden dependencies, must announce SONAME bump before rebase after all. --- .gitignore | 1 - procps-ng.spec | 17 ++++++----------- sources | 1 - 3 files changed, 6 insertions(+), 13 deletions(-) diff --git a/.gitignore b/.gitignore index 89b593a..e6e6306 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,3 @@ /procps-ng-3.3.12.tar.xz /procps-ng-3.3.13.tar.xz /procps-ng-3.3.14.tar.xz -/procps-ng-3.3.15.tar.xz diff --git a/procps-ng.spec b/procps-ng.spec index 462d9df..7c8b9f1 100644 --- a/procps-ng.spec +++ b/procps-ng.spec @@ -1,11 +1,10 @@ # The testsuite is unsuitable for running on buildsystems %global tests_enabled 0 -%global manpo_available 0 Summary: System and process monitoring utilities Name: procps-ng -Version: 3.3.15 -Release: 1%{?dist} +Version: 3.3.14 +Release: 2%{?dist} License: GPL+ and GPLv2 and GPLv2+ and GPLv3+ and LGPLv2+ Group: Applications/System URL: https://sourceforge.net/projects/procps-ng/ @@ -17,6 +16,9 @@ Source1: README.md # wget https://gitlab.com/procps-ng/procps/raw/e0784ddaed30d095bb1d9a8ad6b5a23d10a212c4/top/README.top Source2: README.top +# fix integer overflows leading to heap overflow (CVE-2018-1124 CVE-2018-1126) +Patch1: procps-ng-3.3.14-CVE-2018-1124.patch + BuildRequires: ncurses-devel BuildRequires: libtool BuildRequires: autoconf @@ -40,12 +42,10 @@ Provides: /bin/ps Obsoletes: sysvinit-tools < 0:2.89 Provides: /sbin/pidof -%if %{manpo_available} # fortunately the same release number for f21 and f22 Conflicts: man-pages-de < 1.7-3 Conflicts: man-pages-fr < 3.66-3 Conflicts: man-pages-pl < 0.7-5 -%endif %description @@ -92,6 +92,7 @@ Internationalization pack for procps-ng %setup -q -n %{name}-%{version} cp -p %{SOURCE1} . cp -p %{SOURCE2} top/ +%patch1 -p1 %build # The following stuff is needed for git archives only @@ -146,11 +147,9 @@ ln -s %{_bindir}/pidof %{buildroot}%{_sbindir}/pidof %{_mandir}/man8/* %{_mandir}/man5/* -%if %{manpo_available} %{_mandir}/*/man1/* %{_mandir}/*/man5/* %{_mandir}/*/man8/* -%endif %exclude %{_libdir}/libprocps.la %exclude /unwanted/* @@ -166,10 +165,6 @@ ln -s %{_bindir}/pidof %{buildroot}%{_sbindir}/pidof %files i18n -f %{name}.lang %changelog -* Wed Jun 06 2018 Jan Rybar - 3.3.15-1 -- Rebase to 3.3.15 (contains a LOT of CVE fixes) -- Manpage translations temporarily unavailable - * Fri May 18 2018 Kamil Dudka - 3.3.14-2 - fix integer overflows leading to heap overflow (CVE-2018-1124 CVE-2018-1126) diff --git a/sources b/sources index ff09c8a..f8f6abd 100644 --- a/sources +++ b/sources @@ -1,2 +1 @@ SHA512 (procps-ng-3.3.14.tar.xz) = 45617924ae1520765c15d71b76278dc80cac04f5985f83c9b65a8ba379d9a80a2ff0dc14c5a6edee7d6cfa66ce50ec019e8b5203704175ff94547ae6ff2b18c5 -SHA512 (procps-ng-3.3.15.tar.xz) = bc83ccc1941e7be8266588fdfbba17e2424b30163a215873ee6dee96215d66249f5d5e46fec2278d030b42bd7599861c4878360042dacec4c221ce411453747c