SLFO-pool/patch
SHA256
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sync from SUSE:SLFO:Main patch revision b3e0672318b102c8c391cad3238f27d7

Browse Source
This commit is contained in:
Adrian Schröter 2024-05-03 17:42:24 +02:00
commit d5c7e0080b
19 changed files with 2055 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

48
abort-when-cleaning-up-fails.patch Normal file
View File

@ -0,0 +1,48 @@
From: Andreas Gruenbacher <agruen@gnu.org>
Date: Fri, 28 Jun 2019 00:30:25 +0200
Subject: Abort when cleaning up fails
Patch-mainline: Yes
Git-commit: b7b028a77bd855f6f56b17c8837fc1cca77b469d
References: boo#1111572 savannah#54845
When a fatal error triggers during cleanup, another attempt will be made to
clean up, which will likely lead to the same fatal error. So instead, bail out
when that happens.
src/patch.c (cleanup): Bail out when called recursively.
(main): There is no need to call output_files() before cleanup() as cleanup()
already does that.
---
src/patch.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
--- a/src/patch.c
+++ b/src/patch.c
@@ -681,7 +681,6 @@ main (int argc, char **argv)
}
if (outstate.ofp && (ferror (outstate.ofp) || fclose (outstate.ofp) != 0))
write_fatal ();
- output_files (NULL);
cleanup ();
delete_files ();
if (somefailed)
@@ -1977,7 +1976,6 @@ void
fatal_exit (int sig)
{
cleanup ();
-
if (sig)
exit_with_signal (sig);
@@ -1997,6 +1995,12 @@ remove_if_needed (char const *name, bool
static void
cleanup (void)
{
+ static bool already_cleaning_up;
+
+ if (already_cleaning_up)
+ return;
+ already_cleaning_up = true;
+
remove_if_needed (TMPINNAME, &TMPINNAME_needs_removal);
remove_if_needed (TMPOUTNAME, &TMPOUTNAME_needs_removal);
remove_if_needed (TMPPATNAME, &TMPPATNAME_needs_removal);

103
dont-follow-symlinks-unless-asked.patch Normal file
View File

@ -0,0 +1,103 @@
From: Andreas Gruenbacher <agruen@gnu.org>
Date: Mon, 15 Jul 2019 16:21:48 +0200
Subject: Don't follow symlinks unless --follow-symlinks is given
Patch-mainline: Yes
Git-commit: dce4683cbbe107a95f1f0d45fabc304acfb5d71a
References: boo#1142041 CVE-2019-13636
* src/inp.c (plan_a, plan_b), src/util.c (copy_to_fd, copy_file,
append_to_file): Unless the --follow-symlinks option is given, open files with
the O_NOFOLLOW flag to avoid following symlinks. So far, we were only doing
that consistently for input files.
* src/util.c (create_backup): When creating empty backup files, (re)create them
with O_CREAT | O_EXCL to avoid following symlinks in that case as well.
---
src/inp.c | 12 ++++++++++--
src/util.c | 14 +++++++++++---
2 files changed, 21 insertions(+), 5 deletions(-)
--- a/src/inp.c
+++ b/src/inp.c
@@ -238,8 +238,13 @@ plan_a (char const *filename)
{
if (S_ISREG (instat.st_mode))
{
- int ifd = safe_open (filename, O_RDONLY|binary_transput, 0);
+ int flags = O_RDONLY | binary_transput;
size_t buffered = 0, n;
+ int ifd;
+
+ if (! follow_symlinks)
+ flags |= O_NOFOLLOW;
+ ifd = safe_open (filename, flags, 0);
if (ifd < 0)
pfatal ("can't open file %s", quotearg (filename));
@@ -340,6 +345,7 @@ plan_a (char const *filename)
static void
plan_b (char const *filename)
{
+ int flags = O_RDONLY | binary_transput;
int ifd;
FILE *ifp;
int c;
@@ -353,7 +359,9 @@ plan_b (char const *filename)
if (instat.st_size == 0)
filename = NULL_DEVICE;
- if ((ifd = safe_open (filename, O_RDONLY | binary_transput, 0)) < 0
+ if (! follow_symlinks)
+ flags |= O_NOFOLLOW;
+ if ((ifd = safe_open (filename, flags, 0)) < 0
|| ! (ifp = fdopen (ifd, binary_transput ? "rb" : "r")))
pfatal ("Can't open file %s", quotearg (filename));
if (TMPINNAME_needs_removal)
--- a/src/util.c
+++ b/src/util.c
@@ -388,7 +388,7 @@ create_backup (char const *to, const str
try_makedirs_errno = ENOENT;
safe_unlink (bakname);
- while ((fd = safe_open (bakname, O_CREAT | O_WRONLY | O_TRUNC, 0666)) < 0)
+ while ((fd = safe_open (bakname, O_CREAT | O_EXCL | O_WRONLY | O_TRUNC, 0666)) < 0)
{
if (errno != try_makedirs_errno)
pfatal ("Can't create file %s", quotearg (bakname));
@@ -579,10 +579,13 @@ create_file (char const *file, int open_
static void
copy_to_fd (const char *from, int tofd)
{
+ int from_flags = O_RDONLY | O_BINARY;
int fromfd;
ssize_t i;
- if ((fromfd = safe_open (from, O_RDONLY | O_BINARY, 0)) < 0)
+ if (! follow_symlinks)
+ from_flags |= O_NOFOLLOW;
+ if ((fromfd = safe_open (from, from_flags, 0)) < 0)
pfatal ("Can't reopen file %s", quotearg (from));
while ((i = read (fromfd, buf, bufsize)) != 0)
{
@@ -625,6 +628,8 @@ copy_file (char const *from, char const
else
{
assert (S_ISREG (mode));
+ if (! follow_symlinks)
+ to_flags |= O_NOFOLLOW;
tofd = create_file (to, O_WRONLY | O_BINARY | to_flags, mode,
to_dir_known_to_exist);
copy_to_fd (from, tofd);
@@ -640,9 +645,12 @@ copy_file (char const *from, char const
void
append_to_file (char const *from, char const *to)
{
+ int to_flags = O_WRONLY | O_APPEND | O_BINARY;
int tofd;
- if ((tofd = safe_open (to, O_WRONLY | O_BINARY | O_APPEND, 0)) < 0)
+ if (! follow_symlinks)
+ to_flags |= O_NOFOLLOW;
+ if ((tofd = safe_open (to, to_flags, 0)) < 0)
pfatal ("Can't reopen file %s", quotearg (to));
copy_to_fd (from, tofd);
if (close (tofd) != 0)

30
ed-style-01-missing-input-files.patch Normal file
View File

@ -0,0 +1,30 @@
From: Andreas Gruenbacher <agruen@gnu.org>
Date: Fri, 6 Apr 2018 11:34:51 +0200
Subject: Allow input files to be missing for ed-style patches
Patch-mainline: yes
Git-commit: b5a91a01e5d0897facdd0f49d64b76b0f02b43e1
References: bsc#1088420, savannah#53566, CVE-2018-1000156
* src/pch.c (do_ed_script): Allow input files to be missing so that new
files will be created as with non-ed-style patches.
---
src/pch.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
--- a/src/pch.c
+++ b/src/pch.c
@@ -2394,9 +2394,11 @@ do_ed_script (char const *inname, char c
if (! dry_run && ! skip_rest_of_patch) {
int exclusive = *outname_needs_removal ? 0 : O_EXCL;
- assert (! inerrno);
- *outname_needs_removal = true;
- copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
+ if (inerrno != ENOENT)
+ {
+ *outname_needs_removal = true;
+ copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
+ }
sprintf (buf, "%s %s%s", editor_program,
verbosity == VERBOSE ? "" : "- ",
outname);

201
ed-style-02-fix-arbitrary-command-execution.patch Normal file
View File

@ -0,0 +1,201 @@
From: Andreas Gruenbacher <agruen@gnu.org>
Date: Fri, 6 Apr 2018 12:14:49 +0200
Subject: Fix arbitrary command execution in ed-style patches
Patch-mainline: yes
Git-commit: 123eaff0d5d1aebe128295959435b9ca5909c26d
References: bsc#1088420, savannah#53566, CVE-2018-1000156
* src/pch.c (do_ed_script): Write ed script to a temporary file instead
of piping it to ed: this will cause ed to abort on invalid commands
instead of rejecting them and carrying on.
* tests/ed-style: New test case.
* tests/Makefile.am (TESTS): Add test case.
---
src/pch.c | 91 +++++++++++++++++++++++++++++++++++++++---------------
tests/Makefile.am | 1
tests/ed-style | 41 ++++++++++++++++++++++++
3 files changed, 108 insertions(+), 25 deletions(-)
--- a/src/pch.c
+++ b/src/pch.c
@@ -33,6 +33,7 @@
# include <io.h>
#endif
#include <safe.h>
+#include <sys/wait.h>
#define INITHUNKMAX 125 /* initial dynamic allocation size */
@@ -2389,24 +2390,28 @@ do_ed_script (char const *inname, char c
static char const editor_program[] = EDITOR_PROGRAM;
file_offset beginning_of_this_line;
- FILE *pipefp = 0;
size_t chars_read;
+ FILE *tmpfp = 0;
+ char const *tmpname;
+ int tmpfd;
+ pid_t pid;
+
+ if (! dry_run && ! skip_rest_of_patch)
+ {
+ /* Write ed script to a temporary file. This causes ed to abort on
+ invalid commands such as when line numbers or ranges exceed the
+ number of available lines. When ed reads from a pipe, it rejects
+ invalid commands and treats the next line as a new command, which
+ can lead to arbitrary command execution. */
+
+ tmpfd = make_tempfile (&tmpname, 'e', NULL, O_RDWR | O_BINARY, 0);
+ if (tmpfd == -1)
+ pfatal ("Can't create temporary file %s", quotearg (tmpname));
+ tmpfp = fdopen (tmpfd, "w+b");
+ if (! tmpfp)
+ pfatal ("Can't open stream for file %s", quotearg (tmpname));
+ }
- if (! dry_run && ! skip_rest_of_patch) {
- int exclusive = *outname_needs_removal ? 0 : O_EXCL;
- if (inerrno != ENOENT)
- {
- *outname_needs_removal = true;
- copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
- }
- sprintf (buf, "%s %s%s", editor_program,
- verbosity == VERBOSE ? "" : "- ",
- outname);
- fflush (stdout);
- pipefp = popen(buf, binary_transput ? "wb" : "w");
- if (!pipefp)
- pfatal ("Can't open pipe to %s", quotearg (buf));
- }
for (;;) {
char ed_command_letter;
beginning_of_this_line = file_tell (pfp);
@@ -2417,14 +2422,14 @@ do_ed_script (char const *inname, char c
}
ed_command_letter = get_ed_command_letter (buf);
if (ed_command_letter) {
- if (pipefp)
- if (! fwrite (buf, sizeof *buf, chars_read, pipefp))
+ if (tmpfp)
+ if (! fwrite (buf, sizeof *buf, chars_read, tmpfp))
write_fatal ();
if (ed_command_letter != 'd' && ed_command_letter != 's') {
p_pass_comments_through = true;
while ((chars_read = get_line ()) != 0) {
- if (pipefp)
- if (! fwrite (buf, sizeof *buf, chars_read, pipefp))
+ if (tmpfp)
+ if (! fwrite (buf, sizeof *buf, chars_read, tmpfp))
write_fatal ();
if (chars_read == 2 && strEQ (buf, ".\n"))
break;
@@ -2437,13 +2442,49 @@ do_ed_script (char const *inname, char c
break;
}
}
- if (!pipefp)
+ if (!tmpfp)
return;
- if (fwrite ("w\nq\n", sizeof (char), (size_t) 4, pipefp) == 0
- || fflush (pipefp) != 0)
+ if (fwrite ("w\nq\n", sizeof (char), (size_t) 4, tmpfp) == 0
+ || fflush (tmpfp) != 0)
write_fatal ();
- if (pclose (pipefp) != 0)
- fatal ("%s FAILED", editor_program);
+
+ if (lseek (tmpfd, 0, SEEK_SET) == -1)
+ pfatal ("Can't rewind to the beginning of file %s", quotearg (tmpname));
+
+ if (! dry_run && ! skip_rest_of_patch) {
+ int exclusive = *outname_needs_removal ? 0 : O_EXCL;
+ *outname_needs_removal = true;
+ if (inerrno != ENOENT)
+ {
+ *outname_needs_removal = true;
+ copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
+ }
+ sprintf (buf, "%s %s%s", editor_program,
+ verbosity == VERBOSE ? "" : "- ",
+ outname);
+ fflush (stdout);
+
+ pid = fork();
+ if (pid == -1)
+ pfatal ("Can't fork");
+ else if (pid == 0)
+ {
+ dup2 (tmpfd, 0);
+ execl ("/bin/sh", "sh", "-c", buf, (char *) 0);
+ _exit (2);
+ }
+ else
+ {
+ int wstatus;
+ if (waitpid (pid, &wstatus, 0) == -1
+ || ! WIFEXITED (wstatus)
+ || WEXITSTATUS (wstatus) != 0)
+ fatal ("%s FAILED", editor_program);
+ }
+ }
+
+ fclose (tmpfp);
+ safe_unlink (tmpname);
if (ofp)
{
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -32,6 +32,7 @@ TESTS = \
crlf-handling \
dash-o-append \
deep-directories \
+ ed-style \
empty-files \
false-match \
fifo \
--- /dev/null
+++ b/tests/ed-style
@@ -0,0 +1,41 @@
+# Copyright (C) 2018 Free Software Foundation, Inc.
+#
+# Copying and distribution of this file, with or without modification,
+# in any medium, are permitted without royalty provided the copyright
+# notice and this notice are preserved.
+
+. $srcdir/test-lib.sh
+
+require cat
+use_local_patch
+use_tmpdir
+
+# ==============================================================
+
+cat > ed1.diff <<EOF
+0a
+foo
+.
+EOF
+
+check 'patch -e foo -i ed1.diff' <<EOF
+EOF
+
+check 'cat foo' <<EOF
+foo
+EOF
+
+cat > ed2.diff <<EOF
+1337a
+r !echo bar
+,p
+EOF
+
+check 'patch -e foo -i ed2.diff 2> /dev/null || echo "Status: $?"' <<EOF
+?
+Status: 2
+EOF
+
+check 'cat foo' <<EOF
+foo
+EOF

35
ed-style-03-update-test-Makefile.patch Normal file
View File

@ -0,0 +1,35 @@
From: Jean Delvare <jdelvare@suse.de>
Subject: Update tests/Makefile.in
Patch-mainline: no, temporary integration
References: bsc#1088420, savannah#53566, CVE-2018-1000156
Previous patch modifies tests/Makefile.am. Mirror the changes to
tests/Makefile.in so that we don't need automake.
---
tests/Makefile.in | 8 ++++++++
1 file changed, 8 insertions(+)
--- a/tests/Makefile.in
+++ b/tests/Makefile.in
@@ -1308,6 +1308,7 @@ TESTS = \
crlf-handling \
dash-o-append \
deep-directories \
+ ed-style \
empty-files \
false-match \
fifo \
@@ -1638,6 +1639,13 @@ deep-directories.log: deep-directories
$(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
+ "$$tst" $(AM_TESTS_FD_REDIRECT)
+ed-style.log: ed-style
+ @p='ed-style'; \
+ b='ed-style'; \
+ $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
+ --log-file $$b.log --trs-file $$b.trs \
+ $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
empty-files.log: empty-files
@p='empty-files'; \

35
ed-style-04-invoke-ed-directly.patch Normal file
View File

@ -0,0 +1,35 @@
From: Andreas Gruenbacher <agruen@gnu.org>
Date: Fri, 6 Apr 2018 19:36:15 +0200
Subject: Invoke ed directly instead of using the shell
Git-commit: 3fcd042d26d70856e826a42b5f93dc4854d80bf0
Patch-mainline: yes
References: bsc#1088420, savannah#53566, CVE-2018-1000156
* src/pch.c (do_ed_script): Invoke ed directly instead of using a shell
command to avoid quoting vulnerabilities.
---
src/pch.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
--- a/src/pch.c
+++ b/src/pch.c
@@ -2459,9 +2459,6 @@ do_ed_script (char const *inname, char c
*outname_needs_removal = true;
copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
}
- sprintf (buf, "%s %s%s", editor_program,
- verbosity == VERBOSE ? "" : "- ",
- outname);
fflush (stdout);
pid = fork();
@@ -2470,7 +2467,8 @@ do_ed_script (char const *inname, char c
else if (pid == 0)
{
dup2 (tmpfd, 0);
- execl ("/bin/sh", "sh", "-c", buf, (char *) 0);
+ assert (outname[0] != '!' && outname[0] != '-');
+ execlp (editor_program, editor_program, "-", outname, (char *) NULL);
_exit (2);
}
else

95
ed-style-05-minor-cleanups.patch Normal file
View File

@ -0,0 +1,95 @@
From: Andreas Gruenbacher <agruen@gnu.org>
Date: Fri, 6 Apr 2018 20:32:46 +0200
Subject: Minor cleanups in do_ed_script
Git-commit: 2a32bf09f5e9572da4be183bb0dbde8164351474
Patch-mainline: yes
References: bsc#1088420, savannah#53566, CVE-2018-1000156
* src/pch.c (do_ed_script): Minor cleanups.
Backporting notes: adjusted because we don't have commit ff1d3a67da1e
("Use gnulib execute module") so the context is very different.
---
src/pch.c | 56 +++++++++++++++++++++++++++-----------------------------
1 file changed, 27 insertions(+), 29 deletions(-)
--- a/src/pch.c
+++ b/src/pch.c
@@ -2395,6 +2395,8 @@ do_ed_script (char const *inname, char c
char const *tmpname;
int tmpfd;
pid_t pid;
+ int exclusive = *outname_needs_removal ? 0 : O_EXCL;
+
if (! dry_run && ! skip_rest_of_patch)
{
@@ -2442,7 +2444,7 @@ do_ed_script (char const *inname, char c
break;
}
}
- if (!tmpfp)
+ if (dry_run || skip_rest_of_patch)
return;
if (fwrite ("w\nq\n", sizeof (char), (size_t) 4, tmpfp) == 0
|| fflush (tmpfp) != 0)
@@ -2451,35 +2453,31 @@ do_ed_script (char const *inname, char c
if (lseek (tmpfd, 0, SEEK_SET) == -1)
pfatal ("Can't rewind to the beginning of file %s", quotearg (tmpname));
- if (! dry_run && ! skip_rest_of_patch) {
- int exclusive = *outname_needs_removal ? 0 : O_EXCL;
+ if (inerrno != ENOENT)
+ {
*outname_needs_removal = true;
- if (inerrno != ENOENT)
- {
- *outname_needs_removal = true;
- copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
- }
- fflush (stdout);
-
- pid = fork();
- if (pid == -1)
- pfatal ("Can't fork");
- else if (pid == 0)
- {
- dup2 (tmpfd, 0);
- assert (outname[0] != '!' && outname[0] != '-');
- execlp (editor_program, editor_program, "-", outname, (char *) NULL);
- _exit (2);
- }
- else
- {
- int wstatus;
- if (waitpid (pid, &wstatus, 0) == -1
- || ! WIFEXITED (wstatus)
- || WEXITSTATUS (wstatus) != 0)
- fatal ("%s FAILED", editor_program);
- }
- }
+ copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
+ }
+ fflush (stdout);
+
+ pid = fork();
+ if (pid == -1)
+ pfatal ("Can't fork");
+ else if (pid == 0)
+ {
+ dup2 (tmpfd, 0);
+ assert (outname[0] != '!' && outname[0] != '-');
+ execlp (editor_program, editor_program, "-", outname, (char *) NULL);
+ _exit (2);
+ }
+ else
+ {
+ int wstatus;
+ if (waitpid (pid, &wstatus, 0) == -1
+ || ! WIFEXITED (wstatus)
+ || WEXITSTATUS (wstatus) != 0)
+ fatal ("%s FAILED", editor_program);
+ }
fclose (tmpfp);
safe_unlink (tmpname);

24
ed-style-06-fix-test-failure.patch Normal file
View File

@ -0,0 +1,24 @@
From: Bruno Haible <bruno@clisp.org>
Date: Sat, 7 Apr 2018 12:34:03 +0200
Subject: Fix 'ed-style' test failure
Git-commit: 458ac51a05426c1af9aa6bf1342ecf60728c19b4
Patch-mainline: yes
References: bsc#1088420, savannah#53566, CVE-2018-1000156
* tests/ed-style: Remove '?' line from expected output.
---
tests/ed-style | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
--- a/tests/ed-style
+++ b/tests/ed-style
@@ -31,8 +31,7 @@ r !echo bar
,p
EOF
-check 'patch -e foo -i ed2.diff 2> /dev/null || echo "Status: $?"' <<EOF
-?
+check 'patch -e foo -i ed2.diff > /dev/null 2> /dev/null || echo "Status: $?"' <<EOF
Status: 2
EOF

95
ed-style-07-dont-leak-tmp-file.patch Normal file
View File

@ -0,0 +1,95 @@
From: Jean Delvare <jdelvare@suse.de>
Date: Thu, 3 May 2018 14:31:55 +0200
Subject: Don't leak temporary file on failed ed-style patch
Git-commit: 19599883ffb6a450d2884f081f8ecf68edbed7ee
Patch-mainline: yes
References: bsc#1092500, savannah#53820
Now that we write ed-style patches to a temporary file before we
apply them, we need to ensure that the temporary file is removed
before we leave, even on fatal error.
* src/pch.c (do_ed_script): Use global TMPEDNAME instead of local
tmpname. Don't unlink the file directly, instead tag it for removal
at exit time.
* src/patch.c (cleanup): Unlink TMPEDNAME at exit.
This closes bug #53820:
https://savannah.gnu.org/bugs/index.php?53820
Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)")
---
src/common.h | 2 ++
src/patch.c | 1 +
src/pch.c | 11 +++++------
3 files changed, 8 insertions(+), 6 deletions(-)
--- a/src/common.h
+++ b/src/common.h
@@ -94,10 +94,12 @@ XTERN char const *origsuff;
XTERN char const * TMPINNAME;
XTERN char const * TMPOUTNAME;
XTERN char const * TMPPATNAME;
+XTERN char const * TMPEDNAME;
XTERN bool TMPINNAME_needs_removal;
XTERN bool TMPOUTNAME_needs_removal;
XTERN bool TMPPATNAME_needs_removal;
+XTERN bool TMPEDNAME_needs_removal;
#ifdef DEBUGGING
XTERN int debug;
--- a/src/patch.c
+++ b/src/patch.c
@@ -1999,6 +1999,7 @@ cleanup (void)
remove_if_needed (TMPINNAME, &TMPINNAME_needs_removal);
remove_if_needed (TMPOUTNAME, &TMPOUTNAME_needs_removal);
remove_if_needed (TMPPATNAME, &TMPPATNAME_needs_removal);
+ remove_if_needed (TMPEDNAME, &TMPEDNAME_needs_removal);
remove_if_needed (TMPREJNAME, &TMPREJNAME_needs_removal);
output_files (NULL);
}
--- a/src/pch.c
+++ b/src/pch.c
@@ -2392,7 +2392,6 @@ do_ed_script (char const *inname, char c
file_offset beginning_of_this_line;
size_t chars_read;
FILE *tmpfp = 0;
- char const *tmpname;
int tmpfd;
pid_t pid;
int exclusive = *outname_needs_removal ? 0 : O_EXCL;
@@ -2406,12 +2405,13 @@ do_ed_script (char const *inname, char c
invalid commands and treats the next line as a new command, which
can lead to arbitrary command execution. */
- tmpfd = make_tempfile (&tmpname, 'e', NULL, O_RDWR | O_BINARY, 0);
+ tmpfd = make_tempfile (&TMPEDNAME, 'e', NULL, O_RDWR | O_BINARY, 0);
if (tmpfd == -1)
- pfatal ("Can't create temporary file %s", quotearg (tmpname));
+ pfatal ("Can't create temporary file %s", quotearg (TMPEDNAME));
+ TMPEDNAME_needs_removal = true;
tmpfp = fdopen (tmpfd, "w+b");
if (! tmpfp)
- pfatal ("Can't open stream for file %s", quotearg (tmpname));
+ pfatal ("Can't open stream for file %s", quotearg (TMPEDNAME));
}
for (;;) {
@@ -2451,7 +2451,7 @@ do_ed_script (char const *inname, char c
write_fatal ();
if (lseek (tmpfd, 0, SEEK_SET) == -1)
- pfatal ("Can't rewind to the beginning of file %s", quotearg (tmpname));
+ pfatal ("Can't rewind to the beginning of file %s", quotearg (TMPEDNAME));
if (inerrno != ENOENT)
{
@@ -2480,7 +2480,6 @@ do_ed_script (char const *inname, char c
}
fclose (tmpfp);
- safe_unlink (tmpname);
if (ofp)
{

72
ed-style-08-dont-leak-tmp-file-multi.patch Normal file
View File

@ -0,0 +1,72 @@
From: Jean Delvare <jdelvare@suse.de>
Date: Mon, 7 May 2018 15:14:45 +0200
Subject: Don't leak temporary file on failed multi-file ed-style patch
Git-commit: 369dcccdfa6336e5a873d6d63705cfbe04c55727
Patch-mainline: yes
References: bsc#1092500, savannah#53820
The previous fix worked fine with single-file ed-style patches, but
would still leak temporary files in the case of multi-file ed-style
patch. Fix that case as well, and extend the test case to check for
it.
* src/patch.c (main): Unlink TMPEDNAME if needed before moving to
the next file in a patch.
This closes bug #53820:
https://savannah.gnu.org/bugs/index.php?53820
Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)")
Fixes: 19599883ffb6 ("Don't leak temporary file on failed ed-style patch")
---
src/patch.c | 1 +
tests/ed-style | 31 +++++++++++++++++++++++++++++++
2 files changed, 32 insertions(+)
--- a/src/patch.c
+++ b/src/patch.c
@@ -236,6 +236,7 @@ main (int argc, char **argv)
}
remove_if_needed (TMPOUTNAME, &TMPOUTNAME_needs_removal);
}
+ remove_if_needed (TMPEDNAME, &TMPEDNAME_needs_removal);
if (! skip_rest_of_patch && ! file_type)
{
--- a/tests/ed-style
+++ b/tests/ed-style
@@ -38,3 +38,34 @@ EOF
check 'cat foo' <<EOF
foo
EOF
+
+# Test the case where one ed-style patch modifies several files
+
+cat > ed3.diff <<EOF
+--- foo
++++ foo
+1c
+bar
+.
+--- baz
++++ baz
+0a
+baz
+.
+EOF
+
+# Apparently we can't create a file with such a patch, while it works fine
+# when the file name is provided on the command line
+cat > baz <<EOF
+EOF
+
+check 'patch -e -i ed3.diff' <<EOF
+EOF
+
+check 'cat foo' <<EOF
+bar
+EOF
+
+check 'cat baz' <<EOF
+baz
+EOF

25
fix-segfault-mangled-rename.patch Normal file
View File

@ -0,0 +1,25 @@
From: Andreas Gruenbacher <agruen@gnu.org>
Date: Mon, 12 Feb 2018 16:48:24 +0100
Subject: Fix segfault with mangled rename patch
Patch-mainline: yes
Git-commit: f290f48a621867084884bfff87f8093c15195e6a
References: bsc#1080951, CVE-2018-6951, savannah#53133
http://savannah.gnu.org/bugs/?53132
* src/pch.c (intuit_diff_type): Ensure that two filenames are specified
for renames and copies (fix the existing check).
diff --git a/src/pch.c b/src/pch.c
index ff9ed2c..bc6278c 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -974,7 +974,8 @@ intuit_diff_type (bool need_header, mode_t *p_file_type)
if ((pch_rename () || pch_copy ())
&& ! inname
&& ! ((i == OLD || i == NEW) &&
- p_name[! reverse] &&
+ p_name[reverse] && p_name[! reverse] &&
+ name_is_valid (p_name[reverse]) &&
name_is_valid (p_name[! reverse])))
{
say ("Cannot %s file without two valid file names\n", pch_rename () ? "rename" : "copy");

27
fix-swapping-fake-lines-in-pch_swap.patch Normal file
View File

@ -0,0 +1,27 @@
From: Andreas Gruenbacher <agruen@gnu.org>
Date: Fri, 17 Aug 2018 13:35:40 +0200
Subject: Fix swapping fake lines in pch_swap
Patch-mainline: Yes
Git-commit: 9c986353e420ead6e706262bf204d6e03322c300
References: boo#1080985 savannah#53133 CVE-2018-6952
* src/pch.c (pch_swap): Fix swapping p_bfake and p_efake when there is a
blank line in the middle of a context-diff hunk: that empty line stays
in the middle of the hunk and isn't swapped.
Fixes: https://savannah.gnu.org/bugs/index.php?53133
---
src/pch.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/src/pch.c
+++ b/src/pch.c
@@ -2115,7 +2115,7 @@ pch_swap (void)
}
if (p_efake >= 0) { /* fix non-freeable ptr range */
if (p_efake <= i)
- n = p_end - i + 1;
+ n = p_end - p_ptrn_lines;
else
n = -i;
p_efake += n;

59
pass-the-correct-stat-to-backup-files.patch Normal file
View File

@ -0,0 +1,59 @@
From: Takashi Iwai <tiwai@suse.de>
Date: Wed, 6 Apr 2022 10:48:35 +0200
Subject: Pass the correct stat to backup files
Patch-mainline: Yes
Git-commit: c835ecc67b7e37c0d0b7dd7e032209fdaa285808
References: boo#1198106 savananh#62364
The last case to call output_file() in the main loop is
output_file (outname, NULL, &tmpoutst, NULL, NULL,
file_type | 0, backup);
and this essentially means to create a backup file (where to=NULL)
only if backup=true, and does nothing else.
And, in the current code, the passed file stat (&tmpoutst) is a file
stat of the temporary file that has been processed, not the original
file (outname) to be backed up. When the backup is performed
immediately, this is no big problem. However, output_file() may
schedule the deferred handling, and the given file may be backed up at
a later point. The problem is that create_backup() tries to avoid the
backup of the same file twice, and it checks the given stat i-node
number in the hash list. Since it's a stat of a temporary file, the
same i-node number may be reused once a temp file is deleted and
another is created. This results in a false-positive detection of the
already existing file, eventually missing a backup file.
This patch attempts to address the issue:
- Modify the condition for better understanding, clearly indicating
that the code there is for creating a backup file
- Pass the stat of the original file instead of a temporary file
BugLink: https://bugzilla.opensuse.org/show_bug.cgi?id=1198106
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Jean Delvare <jdelvare@suse.de>
---
src/patch.c | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
--- a/src/patch.c
+++ b/src/patch.c
@@ -611,9 +611,16 @@ main (int argc, char **argv)
output_file (NULL, NULL, NULL, inname, &instat,
mode, backup);
}
- else
- output_file (outname, NULL, &tmpoutst, NULL, NULL,
- file_type | 0, backup);
+ else if (backup)
+ {
+ struct stat outstat;
+
+ if (stat_file (outname, &outstat) != 0)
+ say ("Cannot stat file %s, skipping backup\n", outname);
+ else
+ output_file (outname, NULL, &outstat, NULL, NULL,
+ file_type | 0, true);
+ }
}
}
}

BIN
patch-2.7.6.tar.xz (Stored with Git LFS) Normal file
View File

Binary file not shown.

16
patch-2.7.6.tar.xz.sig Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJaed0dAAoJENW/n+sDE2U62ScQAK02GcPxJccBefkcuC6q/or9
f1im2lIpc1YJqxHmmhDeRu9twjuFycUV55hud+OroJe2xYKZrI6oUwJBldKTRfHu
whlhRzERO3U4z9pvi8XWbKvObsmqSBIgsM72oby4aPLCWk7IpJprR6BnRZdtnBg1
jzM3Yka8k01+dmVH2rsoSEGAe9sZbXJazBoYg8N/wHKe2+NY4W3esZ7flxQJ9RvB
GxjVU/KbyoNXIoFU4EnMalcLTZTHThhv2kQ1/cQZ+gt/1+f00DoieaUaIg3qB8jX
IqYE4GvXILgx8+REE3utt0zKv7pYGBNRkuACUE2hLZoY4SporJ0J63/7Y8zrzjxQ
GE27+DcjxBQGd1GnpO/Xb4kpqBGyn4KrlBIiHkhk2GgyBewpXPMog3cJki7A/1vz
Qb+JTY8PBqvOe7DmxW4Bp1vX6eOKn14FDQ7q3ZPjAd52Jtn7GUEt4etCduQh7ZNt
ElLLvpPro1wxG1bTbA3+TysCd+9XWWjwKJlPK5Jbdii0R73iy386UZGN1t1kmBzS
1mn3nh82z/XO9lPU3e1WP0BANAzTrNqA66ZbfQ9fIu6UO8R/+ygT7U5yie+X3xwP
kM6HR6oD0eDkqbPbOr8hey0kPG3FAWkZ47Oju5ad1ntUBFj4buLybEY0e08hncJS
gdt7wrbeKKxzdrcyQ1qy
=mjHo
-----END PGP SIGNATURE-----

600
patch.changes Normal file
View File

@ -0,0 +1,600 @@
-------------------------------------------------------------------
Tue May 24 14:16:43 UTC 2022 - Stephan Kulow <coolo@suse.com>
- Do not link unversioned file by URL
- Replace group keyring not intended for release checking with
(expired since 2018) public key of Andreas
-------------------------------------------------------------------
Tue May 10 16:41:54 UTC 2022 - Jean Delvare <jdelvare@suse.de>
- fix-swapping-fake-lines-in-pch_swap.patch: Fix swapping fake
lines in pch_swap. This bug was causing a double free leading to
a crash (boo#1080985 CVE-2018-6952).
- abort-when-cleaning-up-fails.patch: Abort when cleaning up fails.
This bug could cause an infinite loop when a patch wouldn't
apply, leading to a segmentation fault (boo#1111572).
- dont-follow-symlinks-unless-asked.patch: Don't follow symlinks
unless --follow-symlinks is given. This increases the security
against malicious patches (boo#1142041 CVE-2019-13636).
- pass-the-correct-stat-to-backup-files.patch: Pass the correct
stat to backup files. This bug would occasionally cause backup
files to be missing when all hunks failed to apply (boo#1198106).
-------------------------------------------------------------------
Wed Sep 29 10:33:36 UTC 2021 - Dominique Leuenberger <dimstar@opensuse.org>
- Do not query %{verbose} to add V=1 or not: verbose changed
semantics between rpm versions and there is currently no variant
supporting rpm < 4.17 and rpm >= 4.17.
-------------------------------------------------------------------
Wed May 9 09:52:04 UTC 2018 - jdelvare@suse.de
- ed-style-07-dont-leak-tmp-file.patch,
ed-style-08-dont-leak-tmp-file-multi.patch: Fix temporary file
leak when applying ed-style patches (bsc#1092500,
savannah#53820).
-------------------------------------------------------------------
Wed Apr 18 11:16:34 CEST 2018 - jdelvare@suse.de
- Add ed as BuildRequires so ed-style patches can be checked by
the test suite.
-------------------------------------------------------------------
Wed Apr 18 08:53:00 UTC 2018 - jdelvare@suse.de
Fix CVE-2018-1000156 (bsc#1088420, savannah#53566).
- ed-style-01-missing-input-files.patch: Allow input files to be
missing for ed-style patches.
- ed-style-02-fix-arbitrary-command-execution.patch,
ed-style-03-update-test-Makefile.patch: Fix arbitrary command
execution in ed-style patches.
- ed-style-04-invoke-ed-directly.patch: Invoke ed directly instead
of using the shell.
- ed-style-05-minor-cleanups.patch: Minor cleanups in do_ed_script.
- ed-style-06-fix-test-failure.patch: Fix 'ed-style' test failure.
-------------------------------------------------------------------
Thu Mar 22 09:43:43 CET 2018 - jdelvare@suse.de
- Move COPYING from %doc to %license.
-------------------------------------------------------------------
Wed Mar 21 16:44:09 CET 2018 - jdelvare@suse.de
- Add AUTHORS and COPYING to %doc.
- fix-segfault-mangled-rename.patch: Fix segfault with mangled
rename patch (bsc#1080951, CVE-2018-6951, savannah#53132).
-------------------------------------------------------------------
Wed Feb 7 18:43:51 UTC 2018 - astieger@suse.com
- patch 2.7.6:
* Files specified on the command line are no longer verified to
be inside the current working directory, so commands like
"patch -i foo.diff ../foo" will work again
* Fixes CVE-2016-10713 (Out-of-bounds access within
pch_write_line() in pch.c could possibly lead to DoS via a
crafted input file; bsc#1080918)
* Various fixes
-------------------------------------------------------------------
Sat Mar 7 10:42:46 CET 2015 - jdelvare@suse.de
- patch 2.7.5
Fixes a functional regression introduced by the previous update.
+ Patching through symbolic links works again, as long as the
target is within the working tree.
-------------------------------------------------------------------
Mon Feb 16 11:51:58 CET 2015 - jdelvare@suse.de
- patch 2.7.4
Fixes a functional regression introduced by the previous security
fix. The security fix would forbid legitimate use cases of
relative symbolic links.
[boo#918058]
+ Allow arbitrary symlink targets again.
+ Do not change permissions if there isn't an explicit mode
change.
+ Fix indentation heuristic for context diffs.
- Please also note that the previous update fixed security bugs
boo#915328 and boo#915329 even though it did not say so.
-------------------------------------------------------------------
Fri Jan 23 00:58:35 UTC 2015 - andreas.stieger@gmx.de
- patch 2.7.3
Contains a security fix for a directory traversal flaw when
handling git-style patches. This could allow an attacker to
overwrite arbitrary files by applying a specially crafted patch.
[boo#913678] [CVE-2015-1196]
+ With git-style patches, symlinks that point outside the working
directory will no longer be created (CVE-2015-1196).
+ When a file isn't being deleted because the file contents don't
match the patch, the resulting message is now "Not deleting
file ... as content differs from patch" instead of "File ...
is not empty after patch; not deleting".
+ Function names in hunks (from diff -p) are now preserved in
reject files
This change was previously added as a patch. [boo#904519]
- Version 2.7.2 differed from the above only slightly.
- packaging changes:
+ Verify source signatures
+ Removed patches now upstream:
* error-report-crash.patch
* reject-print-function-01-drop-useless-test.patch
* reject-print-function-02-handle-unified-format.patch
+ run spec-cleaner
-------------------------------------------------------------------
Mon Nov 10 11:37:03 CET 2014 - jdelvare@suse.de
- reject-print-function-01-drop-useless-test.patch: Drop useless
test in another_hunk().
- reject-print-function-02-handle-unified-format.patch: Preserve C
function name in unified rejects (bnc#904519).
-------------------------------------------------------------------
Tue May 20 07:44:03 UTC 2014 - schwab@suse.de
- error-report-crash.patch: fix crash after reporting error during option
parsing
-------------------------------------------------------------------
Thu Dec 6 16:19:25 CET 2012 - jdelvare@suse.de
- Back to bz2 archive format as old products lack xz.
-------------------------------------------------------------------
Thu Dec 6 15:34:14 CET 2012 - jdelvare@suse.de
- Version 2.7.1
+ Patch no longer gets a failed assertion for certain mangled
patches.
+ Ignore destination file names that are absolute or that contain
a component of "..", except when working in the root directory.
This addresses CVE-2010-4651.
+ Support for most features of the "diff --git" format, including
renames and copies, permission changes, and symlink diffs.
Binary diffs are not supported yet; patch will complain and
skip them.
+ Support for double-quoted filenames: when a filename starts
with a double quote, it is interpreted as a C string literal.
The escape sequences \\, \", \a, \b, \f, \n, \r, \t, \v, and
\ooo (a three-digit octal number between 0 and 255) are
recognized.
+ Refuse to apply a normal patch to a symlink. (Previous versions
of patch were replacing the symlink with a regular file.)
+ New --follow-symlinks option to allow to treat symlinks as
files: this was patch's behavior before version 2.7.
+ When trying to modify a read-only file, warn about the
potential problem by default. The --read-only command line
option allows to change this behavior.
+ Files to be deleted are deleted once the entire input has been
processed, not immediately. This fixes a bug with numbered
backup files.
+ When a timestamp specifies a time zone, honor that instead of
assuming the local time zone (--set-date) or Universal
Coordinated Time (--set-utc).
+ Support for nanosecond precision timestamps.
+ Many bug fixes.
+ Clarify the message printed when a patch is expected to empty
out and delete a file, but the file does not become empty.
+ Various improvements to messages when applying a patch to a
file of different type (regular file vs. symlink), when there
are line ending differences (LF vs. CRLF), and when in
--dry-run mode.
+ Ignore when extended attributes cannot be preserved because
they are unsupported or because permission to set them is
denied.
- patch-revert-e0f70752.patch: Dropped, original bug fixed
upstream.
- patch-stdio.in.patch: Dropped, merged upstream.
-------------------------------------------------------------------
Tue Jul 17 08:40:27 UTC 2012 - aj@suse.de
- patch-stdio.in.patch:
Fix build with missing gets declaration (glibc 2.16)
-------------------------------------------------------------------
Fri Apr 6 14:22:12 CEST 2012 - jdelvare@suse.de
- patch-revert-e0f70752.patch: Revert broken upstream commit
(bnc#755136).
-------------------------------------------------------------------
Wed Apr 4 19:03:25 CEST 2012 - jdelvare@suse.de
- Version 2.6.1.136
-------------------------------------------------------------------
Wed Oct 5 12:33:53 UTC 2011 - uli@suse.com
- cross-build fix: use %configure macro
-------------------------------------------------------------------
Mon Apr 4 15:11:04 CEST 2011 - jdelvare@suse.de
- Version 2.6.1.116:
+ Patch now ignores destination file names that are absolute or
that contain a component of ".." (CVE-2010-4651, bnc#662957).
- Drop unified-reject-files-compat.diff. Compatibility has been
provided for the past 18 months, hopefully nobody is relying on
it any longer.
-------------------------------------------------------------------
Fri Jul 2 06:57:49 UTC 2010 - jengelh@medozas.de
- Use %_smp_mflags
-------------------------------------------------------------------
Wed May 5 01:28:12 CEST 2010 - agruen@suse.de
- Version 2.6.1.81:
+ Fix backup file detection for deleted files
+ Allow to create and delete empty files
+ Stick to the best name in the reversed-patch check
+ Various portability improvements
-------------------------------------------------------------------
Sun May 2 15:57:54 CEST 2010 - agruen@suse.de
- Fix the linker library order.
-------------------------------------------------------------------
Sun May 2 14:40:09 CEST 2010 - agruen@suse.de
- Be more verbose when %verbose is defined.
-------------------------------------------------------------------
Sun May 2 14:01:47 CEST 2010 - agruen@suse.de
- Version 2.6.1.64:
+ Support for most features of the "diff --git" format: renames
and copies, permission changes, symlink diffs. (Binary diffs
are not supported yet; patch will complain and skip them.)
+ Support for double-quoted filenames: when a filename in a
context diff starts with a double quote, it is interpreted as
a C string literal. The escape sequences \\, \", \a, \b, \f, \n,
\r, \t, \v, and \ooo (a three-digit octal number between 0 and
255) are recognized.
+ Refuse to patch read-only files by default, or at least warn
when patching such files with --force or --batch.
+ Refuse to apply a normal patch to a symlink. (Previous
versions of patch were wrongly replacing the symlink with a
regular file.)
+ When a timestamp specifies a time zone, honor that instead of
assuming the local time zone (--set-date) or Universal
Coordinated Time (--set-utc).
+ Support for nanosecond precision timestamps.
+ Many portability and bug fixes.
-------------------------------------------------------------------
Sun Jan 31 16:22:05 CET 2010 - agruen@suse.de
- Version 2.6.1.9:
+ Skip another ed-dependent test when ed isn't installed.
+ More portability fixes.
-------------------------------------------------------------------
Wed Dec 30 17:14:24 CET 2009 - agruen@suse.de
- Version 2.6.1:
+ Support for diff3(1) style merges which show the old, original,
and new lines of a conflict has been added (--merge=diff3).
The default still is the merge(1) format (--merge or
--merge=merge).
+ Bug and portability fixes.
-------------------------------------------------------------------
Sun Dec 6 17:32:57 CET 2009 - jengelh
- enable parallel building
-------------------------------------------------------------------
Fri Nov 13 15:45:06 CET 2009 - agruen@suse.de
- Version 2.6.
-------------------------------------------------------------------
Mon Sep 7 13:30:46 CEST 2009 - agruen@suse.de
- Version 2.5.9.122:
+ Try to preserve the owning group of patched files.
- Add --unified-reject-files backwards-compatibility patch to
older SUSE versions of patch.
-------------------------------------------------------------------
Mon Jul 20 10:12:48 CEST 2009 - agruen@suse.de
- Version 2.5.9.120:
+ When copying files, use full_write() from gnulib instead of
write().
+ The -m option hasn't been officially allocated yet. Use only
the long form for now (--merge).
-------------------------------------------------------------------
Fri Jun 19 08:33:32 CEST 2009 - agruen@suse.de
- Version 2.5.9.118:
+ Change the default value of PATCH_GET to 0.
+ When merging, make sure that hunks will not end up "out of order"
+ When the file to patch is specified on the command line,
apply all patches to that file
+ Some portability fixes/improvements
+ Don't fail when removing nonexistent files in move_file
-------------------------------------------------------------------
Wed Apr 8 16:47:49 CEST 2009 - agruen@suse.de
- Version 2.5.9.109:
+ Preserve timestamps in reject files.
+ Add support for sending output to standard output.
+ Allow special characters in filenames read interactively.
+ Don't forget to NUL terminate ptimestr in fetchname().
-------------------------------------------------------------------
Tue Apr 7 14:29:16 CEST 2009 - agruen@suse.de
- Version 2.5.9.104: timestamp parsing fix, 64-bit fix.
-------------------------------------------------------------------
Mon Apr 6 18:59:55 CEST 2009 - agruen@suse.de
- Version 2.5.9.97: Another bugfix.
-------------------------------------------------------------------
Mon Apr 6 15:04:50 CEST 2009 - agruen@suse.de
- Version 2.5.9.95: Gnulib update, bug fixes.
-------------------------------------------------------------------
Fri Apr 3 22:35:33 CEST 2009 - agruen@suse.de
- Update to version patch-2.5.9.77: updated manpage and NEWS, no
strict depenency on ed in the test suite anymore, and slightly
improved handling of asymmetric hunks.
-------------------------------------------------------------------
Thu Apr 2 16:21:14 CEST 2009 - agruen@suse.de
- Update to version patch-2.5.9.69 which has all our patches
merged in one form or anther, along with many other fixes and
improvements (see NEWS).
-------------------------------------------------------------------
Tue Feb 24 12:56:06 CET 2009 - agruen@suse.de
- Include patch headers in reject files so that they form proper
patches themselves.
- Rewrite the unified reject files patch; this is much cleaner
now.
- Add an improved strategy for locating merges.
-------------------------------------------------------------------
Tue Feb 3 06:10:49 CET 2009 - agruen@suse.de
- Implement diff3-style merges (including several fixes and
improvements).
-------------------------------------------------------------------
Wed Apr 23 10:53:19 CEST 2008 - agruen@suse.de
- remember-backup-files.diff: Fix bug when a file is touched by
the same patch more than twice. Move the test cases from the
patch header into separate files.
- patch-2.5.9-cat_if_device.diff: No need to remember the device
we write to as a backup file.
-------------------------------------------------------------------
Fri Nov 2 01:57:03 CET 2007 - agruen@suse.de
- Patch fails to apply hunks with asymmetric context correctly.
-------------------------------------------------------------------
Wed Jan 25 21:30:47 CET 2006 - mls@suse.de
- converted neededforbuild to BuildRequires
-------------------------------------------------------------------
Thu Jan 12 07:52:31 CET 2006 - agruen@suse.de
- remember-backup-files.diff: Fix case where a patch modifies a
read-only file more than once while --backup is used (test case
in the patch header).
-------------------------------------------------------------------
Thu Aug 18 18:09:59 CEST 2005 - mmj@suse.de
- --reject-unified is called --unified-reject-files [#105151]
-------------------------------------------------------------------
Wed Jun 29 13:50:06 CEST 2005 - mmj@suse.de
- Don't compile with -f-signed-char [#93883]
- Don't strip explicitly
-------------------------------------------------------------------
Tue Jan 4 21:11:54 CET 2005 - mmj@suse.de
- Add patch to make patch able to write reject files to devices,
named pipes and sockets [#45794]
-------------------------------------------------------------------
Sat Jan 25 02:30:00 CET 2004 - agruen@suse.de
- Add --reject-unified option to produce unified reject files:
Before, unified reject files were produced if the patch itself
was unified; this could sometimes have been annoying.
- If a patch with C function names (diff -p) has rejects, include
the function names in the reject files.
-------------------------------------------------------------------
Sun Jan 11 11:17:55 CET 2004 - adrian@suse.de
- add %defattr
-------------------------------------------------------------------
Tue Oct 7 15:03:22 CEST 2003 - agruen@suse.de
- remember-backup-files: Also include the file timestamps in the
hash table for non-POSIX-compliant systems that don't guarantee
that i_dev + i_ino uniquely identifies a file.
- #32031: Create --global-reject-file even if --dry-run is
specified. Add a missing '\n'.
-------------------------------------------------------------------
Wed Jul 16 15:21:44 CEST 2003 - agruen@suse.de
- Replace trailing-cr-fix.diff with official upstream version that
fixes this bug differently.
-------------------------------------------------------------------
Mon Jun 30 13:30:33 CEST 2003 - agruen@suse.de
- trailing-cr-fix.diff: Fix a bug in carriage return detection
(DOS files) in the unified diff path.
- Disable patch that adds comments to C preprocessor style
merges, as specified by POSIX.1-2001.
-------------------------------------------------------------------
Wed Jun 25 16:46:41 CEST 2003 - agruen@suse.de
- Fix bug introduced on June 5 that broke remember-backup-files.
-------------------------------------------------------------------
Tue Jun 24 17:35:09 CEST 2003 - agruen@suse.de
- smart-reject-file-format.diff: Work around a special case in
which patches are not terminated with a '^' in the internal
representation. The resulting error message was "internal error
in abort_hunk".
-------------------------------------------------------------------
Thu Jun 5 09:38:17 CEST 2003 - agruen@suse.de
- Temporary reject file logic: Ooops, now must only close the
temporary reject file after processing all patches, instead of
after each patch.
-------------------------------------------------------------------
Thu Jun 5 01:00:38 CEST 2003 - agruen@suse.de
- Upgrade to 2.5.9: Several fixes, obsoletes
rename-same-file.patch.
- Fix and adapt global-reject-file patch:
+ The global reject file included corrupted headers for each
rejected hunk, instead of one header for each file with
rejects.
+ Rename --global-reject to --global-reject-file.
+ Simplify temporary reject file logic.
+ Adapt to unified-reject-files patch (which has different
headers).
+ Add entry in man page.
- Fix a bug in smart-reject-file-format: Files that are created
are identified by `-0,0'; before the patch was generating
`-1,0' in reject files.
- Switch remember-backup-files.diff over to use gnulib's hash
tables instead of glibc's binary trees, requested from upstream
to ensure greater portability.
- Add /* SYM */ comment to #endif lines for patch -D SYM, too.
-------------------------------------------------------------------
Wed Apr 9 19:33:59 CEST 2003 - agruen@suse.de
- Fix another bug with hard links and backup file generation.
- Fix backup file generation if the same file appears in the
patch more than once.
-------------------------------------------------------------------
Wed Mar 26 14:00:55 CET 2003 - mmj@suse.de
- Update to 2.5.8:
+ Bugfixes
+ patch -D now outputs preprocessor lines without comments, as
required by POSIX 1003.1-2001
+ File names in context patches may now contain spaces, so long
as the context patch headers use a tab to separate the file name
from the time stamp
+ Perforce is now supported
+ Patch lines beginning with "#" are comments and are ignored
-------------------------------------------------------------------
Wed Jan 15 16:50:57 CET 2003 - agruen@suse.de
- Fix a bug with hardlinks (see rename-same-file.patch)
-------------------------------------------------------------------
Tue Sep 17 17:34:28 CEST 2002 - ro@suse.de
- removed bogus self-provides
-------------------------------------------------------------------
Wed Feb 6 12:05:34 CET 2002 - coolo@suse.de
- called suse_update_config
-------------------------------------------------------------------
Mon Jun 25 12:46:18 CEST 2001 - uli@suse.de
- added patch adding "--global-reject" option by ak@suse.de
- bzipped tarball
-------------------------------------------------------------------
Tue Mar 6 20:36:46 CET 2001 - bk@suse.de
- update to 2.5.4, added 2 patches from PLD and use buildroot
-------------------------------------------------------------------
Wed Nov 8 17:41:23 CET 2000 - uli@suse.de
- now builds with -D_GNU_SOURCE, should avoid miscompilation that
breaks LFS support
- added fix for offset output by Alessandro Rubini
- added fix and enhancement for --ifdef by Pete Buechler
-------------------------------------------------------------------
Sun Feb 27 20:16:11 CET 2000 - @suse.de
- added missing CFLAGS quotes.
-------------------------------------------------------------------
Sun Feb 27 19:07:58 CET 2000 - bk@suse.de
- added PPC fixes by Uli back again (-fsigned-char, CPPFLAGS)
-------------------------------------------------------------------
Fri Feb 25 17:44:41 CET 2000 - schwab@suse.de
- Specfile cleanup, get rid of Makefile.Linux
- /usr/man -> /usr/share/man
- Add group tag.
-------------------------------------------------------------------
Mon Sep 13 17:23:57 CEST 1999 - bs@suse.de
- ran old prepare_spec on spec file to switch to new prepare_spec.
-------------------------------------------------------------------
Wed Aug 18 12:13:35 MEST 1999 - uli@suse.de
- fixed for PPC (-fsigned-char, CPPFLAGS)
-------------------------------------------------------------------
Tue Mar 16 14:58:42 MET 1999 - ro@suse.de
- update to 2.5.3 using diff from jurix
-------------------------------------------------------------------
Wed Jan 13 15:45:28 MET 1999 - bs@suse.de
- applied patch from Egbert Eich (problems with non existing files fixed)
-------------------------------------------------------------------
Thu Nov 5 00:19:13 MET 1998 - ro@suse.de
- use libc's basename() for glibc

476
patch.keyring Normal file
View File

@ -0,0 +1,476 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBFTPFLYBEADBrxJPwnt2QgT37vlDu1pRSdhcyOlbzY5WTlizJO+VQxJ4VO35
wRmd1KAg7DmCHqZ5HZG301wqIET3ICifVFORIbDLX9HKUqgShmDSa5GV7hW5fe9f
9jOyQfNu4PqdqrzRk/tE6j3jMbp2uAe18cgNNFnlGfhZo+G8DbwoRE8/HGj8WKLg
rzdpSFMuQgUzein/dIbFzpuiqZlW4SfEX2Aj8k7vaLX0RSJ0hiZ8DUdY4+bThdU0
7fKzmtVuF+uMYHpWkgXoRi5FoPRckAM+0OOojcj3mrCi3piU1XvLEvBd6UHRQeD9
BYYVrNRPi5ci7EG6gOeLIuhANVCq/xTlrgsIEmGuQTrD9eGpyRMMZANrwYwms/db
G5RZ1G3PY8r0tNZaBEnZYtQVVfQDQPaBMRAQ4pi73SYBFvxRsEFE8Ce4UgXyLEN8
bL0fqVjOkUeRcTPo9YB/e/jYlrvm+n2+Ql3L/xcZXpuDZC/LlGYQ1ZtD2ikiGCyh
W3TTg33Zx0LB2Hg+/N7MhhkbOmFesQ8ASkfCgnub+FU7JZ4uA9u+mdH3D7CXtM44
qHdr/DgamhhvC+2inA1tsfoD/Cvy3qncd49J4nCJ2A+n1mRZOlWKC5DUXQoC1A6G
D5b7uCmliglUncHNKAtrgBGHYEkqX/puKMv5aYe64cNZmlLXEFD/mddtVwARAQAB
tCdBbmRyZWFzIEdydWVuYmFjaGVyIDxhZ3J1ZW5Aa2VybmVsLm9yZz6JAj4EEwEC
ACgCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJZ3j0mBQkG8FvuAAoJENW/
n+sDE2U6XiEP/0YXUDLSsBJnNkNk7F39JrNSbXiCvZt3F3T7Seef3ccdQRc8AAiX
6JgHrcksGz6kDLAe25mAomvPkCr26Q5QZlAxYNThcbFknItQXNENngYNGVSiBWhT
gVLacdjk/1Sl1zaIoxbU4Kn6dejIbfOPkS/9T8/K+ph/FPg7ESRkjv8pl8JE9A8/
SnVJcXJHUkptYxYezN6N/BiHKZ3a2gNIocadVSwX2eqlHnKcTNrAspKuGe+5CrYc
KDL4YhRYxo6iBLMIoXfvoxbdP1JcfxtNfyoLOjHpxPPYB/wG9GQ8kIuvk7ySz8iO
Gv+OCA2hfjus5FKj/NCej94gjf8hv/NykIb2GK3ALHDjcSLoY1eTnwo+bnB3FPCN
aYmZu5PXQXIkpdaeODrCFKc+jeVBXROsu4I38Cyfkr5+6pE8/0J6sLUWNrH86aNE
uLRbcGLVbr17FDKjTHR3nbl5rHeCO2A8GHuyziJH67wArrWLgT4BY3wylPZ2ZQdY
sDK6AZzlvwds2YZyPWniNU96ZnGsxcICcFaXABAhERv5I+QNRz4f7N+WdsNzfn93
u4jkXS506a8UWni2+Z3OerOVxgcRjgyR2pWi6fwS/7kSsONX9PRWYnW0aaz3oCzt
c8OuegpcrALIwouaPfz9IHHDpLLK5A7HIZ/HFnV6epNDkhFD4KG6JGD9iQIcBBAB
AgAGBQJUzxm7AAoJEMTJJ81dGzbX3WoP+wc6Pt9TN9GuFqarONUg/Z5u6YqY/twB
WkNImViKXOOe0iK0320jSi0TNZ1PkGz/2rfsb0T6PK0rJGlMhEPteuAhiKCcWcZW
72oKnb3jKr+kJOc049zpbwzi8V/bsCOBp5w8fhXKjZcHv5UbJ7K0wOw2sIphsgo4
nCkf8qXTvHwwJdE+jrnVckN7GeFwEpOthFP42NVYVuCCScXWnV3k6TEJclkuIQCl
BB8CqaE2ebBt2PiAS9pi89LmLUo1nfyzeBh5Ub1tbcGhsCDjd3VJ5IabDM8Tw3Vz
5I4CkAdx88c6jEbVzywvWpEFB7MVM61Rz9R68wMkhJYrKAdaGGPZxxntZ4XSk35Y
2Xza6RH5zFblsq4Pa9FJr70mFNy3g2mqLL6yB9fVCMnO2lqAlxRel+T8hjeFJZFL
aP/R4n8vchchk2r7G1chI6AK0wdcbXckAF9FRrrq9hdtGNrSx4NwI1w0TP0L5yMY
ZfaNism+76BlCuGaNnzZmhu6josd7/TXdDNb2tZDbmn5FQrQCf3NUG+ktPxlLxAa
xLjOWW7Ss9IGCQUktsM3jVC3rZA/BM1PDg0aKPLx+rhT3CIbVMF11PF9j9q8IC7B
XG7MgRVZ2QIM/ExvzuCa9HDCJ7/NfuioFKKUf016KSSzHeYQrjguvlQXum56dbe/
00TGRNI2IcYciQEcBBABAgAGBQJU03EiAAoJELZxV/OnDUU37e8H/0yDE7kr9J91
JEpvz80sPm61UNIrRoVpTZiC09Ze0vXKhJtpImLQlC8RwuEVWDnPEiV0HzTVeMkB
AgcEwI/8cEA9p1aWm3pVDt/Bv0EzDxvg9KFg3rwzVnXnlLdNahnNIShwJh3agxyf
4tUjgns1j+KePjFNEtTuSMIl3jjOBPlGgRc/VttUZgbmdSnBdXdIHzTDbgYU+Yza
B34bs7/P9Z2PqS58KeB8+Vy3b3LFsbbDuJYaA4Uz7G4MpYuzpzxFAULUlvG69PsZ
4JpQYWnb8eCN2v0kQop2QctbpikMQ+q3BZFUDWVJ82sfUDihJ5MTUHXQnCMPSv6l
ZyL6ogv907eIRQQQEQIABgUCVNNzfAAKCRDy4kX7QPBpQBjXAJ475XzF4+nFhxLO
bLxJLAxmnvvWqACWKuK9pCjE8iGIyQg1wR3NNm8GTIhGBBARAgAGBQJU03LIAAoJ
EPLiRftA8GlAQa8AnRJv6x5uCMn7hdqvFR6xoQR9uJXLAJ9svda5ILqx6P7NS3kr
kg9dCE/YuYkCHAQQAQIABgUCVNYZywAKCRCpwXbMf6x9VprbD/96k2BY8DJX6E0P
zwLnI1U32Un6G775wAlO0bvhquM9lFvd2YAkjQrOBOK/CTulcE9PGcIGB2vWBrHv
a1Q2M2PVRVzRDCK/fo8Lb4LMqNBcLOqOb+cTGxaM6SYKLOwRUdbH4XOeaqCwebs3
QYOCpnC0Ec8GwGi8sDJ4liDbkawJCbc+kV3J6XfDmDGrtXJoSKoAFwoeWA9FWk1V
uUFveXorSsTqXv+wpSRF4kGcx0T1s60aynmmZObtvcZnTZeAdS1SJRkK+nLXhKW2
N8W1ZDJ+9Eo06ope8WJAVrKbQJEn63hqf7wKytzWfbwOpG2eddbalVculuD7RZu0
gPKCzA21Vsgdh50rb595HFvwxxjzK03pWBpICQTOsf49j/aSqCfx0HIRZkOa34n8
oo9oFHhsYR4VdEgNnr6nBzGdckgyXoX8ONtCSQZtpteR0B90UgCbXjr8dQQBGbcS
x3serk+VxDCT6AkChfmb/eeQE2URbF0EAnQalJDeRMDgZ3yfER519nCuVkpDeJN8
wO7RqK/U0cl7w5e2PFumqUITCB9+gXpvOeCEWk85GwVX27mvLRAn31prHNt6G6RU
yeJLs6Br+RbVtGT1xAiM7n/9dyJYtoVtKKf13ON75eUANyDqa4aFGOP7vUbvTvs6
B43Erh9NvQM/55lb/9p+0lXbTSmh5IkCHAQQAQoABgUCVNN4tgAKCRD4wdZH0T2B
iYxQD/9DJfHB/XltetBYTbZJ1dA4wBNz0yt+ZQ0Wfw0kv8Zx9aiRMpPzMhzhImVJ
o4D/5OTLvPGy6shQscU1qk2TGbo0/yDFfkeSdrmfSKheaQAq2BJnukcX+VKgpSbF
zIZL+O6rwRZXpPVvoLccLf6dowqKYSJh+bXbKx/xrotnw9+wcvTtCtS4aeBtUssb
2yI5DH13Bu+nqzVLbuzERSv5Wpzs2IJLHu4DjuLT4y5hRtStvHcr9oLOiN3p0wUQ
px7r6T/CxDmwXbFMRxgt9GvUgjbDqyXbT24oUQHnxDcgRROTD0HEhS8us1K6iKji
on7CXRtsNM0VfPeiwb/Te93P4BM7rAQQ/542ZrFwmcrkQvtiEoatPGc5FQZqEGRj
E3bgaQnKLvtt+r4FTqMRWy7Z1uyII9Tr4/3tWxaD65l7CQU0gZEvxc2Kl9QxjcKr
lb3ZYTyaZVzAKz5MgNr/SqnLts9sBik5IXCqhvjGKFZZVIwOBgkkzQ9UxX6rRzO/
Gu/q6oBUe/bbCy+KT08suoXj+3FTCJphf7KJ94FOKW6KIuETFTIw5yrFYlK0B3zh
dSEELsLiansSE1YB5E7b3DeYhSHMgjaAIf5B4AKz+nk7o77N2G0rkF7pVMmFz/8l
oibEBLLY6V537XIm2O/s8/2XupRbho1UmFKpeHhG0qgGwp/9zYkCHAQQAQIABgUC
VNOa1gAKCRDK4N5uGv/I0qY/EACpUr3Bp6S6gcxdlWvVN58Z5BNo1K96xRGB8fPj
iig7O0IG43T1qK58i6T4t26v8jaAVkp6k34Hsf3e0t1zV/jPNvsRtBCVdCGZ/sIg
+UhCGxNXLmSuqTtS14sw8pVxarCfNC8i/yVRXh2IopUjF0SIF+gGbau9Bq8WZ6XN
RlPWhcPQor/KfOZXkJWVMSBDt/SaXYBqeNQtjOKBxeoX6chQOVNgRWHrG8vZNi5S
UwgnQnRnIXCiPkKc6CxGKNElVOdb61kQDRDd7lGfSIrCYPTdWAJB9rOL8YzfCPMA
JI9aDoVZ5NBAhjTwIuCcWqrEqbDkT9Qa/a3cx8D2WYmgik52ItViGeucmEJ0zNFN
Yau5IHZMi1HVI5zZF262KMLCC1vV562FvSRSzEqUL6+XGUonryVdKu67rUZysKAg
Lp1uhR5UFOsHkOIheIMUMwD2LoU3Xc3JNJg4hSraPdmLSkBbsRDaPnZn8DJW7hXs
qsPF4nQPdtTFDJkbj89nOfOsbPfyqXONZmqfNIO1l5U+vtLpN7YCW2buP8az+h4q
8Uy0S21TJBb9UHMuW4ZTgI1GGOBcNoJtIxFPZu0d2gK7LmUo6OaWiHAfFyj4mYFJ
gfUMAMYbzkxxdCT2vT2uICr9bCMFGQ9qTolpB/kt5Y/YEdcAXEmAyA73tcDRpzzi
ZenInYkCIAQSAQIACgUCVNuIZQMFATwACgkQXiyr6rJseFJClQ/9EgUj495wJa0h
MXPFcbJnBK8S789ig72mK8wS+BT1S+JDiMNV0JRYE3Qze5TPfRzwYU2FYf6VXMiZ
egaQFUFfx561S/FTJAveEi+0bbGqWc502i/+qOMdHG2sx/IoYwmzi4mJGbThuswy
OoOU/1jKGDO1vvY207XiQ/JZhY9DqeeLnRKxrMAOxyvZfFYn/Xgi4pMasbng7YQM
tEJiQ+aYhLWQeyMlLLgnY56B7vhaKw9EaRnaENhhMf+EZy9eT0tdPwRzDmLCW6Rl
D/a7Or2cZOlustS7l9lXzCIfQp8z/hXBu7s9H+JFr21TTdBSonNdhTvPMOD93Xrq
u6vN4kRfDS7QoEjUlnlS39eUibcMqs4q7fnXXAvlWAVTyV1XVodBUY5VulHvKTms
vn41mrQKDGwkNDGCouT/7Ewv3rIT7RqknDgJVVJG/I2GG/rQEN5jsgeuSBgxzTMX
zkkm6SZvpBYFOeXH5Zd1T9qUcdn77BKHEMLgciAiNlxugKR1DFDHdBXxqcIyelHZ
XIgXw/UGdYvPhCl5cV8ZiBkIrFFlb5xRcSRN2sxoM6j+LCekBGK14o4d8eeaGka8
xNbnFSNZ5sZhQiO+SycJywSiRAsiSEAv+5fThz/0vJXxgeczOdOGcg2NEphNTrOM
ICA6vT+7bVS7QXRdqNZGXaRdLy8Y4bWJARwEEAECAAYFAlTeE5EACgkQ14th09/3
ejs3wggAistXO299y9YBCP/uODLY0yWYsYV5VVz0jS7e46pEInLY8/uk14uJZlaH
wUJLQhS3HUU8Bay+lsY6npK1qDUbcU5W0CG/nRUvkO9+qG0q82AeBKt1RhJudlz9
B9ZLed/mQ0AXzogOQ4bx9s1PPRijkROs+6Xip4tSORefcrvuYNPq35kZtRc4qSLV
4MAwfmbeHBxJLd54bYn2E0hxSzkCIk7TFt0f3ZcTcHZsTfMnco/eZsLdwr6mPonj
e9AsKdEoSmYma2btsNU/Cud9px11Y4xFAsr0yVHVU1L22VPxMicRZdqsj5CiwFI5
pEM9b68ir5e3ulZjreZVH4WkvyvUBokCHAQQAQgABgUCVOysTgAKCRB/jVfCQM7I
CUd9D/49+FExRV0It+eb9stCsefcuhBVon90Ey8lvxq/ql3cKAELtsZZlIP5K+Vq
ZHkpp65D6cYWi9lo2SVwJTBOhWF1deNruVVEaTKHzTIoxCRteyhy+FWIm8mpZqTW
A3C8uWJXFt9ehKtLMRAcL5ZDCcIDpHLQfdBzW4AsPeWmpCZKBPx2YkY7BF+BHCzP
L5eEjBIpH3tJW/QQg5Yr2fv8j2n/pVGNAUKGfKrvvyRlRJiBXXPfhv3xiuLkTbjR
OAcpW1WrSrR43gEDw0laNV6u9PWC3RZxY+urZP0b0JgoXzkL2WzC4i12Cm/8jm0v
aiCHecaEHY+Nzl88p7yHI2Sy5wXvjqnDlYtbYEjdqJBP0HjDGznv1ZQufkOVmwxB
ONpBc83aPVaeAqAm+27y+kV+e23cSD8TGOkXQQqcFy2cD2r2KnBin5xcSKRV7S0L
VdElGDhX33f0ku53iCEYENsLKE/tRgdFbQkY1JHxjrVMSlMdzT0KhzdzuSRcgmig
JilwqXQctuQXK6SecswWsSB2WlAWY5aib+d0+ZPMI5aKMr0VJAWDm/EU3ZOnWli4
YTHMPjd2q+0P/vjGty9EyhxfYXOnfKefQsbCvQLkkpwQI0kx8LJrNvrm7Yl//z7k
0llgUVUG98SXpO7sH/sw5IgIFyVgIk3RLzZCZW/NsnjJAJ5954kCPgQTAQIAKAUC
VM8VNwIbAwUJA8JnAAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQ1b+f6wMT
ZTrf+g//Sridg69quv8Lb3vkP9yN8XrBs90SYDeEWAXB4u1SZJrMpM2wikW4PatI
ReN9C1NX7wEMbYl24+3erb1YdFHQiNfYkwS5ixJ0XpPoe5385h52kfKKY6Qq6iE6
wn6jSAoS/0Kb46uKAq4kewfFRP4UegTiVOMe388r3VlDYRSIe2rqXVtBDGz4hsIv
DWskh9wkCsvpGNh/Wo9ofwRiqEn1F4MFJcV0Ncjt4/ZUp15xV5RPfoSrIGsC3JDn
6XeSuRqcloIJrfu1+LIuQScb/EZNKvPjAUxGGRnBKMnzs4cxDtekZ6vKRS2XzHdr
ZkdK5XtAvQspyOjy7IJmTfzzhsJADUMd/mlOPUBiX29J/gsBCVK4GedNa1muXpub
8e/KmsyV9I/JncURe40d97JicEpeZG/KE/lnC8i8pkfDHhC7ifPp1BsayGprJLos
ou9yXTk4VZrrthcb3qwwja0U11C5gor+Sy91LBTu9rqSGlWzQHYqeBakk5ytoYVu
5l2p3USJu97o2pHN7imGPhn41S8HxCMy9cyRPZhJd25uzL5AKvpbKPiUE38HE6nj
W2rY4C6BLb2lzgaiI6h3Ldfz2ca8P3Hb+LTB1z6TK9Cs/mIuKJ6bWPfcHNH6h4dh
S7eFrQ9M4dJkmxt5W5pGS4NlIRcQwl0uNvqOT1CdTapkC/akR7y0KUFuZHJlYXMg
R3J1ZW5iYWNoZXIgPGFncnVlbmJhQHJlZGhhdC5jb20+iQI+BBMBAgAoAhsDBgsJ
CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCWd49KQUJBvBb7gAKCRDVv5/rAxNlOhW9
EACYBDZ5gVMO14vrg91Sox/5ENNzF/IItIh4cb0ZnM//a1Ry+HnwzWS0Vi4+nlPP
r+9Vi8CGIbtscw9zKeMMbvbifMGfW5GOND5/eW6NFYZ2Cyz19iWnPr0WNskmp7H1
pjtyY7nFoqshKp51s2GyaoAVSBb/xRjRBLTfLoZwIk6dOWg7//JuYIBos5M+4G/v
PlF6VmbxvziqygF1M4U+iOT5gCJFewQALcjgQmkEr6KWa+ZGgWUVnrFJVAV1bW3C
JFocewh0LIrpyfp5EVOOLTfNh1DZVYCsYAm40r0o4wRwPrw0lc/xf0S1ckYWuVYE
6pDB2OYKqaneNZYQIa/iPohExGl5r7ieSaOKatJ+4R+NEapO2b1gNyRDobM6+exZ
8YIjImrBby+c0msjF5sPSOK3hDzCr7SkVu5XRJS5n6eQ8CZi2QewjS96KYhiamPR
oijYfz/S0QUgpYQkZLKuTZUiWpvuaY48Q25tBEp/Kyo1hCviW5MgAwpHgepcpfOl
WNqO6DHtEPbIwGcU1GzfI21mornVO63jUVMwx+mpmDxiXfB+pE1ka8QOfj99IvjF
RScg15Smu5WOn1GDj3uEsB4TLJsal87eRRnIa7ATgv3nomNQ2pVFRSx45aPtQliJ
jC3npSINwu5k6rYvsAFcS0Ux1EIYN+DnM9yFZjE1NdOFW4kCHAQQAQIABgUCVM8Z
uwAKCRDEySfNXRs2128iEAC/ugMv2SkDLBnkCcUq9yeiZmx8KsVygu4+SucA6WIr
TsTqIEmvGF+an1fmAk0KQ5i1oGMW8mntICuYDN7EBInzIYFdDwK97fJ9gwyPandh
1BHP9serLaAcdsCXn2jyhIOmlUZsiPq57JK1JqYTWAo0ExMI9CGWWIu7oD9FSr4Q
5QJuFd9dE/Lb/rB3Cu0sG16PtHSUyc462sxVc/lHuSJh+2Gn3RiqgXnPXrNAAuk/
W6+I2hblvwsZ/nFkKznzzyUIy5Vl96B6OzCYW1RWcYPutM4+2qiRydZDzc9Xx4kO
NTQCjispzqNTnD/xRF3rWukMW0WOgFdxNznQrS0ECBw8LHhZOjTIi7C+gLmMKnnR
CGTgkYevBJ2xky4Lx9zatAj8d+2FtUr9Ydho7gSrRz3QPxKHalwSU76s1o13z0b1
qP5hm/tqDoo33I0DWePXB8uAG1EnA0/1e90O8t6VZiXSA6aeGh4tkW9A93P4htDc
NwFRc1KbRzEXmGPCqixy9xecyKjwVhpziSJ/LLxsc1oFmYeHyus8DpkTI3porfow
WgJq/8GFkhFsd+SQjAmIdx5YTVD8i+TqeqJjJM08fKB7+uy7fNpsibX4XOog7TBc
fW9csY8Y841O9apLuv82HMxp6CcGemSRJ0iX1CnZJcXM0XWvUZfc+bjaqS0s4QzZ
oIkBHAQQAQIABgUCVNNxJQAKCRC2cVfzpw1FN6F7B/0W4nWHTwhBUhAZH/oEy6bm
zAEy3qmodDMHgR0oZKl313dUtlCHlKncbIunybTT7m3gDMbIioxdWjI1zrnk+TXr
AbfFT24WL+UQqUhZddXTOXEuOUOU16A97V/w7oxoqr+JptRtKZ55N6rbcMF8/0wg
41jwTGqKUmjcAXztCvtt/2+i5wlh8IIAZwlfQzuHshLzyFjOL8Rm0qkt0kRT8a90
mUKtQBBGfD7yDRuSi93zLfb/eZ77QwhVxaFwSAPQPwIxUVZz7V5h1j9jyiccceCT
ploc2bpD/2Qoj+Xj4B9g3muQL9Kl2NvFXjNK6yukoBMGR1ScxVerD+CJVZ1mDzno
iEYEEBECAAYFAlTTc3wACgkQ8uJF+0DwaUDCGwCglsTbGVZFnplq2E3LoqvKfR4R
4Y4AniFA3W2fO2wU1YUqFbT4hRwelGPGiQIcBBIBAgAGBQJU1Q4oAAoJEGC8u09c
1/nv7EEQAJuGP+93XVRH8xmYYm2ErHzX4I7dc3q+ETtIjyJKNDkT5kzg1EZjmVx+
IyOvAlwlhP3ARuawGL5iClthwfFgCX+ubsWjzBy4mYt+0XVI0eXJlpfLH86ptoao
F+WX8iPoHiNvBuflGq+stso9JRr3dWcuMaJW2em/7Ugrpq7DUbdINX7nwnRg/Ull
zZUDbq/CGvZe5HFRACGfd3qs+uQQQ4ZOwf/Sho3tGHGwk4t200x7zDcSkWGfgyiO
bFfGz+SHNT3OMgLg9ceNKnnxrBbfm9dpifZF4e18svxDKrXTLAXITHzdt3+V08vr
V+N9fnk4eWyWKTUfo6ZKLK7u1YGls3nTN8TdjLnjwmKjGemPyC9kIlN5bfiO9+qr
Zg8K2tTPtFHEjocekoF7N2UDtLL+S+XY6dn0/V8vB8UVvSMweQre/SI24fucZDYj
7BmqOIhH/chQAOjmShO3l3gLOn9YUxWN8Vw6U+mXqVO70qMgVg0pDv5DLkJuIqpo
ypgCK9Swb0lE4hgIbkuWjQHdrW3+bNKY4s40KS0N6RcHUrp3qILnraCUwEFCJovT
/3V19yGFJU3lwIzEwx4468CNvjUP70tqX1RFk9gqSZnmWlmE0VggVkUYJgTNhsak
g7kfNITjXWKbULgUetnoU+kaxtfEsNVEWmK6E3HE5SxDhQGRoGrPiQIcBBABAgAG
BQJU1hnQAAoJEKnBdsx/rH1WNv0P/Rtw7WT0eK+Af913/RRayGviNZyhc6lZBzwy
VmcccYcumzi5dnPjjHKp4qPAxE/CrOnH4fOSXdAZChlanAZaVqvsIGmf4Pbe++xY
r0zcGx+oU07Xgj2oV5ahg7fvexigpDUWDqrWrsO0aaREVzXpXELCwYkn4iZuaDxU
kWFtQp/zE6vtK1ujSBxSUSrP/kEmoQQtirqU/2FsvwckZrpfoxCQhK3evostrb/K
Q/FdPSUVFek4o9Gq9W7zpVXlmKpbB6dgNt3tyyenF3KE/CmVS2df5RN+RGxLAG7V
RSSuS9+Of87KdKc3YDzc5uVI1kRjqCHPXBpYFQxJlM1PcLMtcuLOMINcVMg7Fcc5
r9Dl7vvk5OgZrDY/dhbj5qmM4EEtlEE/FuTv6HmQkkGsWDW2UhAW6gby6gDQPESG
hVayRHUCovx9nEjwAg3uNEHIRRjmz2p8qxteKFmGHtrkFwbY4DHMstWimWQqNvNn
jQcVZ6TdwpRU19pEaBz6TZMFUuK4LoFM0fmbTTED8sfhslPOIasW6ycnfgOL51rH
yBk3W+8fptjJU+GBMG4aIWPzVeSifk5iC5yvM5sA7ntJk1zjLhdnPyAtw5GfiSoX
DnwpIXXUKOJCPtEyLo5c+mAXZjIOac30qxy4oUM3lw1QGNV1+VDhO1Gx0HQblh7s
df6YB3LxiQIcBBABCgAGBQJU03i2AAoJEPjB1kfRPYGJqWsP/jMJq1PHJYVvtzNB
jCBy8xzuVGsLfX24YlYIcarXgYYd6B/qLryvYo+Xwicy/FvmYCAinqMchnXB/cUq
MLqP9llKPY3A1S+ZCFYTEDTWN/tXaDz2yOAXQKwAmkLfW1YuDmnTEGc5R9cJzYQp
Cd5A0ZUiZEjsRyyGgjueZIFSaDAUqJBXG+QZ9wJflTjNp603hFZ8Q6sxcZF7xW77
Lh8tBrwD2Sxd79BpGFGo58b1xFEiHxgmCyPPyMG+O78skmUiXrzsy3BV3axNlabR
hviAq4QpCZmALHOudG1hFRJipLWLz9PKyGZV1o6WY4mMyX1CoIfYDXS4v1995NMS
yh1Z6MjwgwI1EF+/BDda0uuQK2fzbYuOq2H/8xjTV4VXVnpc9BhSIStWSJirLbcn
cS9REpeYzCerGzUjJo3HQG3eX++RbILrZnG18mk+GbN2yiRAyAs2PeK64NMmO0H5
+t26Sp+fHcpdinaLyTGeoyMmjB9EICH8ovUXLze/w+kJFB4C78klTQyFCy0FtQeS
UyBBeZdNB26rR7xMekVLcnfuxfolET+Bpx1thvlQcBIhfL6zmMXxaNrdCRcm6T/a
Eufl1+rfk4MIRzLKUAm0Tx8Hfk2rkf95AIDqE+rG0gwueFyk3a9DNNzKfO1TFqzI
vburgoFo0JnDxiWE2rec7F1FFilMiQIcBBABAgAGBQJU05rWAAoJEMrg3m4a/8jS
XwAP/1nZlnPeR+3Mx19HKfdH0+X3SgX7N9RS0BxqmeB+MbXtXTh7evxgAHa6jslE
a4YSLgwMwI9WWymNIt9I8VAcEIwRhpXIJM8TAh0VkSCzzFeRLy1ITZChILfYoQdR
TxNsgHUFRGMWUS6lLkPUxA/wkA58llMV+4Jk3decD3OPzX9GhdNtLLvCCNyVzaa0
oRhHhKeFaV5lmHFFfzZJ9Qbu+4hlYEn++h1PysihrA18et+6VyW05e9EUp7xN5o+
LmkoSCCMHPogKIdI25KPo72aqk1WtqWEHsPrvrU7jNDdfy+jtX4/yZ9ftpRZ1KGg
SqrBRz9fH+nPqr/tdwlKZ3JDsH7xWXDuuLtr68C9pXZMHTc7ty1zdqWuNzvFJOKI
YG69KuHhVmTHiPgApE0fgg5iArEJRLKRf6cLKu5tiJbw0ar/4V1MIniWoglJghje
3dHJ9zN4h6bv2wf6GYPHN7j2t+6ImjWtOfArODF3gU5P6KG6QHAK1PTDuM9L/2J7
SdBRzBG0Bh7Mos2h/7urnGaoUlM0Ffwq7Y0DzZFFZX+fCy9b8ylC3JNvAAZScwR6
QNU/LRm1Z0+52FgKCe/IMwn8/q/xYMSn6E4qqj2eHbRZWFTmL7gijT+pzqhTQDmo
mJ07lCIEYX90JYdXZ7TQripYIDRUHxAObsnjLguPLTRfePuoiQIgBBIBAgAKBQJU
24hlAwUBPAAKCRBeLKvqsmx4Uih0EACMPUwUwjfQ/ZYA2Qrc+xE2wnbDl1n+82YT
bLU+fqnbWej2tyTWIsIuJGoQCImt05FOrPnIqqQjblH3L7vsM03PuQCf40ql3kk8
tLCjEYdvAJRbGqYkYBELu11PG4JyvIpUdUtkMxrwY2YXVvb05SIE/jCaQFQ+ctSB
FTHciHnD5Asyy2dIEvBW34m7tEHaxMuQjSiaxh+LxUcRI+nboVEt+tMKX7yR0aKX
yUoKFWaCHHhrr0KJ9szgTdJ3EXjqgc0yzcxSU7OC+CfL8jNtilcmGLuVsC9sjkQe
WJa2LPHSk+2GqAcwmJqAP5G1vhbvU+4cI3gyTI/QPkqqJ/2IOXGSD10bvS/EGRSR
MJ9VYlmQDGlncKPxV66wiVTxcBNLqJJJWDvaAIFMF/kAAs7t86AoFCW5LMeUh+HH
gcaRNlXfd8qfyiZyDDZkVZptujSWdntcEiH3SSDcHo1+zyRC5HkeJZzQ2KWCzXsI
EvGEcTEgJ6M5YCqR4YtaGT/6EVEV3Uc2uAIEFJmBG+rgX6GUR6N1bNuv/pBk2rPP
Ex2CNEQCr1hdHu5G9WRGkXC1uTUwXENBEK6nWBmY0BzFT6lpRvfNeYEpyyNGc5YW
NFXNgB7hBMIDUslBKBZTXSdczPg1x6URyMj2qkCBHktg8o9rUzkNlKGetE4/2x/m
xhNu+7vVBIkBHAQQAQIABgUCVN4TkQAKCRDXi2HT3/d6O386B/9djCuEaXGP10no
2GPLlMzuDVEfBJXtu28lJrYpYETwYZVjAFzSGlq5/hm3Fo5I3ySLcbikZQZFTXjZ
dp/bn0IIaAfzS1bCA0TK7lvrvFI7X7xf0hB5bOZwpDhYtzveVFC/m+YZoM5ooQvO
1WxZc+Ktfcn/p4sBHoJLR+AF5uErHquPj3wuAoZWhlmigQEAMN8oIden7DAqoKlk
Gwdvq15AMb1zA7t7z/BUEFPrqYgbuXdxhtqbOaGCojbniQjlheK3Y3fBRStLzyUf
bJygFLWNMhb0fQPmORTr0HKfHh0mmyBF+hqbmEgCMrq0ISDU/4AKbB6NTLlRKloZ
+l5DSyyPiQIcBBABCAAGBQJU7KxOAAoJEH+NV8JAzsgJe/kQALDJ/Pz6Tst46eTA
Y0WniZgIDgxGlMxLT5ip5DquZ1CQKoBvP0b1XVpM4Uk9DdqUK0Rw0+YSu7Smcsx6
biAmAgzA27jTYV00NC/rmMy5RTBbe+g/rBwsV+F9UuEf55GJYFQiJkobR7N2MUYS
P3hGParqQ5byhOsYzPrQnJuq1ePgXkvd0XHjyOda0Os/WfkQyXsGNypDG3NBuCJ4
Gh0M6TMQA9LnkUWRUQWfs5m0J24KBGdhi9mgHZJAR+VSoxRXrw8eC4/QL33HbrWN
QMWNw89ZGw0s5ReWqHWSyMZwC0urvXeDS8c3Oj8ZOPJ6GCzs3IDQF2Yx3i2hdhri
4JjG1tIIj7l7OD0w8jXlLZMFJUUkiYfGlrv+ZYziS7ApAZsu/bHXTcNfWWtRmouE
kQxg9aWxXSC692Wjx20aic/dfZ+quNRmxRiLBfTbqBGHfuPnXyv56dtgKq2Ye/0O
ZQPkUscLEfkJqVShk2rm1CEkugsBMV03yUDoYKx08eTWk7uYoSNKtt0lKgOpjDdE
NarG8fAZWPg4E9ScGnrBkOaBnSY7LSavCb8U1eL87zyHcB4vVEpsA5UamJO66b9Z
/6SFAw6Pkx0b8CZgPHJU+L324eOnn3EmP/mWDneux3ofzjR0KpuZDnJr9amAaJhl
JX/UOoKfp6DXyQS9ORcOdaY8j/VAiQI+BBMBAgAoBQJUzxS2AhsDBQkDwmcABgsJ
CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRDVv5/rAxNlOkRTD/46jnPeXkIAj074
L3lf4rqCn9plpxBS1IZzw0DX0nxB1N46DsFC57eVsXxu3QOnUVYFQx0eHfddkZFG
ex3MuJkQ2Cv+XpbFyOnllx5R5KgZlRfkooGK4rixk9vd5nqnFsJMNZAqVwXVpgKJ
hXPy82xJsjMaeOFd5HxkxdLVqqKdjwRz9r0EczU+YUcIcYfNshjW9aptqyEF577N
13VNrV1TMLBfb+ysUmBSA0R6djhoJNcWKFOKJeUoiATyJKRmUJaOl8HQcHTmSqsZ
P0jxzBBMGXhuoVSGqaRtYOc2Zv7w7GgJVyla6YoTbX5TzZz6u/8Q+WnzoDc5xA0k
VVFSG1Qb5+zH6rKSwk6xkVD4TKUokz3aKXlPF25ZZLIe6qwMq1C9V5xjnMc1Js+j
0PRBbgvOLVxqII7L0sDUuSHzxpuxUwKwvYHBxE06N7VNBy6sdYO5Qb7fsXK3IXlB
N8qGL7452pnb8j+Rze3wPO6iU3/EV5yTe3NnDBYacQqHWlCGa8VS9UlCxezskg5S
90pPFXhDmc5GfFQP7sAVe3PbtIqBx7k0LnNUHgEV6gyQfrJuLOkIzMivZ1MLRlL+
H7ityv/w8h3PhFpdu2aoIAMH117TVeMOyJCEg+BMc1IP6HKT2kHokXDcHLY1Q9Lq
j93BCCkcJQaZAfnjECY6iU9KgbEv9rQzQW5kcmVhcyBHcnVlbmJhY2hlciA8YW5k
cmVhcy5ncnVlbmJhY2hlckBnbWFpbC5jb20+iQI+BBMBAgAoAhsDBgsJCAcDAgYV
CAIJCgsEFgIDAQIeAQIXgAUCWd49KQUJBvBb7gAKCRDVv5/rAxNlOgByEACSPrPT
zTRIc6rOFlHphzxEk595vWrgfDxCBP7GTM6WdpbAhdtlItHUmYk1l8CLKJD1dDUf
xCUMz2roVVkN/KRLqQNE1eVPNFENMsRPwC8o2tztxewZZrwavFQburhn6H/gz9QN
6e8qaQwdhYA/FlGvi3+wYeQm5XdVHLLbHFsuQwknKYoKW2TMLfBiFxhw5EZNbROc
+4OB4nlT0iGGieq8Xgl1OeTmF8Zv0mOykSYOe2VEupihtRezhRFwLi/opCToqHjm
tfCut2PQTLVop1K4ONTbqTEbb+2PpXX7o8vRJFm3nuhZku+KYDwDEZg9PiEMGpDB
k8tbhz+7oaw9CpPjtqv0t+qnl/ouc4V25n5BY/LJejCaMOwZGrQhUMJ+6MvBivmt
IUmvBWMeaERn50raqf0cWURD6sjVFjWcPbMA5kSPRWcGKiOYm0n4VwqUvKZcJNtK
PzwwTv2Xll5eXJOEYxHLJaCIJntJkmyqs3ug7cL2FYJuSv9ZrXZogv6Y9p5j1cs6
1NIRvSLgqyP6NbzU8ljsZOs+Nfxes7oOUkoEMPIU2iznXfV4gC0gm4aN/letfepj
eOZe1Ofh2vWqXBcpoYEKDCPoS18XDdsmcw/04jdQ5uU/zA5CuiCyrVUjAMh/oaoa
9vPXUDArbqcf4dMfEZFwU+JPtx2+1VRJ/CJaR4kCHAQQAQIABgUCVM8ZuwAKCRDE
ySfNXRs21481EACdJPqf6glkX6azhM05SUAVwoEkCA2EpGzJePnZqKhUNE8bcHWW
xot0l7N/Z7lLqEzoX2839jEahP3wvZdSy8IrFpJ24qXX+L501p2ZBQbsHxXCjpqq
HI9UNBLmoN/BNpgqHEf6TeWJ4TQaVpEMcnEboxO+XPGlZJz6u3GqqQoz+GqOsL5K
NukihhzEFOtBf4fOSkwzghjJTe6JCMBQnpVhG3/0n6EH3W9/zFtmXKaFLIYau6kf
ihzi0sj4Kz4j9ho7fjTFKjoD59uAwEacGitytclSBDvEl6fUEwdPsLB//LXaiqQ1
isFOGaKpVZm+EuOcrkBS5mtTYZ8AVsRzX3FJl30ACaag6fyZlCJ9pxZeotNxkiCc
r/4+rzZCBBzhVUaWPybJcgyFE4Y88ByrMrCYRiOXPSuUiBC9SEG/H/srk9fsxqfB
KNitqrFYCt0bg04e5mEHOtWHh7oCTaqjYWHN3RZU+ROK/aQUR/c21sGWbngAwjbv
7AZp16uvekWpI9/B4iQKOnyX/mTd0DBFj7L5FxnYl70IhnlZdGptO8bKFObEh6Ey
jCYvcbsIgBVvjWF2Lo55KcBRc5MgenP8h9ppzTeHnW7YqVsgQJ7N26MFRFeBT3vw
O39/i5Wx6HE+jZ0OKUDRvjlSor5EdYTlnm7u+UN4phdsSU0OFBGMEkWuI4kBHAQQ
AQIABgUCVNNxJQAKCRC2cVfzpw1FN8yzCACOHsVbUJhbdWA1Ya9mluTehyIlxQlP
URcMSUtgBoDZgDv4wVGqD/QFQ1ScuE1/Eq2bLfHNy1yGDXVGYkE/QjQ8CEUjUc8+
vnSLm29VfaeB8DxOrHhaqzwuf1XZy5Oc/s+6gUrqfn7fe72apU/Rx0/qHBAzZIl1
t4QCM0hzEKYONlpVYAZVoXBKY6SSZubUWRehUAhN3RnChwMxDA9MPNXqu5m9FjNY
WV5qQwqbn3dT5P8vd7bh461ZVkAs50NfVx31wlNd1369g3BZkcg7dw1yfa6BzpdT
Ln49yjyd9PVpIfxK+MSo/q6fOMqB5RDpXB8/HzfO1S58AO8pMsqy0sIOiEYEEBEC
AAYFAlTTc3wACgkQ8uJF+0DwaUBSlgCgkyvYlDGX2klLWUykqBb74aiU1MsAnRKi
Qsl9Iq7wlgJiuom+VavQK55/iQIcBBABAgAGBQJU1hnQAAoJEKnBdsx/rH1WNBUQ
ALeo4BYHvwshaUoB+KE6k6lkEeiUZ4BxJOgNdUv3nHAvdxCYpEQmiaEQzViwe+8A
bEqDxMjAYteQDNQUZuODhSQYh1SKF6i4xh61mN1RKOtAUqk8xjbvKnN1uc2EoCZc
vHyP0O9xQl/M1QJX3Wj98Hx/wo9tSFgdyIfFLl1AR4XKHc5qE9F+9guIfXwKlFth
m8ir6MK2rafmYcVNBkj6p7h2OZT6NyQdGqWCdhR7yIkENTUms40sulXKPEmhwIux
T86cjZXg6+e3vvA2xdkoILHSHzO3j8DCMTnEaVten53grDKFwsSSMWjrMeuSz/4X
Qxb733LYTNXykMeyTonGGqiDKueJwfTCbaHm4Tx6zn1V9+5kAZaTVsJuHH8nGKzd
gE98sqUBz//nj112aOAH9LYjRieZ1u7mCzVvOUCX1lf2ZNniaRn6S60pYqW9BXs1
LrfeNcE6qcd0146z9JAiWFq1DlXk9/D5uIvGFLoV9tRtPnKchC/UU/IjUO0moWOj
jrldwFmXHpjaNCxe3oGcKctLY9pFdEfzV210JQpyvkTjSpAqmyjnOcq8SVlRHazf
wCl9VvTxFydD//Z6DfFLMQxG1dqZl5fd0+o0H1acbfsaRGBo98KuM6rDUxIBG+/q
8ZXLPvVA5IBu3xF80MsRanQbcfIvVG10Pm4Lzn9+arQJiQIcBBABCgAGBQJU03i2
AAoJEPjB1kfRPYGJR0QQAIFN5+oRf90ZfjUMST/uFdrBou2qRzeKS2GAjqIJWRFW
01WpBVYfXnLPfZ10LnAMKsmHAF4WVE5EaAoODttdVO3aV9GJheGpOQ8CjprPDq2i
aNO/ljSU4N7EQ3dxUpLtSedIz4KF0vV3HylqxOUvaXT2PDe/U6KgUgo9HBTvOGkQ
s1S84FbNCx8HbruWd0xt75CtdDoHtJRDKznZmsT5eSmbDMHMssQeVX/6w3fxkk9r
FXIPFWOChLhk6jbyYTYw2u9ompy0qo/uaWoewQdjivY8GdoxINapDjz0MmX7CeKL
nivmkDGu2dyPc/jVCgtduUfKlnXPogKJki2n8xmK6ZpUlB1wQRKA/+SmO/QTIBa6
ZfOJj+NNOaCBcBTZ2fxNy63r8Ggo0jxjMFLROaHe0k5Xqv6Wjml+TbzEE7KgAGDi
CTouY0mYU2tXmv3JnFscNHcWIiQo980na+qm2Mv24yl2BlhdTRybmPfCGXQZ0bGL
xIT+oPpnOb86P24M8SY0b2eIAxSAmfF0xIP2Rq0xgeusDqjIN7LsSdvTSJo3ZSY3
1jmn2U4yWXpZ6ln+qkJ2bEN7DbDKZEQISimjImZJfb6RpWwZczIMhoplM4kMiiu8
QI0y2kDLV42zlkgHLuW7l1jujFquBV660vpt4hmPb1P3+9TvIUKnbyICdf2zinbY
iQIcBBABAgAGBQJU05rWAAoJEMrg3m4a/8jSEvoP/i+/JKS1Tqqenrm4EQrsV1c+
ltAui01Ua5zNh8ISe6E7l5+SQLu8pC6gKfjgu3vtxNSlc2FRlNIycXJDt8vNoQIA
BVcBbsD+qDbj+eReVYVbJsFcUHwsP1BGYrWFmoEktYLuWRGj2kiUjc0IclE7OxF6
eT0+EXjeMmrH9IC4SxZ9J9OiY5Rnr80rmY6/sZ2hkMyQL8nxrlwH1TIMXMvEoudQ
rCT80UaITk3OoSz4pPq5H3jGyd+LHpeXjCTbJxOEb0UwmgFPvXhY8+4JP4ggd8vp
i61ELYdnfXd40KopOT0JMRRBvmg61pKUpxvf7uoTmCT9rL/5f1kvA+qMpauy8Qxu
5PL8UN99xYYdB0Na79mIttXwAdOlKiomud1JJutvmMoBEewIJPjW0LuUEL0Z79Ra
0ml/tZ2gygu/34tms04fFFuPmMruyOm4TtVfJB3LTT4EpAAnICXkZbc+Ct+DYVCj
4JzuZi4G4YMskbNG4WZn+mEXnNDLqqSaScIQl6/rZU2ha33DuOEBC/CYZhBqCz3i
MqLiWveUOHuinDVE+odAK+IfAKrDjfBAXv41eNsRiRrHeVKV04y62n81bAtW9mfc
3CbgOCKFp5wRZu0pZyU3uKPUdbEo/r9ovKuRmE0MtiZh0wgUtYGmWKptfO6a3V/o
+11V0cDeQIQbaKTDjhiViQIgBBIBAgAKBQJU24hlAwUBPAAKCRBeLKvqsmx4Uid/
D/4yKO4MNpgNZIGKiHT9Q9UNuLYMoCdSl0FV5VcQyAjwzfcJ7AAcFin8w5TaX7PU
viblZrkkS1UKf31SM4GPvNl7I9LaYbNm4f1hwaQyJ8YpmJy9hOw16PMG5BmitdqQ
fer0cAgdW8abcOwft+ka5e0wHT8+qc2Q30astjbs+FCvxBu8bgzfvkiomjWH/CIS
tPLN7IVi/0uBT8a0qPYmcTD8fi7ElISXV4DtQmgKGDsvKBj6bvzoCCjr846qdT1g
z6ZF/VEu5Gc4o2gWT2n2JMS7MWxLuux2Oebgmx78RaJ1OkuBOunLwjtQj1kj1oPL
22w/eeIquesnrNL7yeYVtVcE5WVLMM5JiMFUqEz35mvPndMcevP6moOIr3vhySyj
gZhZt7kmbSw1WGcBIlYoOiPiNo+znPMqcNhFh3C1CRecup0m5X6adCCui/zsSIzR
mhpbVbN9YY9b8CoqK9FCw4mughIxWfh4+Zm0opr0TT7XinqCRSgdqGDijfAwPNk6
/ZL1Jatlr41zGimRaqMId0M8sxbTgFaWAtlkVYHEgwrs7QaYgZ4/tFaGzbVmkCm+
OMavfcOn4d3Bz34obhUpJHq+XpnyP6fPvaZ+e6u1UWnR5sRomtJRtUncLo7ZZiIL
yBP5idB1l+I8ReSiyZyyOuVRHcWKRi3DB6b3I8cjbrgq5YkBHAQQAQIABgUCVN4T
kQAKCRDXi2HT3/d6O2rJB/4yHVaX0maGVblkt74bTKgHBOA9VuGWr78bJvVnOho5
wRacXEca9te9ofM32JtL7c3rNiNHvRuyutu4pFKqvQ7lrzQCWdLG7zlW4gNcJg3A
R4Sz35S35bwnc46aiFbFvo+J3IWHXXxsmgQ5eICGGqT8Yp7nFwOFruc6308j/nRv
fbgbNHlbHhxb+VlwmskNBCaDZ34eOvfl0V4GdItXaw0IOLOLeVNbSCCspI9kI8mH
lqnWCRxvDpb14UZHC1O2/VBmsQoc+7ZyizD0HpH9M4aPqiFBb5EtOunZYyda150F
1aAiM1YF32hZJA8XRszC1ttqCEr+K47PWZvPcZPgwSxJiQIcBBABCAAGBQJU7KxO
AAoJEH+NV8JAzsgJ1Y4P+wRFI8J0nO/dK9r6UvT9o8M51CfMOYd4q2gkSGbwtstJ
dg+4Nk902sEPfIgh8vVf6bvCd0XON3r4q+44KeL58wCAzgw28jGphYb/fEupka+0
nqYtJ6kArCSMNT4QN8txN4kyzMp8dMsqDABS0m3WgpYuGqO7BeQY/jVuF/ZIB9tp
SpUBICvRxSuJOZA4BzY3geqY2I4xY5VuqNYjg8dtLUW4rizZWQGZVdmXvviou9uZ
8IOZALjYYaN09PfxDOdvE2rveyTvp+Rs5TkMJ0Pl9gfU//v5AqMO5ABzV62g0VDc
+xpYDsBVFQWy1vZ3aJGLeafvPttXJwQHPIs4mKFePct7Stlmgf7xS4dP18Cl8fnY
yiToH/prkTrfJLXgAmala4mr5y6SvfTxOGkYQ/o8TQaH/mBIIQfpi+l1SzhqwNKo
1bjGFCd0G8oktMa2HEmpEfSaa+Ydd0Rs2V7/u3QobE1KMyT3QTJpYHGyePqdtybR
Q0YWJI/OBDT0ttRjPNBizvlZR99ddMs4dWensmd/hzdZZryxUwvpFzT8gtdnNxE9
Mf2NHYrXRQie0mjDVSNWzgvpEFatzja2rt3lYikWXi3tIv20r/E7RopRCMzqivB9
JzE5ZTFshx4S43QKASTLYqN+dGEsRwcTjrpOlgKsfkZHcZj1yOf6PKJpun523bjj
iQI+BBMBAgAoBQJUzxUMAhsDBQkDwmcABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIX
gAAKCRDVv5/rAxNlOonCEADBgoFsIA+x0mp/sEPWqQiIs5Q482HHmO+XFOgLC6gV
W5wSU345uSLATHfGJA1idH9h9qtQALKE2A7YyzVqqBNi0DzrR+fr0jHfyUadZOqm
R5MHSuGeGhu+x7nQh5i6OsxYMIVSU71tMNlTfyVGWtRgfV5siTLVCAjhpJ0e8Jim
6225mPXL767Q0WyboC5CIohqrQOifubD5qmsPDsY+y8vgLWzDjjF/pgHA4YIfFjM
VOBNJWS4z0h8bqScbURM9A84bznctst+3y1QoIIVQc7GIP9mGIqbYGZ1t4TWuyd9
RkaBi3pafkbgCgDR/LaHCKHPJkda9JsOs0UCN3LNG36KrAWWazksdWC5H7oXdHss
CpvJoUSW0mPmblCZHQUx2gp1WNE3UnwJbrmOdKogQaZzVLnNLPT4xFU1xF3dVUg9
7g6/KHs/Eb1B8xoiD0T67iSa9LzRyuos6Kuerx1u7SrDGIBl0ViwV2erB9dC+hsL
ZKmE8A/lHyM3r6NSzQXtAbXKVdp1iC2LlqWKUxCOa/KgrGK5yvGVRQsuaMEPGUhw
+SZaffut/bHX/P6U1U61+Z4WsXQ1gHtJ/Pa9U+GfLolUzb7SamqHilaCGU5KBsvm
jGxv412Vc7njAXRAwycFyOViDBpQAajF/YQ6O37UzMdY1pLMlWIkL+3R1vtJ1kRc
hLQkQW5kcmVhcyBHcnVlbmJhY2hlciA8YWdydWVuQGdudS5vcmc+iQI+BBMBAgAo
AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCWd49KgUJBvBb7gAKCRDVv5/r
AxNlOlSTD/9S0jeevyMV2e0t7lJwKZK26EqMvJZiuwJXyZ6AGm/uvGq83eJRC5MA
dcCK99l4C6vnkMPYYaZptl6Ov0hrKyEm1smm8wgDx3egLWmXSAYqdxuzQ95/ZOfW
Nw+sNPjWJ7EUQ6XGljGnDpbm620Yizp5+XfkZQM3GGMBvQ/m3PjEBctvrOzUpvRy
r2WB4aOybZpSReqZsIESWpbfrYUSwNd1wo7QMrB6AOFn6c36jdTyrmXd9TTUB19s
VmJK6udk+ZtUxHv5PkSI4Woq2+Kgfy6KF7vSDpRJ2p39CINrXPghL4fphJ3+H2xw
REAQyotUZm7prLhroCS4sO0W6AbYOnir2pc7lddpAo4Qc2XLc1LPVAaG664LbH+P
jwi3HrDYdzbxRLkWMcCEqj3h9HOXsI89wjCyEdACb62C8Ro3z44patL3mp/rEYZ4
2wTvY8AlW/V4U5Nc2BY2FoXftFqrpxhBHHma74r+Z2XuJyea16dwtUKZHBr4jWUA
wzbvrM9J+W07XOKP3TXS1pbp6lOW46ii7e8sKhxC7bfNDdCAasUFyKOp6BBw0QPv
n7TRb6U4lM6TlDwt7OR5jzxCbnvJIUY2KDSwiZayQliIgRCANyiA1dZvvUicg4Eo
JMjdqM7tICTcwEZn7oM1hujTUtXH2Eb990r5/dzuxCXrQbi1f6o3jYkCHAQQAQIA
BgUCVM8ZuwAKCRDEySfNXRs21/kSD/0Wok7ONJBbMdcaZLF7c4Ge1/CX1h5a19dQ
+VfpNKWBtobDxnZiOdMXfx4v2d0hVzIOBD3bEgCCBkYPjmWSgBRMxVPsnTylq+Li
2TzEc9lV8N5D5M4K/o19bUmy6CSWAmXTHeWviIEmpCLFEm4fiil5Abz75mIzmDTt
jrDRrypZq6Vd/m+aRzQLxkjm1PRMnd0GuxJel5wS+Th9MMM4RNJoJSwT95IDx5cL
bjJ1lI7ZPTaWXfIS3aN3+zOJsu7G+lFRUqLcrhdlt3zG3esB+7Pa54OodQ+JB3Ow
8sf8elJ1dgW7sQDemSM+hzk9IgkbHzPGIe3j1++wPEwYLxEGvf8fgNN62X0B3Ch7
ePqNtyz2SiIl/BkR7Y9NcZSH5RjQGs1IH04suHPb1OIz3vXmdbRxM64uvB3CDobm
UNcqKY9HQFOzO9z21ZiRg+jWACsuvJ4+6VLS/XN0vHoNROSG4t9HOIQTa5GYVFoS
twgbTN5fP2XUL8/r87tAN443Dt4DFBMo4PvUCVvthZIB/Jfw4EgUOmsmpw4TQqDP
gE8nNWW/V14agNTOU4k/cnOMV1c/C0jMpblvJwq4NzbGNG8/AC/CVkbHV5gHRw1W
SrDJ+wBPVwlNYEm1MYvdYWfN10IyeZfeSfEeUxB4V5AtGTpypITedX3OXMEqJ2RB
t2Kp7FAwMYkBHAQQAQIABgUCVNNxJQAKCRC2cVfzpw1FN20IB/46wzCgYELxt94M
w2EwgYrA7enk69mvYsq0PTWHKGsOmZTEhm1+YV59jINhDhUFCAnKiGb35AuXpFTm
oI6KtfB5rrWz8dc97ez5lRqQ1b4499Byi5Ut24WLfVt30pMkl6G/81t/fGfYxEoV
5E914mCMMprlvwY0MzFyOBK49kJIH6gWVX4Dq482FdNclMnVw0zTGrnsbRtBleaJ
p9wXDICohIuM8EnloLQKOrhSyuBze9y3TpJCaGFa5dxgL0rUI2oKsjbgQp9okSLM
7vh79DvL0MWjlCIoAHBTXS4X0YgJ3agfiSKh2hLBz04Gd/xOIhjs65RcKaj5E1VP
z3/l0byfiEYEEBECAAYFAlTTc3wACgkQ8uJF+0DwaUDtQACfWsxhR2aUaF2fI7WI
x73Ljq+rhJwAnApKusV5tX2xrMKpyKoRfvi40D3kiQIcBBABAgAGBQJU1hnQAAoJ
EKnBdsx/rH1WW54QAIue3rnxcP4uhDHNPNVbjFY2SjXZYAE/JWPtNqrVIH6UutmL
st03FwekjRKHyt7oG4MPSw6tiixgSWtA+Fru0rXIdYHNcYBWhAvq3B583a/EVaFg
tVnuMTj0EFp0IxB/fxImXTsHosQBEEAr/bzhQDUROYDAPpTNoiFjFW972eX8poXY
ABUIK5/TRBUsVEkqm1PWAThWg1IPrJbe/9vhwjQysocFB+TpcTS8XSHbAe/mjIew
AXMNpKwfZh2WKoZzF4ecSnEjSpaitoODkMwZdaup1O1GRek0rAZTvGNHiACwakXh
FK+8juoAI7O1PZM65ZEMbl8uyU86EKJdKyiTrd48YIu2P7ShBgix35HpVFEL1znv
bhgcGBlXoyU8JbK5RhRfXsjIwkxaQdmTFF7zsFypuurpSS7VPBkL4CU/254ozdjW
jzMWbtb54jqsjbL20WWJRZnhKPmwlJMo1XuYUkFXnPoBbPDDm8bIW5zHWabKXlQs
6TY3u2Y3a6QA28Ib4LHg9VZDXRrPUPMtdHbvvpHIGP83AxPaZVy0J3X3HbmnR/0f
sA93T2uWm2f+XWUkizwjnI6gMTZGrDXkhpNwp2B6eEEQkT2GolCtyxoBV9dGqaab
AVromrjzLdpCx7z7t7r3gl2zyiqfy9FTtWwc4Yfu0oZMXc3/oWCq47NgBZLHiQIc
BBABCgAGBQJU03i2AAoJEPjB1kfRPYGJdtIP/it0L/iKakus0dHYAtsGEozeJAuQ
0D//ML5PIXqEQLrIfeS9BSLKO2LtYUQItphD7cMVAoBGOb2dIxtgm6jT/y624p1s
ShAUWB9HOgz09MJAfPIisDCM6coRtSscQxVrVBK0S7ePCbjZaGy7XN/C+7Mc9wWE
c3XE54wAlmBcFZ3IdFRSSyPWpDyRuTHbalLS9ctQ3CgM1lypASmh9lwtunRcTBMz
ceoRU5r72NmUR/CkIIB8lTGmf3zVrihUtpOMHfatsVHCSco1UKzAlbKowdYkKl3M
yqQOLPa40OQ/1hhyGQdrzkTyPQS8g+dW3hViZ88WomLVT+QdcS1lGPKgZ84ZLeVs
mOls5edu1XJho9M3sLZZ3+sg0kQtsVfdU4AUxr7YpiJVlmL8LY4AZbCN98/q9Y/o
4baceWiIZEE4RCuvZnFlFDZRX4/bCggTfKJjqJ4DrPFHaHAlBeW/bcyqWQvfEooO
SV+Lrk9W3ZXaNeWf05Y7BnwvhFHQNCIfeFxK5YTiMGPwkM46DicXvyzDphJCeLI8
yXGUcmu7V1tXrQ/wK1OyV+7YsnjG/2wlmN44LHucx755hMxLaAVIshoEI+mrDE9W
wecxo1NW4++yOd2swYVbkdlrXXV81v/l/9FpNZWGJXwgVLKASO56/iG4/xF/eblc
pGRebr6fL7aHkRhuiQIcBBABAgAGBQJU05rWAAoJEMrg3m4a/8jSiYIQAKCfXdVV
SjBh25T4/ck1erWVb6CeOGIB02sxmwwIFkqqhaF3kNO4j+OyPIWGNr+5evk/alFe
c7qvyn4GV+zLn4PVMPlHjrtJSN0HHc4HVhJ4xDLAZRobPdrFyT3y+H9s5fWJVwGS
6iQsKGfDZlc+Ks0xb5EQjqWHHljb4NYkpR/sWNb7uFd8BGqcVNG0LgF1RZIu9V+L
siF4Vt36+dijQ/lCLSYNBeDLsZWZZkvxcQZy6SCnkwGVpf22v1fJqis2zoNzFI6b
8i9imsdT7V/cE5aufcBnt3NX9ozBaVtZ3I8M3ote0s8jOWMUywHEPEnEr9O0Y0O4
SX6Qe7wtj/ph9G6SQBPh9MMR1tsyz9gpw6Zkahr9vcjyuy7XFAyDSjEZPgQYJeml
L7AktJDBTVHdOggsNfKbJNU+noroLNn39k8XX5Va7EWBk/0BYTNrYkqLvFC0GRkl
jf/f34umQI6SzX6S8XvGhvySnvqDhBeIbk9zkKCu51fD91NohJJn+SvMFp4t4gHn
WLbaUk9c08QVb3UMVOEcgjj3FmQrk70hsLef+o5RVfnQciAkse5FtqZIzPoG3Aw9
BWTKEcEQC2OPGqRDzNZbMsGnsgDvCtUww2YuaNL8b7HA1i9lb8e4+UV4SWK6pCw8
nyV5RGAmqIlKK6kyodaLDg8fkU3wXElsXYwWiQIgBBIBAgAKBQJU24hlAwUBPAAK
CRBeLKvqsmx4UuBYD/4s2MNZgo1SlQ4PAaqi5iVBuTtkAjHNrhBSCr4xAn75Orf+
HbHtA9N1KlNWoVCli2KjIFzuVFo3uou63mV05EYuVvS+IHDGKjiRsdTqN5P3lSBX
jgFkGAhqpZWGDf0NbLqdRkuvIjeE9QaUXw81irSItA0AR7SPi+uuWqqeAex+7Ymi
NqBxN9tYEe2AuOMIeHrztIytDmwl7Ki86u/RRUfDGuMPjVmemHANsYcqHuc5R+wV
tJ/f8yUETprzRpBoInHhUiG0dPsrvHSrC6aiwO9jKLHnrWUrvlud9S/UZ69jJAeW
tidkHyGjNjAOaz8JXjPfLFDu2avNm+0TfdP/j4XXoBdKUBeF7gXdhVqAgP8iOKIl
y9Uk2QsTkY6iN0azfaWOoTaG9qzOmyzGnpqTWj0TJz9cd+Tm3OwaSdedwv+8qE0q
lMWftqWgVTX9vVh8msoC/p4AfVQatBc0my0+oveKlnoedGtmL3iniaIExeoBdWTp
nP2vgifUeGAk4naUPrRMzBXcof1K3thEb9F4IApw06oCPNXurMiCccreSqIAiC4Q
SnB7dm4hUVFaMZpEbDd6BvLNBZFONanXCizwZHPF7UWTd7thi652OT8WpKyiWgvL
tgFi8uvROY7I8SmcugKam2ZObE8WpGCaZanueWSWGS43QOpGIjPts+ow+zgGM4kB
HAQQAQIABgUCVN4TkQAKCRDXi2HT3/d6O4zACACTt8quvuzt7oQSCNcaHRzMDPrQ
ycbrOGJM/7PZoi4SJX+gPEFrn2KV3VoKXYBetvjw7YGp71NEgBuXQIc5Buc0mGxB
ES9cDjRCnMn1Xa+K6OJ6LFEhibQVyA8c769pcUOl2V8NjbasWJD3d/50mXJVupKN
7UQr+0kiL0+jGW1w6mXuwL+Ea4S/WFVz4XafC5Sj/TvhxOyZjIxgl251F9HWvS7q
duZ+mI/0/H+VgWK5anSztuz5071t18mtJPW8mr5XogGR9MV2NjNGurKLWjFK1JNR
D/yxkcW/MxE03fySq3ZgnCrIF0SvfymNi9Rr9HaGSQ+6QdYr14VFwHmzMkv4iQIc
BBABCAAGBQJU7KxOAAoJEH+NV8JAzsgJKcYQAMmaD2LWWnmSH5qu1wzghQqfad8O
pQZYqA9VUKJfkfKMwpDv5cRLj16F2vkt6SG0DAwJIw4qdcSctQQiktOsqcauWRqM
vTE4SQIB4teJqe+m8QkkWHFqoG82x193t6DPypSJOJxZnkW09FwPleQ8qJ6lXHTi
ctJ2k4KxOMfbRphKNumSStrrxbvRbCN6XRS6R5liUTjE7WpO93wN1nzknWF+tRU+
CFGj9uaRO+tFocXiBvS2l3RoSsyLNrhsHSFUFzNaeKV2B8QbVabV2S1elIPnsJcB
QJ7zZLKt0RfIYGssMmV8ZenOFKIQ6oNEe3/ooTL/BqFVq14Zs3lHokJJnzE0/OBR
RhYAR5YnugUKyicSuzfplB1xhlLOWZ+yrkAE/eIyx89lNgbCTbPDnphQ4dX7QB4D
zyo4bIomVMORDB9IuRjVr7RQEREu33d0AKxS6WcobyQvJSWL/GmflNE0gsuSKp5W
vpetxMt4kk294i+1VXKrA+tkmffZiSFBXEVlG29a+bu/ri+8AN0GQevIwHKWjWUa
4S8/aMRB+vped65HGpnsceyRSsh2DQmGu+xiIm5djYoA3b7MvlQI5LlPattGKp+n
P/Qca0QvuUfrlbEJR2Go0HkpwPDKuHgg5bOyisyAC3np2KMeoD1qIuvWFuOid2S6
0Xzt4mp8m2lkoBahiQI+BBMBAgAoBQJUzxUnAhsDBQkDwmcABgsJCAcDAgYVCAIJ
CgsEFgIDAQIeAQIXgAAKCRDVv5/rAxNlOqZYD/9K0yqXKKaqPp8jFfYgDKXLrmy9
3UgQZarwBnuN0rUmjrWdvaa/E+Dl3shaktVRJ8+FpIvKIjyi6NekWIjbVJdqTmxG
qm4+5TJaKs5JiktqK+DRrxzzyCiklfz8cNU4rdsuISTxiX00fKwei4JxeK+FbZ8P
BPTiDSIRALh0RF2peBM7deCDqQTcPOykdY1zs48EI5/L13KYG7fA/MiLuKg04gVi
CRNVG5ecvGtqmp+I4PPrXDBlEa3BYq3SL6+e9GNunqQeM40pWBdToyiHFlFdQGXP
BNuwo1jpieRiuIk+QoEaazfBvho+ltgzOukYGSmxwDLtaQnnz8P1fhMuxTemm42t
YMVQukrzrWpwxcJn6kJTBfIjS6twNlDPZECVTbKZ6J2WGVozLOcso2RZyq2oj7en
t1D0qyUF2ARoYhrhQrbyCUuiLwU09a+Y+QYaMpG0weEYCtUa6M5SQPPEe0ItR+qS
zIKVClVXupkD2G+oOSriU9SN1Tr7oR+SUNWxdESCytmBYkerez4aYgh5Zo6Dtsb0
SAMYi6W09hULE8xFU0xuaoNKAl4R6LrY1OmzllWeWWhMSD9fFtFE7NH7mgsKfffk
7LxKKS4pbWVZfU0gO2tCpkQT8Wv5ivNsFEhlMayvan1gzEghUjwOPB5eBL9SDqMC
nPb/zcGKBzTKaB6NsbkCDQRUzxS2ARAAvclQPdxw7YIB9GMjgdvvEWw4Rs1hi+He
lpSq66s2j9g+9gtkmbMX3kch6dX8FS7uA5w9PqYlUt/YPRD7OUmB6UYB7qJH31h2
oYASDmfB1qfX1CMDCeWaAVy6NLZN6JFfb1uh85Sg0noQpj1pfb9J9O6Qc7mPTJOz
/rElfAgTBXMH/WgZ2k7lW9zTGQatLIcBFlqlKFNaJXZoJJLddD59AmaqJ76yYxGR
1w/zNiMuRCOKRLOUo0GDPEPJuqyrx1f4sZ3qLilQU8Ud7ChtrDbu9XM+cbQ+aT+k
BJuGZaHAWqD1dm5IL5Cl2bCC73uHvjAr0zzEd1c7S2kDgdEuOm08HXeaO+JtaByx
+S1UnHquY+EPbuZReXCaOMeTfJR2kGL3sW90T9/Ln+IERR9PqAvaiInTkU261GEA
siEjWchExXhEmhBeF8bXW7KuPj/1Rsbv+Ot2GIhW3+4U+xHnN3dK0I6r8lY8pP1f
nxhnoDyKh7PemvfHuShf5/BwB9TPAEjxcGjOUF1KL+hiDalfsaBZNlm6Dkltt2xa
g5qu0L6tHyiiPkhf5clO6qy1c5Y7ffQL6rvJGZQvQFMgzD8BqsaRHSNEyG8thnw8
xa/dmuuixZtqywyFqz2CCa6Q9LUgf3VyhJXecNGXUFn2chvXjWQ+tldfZjdZT6cL
pELi6BJPCiMAEQEAAYkCJQQYAQIADwIbDAUCWd49WwUJBvBcIgAKCRDVv5/rAxNl
OnNxD/4x87qOvFnKtXGguFrZSaL/0tCvjCfNyLPFB0T8Tssso5uGADEIlLHyP8Z8
GOhIBF6RZVyEFsRElwf9Srl2jomQxCWHVvYXKYpQdLyUIqidHbgp664SDTGJpR3W
f/wPwbyEzE+qOWEg8wU2qoDkeCcOYoqE9R78TzKzjYMMKYrXqUrE9ONSc/qpOcWt
P50tIb50XsENYKzWaOzu8cm2uI/iKybXFtCwXFFER0E+QH8sWwKCSOlviuCOojRw
znlqxllRlI8L3Vkyd1s7vK6O3aIax7kE6ULnxycKPBDp1hzNh79kQPV1zR7lV/tO
+FmhhgNCMuf/71d2yM4s7ezJhIKf4Wi37wu2xCwA4WKnWX4vn46jxn9bwpF4r2YG
uJNYKuM3xUAO5mvdr4aRGFDfHutyrYV6u4EGoX0bGVIjvVs2dEhvkkzneVtACmYq
lfpWiexyQc0342B2utmhEDIRFKmxacTRH0EJWIuDrrAN2Byq2GCJQZJdNCyh2Ikq
37qepkc9eaLiubWNsmz3e9YKO7WiJBeACZIGsqqmym8vJfJMlG7iyHXsEKFtFwLl
/1BsRqvcKMAh9uuXCWB5pWZ2x4GU1ZnE+OUJmffffZd+P2qDIAuf8aLORCS2F1Xh
fwrp+GJ2VnIQlZqoLHNmUaAbejrq8CRDlhXelX8o6OZgN0MuvA==
=C+9j
-----END PGP PUBLIC KEY BLOCK-----

88
patch.spec Normal file
View File

@ -0,0 +1,88 @@
#
# spec file for package patch
#
# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: patch
Version: 2.7.6
Release: 0
Summary: GNU patch
License: GPL-3.0-or-later
Group: Productivity/Text/Utilities
URL: http://ftp.gnu.org/gnu/patch/
Source: http://ftp.gnu.org/gnu/patch/%{name}-%{version}.tar.xz
Source2: http://ftp.gnu.org/gnu/patch/%{name}-%{version}.tar.xz.sig
# https://savannah.gnu.org/people/viewgpg.php?user_id=15000
Source3: patch.keyring
Patch1: fix-segfault-mangled-rename.patch
Patch2: ed-style-01-missing-input-files.patch
Patch3: ed-style-02-fix-arbitrary-command-execution.patch
Patch4: ed-style-03-update-test-Makefile.patch
Patch5: ed-style-04-invoke-ed-directly.patch
Patch6: ed-style-05-minor-cleanups.patch
Patch7: ed-style-06-fix-test-failure.patch
Patch8: ed-style-07-dont-leak-tmp-file.patch
Patch9: ed-style-08-dont-leak-tmp-file-multi.patch
Patch10: fix-swapping-fake-lines-in-pch_swap.patch
Patch11: abort-when-cleaning-up-fails.patch
Patch12: dont-follow-symlinks-unless-asked.patch
Patch13: pass-the-correct-stat-to-backup-files.patch
# See bnc#662957. The fix for CVE-2010-4651 breaks the way interdiff was
# invoking patch, so interdiff had to be fixed too.
Conflicts: patchutils < 0.3.2
BuildRequires: ed
%if 0%{?suse_version} < 1220
BuildRequires: xz
%endif
%description
The GNU patch program is used to apply diffs between original and
changed files (generated by the diff command) to the original files.
%prep
%setup -q
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%build
export CFLAGS="%{optflags} -Wall -O2 -pipe"
%configure
make %{?_smp_mflags}
%check
make %{?_smp_mflags} check
%install
make install DESTDIR=%{buildroot}
%files
%doc AUTHORS NEWS README
%license COPYING
%{_bindir}/patch
%{_mandir}/man1/patch.1%{ext_man}
%changelog