- Add fix from https://github.com/book/Git-Repository/pull/22 to work

around git 2.38.1's new default behaviour

OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-Git-Repository?expand=0&rev=21

22.patch

@@ -0,0 +1,26 @@
+From 4dc8dedb97891f37b9da2220e5740c65685b0906 Mon Sep 17 00:00:00 2001
+From: Jan Pazdziora <jpazdziora@redhat.com>
+Date: Mon, 31 Oct 2022 17:26:00 +0100
+Subject: [PATCH] Workaround change of behaviour in git 2.38.1 for
+ CVE-2022-39253.
+
+By default, protocol.file.allow now defaults to user, preventing
+clones with symlinks.
+
+https://github.blog/2022-10-18-git-security-vulnerabilities-announced/#cve-2022-39253
+---
+ t/21-submodule.t | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/t/21-submodule.t b/t/21-submodule.t
+index 444029c..97374f8 100644
+--- a/t/21-submodule.t
++++ b/t/21-submodule.t
+@@ -44,6 +44,7 @@ $s->run( checkout => 'master', { quiet => 1 } );
+ # now test adding a submodule
+ my $r = test_repository(@init);
+ $r->run(
++    ( Git::Repository->version_ge('2.38.1') ? ('-c', 'protocol.file.allow=always') : ()),
+     submodule => add => $s->work_tree => 'sub',
+     { env => { GIT_WORK_TREE => undef } }
+ );

cpanspec.yml

@@ -6,6 +6,7 @@
 #  - source2
 patches:
   https://salsa.debian.org/perl-team/modules/packages/libgit-repository-perl/-/raw/c5e0eca06ca27fdaa547634b1e49f4637e7c1ca6/debian/patches/git-2.30.0.patch: -p1 PATCH-FIX-UPSTREAM https://rt.cpan.org/Public/Ticket/Attachment/1923740/1029935
+  https://patch-diff.githubusercontent.com/raw/book/Git-Repository/pull/22.patch: -p1 PATCH-FIX-UPSTREAM https://github.com/book/Git-Repository/pull/22
 preamble: |-
  BuildRequires:  git-core
 #post_prep: |-

perl-Git-Repository.changes

@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Sat Dec  3 11:00:22 UTC 2022 - Stephan Kulow <coolo@suse.com>
+
+- Add fix from https://github.com/book/Git-Repository/pull/22 to work
+  around git 2.38.1's new default behaviour
+
 -------------------------------------------------------------------
 Tue Jun  1 03:07:11 UTC 2021 - Tina Müller <timueller+perl@suse.de>
 

perl-Git-Repository.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package perl-Git-Repository
 #
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -20,13 +20,15 @@
 Name:           perl-Git-Repository
 Version:        1.325
 Release:        0
-Summary:        Perl interface to Git repositories
 License:        Artistic-1.0 OR GPL-1.0-or-later
+Summary:        Perl interface to Git repositories
 URL:            https://metacpan.org/release/%{cpan_name}
 Source0:        https://cpan.metacpan.org/authors/id/B/BO/BOOK/%{cpan_name}-%{version}.tar.gz
 Source1:        cpanspec.yml
+# PATCH-FIX-UPSTREAM https://github.com/book/Git-Repository/pull/22
+Patch0:         https://patch-diff.githubusercontent.com/raw/book/Git-Repository/pull/22.patch
 # PATCH-FIX-UPSTREAM https://rt.cpan.org/Public/Ticket/Attachment/1923740/1029935
-Patch0:         https://salsa.debian.org/perl-team/modules/packages/libgit-repository-perl/-/raw/c5e0eca06ca27fdaa547634b1e49f4637e7c1ca6/debian/patches/git-2.30.0.patch
+Patch1:         https://salsa.debian.org/perl-team/modules/packages/libgit-repository-perl/-/raw/c5e0eca06ca27fdaa547634b1e49f4637e7c1ca6/debian/patches/git-2.30.0.patch
 BuildArch:      noarch
 BuildRequires:  perl
 BuildRequires:  perl-macros