pool/coreutils
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1163997 from home:berny:branches:Base:System

Browse Source 
- Update to 9.5:
  Bug fixes:
  * chmod -R now avoids a race where an attacker may replace a traversed file
    with a symlink, causing chmod to operate on an unintended file.
    [This bug was present in "the beginning".]
  * cp, mv, and install no longer issue spurious diagnostics like "failed
    to preserve ownership" when copying to GNU/Linux CIFS file systems.
    They do this by working around some Linux CIFS bugs.
  * cp --no-preserve=mode will correctly maintain set-group-ID bits
    for created directories.  Previously on systems that didn't support ACLs,
    cp would have reset the set-group-ID bit on created directories.
    [bug introduced in coreutils-8.20]
  * join and uniq now support multi-byte characters better.
    For example, 'join -tX' now works even if X is a multi-byte character,
    and both programs now treat multi-byte characters like U+3000
    IDEOGRAPHIC SPACE as blanks if the current locale treats them so.
  * numfmt options like --suffix no longer have an arbitrary 127-byte limit.
    [bug introduced with numfmt in coreutils-8.21]
  * mktemp with --suffix now better diagnoses templates with too few X's.
    Previously it conflated the insignificant --suffix in the error.
    [bug introduced in coreutils-8.1]
  * sort again handles thousands grouping characters in single-byte locales
    where the grouping character is greater than CHAR_MAX.  For e.g. signed
    character platforms with a 0xA0 (aka &nbsp) grouping character.
    [bug introduced in coreutils-9.1]
  * split --line-bytes with a mixture of very long and short lines
    no longer overwrites the heap (CVE-2024-0684).
    [bug introduced in coreutils-9.2]
  * tail no longer mishandles input from files in /proc and /sys file systems,
    on systems with a page size larger than the stdio BUFSIZ.
    [This bug was present in "the beginning".]
  * timeout avoids a narrow race condition, where it might kill arbitrary
    processes after a failed process fork.
    [bug introduced with timeout in coreutils-7.0]
  * timeout avoids a narrow race condition, where it might fail to
    kill monitored processes immediately after forking them.
    [bug introduced with timeout in coreutils-7.0]
  * wc no longer fails to count unprintable characters as parts of words.
    [bug introduced in textutils-2.1]
  Changes in behavior:
  * base32 and base64 no longer require padding when decoding.
    Previously an error was given for non padded encoded data.
  * base32 and base64 have improved detection of corrupted encodings.
    Previously encodings with non zero padding bits were accepted.
  * basenc --base16 -d now supports lower case hexadecimal characters.
    Previously an error was given for lower case hex digits.
  * cp --no-clobber, and mv -n no longer exit with failure status if
    existing files are encountered in the destination.  Instead they revert
    to the behavior from before v9.2, silently skipping existing files.
  * ls --dired now implies long format output without hyperlinks enabled,
    and will take precedence over previously specified formats or hyperlink
    mode.
  * numfmt will accept lowercase 'k' to indicate Kilo or Kibi units on input,
    and uses lowercase 'k' when outputting such units in '--to=si' mode.
  * pinky no longer tries to canonicalize the user's login location by default,
    rather requiring the new --lookup option to enable this often slow feature.
  * wc no longer ignores encoding errors when counting words.
    Instead, it treats them as non white space.
  New features:
  * chgrp now accepts the --from=OWNER:GROUP option to restrict changes to files
    with matching current OWNER and/or GROUP, as already supported by chown(1).
  * chmod adds support for -h, -H,-L,-P, and --dereference options, providing
    more control over symlink handling.  This supports more secure handling of
    CLI arguments, and is more consistent with chown, and chmod on other
    systems.
  * cp now accepts the --keep-directory-symlink option (like tar), to preserve
    and follow existing symlinks to directories in the destination.
  * cp and mv now accept the --update=none-fail option, which is similar
    to the --no-clobber option, except that existing files are diagnosed,
    and the command exits with failure status if existing files.
    The -n,--no-clobber option is best avoided due to platform differences.
  * env now accepts the -a,--argv0 option to override the zeroth argument
    of the command being executed.
  * mv now accepts an --exchange option, which causes the source and
    destination to be exchanged.  It should be combined with
    --no-target-directory (-T) if the destination is a directory.
    The exchange is atomic if source and destination are on a single
    file system that supports atomic exchange; --exchange is not yet
    supported in other situations.
  * od now supports printing IEEE half precision floating point with -t fH,
    or brain 16 bit floating point with -t fB, where supported by the compiler.
  * tail now supports following multiple processes, with repeated --pid options.
  Improvements:
  * cp,mv,install,cat,split now read and write a minimum of 256KiB at a time.
    This was previously 128KiB and increasing to 256KiB was seen to increase
    throughput by 10-20% when reading cached files on modern systems.
  * env,kill,timeout now support unnamed signals. kill(1) for example now
    supports sending such signals, and env(1) will list them appropriately.
  * SELinux operations in file copy operations are now more efficient,
    avoiding unneeded MCS/MLS label translation.
  * sort no longer dynamically links to libcrypto unless -R is used.
    This decreases startup overhead in the typical case.
  * wc is now much faster in single-byte locales and somewhat faster in
    multi-byte locales.
- coreutils-9.4.split-CVE-2024-0684.patch: Remove now-upstream patch.
- gnulib-readutmp-under-gdm.patch: Likewise.
- gnulib-readutmp.patch: Likewise.
- coreutils-i18n.patch: Remove multi-byte patches for join and uniq, as the
  upstream version now handles those tests.
  Pull in gnulib module mbchar manually, as it is a dependency of mbfile,
  but dropped out of the upstream dependency chain.
- coreutils-misc.patch: Remove change for gnulib-tests/test-isnanl.h.
- coreutils-fix-gnulib-time_r-tests.patch: Add upstream gnulib patch to skip
  French test if TZ='Europe/Paris' does not work.

OBS-URL: https://build.opensuse.org/request/show/1163997
OBS-URL: https://build.opensuse.org/package/show/Base:System/coreutils?expand=0&rev=362
This commit is contained in:
Bernhard Voelker 2024-04-02 15:30:19 +00:00 committed by Git OBS Bridge
parent 80607f8597
commit e62f2bf92f
18 changed files with 884 additions and 1219 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
coreutils-9.4.split-CVE-2024-0684.patch
View File

@ -1,34 +0,0 @@
Upstream patch on top of coreutils-9.4 fixing CVE-2024-0684.
https://git.sv.gnu.org/cgit/coreutils.git/commit/?id=c4c5ed8f4e9cd55a12966
From c4c5ed8f4e9cd55a12966d4f520e3a13101637d9 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Tue, 16 Jan 2024 13:48:32 -0800
Subject: [PATCH] split: do not shrink hold buffer
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* src/split.c (line_bytes_split): Do not shrink hold buffer.
If its large for this batch its likely to be large for the next
batch, and for split its not worth the complexity/CPU hassle to
shrink it. Do not assume hold_size can be bufsize.
---
src/split.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/src/split.c b/src/split.c
index 64020c859..037960a59 100644
--- a/src/split.c
+++ b/src/split.c
@@ -809,10 +809,7 @@ line_bytes_split (intmax_t n_bytes, char *buf, idx_t bufsize)
{
cwrite (n_out == 0, hold, n_hold);
n_out += n_hold;
- if (n_hold > bufsize)
- hold = xirealloc (hold, bufsize);
n_hold = 0;
- hold_size = bufsize;
}
/* Output to eol if present. */

BIN
coreutils-9.4.tar.xz (Stored with Git LFS)
View File

Binary file not shown.

16
coreutils-9.4.tar.xz.sig
View File

@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbDfcEhIaUAa8HbgE32/ZcTBgN9kFAmTuCiAACgkQ32/ZcTBg
N9ldkg//bS5pBA3f/2p6sHpZVvtgXhbLPTIczMRuANfzGfjrWqC5UMa3t2g04A2T
gCx4p2cmDv0eBF2esUGirYHq+chGP12dLWKQLdhnyB6gDQS0MTSHNtjT61UXJ2jp
L4vrggrbpDIWzprXfRZH75GbC+D/A2O/Gdm3EKRSv5Jcoe1BgDtoHR8zn4TP4dJP
PlP1QMMoyG6ta/PuTh7/KlaYFLWdBh7mS1FMEl5w2LuG65Ms4MOJZ+wXsdHDA6gk
pgjQYAPSH37dDTSJzfxGNxlEdcTztoSNcOBGGngnCAvxRr3W3KM/ktQlphbYlu3J
9JKGDn3oOnkNxX1iUJLGs4/x0v6d89pdBFhiKqe47ZyJfJ0QQVWoTn79CUc7Gv2G
/NKOoEsnk/1eh4TCxb8WHFu5JU+E1PmLRD3I5uiFFEWhDhPj4xeo6Y74R6+6KLAw
ZArS1gL35aGLfed6Pmr9Nkh7j3jGAcsHVCre7PkCCYOyQArch81iTvG+aHFzSbnM
YLnsoZtfNtmspATFryZ+y8qOyVVK2+aOrgzpXDHUTtY7S1IUJjO8cQUHuG9JpQU1
YNkr7/w/JVe+2MvGODMiKQPP0/gKDfRQg5WIlKFVSVrEoGcX+ivA9nG6jCf7nWd9
RdONbO/I69ZI24n0TYkGfal+P1hbt9cogGr4j5kRpstj8eXSDws=
=GOzh
-----END PGP SIGNATURE-----

3
coreutils-9.5.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:cd328edeac92f6a665de9f323c93b712af1858bc2e0d88f3f7100469470a1b8a
size 6007136

16
coreutils-9.5.tar.xz.sig Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbDfcEhIaUAa8HbgE32/ZcTBgN9kFAmYFirgACgkQ32/ZcTBg
N9nZMg//WF6fyy6kxNZJIeUnAzAyMhY5hjlD33hFSaj2ihfmt7IQzRuOu7bhYk94
5lpDJvfljubJpuAU15MD0g/7xdRVPEf/igkRqdvm79eWips1c8d7HfcorxqJcYKf
40JV0rQyDaMqQbqFl6rPipAaagE3GBSdHz3eNVhiEQ9MII/XKNX7dZ/5MBIUW/wl
VM7G7sA4WBh0k+K0fGNALrlFHSmQDqwVIVhuDlFNcVmY37NIsIcvIT910HlKTFWV
A5okdepRs9a2dOIhGvMVK/U+4D9vbVbS+QlnXH74UlmnczKPQsCQKsusG02bv9L0
ih+jFj9BVCoUjB1fQlo6/VE4Kvdhpg/NZKZCaKIEH0d4mn1XHqvyTTRN0SVOlJr8
ZmY7e94A5TDbpkt5MFPxZ6M1Z5dZTtVX2/rkQtb59jIr/p5eYmjId3NsjWtoXICo
XMr+hLtjMt/XIfN/eXnaSOZSoyNxOPurfe59hfjVhaexCeIrEIglZmYWw8HhkfWz
vAxGWOFVwYfWlWlfxggdYkysRvU0vUb1JhO8HIRwmCX05YEhvTwKZMnvo/z/Y++G
CrXyduj9e8jzRkunlU6mqFmHqaYrgt5t7e1PLFYxEgWBX77fvpSbBsLhX5nH2c6I
4uRaQpaZQ+hnYu7U5OHfhy1OwG2qcYjbou4zK4BuI1ktnBHFgbc=
=IhBg
-----END PGP SIGNATURE-----

2
coreutils-disable_tests.patch
View File

@ -6,7 +6,7 @@ Index: gnulib-tests/gnulib.mk
===================================================================
--- gnulib-tests/gnulib.mk.orig
+++ gnulib-tests/gnulib.mk
@@ -1115,10 +1115,10 @@ EXTRA_DIST += test-getloadavg.c signatur
@@ -1473,10 +1473,10 @@ EXTRA_DIST += test-getloadavg.c signatur
## begin gnulib module getlogin-tests

95
coreutils-fix-gnulib-time_r-tests.patch Normal file
View File

@ -0,0 +1,95 @@
2 upstream gnulib commits for coreutils-9.5 to skip localtime_r tests
when the timezone 'Europe/Paris' does not work.
Commit 1:
http://git.sv.gnu.org/cgit/gnulib.git/commit/?id=f130f5426ecd4edd559
From f130f5426ecd4edd5596797e0a5721b927f80126 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Sat, 30 Mar 2024 13:28:01 -0600
Subject: [PATCH 1/2] time_r-tests: skip French tests if no Europe/Paris
* tests/test-localtime_r.c (main):
* tests/test-localtime_r-mt.c (main):
If TZ='Europe/Paris' does not work, skip these tests.
Commit 2:
http://git.sv.gnu.org/cgit/gnulib.git/commit/?id=2c04db80e2c52b8f05b
From 2c04db80e2c52b8f05b4136af955510e7d370470 Mon Sep 17 00:00:00 2001
From: Bruno Haible <bruno@clisp.org>
Date: Sat, 30 Mar 2024 22:50:39 +0100
Subject: [PATCH 2/2] time_r tests: Avoid misleading skip message on native
Windows.
* tests/test-localtime_r.c (main): Use the macro FRENCH_TZ.
* tests/test-localtime_r-mt.c (main): Likewise.
---
gnulib-tests/test-localtime_r-mt.c | 21 +++++++++++++++++++++
gnulib-tests/test-localtime_r.c | 21 +++++++++++++++++++++
2 files changed, 42 insertions(+)
Index: gnulib-tests/test-localtime_r-mt.c
===================================================================
--- gnulib-tests/test-localtime_r-mt.c.orig
+++ gnulib-tests/test-localtime_r-mt.c
@@ -107,6 +107,27 @@ main (int argc, char *argv[])
{
setenv ("TZ", FRENCH_TZ, 1);
+ /* Check that this TZ works. */
+ {
+ time_t t = 0; /* 1970-01-01 01:00:00 */
+ struct tm *result = localtime (&t);
+ if (! (result
+ && result->tm_sec == 0
+ && result->tm_min == 0
+ && result->tm_hour == 1
+ && result->tm_mday == 1
+ && result->tm_mon == 1 - 1
+ && result->tm_year == 1970 - 1900
+ && result->tm_wday == 4
+ && result->tm_yday == 0
+ && result->tm_isdst == 0))
+ {
+ fputs ("Skipping test: TZ='" FRENCH_TZ "' is not Paris time\n",
+ stderr);
+ return 77;
+ }
+ }
+
/* Create the threads. */
gl_thread_create (thread1_func, NULL);
gl_thread_create (thread2_func, NULL);
Index: gnulib-tests/test-localtime_r.c
===================================================================
--- gnulib-tests/test-localtime_r.c.orig
+++ gnulib-tests/test-localtime_r.c
@@ -43,6 +43,27 @@ main (void)
{
setenv ("TZ", FRENCH_TZ, 1);
+ /* Check that this TZ works. */
+ {
+ time_t t = 0; /* 1970-01-01 01:00:00 */
+ struct tm *result = localtime (&t);
+ if (! (result
+ && result->tm_sec == 0
+ && result->tm_min == 0
+ && result->tm_hour == 1
+ && result->tm_mday == 1
+ && result->tm_mon == 1 - 1
+ && result->tm_year == 1970 - 1900
+ && result->tm_wday == 4
+ && result->tm_yday == 0
+ && result->tm_isdst == 0))
+ {
+ fputs ("Skipping test: TZ='" FRENCH_TZ "' is not Paris time\n",
+ stderr);
+ return 77;
+ }
+ }
+
/* Note: The result->tm_gmtoff values and the result->tm_zone values are the
same (3600, "CET" or 7200, "CEST") across all tested platforms:
glibc, musl, macOS, FreeBSD, NetBSD, OpenBSD, Minix, Cygwin, Android. */

1677
coreutils-i18n.patch
View File

File diff suppressed because it is too large Load Diff

32
coreutils-misc.patch
View File

@ -1,38 +1,8 @@
---
gnulib-tests/test-isnanl.h | 5 +++--
tests/help/help-version.sh | 1 +
tests/other-fs-tmpdir | 3 +++
3 files changed, 7 insertions(+), 2 deletions(-)
2 files changed, 4 insertions(+)
Index: gnulib-tests/test-isnanl.h
===================================================================
--- gnulib-tests/test-isnanl.h.orig
+++ gnulib-tests/test-isnanl.h
@@ -47,7 +47,7 @@ main ()
/* Quiet NaN. */
ASSERT (isnanl (NaNl ()));
-#if defined LDBL_EXPBIT0_WORD && defined LDBL_EXPBIT0_BIT
+#if defined LDBL_EXPBIT0_WORD && defined LDBL_EXPBIT0_BIT && 0
/* A bit pattern that is different from a Quiet NaN. With a bit of luck,
it's a Signalling NaN. */
{
@@ -98,6 +98,7 @@ main ()
{ LDBL80_WORDS (0xFFFF, 0x83333333, 0x00000000) };
ASSERT (isnanl (x.value));
}
+#if 0
/* isnanl should return something for noncanonical values. */
{ /* Pseudo-NaN. */
static memory_long_double x =
@@ -125,6 +126,6 @@ main ()
ASSERT (isnanl (x.value) || !isnanl (x.value));
}
#endif
-
+#endif
return 0;
}
Index: tests/help/help-version.sh
===================================================================
--- tests/help/help-version.sh.orig

10
coreutils-remove_hostname_documentation.patch
View File

@ -14,7 +14,7 @@ Index: doc/coreutils.texi
* id: (coreutils)id invocation. Print user identity.
* install: (coreutils)install invocation. Copy files and set attributes.
* join: (coreutils)join invocation. Join lines on a common field.
@@ -205,7 +204,7 @@ Free Documentation License''.
@@ -206,7 +205,7 @@ Free Documentation License''.
* File name manipulation:: dirname basename pathchk mktemp realpath
* Working context:: pwd stty printenv tty
* User information:: id logname whoami groups users who
@ -23,7 +23,7 @@ Index: doc/coreutils.texi
* SELinux context:: chcon runcon
* Modified command invocation:: chroot env nice nohup stdbuf timeout
* Process control:: kill
@@ -428,7 +427,6 @@ System context
@@ -430,7 +429,6 @@ System context
* date invocation:: Print or set system date and time
* nproc invocation:: Print the number of processors
* uname invocation:: Print system information
@ -31,7 +31,7 @@ Index: doc/coreutils.texi
* hostid invocation:: Print numeric host identifier
* uptime invocation:: Print system uptime and load
@@ -16227,7 +16225,6 @@ information.
@@ -16421,7 +16419,6 @@ information.
* arch invocation:: Print machine hardware name.
* nproc invocation:: Print the number of processors.
* uname invocation:: Print system information.
@ -39,7 +39,7 @@ Index: doc/coreutils.texi
* hostid invocation:: Print numeric host identifier.
* uptime invocation:: Print system uptime and load.
@end menu
@@ -17118,15 +17115,6 @@ Note this is non-portable (even across G
@@ -17329,15 +17326,6 @@ This is non-portable, even across GNU/Li
Print the machine hardware name (sometimes called the hardware class
or hardware type).
@ -55,7 +55,7 @@ Index: doc/coreutils.texi
@item -p
@itemx --processor
@opindex -p
@@ -17180,34 +17168,6 @@ Print the kernel version.
@@ -17391,34 +17379,6 @@ Print the kernel version.
@exitstatus

6
coreutils-remove_kill_documentation.patch
View File

@ -14,7 +14,7 @@ Index: doc/coreutils.texi
* link: (coreutils)link invocation. Make hard links between files.
* ln: (coreutils)ln invocation. Make links between files.
* logname: (coreutils)logname invocation. Print current login name.
@@ -207,7 +206,6 @@ Free Documentation License''.
@@ -208,7 +207,6 @@ Free Documentation License''.
* System context:: date arch nproc uname hostid uptime
* SELinux context:: chcon runcon
* Modified command invocation:: chroot env nice nohup stdbuf timeout
@ -22,7 +22,7 @@ Index: doc/coreutils.texi
* Delaying:: sleep
* Numeric operations:: factor numfmt seq
* File permissions:: Access modes
@@ -455,10 +453,6 @@ Modified command invocation
@@ -457,10 +455,6 @@ Modified command invocation
* stdbuf invocation:: Run a command with modified I/O buffering
* timeout invocation:: Run a command with a time limit
@ -33,7 +33,7 @@ Index: doc/coreutils.texi
Delaying
* sleep invocation:: Delay for a specified time
@@ -18628,90 +18622,6 @@ timeout -s INT 5s env --ignore-signal=IN
@@ -18848,90 +18842,6 @@ timeout -s INT 5s env --ignore-signal=IN
timeout -s INT -k 3s 5s env --ignore-signal=INT sleep 20
@end example

2
coreutils-skip-gnulib-test-tls.patch
View File

@ -21,7 +21,7 @@ Index: gnulib-tests/gnulib.mk
===================================================================
--- gnulib-tests/gnulib.mk.orig
+++ gnulib-tests/gnulib.mk
@@ -2765,9 +2765,10 @@ EXTRA_DIST += test-timespec.c macros.h
@@ -3299,9 +3299,10 @@ EXTRA_DIST += test-timespec.c macros.h
## begin gnulib module tls-tests

2
coreutils-tests-shorten-extreme-factor-tests.patch
View File

@ -16,7 +16,7 @@ Index: tests/local.mk
===================================================================
--- tests/local.mk.orig
+++ tests/local.mk
@@ -745,14 +745,9 @@ all_tests = \
@@ -755,14 +755,9 @@ all_tests = \
# See tests/factor/create-test.sh.
tf = tests/factor
factor_tests = \

2
coreutils-tests-workaround-make-fdleak.patch
View File

@ -6,7 +6,7 @@ Index: tests/init.sh
===================================================================
--- tests/init.sh.orig
+++ tests/init.sh
@@ -690,6 +690,16 @@ compare ()
@@ -691,6 +691,16 @@ compare ()
}
# -----------------------------------------------------------------------------

108
coreutils.changes
View File

@ -1,3 +1,111 @@
-------------------------------------------------------------------
Mon Apr 1 18:07:16 UTC 2024 - Bernhard Voelker <mail@bernhard-voelker.de>
- Update to 9.5:
Bug fixes:
* chmod -R now avoids a race where an attacker may replace a traversed file
with a symlink, causing chmod to operate on an unintended file.
[This bug was present in "the beginning".]
* cp, mv, and install no longer issue spurious diagnostics like "failed
to preserve ownership" when copying to GNU/Linux CIFS file systems.
They do this by working around some Linux CIFS bugs.
* cp --no-preserve=mode will correctly maintain set-group-ID bits
for created directories. Previously on systems that didn't support ACLs,
cp would have reset the set-group-ID bit on created directories.
[bug introduced in coreutils-8.20]
* join and uniq now support multi-byte characters better.
For example, 'join -tX' now works even if X is a multi-byte character,
and both programs now treat multi-byte characters like U+3000
IDEOGRAPHIC SPACE as blanks if the current locale treats them so.
* numfmt options like --suffix no longer have an arbitrary 127-byte limit.
[bug introduced with numfmt in coreutils-8.21]
* mktemp with --suffix now better diagnoses templates with too few X's.
Previously it conflated the insignificant --suffix in the error.
[bug introduced in coreutils-8.1]
* sort again handles thousands grouping characters in single-byte locales
where the grouping character is greater than CHAR_MAX. For e.g. signed
character platforms with a 0xA0 (aka &nbsp) grouping character.
[bug introduced in coreutils-9.1]
* split --line-bytes with a mixture of very long and short lines
no longer overwrites the heap (CVE-2024-0684).
[bug introduced in coreutils-9.2]
* tail no longer mishandles input from files in /proc and /sys file systems,
on systems with a page size larger than the stdio BUFSIZ.
[This bug was present in "the beginning".]
* timeout avoids a narrow race condition, where it might kill arbitrary
processes after a failed process fork.
[bug introduced with timeout in coreutils-7.0]
* timeout avoids a narrow race condition, where it might fail to
kill monitored processes immediately after forking them.
[bug introduced with timeout in coreutils-7.0]
* wc no longer fails to count unprintable characters as parts of words.
[bug introduced in textutils-2.1]
Changes in behavior:
* base32 and base64 no longer require padding when decoding.
Previously an error was given for non padded encoded data.
* base32 and base64 have improved detection of corrupted encodings.
Previously encodings with non zero padding bits were accepted.
* basenc --base16 -d now supports lower case hexadecimal characters.
Previously an error was given for lower case hex digits.
* cp --no-clobber, and mv -n no longer exit with failure status if
existing files are encountered in the destination. Instead they revert
to the behavior from before v9.2, silently skipping existing files.
* ls --dired now implies long format output without hyperlinks enabled,
and will take precedence over previously specified formats or hyperlink
mode.
* numfmt will accept lowercase 'k' to indicate Kilo or Kibi units on input,
and uses lowercase 'k' when outputting such units in '--to=si' mode.
* pinky no longer tries to canonicalize the user's login location by default,
rather requiring the new --lookup option to enable this often slow feature.
* wc no longer ignores encoding errors when counting words.
Instead, it treats them as non white space.
New features:
* chgrp now accepts the --from=OWNER:GROUP option to restrict changes to files
with matching current OWNER and/or GROUP, as already supported by chown(1).
* chmod adds support for -h, -H,-L,-P, and --dereference options, providing
more control over symlink handling. This supports more secure handling of
CLI arguments, and is more consistent with chown, and chmod on other
systems.
* cp now accepts the --keep-directory-symlink option (like tar), to preserve
and follow existing symlinks to directories in the destination.
* cp and mv now accept the --update=none-fail option, which is similar
to the --no-clobber option, except that existing files are diagnosed,
and the command exits with failure status if existing files.
The -n,--no-clobber option is best avoided due to platform differences.
* env now accepts the -a,--argv0 option to override the zeroth argument
of the command being executed.
* mv now accepts an --exchange option, which causes the source and
destination to be exchanged. It should be combined with
--no-target-directory (-T) if the destination is a directory.
The exchange is atomic if source and destination are on a single
file system that supports atomic exchange; --exchange is not yet
supported in other situations.
* od now supports printing IEEE half precision floating point with -t fH,
or brain 16 bit floating point with -t fB, where supported by the compiler.
* tail now supports following multiple processes, with repeated --pid options.
Improvements:
* cp,mv,install,cat,split now read and write a minimum of 256KiB at a time.
This was previously 128KiB and increasing to 256KiB was seen to increase
throughput by 10-20% when reading cached files on modern systems.
* env,kill,timeout now support unnamed signals. kill(1) for example now
supports sending such signals, and env(1) will list them appropriately.
* SELinux operations in file copy operations are now more efficient,
avoiding unneeded MCS/MLS label translation.
* sort no longer dynamically links to libcrypto unless -R is used.
This decreases startup overhead in the typical case.
* wc is now much faster in single-byte locales and somewhat faster in
multi-byte locales.
- coreutils-9.4.split-CVE-2024-0684.patch: Remove now-upstream patch.
- gnulib-readutmp-under-gdm.patch: Likewise.
- gnulib-readutmp.patch: Likewise.
- coreutils-i18n.patch: Remove multi-byte patches for join and uniq, as the
upstream version now handles those tests.
Pull in gnulib module mbchar manually, as it is a dependency of mbfile,
but dropped out of the upstream dependency chain.
- coreutils-misc.patch: Remove change for gnulib-tests/test-isnanl.h.
- coreutils-fix-gnulib-time_r-tests.patch: Add upstream gnulib patch to skip
French test if TZ='Europe/Paris' does not work.
-------------------------------------------------------------------
Mon Feb 26 10:48:14 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>

17
coreutils.spec
View File

@ -1,5 +1,5 @@
#
# spec file
# spec file for package coreutils
#
# Copyright (c) 2024 SUSE LLC
#
@ -30,7 +30,7 @@
%global psuffix %{nil}
%endif
Name: coreutils%{?psuffix}
Version: 9.4
Version: 9.5
Release: 0
Summary: GNU Core Utilities
License: GPL-3.0-or-later
@ -50,12 +50,6 @@ Patch100: coreutils-build-timeout-as-pie.patch
Patch112: coreutils-getaddrinfo.patch
# Assorted fixes
Patch113: coreutils-misc.patch
# Upstream gnulib commits (squashed) to fix gnulib seg.faults
# if there is no session:
# https://debbugs.gnu.org/cgi/bugreport.cgi?bug=65617
Patch114: gnulib-readutmp.patch
# Upstream gnulib patch to fix crash when gdm is in use. [bsc#1215361]
Patch115: gnulib-readutmp-under-gdm.patch
# Skip 2 valgrind'ed sort tests on ppc/ppc64 which would fail due to
# a glibc issue in mkstemp.
Patch300: coreutils-skip-some-sort-tests-on-ppc.patch
@ -70,7 +64,8 @@ Patch501: coreutils-test_without_valgrind.patch
# tests: skip tests/rm/ext3-perf.sh temporarily as it hangs on OBS.
Patch810: coreutils-skip-tests-rm-ext3-perf.patch
Patch900: coreutils-tests-workaround-make-fdleak.patch
Patch920: coreutils-9.4.split-CVE-2024-0684.patch
# Upstream gnulib patch for coreutils-9.5.
Patch920: coreutils-fix-gnulib-time_r-tests.patch
BuildRequires: automake
BuildRequires: gmp-devel
BuildRequires: hostname
@ -158,8 +153,6 @@ This package contains the documentation for the GNU Core Utilities.
%endif
%patch -P 112
%patch -P 113
%patch -P 114 -p1
%patch -P 115 -p1
%patch -P 300
@ -174,7 +167,7 @@ This package contains the documentation for the GNU Core Utilities.
%patch -P 810
%patch -P 900
%patch -P 920 -p1
%patch -P 920
# ================================================
%build

35
gnulib-readutmp-under-gdm.patch
View File

@ -1,35 +0,0 @@
Upstream gnulib patch to fix crash when gdm is in use. [bsc#1215361]
From 579f2d6f3d1d817c2f7e2c603c9a3ded63dcaa92 Mon Sep 17 00:00:00 2001
From: Bruno Haible <bruno@clisp.org>
Date: Fri, 15 Sep 2023 17:40:10 +0200
Subject: [PATCH] readutmp: Fix crash when gdm is in use.
Reported by Thorsten Kukuk <kukuk@suse.com> in
<https://lists.gnu.org/archive/html/bug-gnulib/2023-09/msg00093.html>.
* lib/readutmp.c (read_utmp_from_systemd): Don't use the value returned
by sd_session_get_display if it is NULL.
---
lib/readutmp.c | 5 ++++-
1 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/lib/readutmp.c b/lib/readutmp.c
index ec09feb59b..d8213e7ad5 100644
--- a/lib/readutmp.c
+++ b/lib/readutmp.c
@@ -873,7 +873,10 @@ read_utmp_from_systemd (idx_t *n_entries, STRUCT_UTMP **utmp_buf, int options)
char *display;
if (sd_session_get_display (session, &display) < 0)
display = NULL;
- host = display;
+ /* Workaround: gdm "forgets" to pass the display to
+ systemd, thus display may be NULL here. */
+ if (display != NULL)
+ host = display;
}
}
else
--
2.42.0

43
gnulib-readutmp.patch
View File

@ -1,43 +0,0 @@
This squashes 2 consecutive upstream gnulib commits
to fix gnulib seg.faults if there is no session:
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=65617
Upstream gnulib commit 3af1d7b0ce3a8e3ae565e7cea10cee6fd7cb8109
2023-08-31 Bruno Haible <bruno@clisp.org>
readutmp: Fix memory leak introduced by last commit.
* lib/readutmp.c (read_utmp_from_systemd): If num_sessions == 0 and
sessions != NULL, do call free (sessions).
Upstream gnulib commit 1e6a26f9312bb47e070f94b17b14dc1a6ffbb74f
2023-08-30 Paul Eggert <eggert@cs.ucla.edu>
readutmp: fix core dump if --enable-systemd
Problem reported by Thorsten Kukuk <https://bugs.gnu.org/65617>.
* lib/readutmp.c (read_utmp_from_systemd):
Dont assume session_ptr != NULL if num_sessions == 0.
In practice it can be null, and the man page OKs this behavior.
---
lib/readutmp.c | 2 +-
1 files changed, 1 insertions(+), 1 deletion(-)
diff --git a/lib/readutmp.c b/lib/readutmp.c
index 0173b7e0c1..e99158677c 100644
--- a/lib/readutmp.c
+++ b/lib/readutmp.c
@@ -795,7 +795,7 @@ read_utmp_from_systemd (idx_t *n_entries, STRUCT_UTMP **utmp_buf, int options)
{
char **sessions;
int num_sessions = sd_get_sessions (&sessions);
- if (num_sessions >= 0)
+ if (num_sessions >= 0 && sessions != NULL)
{
char **session_ptr;
for (session_ptr = sessions; *session_ptr != NULL; session_ptr++)
--
2.42.0