Accepting request 1307223 from Base:System

OBS-URL: https://build.opensuse.org/request/show/1307223
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/coreutils?expand=0&rev=166

coreutils-9.7-sort-CVE-2025-5278.patch

@@ -1,117 +0,0 @@
-# based on commit 8c9602e3a145e9596dc1a63c6ed67865814b6633
-# removed offsets and fuzziness
-Author: Pádraig Brady <P@draigBrady.com>
-Date:   Tue May 20 16:03:44 2025 +0100
-
-    sort: fix buffer under-read (CWE-127)
-    
-    * src/sort.c (begfield): Check pointer adjustment
-    to avoid Out-of-range pointer offset (CWE-823).
-    (limfield): Likewise.
-    * tests/sort/sort-field-limit.sh: Add a new test,
-    which triggers with ASAN or Valgrind.
-    * tests/local.mk: Reference the new test.
-    * NEWS: Mention bug fix introduced in v7.2 (2009).
-    Fixes https://bugs.gnu.org/78507
-
----
- NEWS                           |   10 ++++++++++
- src/sort.c                     |   12 ++++++++++--
- tests/local.mk                 |    1 +
- tests/sort/sort-field-limit.sh |   35 +++++++++++++++++++++++++++++++++++
- 4 files changed, 56 insertions(+), 2 deletions(-)
-
---- a/NEWS
-+++ b/NEWS
-@@ -1,5 +1,15 @@
- GNU coreutils NEWS                                    -*- outline -*-
- 
-+* Noteworthy changes in release ?.? (????-??-??) [?]
-+
-+** Bug fixes
-+
-+  sort with key character offsets of SIZE_MAX, could induce
-+  a read of 1 byte before an allocated heap buffer. For example:
-+  'sort +0.18446744073709551615R input' on 64 bit systems.
-+  [bug introduced in coreutils-7.2]
-+
-+
- * Noteworthy changes in release 9.7 (2025-04-09) [stable]
- 
- ** Bug fixes
---- a/src/sort.c
-+++ b/src/sort.c
-@@ -1793,7 +1793,11 @@ begfield_uni (const struct line *line, c
-       ++ptr;
- 
-   /* Advance PTR by SCHAR (if possible), but no further than LIM.  */
--  ptr = MIN (lim, ptr + schar);
-+  size_t remaining_bytes = lim - ptr;
-+  if (schar < remaining_bytes)
-+    ptr += schar;
-+  else
-+    ptr = lim;
- 
-   return ptr;
- }
-@@ -1954,7 +1958,11 @@ limfield_uni (struct line const *line, s
-           ++ptr;
- 
-       /* Advance PTR by ECHAR (if possible), but no further than LIM.  */
--      ptr = MIN (lim, ptr + echar);
-+      size_t remaining_bytes = lim - ptr;
-+      if (echar < remaining_bytes)
-+        ptr += echar;
-+      else
-+        ptr = lim;
-     }
- 
-   return ptr;
---- a/tests/local.mk
-+++ b/tests/local.mk
-@@ -388,6 +388,7 @@ all_tests =					\
-   tests/sort/sort-debug-keys.sh			\
-   tests/sort/sort-debug-warn.sh			\
-   tests/sort/sort-discrim.sh			\
-+  tests/sort/sort-field-limit.sh		\
-   tests/sort/sort-files0-from.pl		\
-   tests/sort/sort-float.sh			\
-   tests/misc/sort-mb-tests.sh			\
---- /dev/null
-+++ b/tests/sort/sort-field-limit.sh
-@@ -0,0 +1,35 @@
-+#!/bin/sh
-+# From 7.2-9.7, this would trigger an out of bounds mem read
-+
-+# Copyright (C) 2025 Free Software Foundation, Inc.
-+
-+# This program is free software: you can redistribute it and/or modify
-+# it under the terms of the GNU General Public License as published by
-+# the Free Software Foundation, either version 3 of the License, or
-+# (at your option) any later version.
-+
-+# This program is distributed in the hope that it will be useful,
-+# but WITHOUT ANY WARRANTY; without even the implied warranty of
-+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-+# GNU General Public License for more details.
-+
-+# You should have received a copy of the GNU General Public License
-+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
-+
-+. "${srcdir=.}/tests/init.sh"; path_prepend_ ./src
-+print_ver_ sort
-+getlimits_
-+
-+# This issue triggers with valgrind or ASAN
-+valgrind --error-exitcode=1 sort --version 2>/dev/null &&
-+  VALGRIND='valgrind --error-exitcode=1'
-+
-+{ printf '%s\n' aa bb; } > in || framework_failure_
-+
-+_POSIX2_VERSION=200809 $VALGRIND sort +0.${SIZE_MAX}R in > out || fail=1
-+compare in out || fail=1
-+
-+_POSIX2_VERSION=200809 $VALGRIND sort +1 -1.${SIZE_MAX}R in > out || fail=1
-+compare in out || fail=1
-+
-+Exit $fail

coreutils-9.7.tar.xz.sig

@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCAAdFiEEbDfcEhIaUAa8HbgE32/ZcTBgN9kFAmf2WecACgkQ32/ZcTBg
-N9nppA/+MUNHBWrhVCFNzdMRQaSmwTyUkOpA+z4pL0a/i+9o3AD1RYF/Zrpen0+E
-6K9VTcYsmW/R7ZPL1xg4dl4WVBJ/1LrKu3D5ZP3kydpKH7PYriekeYR7dgJQMd9Q
-RIrE7RoXOWSa6aSEhQQ9U/9BQiGrwo46Ja9A3LSn/c8Ty1/49e5HA3pQG0U2GIGb
-cxLKz6nWcI2MYnTWm3nuSk0AlL9LetVEyoNR7SUufjzqCpgCZTAd7vN6y476A+kv
-ajsBVTj1OGj3FKNff/a5Qhc0i+Xmtn/81S5sG8DnTJtb7q1J7B/5odchq5jQsGyH
-8QfxYnu++pOgsLThGR98Io5hA/rqcofZFU2rIIXm65Qb7YB4yLgcS9m6STlUEFLU
-mOOF8I5pVvbxewUz0WVxit1ist1P+AIFwBvv3H/2zgl2AOua+WpKxt2gISRY9j1c
-E4KOvwlpu4ebFo2CcK0NxLF82YXY8sQQVtR1HCmg10inAZp0XsfRocbYj+dOnvY5
-7jthL4GxWAIeDrAiS/oJmtL0Savhq9hB6u6zR5G5Puh6SigDX0NmMPqMsGtQ3t8n
-GlnLldNVujaNe6NYYHSATGu6yHByBOSGNk7IDEeRFyF74p9w6gV+qJNYuS7EtXVt
-sdNiA/UIxhk0KyL4rhDwUw9AbbTP/HhlB+FD+LJX61bxQfFnWuQ=
-=YizV
------END PGP SIGNATURE-----

coreutils-9.8-tail-large-num-of-files.patch

@@ -0,0 +1,82 @@
+Upstream patch on top of v9.8 for 'tail -nN' for larger N.
+Remove for next release >v9.8 again.
+Tracked at Fedora as: rh#2398008
+
+Upstream patch:
+https://cgit.git.sv.gnu.org/cgit/coreutils.git/commit/?id=914972e80dbf82aac9ffe3
+
+  tail: fix tailing larger number of lines in regular files
+
+  * src/tail.c (file_lines): Seek to the previous block instead of the
+  beginning (or a little before) of the block that was just scanned.
+  Otherwise, the same block is read and scanned (at least partially)
+  again. This bug was introduced by commit v9.7-219-g976f8abc1.
+  * tests/tail/basic-seek.sh: Add a new test.
+  * tests/local.mk: Reference the new test.
+  * NEWS: mention the bug fix.
+
+Applied downstream/here without the NEWS entry:
+
+  'tail' outputs the correct number of lines again for non-small -n values.
+  Previously it may have output too few lines.
+  [bug introduced in coreutils-9.8]
+
+
+Index: src/tail.c
+===================================================================
+--- src/tail.c.orig
++++ src/tail.c
+@@ -596,7 +596,7 @@ file_lines (char const *prettyname, int
+           goto free_buffer;
+         }
+ 
+-      pos = xlseek (fd, -bufsize, SEEK_CUR, prettyname);
++      pos = xlseek (fd, -(bufsize + bytes_read), SEEK_CUR, prettyname);
+       bytes_read = read (fd, buffer, bufsize);
+       if (bytes_read < 0)
+         {
+Index: tests/local.mk
+===================================================================
+--- tests/local.mk.orig
++++ tests/local.mk
+@@ -179,6 +179,7 @@ all_tests =					\
+   tests/tty/tty-eof.pl				\
+   tests/misc/read-errors.sh			\
+   tests/misc/write-errors.sh			\
++  tests/tail/basic-seek.sh			\
+   tests/tail/inotify-hash-abuse.sh		\
+   tests/tail/inotify-hash-abuse2.sh		\
+   tests/tail/F-vs-missing.sh			\
+Index: tests/tail/basic-seek.sh
+===================================================================
+--- /dev/null
++++ tests/tail/basic-seek.sh
+@@ -0,0 +1,28 @@
++#!/bin/sh
++# Verify that tail works when seeking within a file
++
++# Copyright (C) 2025 Free Software Foundation, Inc.
++
++# This program is free software: you can redistribute it and/or modify
++# it under the terms of the GNU General Public License as published by
++# the Free Software Foundation, either version 3 of the License, or
++# (at your option) any later version.
++
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU General Public License for more details.
++
++# You should have received a copy of the GNU General Public License
++# along with this program.  If not, see <https://www.gnu.org/licenses/>.
++
++. "${srcdir=.}/tests/init.sh"; path_prepend_ ./src
++print_ver_ tail
++
++yes '=================================' |
++  head -n1K > file.in || framework_failure_
++
++# This returned 139 in coreutils v9.8
++test $(tail -n200 file.in | wc -l) = 200 || fail=1
++
++Exit $fail

coreutils-9.8.tar.xz.sig

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEbDfcEhIaUAa8HbgE32/ZcTBgN9kFAmjRjKgACgkQ32/ZcTBg
+N9m2URAArTex5vWuCBnU0BT+T5/eu19+ePhbdaDBvhSap5SBbR+wL0jQphuApGLX
+LbMRnDw31C+KtTjcHHVChf4T1LMx8IrFuIcAO3eIOGaLiCw5is/U0FIarr/+81yV
+dZEdI53JS8M6e81tjcmfDjIa6A7Gz6+9V3+eF06LRWUDJfHKzOcUnIBVnJEzFRz1
+M9U4c6VVEOfcAFD4rCfd3g01nKZwFgCyeIAqn6ldFkSX6xuGQowAnF4VrnfgZMcG
+sxX/GyIMPRxBxzjDFNUhvCXBUSFQ/Y0I0GTlH7RQFNPVUSM7Vw3qUPShU4nsL++I
+9Ewjw27W7fgOjmAV2KOz/uxCpYnW6COyiw/3x3+QLnrIhyXvh/yXnhghyb2s9bQm
+U9A2qRcqsLE3aML9lKovvStb3dC3iz/+g/expeikIEzLwxHrwagkpv22Kpu4dBbN
+qZtw4XO0ffnVcyzF1DE3Aa2kQ30OqKmSWKCXHk5Zd9LeqaagPcDlt1sNHPxquDLn
+QZMyuKlDLwIMm5D2GMqdz8JZcykCEnQY5lKwHq1KmxpfascbG0bIl1nCEOc5kCM/
+LaEMAP+90p9Wr1VVe8LqeTt9oiylrLEsDI7aNiw0FtIT0QihOfuN9hc3i8QQMPb6
+OYeA6jGWD9B+rqhn4fZyBTLz2etyEZf98apQIuxM+iOORohhFXY=
+=HpR+
+-----END PGP SIGNATURE-----

coreutils-disable_tests.patch

@@ -6,18 +6,18 @@ Index: gnulib-tests/gnulib.mk
 ===================================================================
 --- gnulib-tests/gnulib.mk.orig
 +++ gnulib-tests/gnulib.mk
-@@ -1548,10 +1548,10 @@ EXTRA_DIST += getlocalename_l-unsafe.h l
+@@ -1612,10 +1612,10 @@ EXTRA_DIST += test-getloadavg.c signatur
  
  ## begin gnulib module getlogin-tests
  
 -TESTS += test-getlogin
 -check_PROGRAMS += test-getlogin
--test_getlogin_LDADD = $(LDADD) $(GETLOGIN_LIB)
+-test_getlogin_LDADD = $(LDADD) $(GETLOGIN_LIB) $(LIBINTL)
 -EXTRA_DIST += test-getlogin.c test-getlogin.h signature.h macros.h
-+# TESTS += test-getlogin
-+# check_PROGRAMS += test-getlogin
-+# test_getlogin_LDADD = $(LDADD) $(GETLOGIN_LIB)
-+# EXTRA_DIST += test-getlogin.c test-getlogin.h signature.h macros.h
++#TESTS += test-getlogin
++#check_PROGRAMS += test-getlogin
++#test_getlogin_LDADD = $(LDADD) $(GETLOGIN_LIB) $(LIBINTL)
++#EXTRA_DIST += test-getlogin.c test-getlogin.h signature.h macros.h
  
  ## end   gnulib module getlogin-tests
  

coreutils-getaddrinfo.patch

@@ -1,21 +0,0 @@
----
- gnulib-tests/test-getaddrinfo.c |    6 +-----
- 1 file changed, 1 insertion(+), 5 deletions(-)
-
-Index: gnulib-tests/test-getaddrinfo.c
-===================================================================
---- gnulib-tests/test-getaddrinfo.c.orig
-+++ gnulib-tests/test-getaddrinfo.c
-@@ -115,11 +115,7 @@ simple (int pass, char const *host, char
-          the test merely because someone is down the country on their
-          in-law's farm. */
-       if (res == EAI_AGAIN)
--        {
--          skip++;
--          fprintf (stderr, "skipping getaddrinfo test: no network?\n");
--          return 77;
--        }
-+        return 0;
-       /* IRIX reports EAI_NONAME for "https".  Don't fail the test
-          merely because of this.  */
-       if (res == EAI_NONAME)

coreutils-remove_hostname_documentation.patch

@@ -6,7 +6,7 @@ Index: doc/coreutils.texi
 ===================================================================
 --- doc/coreutils.texi.orig
 +++ doc/coreutils.texi
-@@ -73,7 +73,6 @@
+@@ -69,7 +69,6 @@
  * groups: (coreutils)groups invocation.         Print group names a user is in.
  * head: (coreutils)head invocation.             Output the first part of files.
  * hostid: (coreutils)hostid invocation.         Print numeric host identifier.
@@ -14,7 +14,7 @@ Index: doc/coreutils.texi
  * id: (coreutils)id invocation.                 Print user identity.
  * install: (coreutils)install invocation.       Copy files and set attributes.
  * join: (coreutils)join invocation.             Join lines on a common field.
-@@ -206,7 +205,7 @@ Free Documentation License''.
+@@ -202,7 +201,7 @@ Free Documentation License''.
  * File name manipulation::       dirname basename pathchk mktemp realpath
  * Working context::              pwd stty printenv tty
  * User information::             id logname whoami groups users who
@@ -23,7 +23,7 @@ Index: doc/coreutils.texi
  * SELinux context::              chcon runcon
  * Modified command invocation::  chroot env nice nohup stdbuf timeout
  * Process control::              kill
-@@ -430,7 +429,6 @@ System context
+@@ -427,7 +426,6 @@ System context
  * date invocation::              Print or set system date and time
  * nproc invocation::             Print the number of processors
  * uname invocation::             Print system information
@@ -31,7 +31,7 @@ Index: doc/coreutils.texi
  * hostid invocation::            Print numeric host identifier
  * uptime invocation::            Print system uptime and load
  
-@@ -16482,7 +16480,6 @@ information.
+@@ -16600,7 +16598,6 @@ information.
  * arch invocation::             Print machine hardware name.
  * nproc invocation::            Print the number of processors.
  * uname invocation::            Print system information.
@@ -39,7 +39,7 @@ Index: doc/coreutils.texi
  * hostid invocation::           Print numeric host identifier.
  * uptime invocation::           Print system uptime and load.
  @end menu
-@@ -17395,15 +17392,6 @@ This is non-portable, even across GNU/Li
+@@ -17600,15 +17597,6 @@ This is non-portable, even across GNU/Li
  Print the machine hardware name (sometimes called the hardware class
  or hardware type).
  
@@ -55,7 +55,7 @@ Index: doc/coreutils.texi
  @item -p
  @itemx --processor
  @opindex -p
-@@ -17457,34 +17445,6 @@ Print the kernel version.
+@@ -17662,34 +17650,6 @@ Print the kernel version.
  
  @exitstatus
  

coreutils-remove_kill_documentation.patch

@@ -6,7 +6,7 @@ Index: doc/coreutils.texi
 ===================================================================
 --- doc/coreutils.texi.orig
 +++ doc/coreutils.texi
-@@ -76,7 +76,6 @@
+@@ -72,7 +72,6 @@
  * id: (coreutils)id invocation.                 Print user identity.
  * install: (coreutils)install invocation.       Copy files and set attributes.
  * join: (coreutils)join invocation.             Join lines on a common field.
@@ -14,7 +14,7 @@ Index: doc/coreutils.texi
  * link: (coreutils)link invocation.             Make hard links between files.
  * ln: (coreutils)ln invocation.                 Make links between files.
  * logname: (coreutils)logname invocation.       Print current login name.
-@@ -208,7 +207,6 @@ Free Documentation License''.
+@@ -204,7 +203,6 @@ Free Documentation License''.
  * System context::               date arch nproc uname hostid uptime
  * SELinux context::              chcon runcon
  * Modified command invocation::  chroot env nice nohup stdbuf timeout
@@ -22,7 +22,7 @@ Index: doc/coreutils.texi
  * Delaying::                     sleep
  * Numeric operations::           factor numfmt seq
  * File permissions::             Access modes
-@@ -457,10 +455,6 @@ Modified command invocation
+@@ -454,10 +452,6 @@ Modified command invocation
  * stdbuf invocation::            Run a command with modified I/O buffering
  * timeout invocation::           Run a command with a time limit
  
@@ -33,7 +33,7 @@ Index: doc/coreutils.texi
  Delaying
  
  * sleep invocation::             Delay for a specified time
-@@ -18923,90 +18917,6 @@ timeout -s INT 5s env --ignore-signal=IN
+@@ -19127,90 +19121,6 @@ timeout -s INT 5s env --ignore-signal=IN
  timeout -s INT -k 3s 5s env --ignore-signal=INT sleep 20
  @end example
  

coreutils-skip-gnulib-test-tls.patch

@@ -21,7 +21,7 @@ Index: gnulib-tests/gnulib.mk
 ===================================================================
 --- gnulib-tests/gnulib.mk.orig
 +++ gnulib-tests/gnulib.mk
-@@ -3605,9 +3605,10 @@ EXTRA_DIST += test-timespec.c macros.h
+@@ -3699,9 +3699,10 @@ EXTRA_DIST += test-timespec.c macros.h
  
  ## begin gnulib module tls-tests
  

coreutils-tests-shorten-extreme-factor-tests.patch

@@ -16,7 +16,7 @@ Index: tests/local.mk
 ===================================================================
 --- tests/local.mk.orig
 +++ tests/local.mk
-@@ -759,14 +759,9 @@ all_tests =					\
+@@ -774,13 +774,8 @@ all_tests =					\
  # See tests/factor/create-test.sh.
  tf = tests/factor
  factor_tests = \
@@ -27,10 +27,8 @@ Index: tests/local.mk
 -  $(tf)/t20.sh $(tf)/t21.sh $(tf)/t22.sh $(tf)/t23.sh $(tf)/t24.sh \
 -  $(tf)/t25.sh $(tf)/t26.sh $(tf)/t27.sh $(tf)/t28.sh $(tf)/t29.sh \
 -  $(tf)/t30.sh $(tf)/t31.sh $(tf)/t32.sh $(tf)/t33.sh $(tf)/t34.sh \
--  $(tf)/t35.sh $(tf)/t36.sh $(tf)/t37.sh
 +  $(tf)/t00.sh \
 +  $(tf)/t05.sh \
-+  $(tf)/t36.sh $(tf)/t37.sh
+   $(tf)/t35.sh $(tf)/t36.sh $(tf)/t37.sh $(tf)/t38.sh
  
  $(factor_tests): $(tf)/run.sh $(tf)/create-test.sh
- 	$(AM_V_GEN)$(MKDIR_P) $(tf)

coreutils-tests-workaround-make-fdleak.patch

@@ -6,7 +6,7 @@ Index: tests/init.sh
 ===================================================================
 --- tests/init.sh.orig
 +++ tests/init.sh
-@@ -731,6 +731,16 @@ compare ()
+@@ -738,6 +738,16 @@ compare ()
  }
  
  # -----------------------------------------------------------------------------

coreutils.changes

@@ -1,3 +1,141 @@
+-------------------------------------------------------------------
+Thu Sep 25 18:57:34 UTC 2025 - Bernhard Voelker <mail@bernhard-voelker.de>
+
+- coreutils-9.8-tail-large-num-of-files.patch: Add upstream patch:
+  https://cgit.git.sv.gnu.org/cgit/coreutils.git/commit/?id=914972e80dbf82aac9ffe
+  tail: fix tailing larger number of lines in regular files [rh#2398008]
+
+-------------------------------------------------------------------
+Tue Sep 23 19:39:43 UTC 2025 - Bernhard Voelker <mail@bernhard-voelker.de>
+
+- Update to 9.8:
+  Bug fixes
+  * 'b2sum' will diagnose --length values that are too big.
+    Previously it would have silently assumed 512 for any larger values.
+    [bug introduced in coreutils-9.6]
+  * 'base32' and 'base64' when decoding will again diagnose partially
+    padded data that ends with a newline.
+    [bug introduced in coreutils-9.5]
+  * 'basenc -d -i' will now strip '=' characters from the input
+    in encodings where padding characters are not valid.
+    [bug introduced with the basenc program in coreutils-8.31]
+  * 'cp -p' had spurious "Operation not supported" failures when
+    copying to non-NFS files from NFSv4 files with trivial ACLs.
+    [bug introduced in coreutils-9.6]
+  * 'cp --sparse=always' missed some opportunities to create holes.
+    That is, although the copies had the correct data, sometimes
+    data zeros used extents rather than holes.
+    [This bug was present in "the beginning".]
+  * cp missed opportunities to create holes when copying from file
+    systems like squashfs that support SEEK_HOLE only trivially.
+    [bug introduced in coreutils-9.0]
+  * cp, install, and mv now avoid possible data corruption on
+    glibc 2.41 and 2.42 systems when copy_file_range is used with ranges > 2GiB,
+    avoiding https://sourceware.org/PR33245
+    [bug triggered since coreutils-9.0]
+  * 'date' supports specifying multiple named formats with the last taking
+    precedence.  Previously multiple specifications would induce an error.
+    [bug introduced in coreutils-5.90]
+  * 'dd oflag=seek_bytes' no longer mistakenly reports errors when the
+    output file exists on GNU/Hurd.
+    [bug introduced in coreutils-8.16]
+  * 'fold' no longer exhausts memory when processing large inputs
+    with a very large --width argument.
+    [This bug was present in "the beginning".]
+  * 'install -d' now produces the correct diagnostic upon failure
+    to create a directory.  Previously it would have produced
+    a confusing error about changing permissions.
+    [This bug was present in "the beginning".]
+  * "ls --size --block-size=\'k" could misalign output in locales
+    with multi-byte thousands grouping characters.
+    [This bug was present in "the beginning".]
+  * 'nohup' avoids implementation defined behavior setting umask,
+    avoiding a FORTIFY runtime failure on Bionic libc.
+    [This bug was present in "the beginning".]
+  * 'od --strings' with '-N' now works correctly.  Previously od might
+    write a NUL byte after a heap buffer, or output invalid addresses.
+    [These bugs were present in "the beginning".]
+  * 'od -w0' will now issue a diagnostic and exit gracefully.
+    Previously it would have aborted.
+    [bug introduced in coreutils-9.3]
+  * 'od -w' no longer silently mishandles enormous widths like 3037000500.
+    Instead, it either outputs correctly or diagnoses a too-large width.
+    [This bug was present in "the beginning".]
+  * 'od +N.' (where N is a decimal number) works again as per POSIX.
+    [bug introduced in textutils-2.0]
+  * 'od /dev/null ++0' no longer mistakenly treats the ++0 as an offset.
+    [This bug was present in "the beginning".]
+  * 'sort' with key character offsets of SIZE_MAX, could induce
+    a read of 1 byte before an allocated heap buffer. For example:
+    'sort +0.18446744073709551615R input' on 64 bit systems.
+    [bug introduced in coreutils-7.2]
+  * stdbuf now works on AIX.  Previously it would have been ineffective.
+    [bug introduced with the stdbuf program in coreutils-7.5]
+  * 'tail -n NUM' no longer can output more than NUM lines if stdin
+    is a largish regular file with a nonzero initial offset, and grows
+    while 'tail' is reading it.
+    [This bug was present in "the beginning".]
+  * 'tail -f -n +NUM' no longer mishandles NUM values >= UINTMAX_MAX
+    when the input is seekable.
+    [bug introduced in coreutils-9.6]
+  * 'tail --pid' avoids some unlikely races if the kernel reuses PIDs.
+    [bug introduced in coreutils-9.5]
+  * 'tty' now exits with status 4 with a special diagnostic if ttyname
+    fails even though standard input is a tty.  Formerly it quietly
+    pretended that standard input was not a tty.
+    [This bug was present in "the beginning".]
+  New Features
+  * basenc supports the --base58 option to encode and decode
+    the visually unambiguous Base58 encoding.
+  * 'cksum -a' now supports the 'sha3' argument, to use the SHA3-224,
+    SHA3-256, SHA3-384, SHA3-512 message digest algorithms depending on
+    the argument passed to the required --length (-l) option.
+  * 'cksum -a' now supports the 'sha2' argument, as a more consistent
+    interface than the existing 'sha224', 'sha256', 'sha384', 'sha512'
+    arguments, which are now selected with the --length (-l) option.
+  * 'date' now outputs dates in the country's native calendar for the
+    Iranian locale (fa_IR) and for the Ethiopian locale (am_ET), and also
+    does so more consistently for the Thailand locale (th_TH.UTF-8).
+  * fold now supports multi-byte characters, honoring their column width.
+    Also the --characters (-c) option was added to wrap at a certain
+    number of characters, similarly to --bytes in uni-byte locales.
+  * nproc now honors any cgroup v2 configured CPU quotas,
+    which may reduce the effective number of processors available.
+  * stty supports setting arbitrary baud rates on supported systems,
+    like Hurd, Linux with glibc >= 2.42, and some BSDs.
+    Also on other systems the full set of supported baud rates
+    is determined at build time if possible.
+  * Commands that support hardware acceleration like cksum and wc
+    can now disable this acceleration at runtime through the
+    commonly used GLIBC_TUNABLES environment variable.  For example
+    to disable the use of AVX512 instructions in cksum, you can:
+      export GLIBC_TUNABLES='glibc.cpu.hwcaps=-AVX512F'
+  Changes to conform better to POSIX.1-2024
+  * readlink now defaults to being verbose if the POSIXLY_CORRECT
+    environment variable is set.
+  * realpath now supports -E, which specifies the default behavior.
+    The corresponding long option is --canonicalize.
+  * tsort now accepts and ignores -w.
+  Improvements
+  * 'factor' is now much faster at identifying large prime numbers,
+    and significantly faster on composite numbers greater than 2^128.
+  * fold now exits immediately upon receiving a write error,
+    which is significant when reading large / unbounded inputs.
+  * 'seq' is more accurate with large integer start values.
+    Previously 'seq 18446744073709551617 inf | head -n1' would
+    output the number before the user specified start value.
+  Build-related
+  * cksum was not compilable by Apple LLVM 10.0.0 x86-64, which
+    lacks support for checking for the VPCLMULQDQ instruction.
+    [bug introduced in coreutils-9.6]
+- coreutils-9.7-sort-CVE-2025-5278.patch: Remove now-upstream patch.
+- coreutils-getaddrinfo.patch: Likewise.
+- coreutils-i18n.patch: Refresh patch.
+  Remove i18n part for fold(1).
+  Remove the mbchar part as it is now already pulled in upstream
+  indirectly via the manywarnings gnulib module.
+- Refresh all other patches.
+
 -------------------------------------------------------------------
 Mon Jun  2 09:30:09 UTC 2025 - rw@suse.com
 

coreutils.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package coreutils
 #
-# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -30,7 +30,7 @@
 %global psuffix %{nil}
 %endif
 Name:           coreutils%{?psuffix}
-Version:        9.7
+Version:        9.8
 Release:        0
 Summary:        GNU Core Utilities
 License:        GPL-3.0-or-later
@@ -44,11 +44,8 @@ Patch1:         coreutils-remove_hostname_documentation.patch
 Patch3:         coreutils-remove_kill_documentation.patch
 Patch4:         coreutils-i18n.patch
 Patch8:         coreutils-sysinfo.patch
-Patch10:        coreutils-9.7-sort-CVE-2025-5278.patch
 # OBS / RPMLINT require /usr/bin/timeout to be built with the -fpie option.
 Patch100:       coreutils-build-timeout-as-pie.patch
-# There is no network in the build root so make the test succeed
-Patch112:       coreutils-getaddrinfo.patch
 # Assorted fixes
 Patch113:       coreutils-misc.patch
 # Skip 2 valgrind'ed sort tests on ppc/ppc64 which would fail due to
@@ -65,6 +62,8 @@ Patch501:       coreutils-test_without_valgrind.patch
 # tests: skip tests/rm/ext3-perf.sh temporarily as it hangs on OBS.
 Patch810:       coreutils-skip-tests-rm-ext3-perf.patch
 Patch900:       coreutils-tests-workaround-make-fdleak.patch
+# Upstream patch on top of v9.8 for 'tail -nN' for larger N; remove for >v9.8.
+Patch910:       coreutils-9.8-tail-large-num-of-files.patch
 
 BuildRequires:  automake
 BuildRequires:  gmp-devel
@@ -143,16 +142,14 @@ This package contains the documentation for the GNU Core Utilities.
 
 %prep
 %setup -q -n coreutils-%{version}
-%patch -P 4 -p1
+%patch -P 4
 %patch -P 1
 %patch -P 3
 %patch -P 8
-%patch -P 10 -p1
 #
 %if 0%{?suse_version} <= 1320
 %patch -P 100
 %endif
-%patch -P 112
 %patch -P 113
 
 %patch -P 300
@@ -168,6 +165,7 @@ This package contains the documentation for the GNU Core Utilities.
 
 %patch -P 810
 %patch -P 900
+%patch -P 910
 
 # ================================================
 %build