diff --git a/fish-3.6.1.tar.xz b/fish-3.6.1.tar.xz deleted file mode 100644 index 75200f7..0000000 --- a/fish-3.6.1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:55402bb47ca6739d8aba25e41780905b5ce1bce0a5e0dd17dca908b5bc0b49b2 -size 2866100 diff --git a/fish-3.6.1.tar.xz.asc b/fish-3.6.1.tar.xz.asc deleted file mode 100644 index 2c21874..0000000 --- a/fish-3.6.1.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEEnh3gZzzMAykZ0YUmwLlpspdOiI4FAmQepKUACgkQwLlpspdO -iI6eng//Qqwhjwy6nwIXM4F0Pssx9wtTyDKdQiOZUCD+r74/LTghetJ4xSyz+7TW -rs1AvNjQCCN5fRGqN1WbUL6OWiSk0mWKrzvvZEkplr9AH96o4r+5SuH5bh1k4koT -AS3dSOQAf9xGNr/SHLY3lz+i+905Yq6Aa6p7+2wN+WOg7pUwdmLsZFBOXW0uvv7m -qjp6GqZNly3f4JIWiQzNwT2xopg2zOTwyRodiv+nHjHGHmfaAgWt2vkp3dJ9p3JO -zxkU6md8qbOX2hI6o7hxICtx+r54AGtO4qLtVEGyUVwWPuBQyUtRmBxTBmcl/h+N -EjfB0QqauHf0E/oqczZh+Eq0lf63+zprAZdKd/X2Va2zDEX8B8RTYiwru55Fv/Gl -kKx8gDfDKDyINqMo/pyO3kkOJsUBaLxNHPW39stb9tXy1RnIIhZOCQzlvQ7Zx4Mo -HDiVW92A/aZpHgeGwtNCi6LYDSpwjgdrmuUUsOtdzqzBHvfQfZpNWc9KCP0Jj8qv -XWZNVWKi9c5uBK71ruSK8emwNHYHaRZxCEZa44mIvWIdgIGkwBSmLJyjO4X+DH9m -puGwbucoUNyaBalZs3kR/fwvicGMELC6l0H2XklqeJkfBF5OWWqsVBVy6dsaK6kp -Y/UKUD4y/sT2e9ImKeA6W2tWfpv2b4QZ08RHbzNRB1hJCBvG37U= -=dAZn ------END PGP SIGNATURE----- diff --git a/fish-3.6.4.tar.xz b/fish-3.6.4.tar.xz new file mode 100644 index 0000000..2d96838 --- /dev/null +++ b/fish-3.6.4.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:0f3f610e580de092fbe882c8aa76623ecf91bb16fdf0543241e6e90d5d4bc393 +size 2911364 diff --git a/fish-3.6.4.tar.xz.asc b/fish-3.6.4.tar.xz.asc new file mode 100644 index 0000000..7bfdafb --- /dev/null +++ b/fish-3.6.4.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEnh3gZzzMAykZ0YUmwLlpspdOiI4FAmVvM/MACgkQwLlpspdO +iI5Tnw/+LaEsY3oiE3WPLgoDphzZ93T/qq7E5v4Xdna9k+stvujCykKCuVzbiQ2i +kr1ISa2nobYmMN73Fbpxc9hiISwaG47Wz3nZuIDmKRsEonzxRA8YY8NqobJ3yXH5 +UtIdwzhR3nY91a4py8fBt/jjUXGK+W5RvbHSaP3i3hHQZaSQPlOZ7B3aByhtkYSt +9HIZAUBM1FshLmuaGOJFzTvmutOvlvf4z0Bt147biE+wogdhaaGTEfrlkKml3TbK +kBPIjTUAHFMPkZ+XjSPyzsCCD+zvyW9oDSuuXhYvmpGUOSAd+4Efmcp6zVNewAlV +el94tDhRxLBpm1J42hQO2ie/zMtbx8zBBZ4jqB1YdoqoR1a9ELFlTcOGEY0cPxVg +bb1cZ4K+XgLMHCVWEUWV9nNRCcaup5Uydr09CH/aQOdlt+is6M0Gl/iKZnOnx4Mr +yeq4bDnc487UbJoIw4WTsNH9muHPD1Z2qNUvtmDhbkTdFxDUkh0TpFa7de+gqKJI +DKtaN8fqsGzw7B4+xY7VlnLUePJNgZ6lrlA9XgRwuOa1quhdAt+AVAoF0MB2bSLv +EGB7FJ3ID78bbznf8EOrKM4lPCJcVv6093cuE+SSNSiQv90wjgm4a46yHnYYCjNG +nfFTtKDw0NjgXZWlxnfDk0Xj4QHqv5BTD6jbtvV97vbFWwbojpY= +=mUGV +-----END PGP SIGNATURE----- diff --git a/fish.changes b/fish.changes index bafdfbd..44bf051 100644 --- a/fish.changes +++ b/fish.changes @@ -1,3 +1,35 @@ +------------------------------------------------------------------- +Wed Dec 6 12:42:56 UTC 2023 - Dan Čermák + +- New upstream release 3.6.4 + + * This release contains a complete fix for the test suite failure in fish + 3.6.2 and 3.6.3. + +- New upstream release 3.6.3 + + * This release contains a fix for a test suite failure in fish 3.6.2. + +- New upstream release 3.6.2 + + This release of fish contains a security fix for CVE-2023-49284, a minor security problem identified + in fish 3.6.1 and previous versions (thought to affect all released versions of fish). + + fish uses certain Unicode non-characters internally for marking wildcards and expansions. It + incorrectly allowed these markers to be read on command substitution output, rather than + transforming them into a safe internal representation. + + For example, ``echo \UFDD2HOME`` has the same output as ``echo $HOME``. + + While this may cause unexpected behavior with direct input, this may become a minor security problem + if the output is being fed from an external program into a command substitution where this output + may not be expected. (bsc#1217808, CVE-2023-49284) + +------------------------------------------------------------------- +Tue Dec 5 08:08:21 UTC 2023 - Dan Čermák + +- Enable tests + ------------------------------------------------------------------- Tue Oct 17 08:40:39 UTC 2023 - Matej Cepl diff --git a/fish.spec b/fish.spec index 27a656b..8fa796b 100644 --- a/fish.spec +++ b/fish.spec @@ -17,10 +17,11 @@ Name: fish -Version: 3.6.1 +Version: 3.6.4 Release: 0 Summary: The "friendly interactive shell" -License: GPL-2.0-only +# see bundled doc_src/license.rst +License: GPL-2.0-only AND BSD-3-Clause AND ISC AND LGPL-2.0-or-later AND MIT AND PSF-2.0 Group: System/Shells URL: https://fishshell.com/ Source: https://github.com/fish-shell/fish-shell/releases/download/%{version}/fish-%{version}.tar.xz @@ -35,6 +36,8 @@ BuildRequires: ncurses-devel BuildRequires: pcre2-devel >= 10.21 BuildRequires: pkgconfig BuildRequires: update-desktop-files +# for tests +BuildRequires: procps Requires: awk Requires: bc Requires: man @@ -75,17 +78,22 @@ rm %{buildroot}/%{_datadir}/doc/fish/.buildinfo %suse_update_desktop_file -G "Command-line interpreter" fish TerminalEmulator +%check +pushd build +%make_build test +popd + %post # Add fish to the list of allowed shells in /etc/shells if ! grep -q '^%{_bindir}/%{name}$' %{_sysconfdir}/shells; then - echo %{_bindir}/%{name} >>%{_sysconfdir}/shells + echo %{_bindir}/%{name} >>%{_sysconfdir}/shells fi %postun # Remove fish from the list of allowed shells in /etc/shells if [ "$1" = 0 ]; then - grep -v '^%{_bindir}/%{name}$' %{_sysconfdir}/shells >%{_sysconfdir}/%{name}.tmp - mv %{_sysconfdir}/%{name}.tmp %{_sysconfdir}/shells + grep -v '^%{_bindir}/%{name}$' %{_sysconfdir}/shells >%{_sysconfdir}/%{name}.tmp + mv %{_sysconfdir}/%{name}.tmp %{_sysconfdir}/shells fi %files -f %{name}.lang