Accepting request 909533 from home:dirkmueller:Factory

- update to 6.2.9: - Fixed potential buffer overflow in pgnload and pgnreplay (CVE-2021-30184) - drop txtJ07eHdR0m6.patch (upstream) OBS-URL: https://build.opensuse.org/request/show/909533 OBS-URL: https://build.opensuse.org/package/show/games/gnuchess?expand=0&rev=39
2021-07-31 17:01:13 +00:00 · 2021-07-31 17:01:13 +00:00 · d93ac041f8
commit d93ac041f8
parent 509d64775a
8 changed files with 27 additions and 57 deletions
--- a/gnuchess-6.2.8.tar.gz
+++ b/gnuchess-6.2.8.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d50446cda8012240321da39cddbb4df4d08458a8d538a4738882814139583847
-size 804080
--- a/gnuchess-6.2.8.tar.gz.sig
+++ b/gnuchess-6.2.8.tar.gz.sig
@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-Version: GnuPG v2
-
-iQEcBAABCAAGBQJgmAsIAAoJEEOsf/k87VprVEsH/jdhoKdbn0Z3aXJLIi3xKMx4
-SyGpY4ZyOayMCjbszPOfNY2PoiT+AvU1mMmjsZYu+nDm/MAzaJl71iMNQXK7dkIn
-0RnDIyP/Zkf4kjhtxn25AjPs7SBwqP5g7soHBAANDAKGQb3kfGRiRrk5hQQ4kIxe
-rjFr/lO40QBd1OHPnXVV7+cVaHNAKtnOIUdibXE36a+IBcgCoDZGGVwylvSy/dLw
-tglFZDcMvq98PN2yO0QSqN7WqMrq+IsaoP5UeLmsZWxhZfTm9BwkP1IDn1uyQLQk
-7xC+hSWFANkOqjcPbYYNTaAHNYDnTLUn5okjcZNBtkKLYuTQZTZpJqhVnAHrxn0=
-=GWC8
-----END PGP SIGNATURE-----
--- a/gnuchess-6.2.9.tar.gz
+++ b/gnuchess-6.2.9.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:ddfcc20bdd756900a9ab6c42c7daf90a2893bf7f19ce347420ce36baebc41890
+size 802697
--- a/gnuchess-6.2.9.tar.gz.sig
+++ b/gnuchess-6.2.9.tar.gz.sig
@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2
+
+iQEcBAABCAAGBQJg7hQNAAoJEEOsf/k87VprJFgIAKEY/80e19y56lhqnpngDv+v
+x6kwkz5RxQ6iR52nUJ1YUSDewlw+BKe1OsTnmvmR2fm7gg9wDhJRP8HerqCIv3oS
+wz/syH1KBgCtlO45jeFO2+6goiXc5li7pCeFWujm78ZBkzzo/vppyYbbrO5oaRHh
+Cu6EaZFdLyL1u7o0EY9qKuTVRnJwL7kpdDnmBR2jyK5Yab9MRMfsn8SGanOitTJb
+0KWkOtHl5wOuBPW6/kkZXXUlTF0pFtYKeeDygW9DW0BBAOK0tZMKHaXghkQ+4jro
+Frir0fpYmxpzF/5m7pSHIMoQk1v7AbwLL1+Sr+/wX8ARDhp/ierS8M8cXuVChdw=
+=siQc
+-----END PGP SIGNATURE-----
--- a/gnuchess.changes
+++ b/gnuchess.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Sat Jul 31 15:57:21 UTC 2021 - Dirk Müller <dmueller@suse.com>
+
+- update to 6.2.9:
+  - Fixed potential buffer overflow in pgnload and pgnreplay (CVE-2021-30184)
+- drop txtJ07eHdR0m6.patch (upstream)
+
 -------------------------------------------------------------------
 Fri May 14 12:42:17 UTC 2021 - Ferdinand Thiessen <rpm@fthiessen.de>

--- a/gnuchess.keyring
+++ b/gnuchess.keyring
@ -1,3 +1,8 @@
+Member GPG keyring of chess group.
+
+Note that this keyring is not intended for checking releases of that group.
+Use Group Release Keyring instead.
+
 GPG keys of Stuart Cracraft <smcracraft>
 -----BEGIN PGP PUBLIC KEY BLOCK-----
 Version: GnuPG v1.4.7 (Darwin)
--- a/gnuchess.spec
+++ b/gnuchess.spec
@ -17,7 +17,7 @@


 Name:           gnuchess
-Version:        6.2.8
+Version:        6.2.9
 Release:        0
 Summary:        GNU Chess Program
 License:        GPL-3.0-or-later
@ -31,10 +31,6 @@ Source2:        book_1.02.pgn.bz2
 Source3:        genbook.sh
 Source4:        xgnuchess
 Source5:        http://savannah.gnu.org/project/memberlist-gpgkeys.php?group=chess&download=1#/gnuchess.keyring
-# PATCH-FIX-UPSTREAM txtJ07eHdR0m6.patch CVE-2021-30184 mcepl@suse.com
-# https://lists.gnu.org/archive/html/bug-gnu-chess/2021-04/msg00000.html
-# Patch from https://src.fedoraproject.org/rpms/gnuchess/c/bb2dd55d0daf.patch
-Patch0:         txtJ07eHdR0m6.patch
 BuildRequires:  expect
 BuildRequires:  gcc-c++
 BuildRequires:  gettext-devel
--- a/txtJ07eHdR0m6.patch
+++ b/txtJ07eHdR0m6.patch
@ -1,38 +0,0 @@
---
- src/frontend/cmd.cc |   18 ++++++++++++++----
- 1 file changed, 14 insertions(+), 4 deletions(-)
-
--- a/src/frontend/cmd.cc
-+++ b/src/frontend/cmd.cc
-@@ -480,8 +480,13 @@ void cmd_pgnload(void)
-   strcpy( data, "setboard " );
-   int i=0;
-   while ( epdline[i] != '\n' ) {
-    data[i+9] = epdline[i];
-    ++i;
-+    if ((i + 9) < MAXSTR - 1) {
-+        data[i+9] = epdline[i];
-+        ++i;
-+    } else {
-+        printf(_("Error reading contents of file '%s'.\n"), token[1]);
-+        break;
-+    }
-   }
-   data[i+9] = '\0';
-   SetDataToEngine( data );
-@@ -504,8 +509,13 @@ void cmd_pgnreplay(void)
-   strcpy( data, "setboard " );
-   int i=0;
-   while ( epdline[i] != '\n' ) {
-    data[i+9] = epdline[i];
-    ++i;
-+    if ((i + 9) < MAXSTR - 1) {
-+        data[i+9] = epdline[i];
-+        ++i;
-+    } else {
-+        printf(_("Error reading contents of file '%s'.\n"), token[1]);
-+        break;
-+    }
-   }
-   data[i+9] = '\0';
-