pool/patch
SHA256
2
0
Fork 2
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Version 2.7.1

Browse Source 
+ Patch no longer gets a failed assertion for certain mangled
    patches.
  + Ignore destination file names that are absolute or that contain
    a component of "..", except when working in the root directory.
    This addresses CVE-2010-4651.
  + Support for most features of the "diff --git" format, including
    renames and copies, permission changes, and symlink diffs.
    Binary diffs are not supported yet; patch will complain and
    skip them.
  + Support for double-quoted filenames: when a filename starts
    with a double quote, it is interpreted as a C string literal.
    The escape sequences \\, \", \a, \b, \f, \n, \r, \t, \v, and
    \ooo (a three-digit octal number between 0 and 255) are
    recognized.
  + Refuse to apply a normal patch to a symlink. (Previous versions
    of patch were replacing the symlink with a regular file.)
  + New --follow-symlinks option to allow to treat symlinks as
    files: this was patch's behavior before version 2.7.
  + When trying to modify a read-only file, warn about the
    potential problem by default. The --read-only command line
    option allows to change this behavior.
  + Files to be deleted are deleted once the entire input has been
    processed, not immediately. This fixes a bug with numbered
    backup files.
  + When a timestamp specifies a time zone, honor that instead of
    assuming the local time zone (--set-date) or Universal
    Coordinated Time (--set-utc).
  + Support for nanosecond precision timestamps.
  + Many bug fixes.
  + Clarify the message printed when a patch is expected to empty
    out and delete a file, but the file does not become empty.
  + Various improvements to messages when applying a patch to a
    file of different type (regular file vs. symlink), when there
    are line ending differences (LF vs. CRLF), and when in
    --dry-run mode.
  + Ignore when extended attributes cannot be preserved because
    they are unsupported or because permission to set them is
    denied.
- patch-revert-e0f70752.patch: Dropped, original bug fixed
  upstream.
- patch-stdio.in.patch: Dropped, merged upstream.

OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=35
This commit is contained in:
Jean Delvare 2012-12-06 14:43:28 +00:00 committed by Git OBS Bridge
parent 2c113766b1
commit 89dd502416
6 changed files with 53 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
patch-2.6.1.136-31a7.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:a20be53db3610f050dcac8b3f3e1e638c0a722e118a3443b205bb23e24fff7e5
size 705888

3
patch-2.7.1.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:9124ba46db0abd873d0995c2ca880e81252676bb6c03e0a37dfc5f608a9b0ceb
size 675896

64
patch-revert-e0f70752.patch
View File

@ -1,64 +0,0 @@
References: bnc#755136
Revert upstream commit e0f707523cab26f74ec23f4a20a27add8702ed5b.
--- patch-2.6.1.136-31a7.orig/src/pch.c
+++ patch-2.6.1.136-31a7/src/pch.c
@@ -379,18 +379,11 @@ skip_hex_digits (char const *str)
static bool
name_is_valid (char const *name)
{
- static char const *bad[2];
- char const *n;
-
- if (bad[0] && ! strcmp (bad[0], name))
- return false;
- if (bad[1] && ! strcmp (bad[1], name))
- return false;
+ const char *n = name;
if (IS_ABSOLUTE_FILE_NAME (name))
{
say ("Ignoring potentially dangerous file name %s\n", quotearg (name));
- bad[!! bad[0]] = name;
return false;
}
for (n = name; *n; )
@@ -398,7 +391,6 @@ name_is_valid (char const *name)
if (*n == '.' && *++n == '.' && ( ! *++n || ISSLASH (*n)))
{
say ("Ignoring potentially dangerous file name %s\n", quotearg (name));
- bad[!! bad[0]] = name;
return false;
}
while (*n && ! ISSLASH (*n))
--- patch-2.6.1.136-31a7.orig/tests/bad-filenames
+++ patch-2.6.1.136-31a7/tests/bad-filenames
@@ -114,27 +114,3 @@ echo 1 > g
check 'patch -f -p1 --dry-run < d.diff || echo status: $?' <<EOF
patching file g
EOF
-
-mkdir d
-cd d
-cat > d.diff <<EOF
---- ../h
-+++ ../h
-@@ -0,0 +1 @@
-+x
-EOF
-
-touch ../h
-check 'patch -f -p0 < d.diff || echo status: $?' <<EOF
-Ignoring potentially dangerous file name ../h
-can't find file to patch at input line 3
-Perhaps you used the wrong -p or --strip option?
-The text leading up to this was:
---------------------------
-|--- ../h
-|+++ ../h
---------------------------
-No file to patch. Skipping patch.
-1 out of 1 hunk ignored
-status: 1
-EOF

14
patch-stdio.in.patch
View File

@ -1,14 +0,0 @@
Index: patch-2.6.1.136-31a7/lib/stdio.in.h
===================================================================
--- patch-2.6.1.136-31a7.orig/lib/stdio.in.h
+++ patch-2.6.1.136-31a7/lib/stdio.in.h
@@ -164,7 +164,9 @@ _GL_WARN_ON_USE (fflush, "fflush is not
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
#undef gets
+#if HAVE_RAW_DECL_GETS
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
+#endif
#if @GNULIB_FOPEN@
# if @REPLACE_FOPEN@

46
patch.changes
View File

@ -1,3 +1,49 @@
-------------------------------------------------------------------
Thu Dec 6 15:34:14 CET 2012 - jdelvare@suse.de
- Version 2.7.1
+ Patch no longer gets a failed assertion for certain mangled
patches.
+ Ignore destination file names that are absolute or that contain
a component of "..", except when working in the root directory.
This addresses CVE-2010-4651.
+ Support for most features of the "diff --git" format, including
renames and copies, permission changes, and symlink diffs.
Binary diffs are not supported yet; patch will complain and
skip them.
+ Support for double-quoted filenames: when a filename starts
with a double quote, it is interpreted as a C string literal.
The escape sequences \\, \", \a, \b, \f, \n, \r, \t, \v, and
\ooo (a three-digit octal number between 0 and 255) are
recognized.
+ Refuse to apply a normal patch to a symlink. (Previous versions
of patch were replacing the symlink with a regular file.)
+ New --follow-symlinks option to allow to treat symlinks as
files: this was patch's behavior before version 2.7.
+ When trying to modify a read-only file, warn about the
potential problem by default. The --read-only command line
option allows to change this behavior.
+ Files to be deleted are deleted once the entire input has been
processed, not immediately. This fixes a bug with numbered
backup files.
+ When a timestamp specifies a time zone, honor that instead of
assuming the local time zone (--set-date) or Universal
Coordinated Time (--set-utc).
+ Support for nanosecond precision timestamps.
+ Many bug fixes.
+ Clarify the message printed when a patch is expected to empty
out and delete a file, but the file does not become empty.
+ Various improvements to messages when applying a patch to a
file of different type (regular file vs. symlink), when there
are line ending differences (LF vs. CRLF), and when in
--dry-run mode.
+ Ignore when extended attributes cannot be preserved because
they are unsupported or because permission to set them is
denied.
- patch-revert-e0f70752.patch: Dropped, original bug fixed
upstream.
- patch-stdio.in.patch: Dropped, merged upstream.
-------------------------------------------------------------------
Tue Jul 17 08:40:27 UTC 2012 - aj@suse.de

13
patch.spec
View File

@ -16,21 +16,18 @@
#
Url: ftp://alpha.gnu.org/gnu/diffutils/
%define hash -31a7
Url: http://ftp.gnu.org/gnu/patch/
Name: patch
# See bnc#662957. The fix for CVE-2010-4651 breaks the way interdiff was
# invoking patch, so interdiff had to be fixed too.
Conflicts: patchutils < 0.3.2
Version: 2.6.1.136
Version: 2.7.1
Release: 0
Summary: GNU patch
License: GPL-3.0+
Group: Productivity/Text/Utilities
Source: ftp://alpha.gnu.org/gnu/patch/patch-%version%hash.tar.bz2
Patch1: patch-revert-e0f70752.patch
Patch2: patch-stdio.in.patch
Source: http://ftp.gnu.org/gnu/patch/patch-%version.tar.xz
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
@ -45,9 +42,7 @@ Authors:
Paul Eggert
%prep
%setup -q -n patch-%version%hash
%patch1 -p1
%patch2 -p1
%setup -q
%build
export CFLAGS="$RPM_OPT_FLAGS -Wall -O2 -pipe"