0c9f15e1a7
- fix-swapping-fake-lines-in-pch_swap.patch: Fix swapping fake lines in pch_swap. This bug was causing a double free leading to a crash (boo#1080985 CVE-2018-6952). - abort-when-cleaning-up-fails.patch: Abort when cleaning up fails. This bug could cause an infinite loop when a patch wouldn't apply, leading to a segmentation fault (boo#1111572). - dont-follow-symlinks-unless-asked.patch: Don't follow symlinks unless --follow-symlinks is given. This increases the security against malicious patches (boo#1142041 CVE-2019-13636). - pass-the-correct-stat-to-backup-files.patch: Pass the correct stat to backup files. This bug would occasionally cause backup files to be missing when all hunks failed to apply (boo#1198106).
Jean Delvare2022-05-10 16:59:21 +00:00
426cdf1224
- fix-swapping-fake-lines-in-pch_swap.patch: Fix swapping fake lines in pch_swap. This bug was causing a double free leading to a crash (boo#1080985 CVE-2018-6952). - abort-when-cleaning-up-fails.patch: Abort when cleaning up fails. This bug could cause an infinite loop when a patch wouldn't apply, leading to a segmentation fault (boo#1111572). - dont-follow-symlinks-unless-asked.patch: Don't follow symlinks unless --follow-symlinks is given. This increases the security against malicious patches (boo#1142041 CVE-2019-13636). - pass-the-correct-stat-to-backup-files.patch: Pass the correct stat to backup files. This bug would occasionally cause backup files to be missing when all hunks failed to apply (boo#1198106).
Jean Delvare2022-05-10 16:59:21 +00:00
7f7fcb70a3
- Add ed as BuildRequires so ed-style patches can be checked by the test suite.
Jean Delvare2018-04-18 09:18:05 +00:00
8b7eb4e529
- Add ed as BuildRequires so ed-style patches can be checked by the test suite.
Jean Delvare2018-04-18 09:18:05 +00:00
113fbdee3e
Fix CVE-2018-1000156 (bsc#1088420, savannah#53566). - ed-style-01-missing-input-files.patch: Allow input files to be missing for ed-style patches. - ed-style-02-fix-arbitrary-command-execution.patch, ed-style-03-update-test-Makefile.patch: Fix arbitrary command execution in ed-style patches. - ed-style-04-invoke-ed-directly.patch: Invoke ed directly instead of using the shell. - ed-style-05-minor-cleanups.patch: Minor cleanups in do_ed_script. - ed-style-06-fix-test-failure.patch: Fix 'ed-style' test failure.
Jean Delvare2018-04-18 08:58:17 +00:00
bdb962594f
Fix CVE-2018-1000156 (bsc#1088420, savannah#53566). - ed-style-01-missing-input-files.patch: Allow input files to be missing for ed-style patches. - ed-style-02-fix-arbitrary-command-execution.patch, ed-style-03-update-test-Makefile.patch: Fix arbitrary command execution in ed-style patches. - ed-style-04-invoke-ed-directly.patch: Invoke ed directly instead of using the shell. - ed-style-05-minor-cleanups.patch: Minor cleanups in do_ed_script. - ed-style-06-fix-test-failure.patch: Fix 'ed-style' test failure.
Jean Delvare2018-04-18 08:58:17 +00:00
652a1be131
- patch 2.7.5 Fixes a functional regression introduced by the previous update. + Patching through symbolic links works again, as long as the target is within the working tree.
Jean Delvare2015-03-07 09:46:19 +00:00
4d7c68c884
- patch 2.7.5 Fixes a functional regression introduced by the previous update. + Patching through symbolic links works again, as long as the target is within the working tree.
Jean Delvare2015-03-07 09:46:19 +00:00
aca5b2b799
- patch 2.7.4 Fixes a functional regression introduced by the previous security fix. The security fix would forbid legitimate use cases of relative symbolic links. [boo#918058] + Allow arbitrary symlink targets again. + Do not change permissions if there isn't an explicit mode change. + Fix indentation heuristic for context diffs. - Please also note that the previous update fixed security bugs boo#915328 and boo#915329 even though it did not say so.
Jean Delvare2015-02-16 14:06:29 +00:00
24b704fdda
- patch 2.7.4 Fixes a functional regression introduced by the previous security fix. The security fix would forbid legitimate use cases of relative symbolic links. [boo#918058] + Allow arbitrary symlink targets again. + Do not change permissions if there isn't an explicit mode change. + Fix indentation heuristic for context diffs. - Please also note that the previous update fixed security bugs boo#915328 and boo#915329 even though it did not say so.
Jean Delvare2015-02-16 14:06:29 +00:00
88d552055b
- reject-print-function-01-drop-useless-test.patch: Drop useless test in another_hunk(). - reject-print-function-02-handle-unified-format.patch: Preserve C function name in unified rejects (bnc#904519).
Jean Delvare2014-11-10 10:38:51 +00:00
7b75a1bdad
- reject-print-function-01-drop-useless-test.patch: Drop useless test in another_hunk(). - reject-print-function-02-handle-unified-format.patch: Preserve C function name in unified rejects (bnc#904519).
Jean Delvare2014-11-10 10:38:51 +00:00
c27d19435f
Accepting request 236123 from devel:tools
Stephan Kulow
2014-06-18 20:04:30 +00:00
692809ef87
Accepting request 236123 from devel:tools
Stephan Kulow
2014-06-18 20:04:30 +00:00
3a734d31a8
Accepting request 234823 from home:Andreas_Schwab:Factory
Jean Delvare2014-06-03 08:28:09 +00:00
29b54186ef
Accepting request 234823 from home:Andreas_Schwab:Factory
Jean Delvare2014-06-03 08:28:09 +00:00
561fe96475
Accepting request 144605 from devel:tools
Stephan Kulow
2012-12-10 11:20:28 +00:00
713a184062
Accepting request 144605 from devel:tools
Stephan Kulow
2012-12-10 11:20:28 +00:00
0c36e4a3d8
- Back to bz2 archive format as old products lack xz.
Jean Delvare2012-12-06 15:20:24 +00:00
6c54744f38
- Back to bz2 archive format as old products lack xz.
Jean Delvare2012-12-06 15:20:24 +00:00
89dd502416
- Version 2.7.1 + Patch no longer gets a failed assertion for certain mangled patches. + Ignore destination file names that are absolute or that contain a component of "..", except when working in the root directory. This addresses CVE-2010-4651. + Support for most features of the "diff --git" format, including renames and copies, permission changes, and symlink diffs. Binary diffs are not supported yet; patch will complain and skip them. + Support for double-quoted filenames: when a filename starts with a double quote, it is interpreted as a C string literal. The escape sequences \\, \", \a, \b, \f, \n, \r, \t, \v, and \ooo (a three-digit octal number between 0 and 255) are recognized. + Refuse to apply a normal patch to a symlink. (Previous versions of patch were replacing the symlink with a regular file.) + New --follow-symlinks option to allow to treat symlinks as files: this was patch's behavior before version 2.7. + When trying to modify a read-only file, warn about the potential problem by default. The --read-only command line option allows to change this behavior. + Files to be deleted are deleted once the entire input has been processed, not immediately. This fixes a bug with numbered backup files. + When a timestamp specifies a time zone, honor that instead of assuming the local time zone (--set-date) or Universal Coordinated Time (--set-utc). + Support for nanosecond precision timestamps. + Many bug fixes. + Clarify the message printed when a patch is expected to empty out and delete a file, but the file does not become empty. + Various improvements to messages when applying a patch to a file of different type (regular file vs. symlink), when there are line ending differences (LF vs. CRLF), and when in --dry-run mode. + Ignore when extended attributes cannot be preserved because they are unsupported or because permission to set them is denied. - patch-revert-e0f70752.patch: Dropped, original bug fixed upstream. - patch-stdio.in.patch: Dropped, merged upstream.
Jean Delvare2012-12-06 14:43:28 +00:00
49097950ce
- Version 2.7.1 + Patch no longer gets a failed assertion for certain mangled patches. + Ignore destination file names that are absolute or that contain a component of "..", except when working in the root directory. This addresses CVE-2010-4651. + Support for most features of the "diff --git" format, including renames and copies, permission changes, and symlink diffs. Binary diffs are not supported yet; patch will complain and skip them. + Support for double-quoted filenames: when a filename starts with a double quote, it is interpreted as a C string literal. The escape sequences \\, \", \a, \b, \f, \n, \r, \t, \v, and \ooo (a three-digit octal number between 0 and 255) are recognized. + Refuse to apply a normal patch to a symlink. (Previous versions of patch were replacing the symlink with a regular file.) + New --follow-symlinks option to allow to treat symlinks as files: this was patch's behavior before version 2.7. + When trying to modify a read-only file, warn about the potential problem by default. The --read-only command line option allows to change this behavior. + Files to be deleted are deleted once the entire input has been processed, not immediately. This fixes a bug with numbered backup files. + When a timestamp specifies a time zone, honor that instead of assuming the local time zone (--set-date) or Universal Coordinated Time (--set-utc). + Support for nanosecond precision timestamps. + Many bug fixes. + Clarify the message printed when a patch is expected to empty out and delete a file, but the file does not become empty. + Various improvements to messages when applying a patch to a file of different type (regular file vs. symlink), when there are line ending differences (LF vs. CRLF), and when in --dry-run mode. + Ignore when extended attributes cannot be preserved because they are unsupported or because permission to set them is denied. - patch-revert-e0f70752.patch: Dropped, original bug fixed upstream. - patch-stdio.in.patch: Dropped, merged upstream.
Jean Delvare2012-12-06 14:43:28 +00:00
5e8bb3b532
Accepting request 133232 from devel:tools
Stephan Kulow
2012-09-13 05:07:24 +00:00
32774d89cf
Accepting request 133232 from devel:tools
Stephan Kulow
2012-09-13 05:07:24 +00:00
2c113766b1
- patch-stdio.in.patch: Fix build with missing gets declaration (glibc 2.16)
Stephan Kulow
2012-09-07 12:46:28 +00:00
ec5558e36c
- patch-stdio.in.patch: Fix build with missing gets declaration (glibc 2.16)
Stephan Kulow
2012-09-07 12:46:28 +00:00
d6b22c081d
Accepting request 128103 from home:a_jaeger:FactoryFix
Dirk Mueller2012-08-07 07:30:43 +00:00
ac9f68b375
Accepting request 128103 from home:a_jaeger:FactoryFix
Dirk Mueller2012-08-07 07:30:43 +00:00
744f4fc71c
Accepting request 113094 from devel:tools
Stephan Kulow
2012-04-12 07:44:52 +00:00
01e244eb52
Accepting request 113094 from devel:tools
Stephan Kulow
2012-04-12 07:44:52 +00:00
Jean Delvare
Ana Guerrero
Dominique Leuenberger
Martin Pluskal
Stephan Kulow
Dirk Mueller