Accepting request 35527 from Base:System

checked in (request 35527) OBS-URL: https://build.opensuse.org/request/show/35527 OBS-URL: https://build.opensuse.org/package/show/Base:System/tar?expand=0&rev=16
2010-03-26 01:16:16 +00:00 · 2010-03-26 01:16:16 +00:00 · 2827f691c9
commit 2827f691c9
parent 5e292cf8d8
11 changed files with 102 additions and 67 deletions
--- a/tar-1.22-fortifysourcessigabrt.patch
+++ b/tar-1.22-fortifysourcessigabrt.patch
@ -1,8 +1,8 @@
-Index: tar-1.23/src/create.c
+Index: tar-1.21/src/create.c
 ===================================================================
--- tar-1.23.orig/src/create.c
-+++ tar-1.23/src/create.c
-@@ -530,8 +530,8 @@ start_private_header (const char *name,
+--- tar-1.21.orig/src/create.c
+++ tar-1.21/src/create.c
+@@ -532,8 +532,8 @@ start_private_header (const char *name,
   GID_TO_CHARS (getgid (), header->header.gid);
   MAJOR_TO_CHARS (0, header->header.devmajor);
   MINOR_TO_CHARS (0, header->header.devminor);
@ -13,7 +13,7 @@ Index: tar-1.23/src/create.c
   return header;
 }
 
-@@ -575,7 +575,10 @@ write_gnu_long_link (struct tar_stat_inf
+@@ -577,7 +577,10 @@ write_gnu_long_link (struct tar_stat_inf
   GNAME_TO_CHARS (tmpname, header->header.gname);
   free (tmpname);
 
@ -25,7 +25,7 @@ Index: tar-1.23/src/create.c
   header->header.typeflag = type;
   finish_header (st, header, -1);
 
-@@ -910,15 +913,19 @@ start_header (struct tar_stat_info *st)
+@@ -907,15 +910,19 @@ start_header (struct tar_stat_info *st)
       break;
 
     case OLDGNU_FORMAT:
--- a/tar-1.22.tar.bz2
+++ b/tar-1.22.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3cefb67f197a3f8f5235999fe749ced0889466a71ddcbc96fddca84e5d53aa4d
+size 2094575
--- a/tar-1.23.tar.bz2
+++ b/tar-1.23.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:c9328372db62fbb1d94c9e4e3cefc961111af46de47085b635359c00a0eebe36
-size 2189324
--- a/tar-disable-listed02-test.diff
+++ b/tar-disable-listed02-test.diff
@ -0,0 +1,10 @@
+--- tar-1.15.1/tests/testsuite.at
+++ tar-1.15.1/tests/testsuite.at
+@@ -87,7 +87,6 @@
+ m4_include([incr01.at])
+ m4_include([incr02.at])
+ m4_include([listed01.at])
+-m4_include([listed02.at])
+ m4_include([incr03.at])
+ m4_include([incr04.at])
+ m4_include([rename01.at])
--- a/tar-disable-listed02-test.patch
+++ b/tar-disable-listed02-test.patch
@ -1,12 +0,0 @@
-Index: tar-1.23/tests/testsuite.at
-===================================================================
--- tar-1.23.orig/tests/testsuite.at
-+++ tar-1.23/tests/testsuite.at
-@@ -157,7 +157,6 @@ m4_include([incremental.at])
- m4_include([incr01.at])
- m4_include([incr02.at])
- m4_include([listed01.at])
-m4_include([listed02.at])
- m4_include([incr03.at])
- m4_include([incr04.at])
- m4_include([incr05.at])
--- a/tar-disable_languages.patch
+++ b/tar-disable_languages.patch
@ -1,9 +1,9 @@
 Disable the languages, which don't have yet a path in /usr/share/locale/

-Index: tar-1.23/po/LINGUAS
+Index: tar-1.20/po/LINGUAS
 ===================================================================
--- tar-1.23.orig/po/LINGUAS
-+++ tar-1.23/po/LINGUAS
+--- tar-1.20.orig/po/LINGUAS
+++ tar-1.20/po/LINGUAS
@@ -16,7 +16,6 @@ id
 it
 ja
--- a/tar-heap_overflow_in_rtapelib.patch
+++ b/tar-heap_overflow_in_rtapelib.patch
@ -0,0 +1,52 @@
+From 9bc39283e4cc6ab9e5913ccbf766998eab4ff093 Mon Sep 17 00:00:00 2001
+From: Sergey Poznyakoff <gray@gnu.org.ua>
+Date: Mon, 01 Mar 2010 08:49:03 +0000
+Subject: Bugfixes in rtapelib
+
+* lib/rmt.h (rmtcreat): Use fcntl O_ macros insead of
+their hardcoded values.
+* lib/rtapelib.c (rmt_read__,rmt_ioctl__): Prevent
+potential overflow.
+---
+diff --git a/lib/rmt.h b/lib/rmt.h
+index 50f037c..2ce9dc5 100644
+--- a/lib/rmt.h
+++ b/lib/rmt.h
+@@ -61,7 +61,7 @@ extern bool force_local_option;
+ 
+ #define rmtcreat(dev_name, mode, command) \
+    (_remdev (dev_name) \
+-    ? rmt_open__ (dev_name, 1 | O_CREAT, __REM_BIAS, command) \
+    ? rmt_open__ (dev_name, O_CREAT | O_WRONLY, __REM_BIAS, command) \
+     : creat (dev_name, mode))
+ 
+ #define rmtlstat(dev_name, muffer) \
+diff --git a/lib/rtapelib.c b/lib/rtapelib.c
+index 02ad1e7..cb645db 100644
+--- a/lib/rtapelib.c
+++ b/lib/rtapelib.c
+@@ -573,7 +573,8 @@ rmt_read__ (int handle, char *buffer, size_t length)
+ 
+   sprintf (command_buffer, "R%lu\n", (unsigned long) length);
+   if (do_command (handle, command_buffer) == -1
+-      || (status = get_status (handle)) == SAFE_READ_ERROR)
+      || (status = get_status (handle)) == SAFE_READ_ERROR
+      || status > length)
+     return SAFE_READ_ERROR;
+ 
+   for (counter = 0; counter < status; counter += rlen, buffer += rlen)
+@@ -709,6 +710,12 @@ rmt_ioctl__ (int handle, int operation, char *argument)
+ 	    || (status = get_status (handle), status == -1))
+ 	  return -1;
+ 
+	if (status > sizeof (struct mtop))
+	  {
+	    errno = EOVERFLOW;
+	    return -1;
+	  }
+	
+ 	for (; status > 0; status -= counter, argument += counter)
+ 	  {
+ 	    counter = safe_read (READ_SIDE (handle), argument, status);
+--
+cgit v0.8.2.1
--- a/tar-manpage.patch
+++ b/tar-manpage.patch
@ -1,7 +1,7 @@
-Index: tar-1.23/doc/Makefile.am
+Index: tar-1.20/doc/Makefile.am
 ===================================================================
--- tar-1.23.orig/doc/Makefile.am
-+++ tar-1.23/doc/Makefile.am
+--- tar-1.20.orig/doc/Makefile.am
+++ tar-1.20/doc/Makefile.am
@@ -32,6 +32,9 @@ tar_TEXINFOS = \
  sparse.texi\
  value.texi
@ -23,16 +23,16 @@ Index: tar-1.23/doc/Makefile.am
 header.texi: $(top_srcdir)/src/tar.h
 	sed -f $(srcdir)/texify.sed $(top_srcdir)/src/tar.h \
 	  | expand >$@
-Index: tar-1.23/Makefile.am
+Index: tar-1.20/Makefile.am
 ===================================================================
--- tar-1.23.orig/Makefile.am
-+++ tar-1.23/Makefile.am
+--- tar-1.20.orig/Makefile.am
+++ tar-1.20/Makefile.am
@@ -20,7 +20,7 @@
 
 ACLOCAL_AMFLAGS = -I m4
- EXTRA_DIST = ChangeLog.1 Make.rules
-SUBDIRS = doc gnu lib rmt src scripts po tests
-+SUBDIRS = gnu lib rmt src doc scripts po tests
+ EXTRA_DIST = ChangeLog.1 PORTS
+-SUBDIRS = doc lib rmt src scripts po tests
+SUBDIRS = lib rmt src doc scripts po tests
 
 dist-hook: 
- 	$(MAKE) changelog_dir=$(distdir) ChangeLog
+ 	-rm -f $(distdir).cpio
--- a/tar-wildcards.patch
+++ b/tar-wildcards.patch
@ -1,15 +1,19 @@
-Index: tar-1.23/src/names.c
+Index: src/names.c
 ===================================================================
--- tar-1.23.orig/src/names.c
-+++ tar-1.23/src/names.c
-@@ -909,10 +909,6 @@ collect_and_sort_names (void)
-     {
-       if (name->found_count || name->directory)
+RCS file: /cvsroot/tar/tar/src/names.c,v
+retrieving revision 1.60
+diff -p -u -r1.60 names.c
+--- a/src/names.c	20 Jun 2006 15:14:19 -0000	1.60
+++ b/src/names.c	6 Feb 2007 23:02:39 -0000
+@@ -813,10 +813,6 @@ collect_and_sort_names (void)
+       next_name = name->next;
+       if (name->found_count || name->dir_contents)
 	continue;
 -      if (name->matching_flags & EXCLUDE_WILDCARDS)
 -	/* NOTE: EXCLUDE_ANCHORED is not relevant here */
 -	/* FIXME: just skip regexps for now */
 -	continue;
       chdir_do (name->change_dir);
- 
       if (name->name[0] == 0)
+ 	continue;
+
--- a/tar.changes
+++ b/tar.changes
@ -1,25 +1,3 @@
-------------------------------------------------------------------
-Fri Mar 12 16:21:49 UTC 2010 - mseben@novell.com
-
- updated to version 1.23
-  * Improved record size autodetection
-  * Use of lseek on seekable archives
-  * New command line option --warning
-  * New command line option --level
-  * Improved behavior if some files were removed during incremental dumps
-  * Modification times of PAX extended headers
-  * Time references in the --pax-option argument
-  * Augmented environment of the --to-command script
-  * Fix handling of hard link targets by -c --transform
-  * Fix hard links recognition with -c --remove-files
-  * Fix restoring files from backup (debian bug #508199)
-  * Correctly restore modes and permissions on existing directories
-  * The --remove-files option removes files only if they were succesfully stored in the archive
-  * Fix storing and listing of the volume labels in POSIX format
-  * Improve algorithm for splitting long file names (ustar format)
-  * Fix possible memory overflow in the rmt client code (CVE-2010-0624)
- deprecated heap_overflow_in_rtapelib.patch  
-
 -------------------------------------------------------------------
 Wed Mar  3 09:29:23 UTC 2010 - mseben@novell.com

--- a/tar.spec
+++ b/tar.spec
@ -26,16 +26,18 @@ Group:          System/Base
 Provides:       base:/bin/tar
 PreReq:         %install_info_prereq
 AutoReqProv:    on
-Version:        1.23
+Version:        1.22
 Release:        2
 Summary:        GNU implementation of tar ((t)ape (ar)chiver)
 Source0:        %name-%version.tar.bz2
 #
 Patch0:         tar-disable_languages.patch
-Patch1:         tar-disable-listed02-test.patch
+Patch1:         tar-disable-listed02-test.diff
 Patch2:         tar-manpage.patch
 Patch3:         tar-wildcards.patch
-Patch5:         tar-fortifysourcessigabrt.patch
+Patch5:         tar-1.22-fortifysourcessigabrt.patch
+#fix possible heap overflow in rtapelib.c bnc#579475 (fix already in upstream git)
+Patch6:         tar-heap_overflow_in_rtapelib.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 Recommends:     xz
 Recommends:     tar-lang = %version
@ -89,6 +91,7 @@ Shell scripts for system backup/restore
 %patch2 -p1
 %patch3 -p1
 %patch5 -p1
+%patch6 -p1

 %build
 rm -f po/no.* po/ky.*
@ -127,7 +130,7 @@ rm -r %buildroot/usr/libexec
 %files
 %defattr(-, root, root)
 %_bindir/tar
-%doc README* ABOUT-NLS AUTHORS COPYING NEWS THANKS ChangeLog TODO
+%doc README* ABOUT-NLS AUTHORS COPYING NEWS THANKS ChangeLog PORTS TODO
 %_infodir/tar.info*.gz
 %_mandir/man1/tar.1.gz