From 6d02aedc78915807cbd6858a4e21437cd6c7ffd4f9ddab3c8aae6f482f7a1611 Mon Sep 17 00:00:00 2001
From: Fridrich Strba <fstrba@suse.com>
Date: Tue, 23 Aug 2022 18:46:54 +0000
Subject: [PATCH] OBS-URL:
 https://build.opensuse.org/package/show/Java:packages/aws-sdk-java?expand=0&rev=26

---
 CVE-2022-31159.patch | 21 ---------------------
 aws-sdk-java.changes |  8 --------
 aws-sdk-java.spec    |  2 --
 3 files changed, 31 deletions(-)
 delete mode 100644 CVE-2022-31159.patch

diff --git a/CVE-2022-31159.patch b/CVE-2022-31159.patch
deleted file mode 100644
index 0932cc1..0000000
--- a/CVE-2022-31159.patch
+++ /dev/null
@@ -1,21 +0,0 @@
---- a/aws-java-sdk-s3/src/main/java/com/amazonaws/services/s3/transfer/TransferManager.java
-+++ b/aws-java-sdk-s3/src/main/java/com/amazonaws/services/s3/transfer/TransferManager.java
-@@ -82,6 +82,7 @@ import java.io.File;
- import java.io.IOException;
- import java.io.InputStream;
- import java.net.URL;
-+import java.nio.file.Path;
- import java.util.ArrayList;
- import java.util.Date;
- import java.util.LinkedList;
-@@ -1512,7 +1513,9 @@ public class TransferManager {
- 
-     private boolean leavesRoot(File localBaseDirectory, String key) {
-         try {
--            return !new File(localBaseDirectory, key).getCanonicalPath().startsWith(localBaseDirectory.getCanonicalPath());
-+            Path targetPath = new File(localBaseDirectory, key).getCanonicalFile().toPath();
-+            Path rootPath = localBaseDirectory.getCanonicalFile().toPath();
-+            return !targetPath.startsWith(rootPath);
-         } catch (IOException e) {
-             throw new RuntimeException("Unable to canonicalize paths",  e);
-         }
diff --git a/aws-sdk-java.changes b/aws-sdk-java.changes
index e8c7122..9c6757f 100644
--- a/aws-sdk-java.changes
+++ b/aws-sdk-java.changes
@@ -1,11 +1,3 @@
--------------------------------------------------------------------
-Tue Aug 23 15:44:33 UTC 2022 - Fridrich Strba <fstrba@suse.com>
-
-- Added patch:
-  * CVE-2022-31159.patch
-    + fix bsc#1201580 (CVE-2022-31159) Partial Path Traversal in
-      com.amazonaws:aws-java-sdk-s3
-
 -------------------------------------------------------------------
 Thu May  5 10:23:20 UTC 2022 - Fridrich Strba <fstrba@suse.com>
 
diff --git a/aws-sdk-java.spec b/aws-sdk-java.spec
index 3b503b9..7c3e698 100644
--- a/aws-sdk-java.spec
+++ b/aws-sdk-java.spec
@@ -26,7 +26,6 @@ Group:          Development/Libraries/Java
 URL:            https://aws.amazon.com/sdk-for-java/
 Source0:        https://github.com/aws/aws-sdk-java/archive/%{githash}/%{name}-%{githash}.tar.gz
 Patch0:         aws-sdk-java-ambiguous-Record.patch
-Patch1:         CVE-2022-31159.patch
 BuildRequires:  dos2unix
 BuildRequires:  fdupes
 BuildRequires:  java-devel >= 1.8
@@ -674,7 +673,6 @@ This package contains javadoc for %{name}.
 %prep
 %setup -q -n %{name}-%{githash}
 %patch0 -p1
-%patch1 -p1
 
 # Remove deprecated httpclient annotations
 sed -i '/NotThreadSafe/d' \