From 9ae545fad8685e2da94fa2535237aeadcdd851054d781705416a91c1a4cad5a6 Mon Sep 17 00:00:00 2001 From: Bernhard Voelker Date: Sat, 26 Jan 2013 19:35:28 +0000 Subject: [PATCH 1/2] - Add CVE numbers to changelog: CVE-2013-0221, CVE-2013-0222, CVE-2013-0223 OBS-URL: https://build.opensuse.org/package/show/Base:System/coreutils?expand=0&rev=176 --- coreutils-testsuite.changes | 8 +++++--- coreutils.changes | 8 +++++--- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/coreutils-testsuite.changes b/coreutils-testsuite.changes index 189eb4c..699810a 100644 --- a/coreutils-testsuite.changes +++ b/coreutils-testsuite.changes @@ -1,20 +1,22 @@ ------------------------------------------------------------------- Sun Jan 20 13:18:28 UTC 2013 - mail@bernhard-voelker.de -- Avoid segmentation fault in "join -i" with long line input (bnc#798541, VUL-1) +- Avoid segmentation fault in "join -i" with long line input + (bnc#798541, VUL-1, CVE-2013-0223) * src/join.c: Instead of usig unreliable alloca() stack allocation, use heap allocation via xmalloc()+free(). (coreutils-i18n.patch, from Philipp Thomas ) - Avoid segmentation fault in "sort -d" and "sort -M" with long line input - (bnc#798538, VUL-1) + (bnc#798538, VUL-1, CVE-2013-0221) * src/sort.c: Instead of usig unreliable alloca() stack allocation, use heap allocation via xmalloc()+free(). (coreutils-i18n.patch, from Philipp Thomas ) -- Avoid segmentation fault in "uniq" with long line input (bnc#796243, VUL-1) +- Avoid segmentation fault in "uniq" with long line input + (bnc#796243, VUL-1, CVE-2013-0222) * src/cut.c: Instead of usig unreliable alloca() stack allocation, use heap allocation via xmalloc()+free(). diff --git a/coreutils.changes b/coreutils.changes index 189eb4c..699810a 100644 --- a/coreutils.changes +++ b/coreutils.changes @@ -1,20 +1,22 @@ ------------------------------------------------------------------- Sun Jan 20 13:18:28 UTC 2013 - mail@bernhard-voelker.de -- Avoid segmentation fault in "join -i" with long line input (bnc#798541, VUL-1) +- Avoid segmentation fault in "join -i" with long line input + (bnc#798541, VUL-1, CVE-2013-0223) * src/join.c: Instead of usig unreliable alloca() stack allocation, use heap allocation via xmalloc()+free(). (coreutils-i18n.patch, from Philipp Thomas ) - Avoid segmentation fault in "sort -d" and "sort -M" with long line input - (bnc#798538, VUL-1) + (bnc#798538, VUL-1, CVE-2013-0221) * src/sort.c: Instead of usig unreliable alloca() stack allocation, use heap allocation via xmalloc()+free(). (coreutils-i18n.patch, from Philipp Thomas ) -- Avoid segmentation fault in "uniq" with long line input (bnc#796243, VUL-1) +- Avoid segmentation fault in "uniq" with long line input + (bnc#796243, VUL-1, CVE-2013-0222) * src/cut.c: Instead of usig unreliable alloca() stack allocation, use heap allocation via xmalloc()+free(). From d1e1a80b19b6dcdd74a3d7a43664cbf45f892a71384c650b756a44773db7f116 Mon Sep 17 00:00:00 2001 From: Stephan Kulow Date: Sun, 27 Jan 2013 08:16:43 +0000 Subject: [PATCH 2/2] - do not require texinfo for building, texlive is a bit too heavy - do not require texinfo for building, texlive is a bit too heavy OBS-URL: https://build.opensuse.org/package/show/Base:System/coreutils?expand=0&rev=177 --- coreutils-testsuite.changes | 5 +++++ coreutils-testsuite.spec | 2 +- coreutils.changes | 5 +++++ coreutils.spec | 2 +- 4 files changed, 12 insertions(+), 2 deletions(-) diff --git a/coreutils-testsuite.changes b/coreutils-testsuite.changes index 699810a..9b6cbef 100644 --- a/coreutils-testsuite.changes +++ b/coreutils-testsuite.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Sun Jan 27 08:16:16 UTC 2013 - coolo@suse.com + +- do not require texinfo for building, texlive is a bit too heavy + ------------------------------------------------------------------- Sun Jan 20 13:18:28 UTC 2013 - mail@bernhard-voelker.de diff --git a/coreutils-testsuite.spec b/coreutils-testsuite.spec index 22558ed..45f6acc 100644 --- a/coreutils-testsuite.spec +++ b/coreutils-testsuite.spec @@ -26,9 +26,9 @@ BuildRequires: help2man BuildRequires: libacl-devel BuildRequires: libcap-devel BuildRequires: libselinux-devel +BuildRequires: makeinfo BuildRequires: pam-devel BuildRequires: perl -BuildRequires: texinfo %if "%{name}" == "coreutils-testsuite" BuildRequires: acl BuildRequires: gdb diff --git a/coreutils.changes b/coreutils.changes index 699810a..9b6cbef 100644 --- a/coreutils.changes +++ b/coreutils.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Sun Jan 27 08:16:16 UTC 2013 - coolo@suse.com + +- do not require texinfo for building, texlive is a bit too heavy + ------------------------------------------------------------------- Sun Jan 20 13:18:28 UTC 2013 - mail@bernhard-voelker.de diff --git a/coreutils.spec b/coreutils.spec index 43b755f..db8e423 100644 --- a/coreutils.spec +++ b/coreutils.spec @@ -26,9 +26,9 @@ BuildRequires: help2man BuildRequires: libacl-devel BuildRequires: libcap-devel BuildRequires: libselinux-devel +BuildRequires: makeinfo BuildRequires: pam-devel BuildRequires: perl -BuildRequires: texinfo %if "%{name}" == "coreutils-testsuite" BuildRequires: acl BuildRequires: gdb