From 89dd5024165a15237349d0419c101cf38da3a3ff52c926e0f68dd64d750880a4 Mon Sep 17 00:00:00 2001
From: Jean Delvare <jdelvare@suse.com>
Date: Thu, 6 Dec 2012 14:43:28 +0000
Subject: [PATCH] - Version 2.7.1   + Patch no longer gets a failed assertion
 for certain mangled     patches.   + Ignore destination file names that are
 absolute or that contain     a component of "..", except when working in the
 root directory.     This addresses CVE-2010-4651.   + Support for most
 features of the "diff --git" format, including     renames and copies,
 permission changes, and symlink diffs.     Binary diffs are not supported
 yet; patch will complain and     skip them.   + Support for double-quoted
 filenames: when a filename starts     with a double quote, it is interpreted
 as a C string literal.     The escape sequences \\, \", \a, \b, \f, \n, \r,
 \t, \v, and     \ooo (a three-digit octal number between 0 and 255) are    
 recognized.   + Refuse to apply a normal patch to a symlink. (Previous
 versions     of patch were replacing the symlink with a regular file.)   +
 New --follow-symlinks option to allow to treat symlinks as     files: this
 was patch's behavior before version 2.7.   + When trying to modify a
 read-only file, warn about the     potential problem by default. The
 --read-only command line     option allows to change this behavior.   + Files
 to be deleted are deleted once the entire input has been     processed, not
 immediately. This fixes a bug with numbered     backup files.   + When a
 timestamp specifies a time zone, honor that instead of     assuming the local
 time zone (--set-date) or Universal     Coordinated Time (--set-utc).   +
 Support for nanosecond precision timestamps.   + Many bug fixes.   + Clarify
 the message printed when a patch is expected to empty     out and delete a
 file, but the file does not become empty.   + Various improvements to
 messages when applying a patch to a     file of different type (regular file
 vs. symlink), when there     are line ending differences (LF vs. CRLF), and
 when in     --dry-run mode.   + Ignore when extended attributes cannot be
 preserved because     they are unsupported or because permission to set them
 is     denied. - patch-revert-e0f70752.patch: Dropped, original bug fixed  
 upstream. - patch-stdio.in.patch: Dropped, merged upstream.

OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=35
---
 patch-2.6.1.136-31a7.tar.bz2 |  3 --
 patch-2.7.1.tar.xz           |  3 ++
 patch-revert-e0f70752.patch  | 64 ------------------------------------
 patch-stdio.in.patch         | 14 --------
 patch.changes                | 46 ++++++++++++++++++++++++++
 patch.spec                   | 13 +++-----
 6 files changed, 53 insertions(+), 90 deletions(-)
 delete mode 100644 patch-2.6.1.136-31a7.tar.bz2
 create mode 100644 patch-2.7.1.tar.xz
 delete mode 100644 patch-revert-e0f70752.patch
 delete mode 100644 patch-stdio.in.patch

diff --git a/patch-2.6.1.136-31a7.tar.bz2 b/patch-2.6.1.136-31a7.tar.bz2
deleted file mode 100644
index 4860e6d..0000000
--- a/patch-2.6.1.136-31a7.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a20be53db3610f050dcac8b3f3e1e638c0a722e118a3443b205bb23e24fff7e5
-size 705888
diff --git a/patch-2.7.1.tar.xz b/patch-2.7.1.tar.xz
new file mode 100644
index 0000000..feb85ba
--- /dev/null
+++ b/patch-2.7.1.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:9124ba46db0abd873d0995c2ca880e81252676bb6c03e0a37dfc5f608a9b0ceb
+size 675896
diff --git a/patch-revert-e0f70752.patch b/patch-revert-e0f70752.patch
deleted file mode 100644
index a0b7180..0000000
--- a/patch-revert-e0f70752.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-References: bnc#755136
-
-Revert upstream commit e0f707523cab26f74ec23f4a20a27add8702ed5b.
-
---- patch-2.6.1.136-31a7.orig/src/pch.c
-+++ patch-2.6.1.136-31a7/src/pch.c
-@@ -379,18 +379,11 @@ skip_hex_digits (char const *str)
- static bool
- name_is_valid (char const *name)
- {
--  static char const *bad[2];
--  char const *n;
--
--  if (bad[0] && ! strcmp (bad[0], name))
--    return false;
--  if (bad[1] && ! strcmp (bad[1], name))
--    return false;
-+  const char *n = name;
- 
-   if (IS_ABSOLUTE_FILE_NAME (name))
-     {
-       say ("Ignoring potentially dangerous file name %s\n", quotearg (name));
--      bad[!! bad[0]] = name;
-       return false;
-     }
-   for (n = name; *n; )
-@@ -398,7 +391,6 @@ name_is_valid (char const *name)
-       if (*n == '.' && *++n == '.' && ( ! *++n || ISSLASH (*n)))
-         {
- 	  say ("Ignoring potentially dangerous file name %s\n", quotearg (name));
--	  bad[!! bad[0]] = name;
- 	  return false;
- 	}
-       while (*n && ! ISSLASH (*n))
---- patch-2.6.1.136-31a7.orig/tests/bad-filenames
-+++ patch-2.6.1.136-31a7/tests/bad-filenames
-@@ -114,27 +114,3 @@ echo 1 > g
- check 'patch -f -p1 --dry-run < d.diff || echo status: $?' <<EOF
- patching file g
- EOF
--
--mkdir d
--cd d
--cat > d.diff <<EOF
----- ../h
--+++ ../h
--@@ -0,0 +1 @@
--+x
--EOF
--
--touch ../h
--check 'patch -f -p0 < d.diff || echo status: $?' <<EOF
--Ignoring potentially dangerous file name ../h
--can't find file to patch at input line 3
--Perhaps you used the wrong -p or --strip option?
--The text leading up to this was:
----------------------------
--|--- ../h
--|+++ ../h
----------------------------
--No file to patch.  Skipping patch.
--1 out of 1 hunk ignored
--status: 1
--EOF
diff --git a/patch-stdio.in.patch b/patch-stdio.in.patch
deleted file mode 100644
index d08e286..0000000
--- a/patch-stdio.in.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-Index: patch-2.6.1.136-31a7/lib/stdio.in.h
-===================================================================
---- patch-2.6.1.136-31a7.orig/lib/stdio.in.h
-+++ patch-2.6.1.136-31a7/lib/stdio.in.h
-@@ -164,7 +164,9 @@ _GL_WARN_ON_USE (fflush, "fflush is not
-    so any use of gets warrants an unconditional warning.  Assume it is
-    always declared, since it is required by C89.  */
- #undef gets
-+#if HAVE_RAW_DECL_GETS
- _GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
-+#endif
- 
- #if @GNULIB_FOPEN@
- # if @REPLACE_FOPEN@
diff --git a/patch.changes b/patch.changes
index 64fe5f3..1693861 100644
--- a/patch.changes
+++ b/patch.changes
@@ -1,3 +1,49 @@
+-------------------------------------------------------------------
+Thu Dec  6 15:34:14 CET 2012 - jdelvare@suse.de
+
+- Version 2.7.1
+  + Patch no longer gets a failed assertion for certain mangled
+    patches.
+  + Ignore destination file names that are absolute or that contain
+    a component of "..", except when working in the root directory.
+    This addresses CVE-2010-4651.
+  + Support for most features of the "diff --git" format, including
+    renames and copies, permission changes, and symlink diffs.
+    Binary diffs are not supported yet; patch will complain and
+    skip them.
+  + Support for double-quoted filenames: when a filename starts
+    with a double quote, it is interpreted as a C string literal.
+    The escape sequences \\, \", \a, \b, \f, \n, \r, \t, \v, and
+    \ooo (a three-digit octal number between 0 and 255) are
+    recognized.
+  + Refuse to apply a normal patch to a symlink. (Previous versions
+    of patch were replacing the symlink with a regular file.)
+  + New --follow-symlinks option to allow to treat symlinks as
+    files: this was patch's behavior before version 2.7.
+  + When trying to modify a read-only file, warn about the
+    potential problem by default. The --read-only command line
+    option allows to change this behavior.
+  + Files to be deleted are deleted once the entire input has been
+    processed, not immediately. This fixes a bug with numbered
+    backup files.
+  + When a timestamp specifies a time zone, honor that instead of
+    assuming the local time zone (--set-date) or Universal
+    Coordinated Time (--set-utc).
+  + Support for nanosecond precision timestamps.
+  + Many bug fixes.
+  + Clarify the message printed when a patch is expected to empty
+    out and delete a file, but the file does not become empty.
+  + Various improvements to messages when applying a patch to a
+    file of different type (regular file vs. symlink), when there
+    are line ending differences (LF vs. CRLF), and when in
+    --dry-run mode.
+  + Ignore when extended attributes cannot be preserved because
+    they are unsupported or because permission to set them is
+    denied.
+- patch-revert-e0f70752.patch: Dropped, original bug fixed
+  upstream.
+- patch-stdio.in.patch: Dropped, merged upstream.
+
 -------------------------------------------------------------------
 Tue Jul 17 08:40:27 UTC 2012 - aj@suse.de
 
diff --git a/patch.spec b/patch.spec
index 8ac3e05..4fae4e0 100644
--- a/patch.spec
+++ b/patch.spec
@@ -16,21 +16,18 @@
 #
 
 
-Url:            ftp://alpha.gnu.org/gnu/diffutils/
-%define hash -31a7
+Url:            http://ftp.gnu.org/gnu/patch/
 
 Name:           patch
 # See bnc#662957. The fix for CVE-2010-4651 breaks the way interdiff was
 # invoking patch, so interdiff had to be fixed too.
 Conflicts:      patchutils < 0.3.2
-Version:        2.6.1.136
+Version:        2.7.1
 Release:        0
 Summary:        GNU patch
 License:        GPL-3.0+
 Group:          Productivity/Text/Utilities
-Source:         ftp://alpha.gnu.org/gnu/patch/patch-%version%hash.tar.bz2
-Patch1:         patch-revert-e0f70752.patch
-Patch2:         patch-stdio.in.patch
+Source:         http://ftp.gnu.org/gnu/patch/patch-%version.tar.xz
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
@@ -45,9 +42,7 @@ Authors:
     Paul Eggert
 
 %prep
-%setup -q -n patch-%version%hash
-%patch1 -p1
-%patch2 -p1
+%setup -q
 
 %build
 export CFLAGS="$RPM_OPT_FLAGS -Wall -O2 -pipe"