SHA256
1
0
forked from pool/patch
Commit Graph

72 Commits

Author SHA256 Message Date
Dominique Leuenberger
4a1162ae0f Accepting request 597758 from devel:tools
Fix arbitrary command execution in ed-style patches (CVE-2018-1000156, bsc#1088420)

OBS-URL: https://build.opensuse.org/request/show/597758
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/patch?expand=0&rev=42
2018-04-22 12:42:28 +00:00
Jean Delvare
7f7fcb70a3 - Add ed as BuildRequires so ed-style patches can be checked by
the test suite.

OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=59
2018-04-18 09:18:05 +00:00
Jean Delvare
113fbdee3e Fix CVE-2018-1000156 (bsc#1088420, savannah#53566).
- ed-style-01-missing-input-files.patch: Allow input files to be
  missing for ed-style patches.
- ed-style-02-fix-arbitrary-command-execution.patch,
  ed-style-03-update-test-Makefile.patch: Fix arbitrary command
  execution in ed-style patches.
- ed-style-04-invoke-ed-directly.patch: Invoke ed directly instead
  of using the shell.
- ed-style-05-minor-cleanups.patch: Minor cleanups in do_ed_script.
- ed-style-06-fix-test-failure.patch: Fix 'ed-style' test failure.

OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=58
2018-04-18 08:58:17 +00:00
Dominique Leuenberger
9dfa552ac5 Accepting request 590591 from devel:tools
- Move COPYING from %doc to %license.
- Add AUTHORS and COPYING to %doc.
- fix-segfault-mangled-rename.patch: Fix segfault with mangled
  rename patch (bsc#1080951, CVE-2018-6951, savannah#53132).
- patch 2.7.6:
  * Files specified on the command line are no longer verified to
    be inside the current working directory, so commands like
    "patch -i foo.diff ../foo" will work again
  * Fixes CVE-2016-10713 (Out-of-bounds access within
    pch_write_line() in pch.c could possibly lead to DoS via a
    crafted input file; bsc#1080918)
  * Various fixes

OBS-URL: https://build.opensuse.org/request/show/590591
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/patch?expand=0&rev=41
2018-03-30 09:55:13 +00:00
Jean Delvare
7364d525c4 %license should work on SLE_12_SP2 now.
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=56
2018-03-26 07:49:20 +00:00
Jean Delvare
163aef10cd Don't use %license on SLE_12_SP2, it does not work.
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=55
2018-03-22 14:22:21 +00:00
Jean Delvare
27e7211fa9 - Move COPYING from %doc to %license.
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=54
2018-03-22 08:44:22 +00:00
Jean Delvare
03fcca2352 Update changes file to mention CVE-2016-10713
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=53
2018-03-21 16:13:53 +00:00
Jean Delvare
2bda6a542b - Add AUTHORS and COPYING to %doc.
- fix-segfault-mangled-rename.patch: Fix segfault with mangled
  rename patch (bsc#1080951, CVE-2018-6951, savannah#53132).

OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=52
2018-03-21 15:47:14 +00:00
Jean Delvare
a19fa79f16 Accepting request 573892 from home:AndreasStieger:branches:devel:tools
patch 2.7.6

OBS-URL: https://build.opensuse.org/request/show/573892
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=51
2018-02-14 10:52:50 +00:00
Dominique Leuenberger
961092e7ae Accepting request 290774 from devel:tools
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/290774
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/patch?expand=0&rev=40
2015-03-16 05:55:02 +00:00
Jean Delvare
6f0d2bb9b0 Fix SLE_11_SP3 build
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=49
2015-03-07 10:36:08 +00:00
Jean Delvare
652a1be131 - patch 2.7.5
Fixes a functional regression introduced by the previous update. 
  + Patching through symbolic links works again, as long as the
    target is within the working tree.

OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=48
2015-03-07 09:46:19 +00:00
Dominique Leuenberger
f7a0be8225 Accepting request 287342 from devel:tools
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/287342
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/patch?expand=0&rev=39
2015-03-01 13:45:27 +00:00
Jean Delvare
aca5b2b799 - patch 2.7.4
Fixes a functional regression introduced by the previous security
  fix. The security fix would forbid legitimate use cases of
  relative symbolic links.
  [boo#918058]
  + Allow arbitrary symlink targets again.
  + Do not change permissions if there isn't an explicit mode
    change.
  + Fix indentation heuristic for context diffs.
- Please also note that the previous update fixed security bugs
  boo#915328 and boo#915329 even though it did not say so.

OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=46
2015-02-16 14:06:29 +00:00
Martin Pluskal
002b7f85d2 Update patch.keyring
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=45
2015-01-26 19:50:19 +00:00
Martin Pluskal
8cbaa2a560 Accepting request 282506 from home:AndreasStieger:branches:devel:tools
patch 2.7.3 [boo#913678] [CVE-2015-1196]

OBS-URL: https://build.opensuse.org/request/show/282506
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=44
2015-01-26 19:44:12 +00:00
Dominique Leuenberger
a361305fd1 Accepting request 262036 from devel:tools
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/262036
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/patch?expand=0&rev=38
2014-11-24 10:08:00 +00:00
Jean Delvare
cb63dc7adf Update upstream status.
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=42
2014-11-10 11:45:21 +00:00
Jean Delvare
88d552055b - reject-print-function-01-drop-useless-test.patch: Drop useless
test in another_hunk().
- reject-print-function-02-handle-unified-format.patch: Preserve C
  function name in unified rejects (bnc#904519).

OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=41
2014-11-10 10:38:51 +00:00
Stephan Kulow
c27d19435f Accepting request 236123 from devel:tools
- error-report-crash.patch: fix crash after reporting error during option
  parsing (forwarded request 234823 from jdelvare)

OBS-URL: https://build.opensuse.org/request/show/236123
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/patch?expand=0&rev=36
2014-06-18 20:04:30 +00:00
Jean Delvare
3a734d31a8 Accepting request 234823 from home:Andreas_Schwab:Factory
- error-report-crash.patch: fix crash after reporting error during option
  parsing

OBS-URL: https://build.opensuse.org/request/show/234823
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=39
2014-06-03 08:28:09 +00:00
Stephan Kulow
561fe96475 Accepting request 144605 from devel:tools
Update to version 2.7.1.

OBS-URL: https://build.opensuse.org/request/show/144605
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/patch?expand=0&rev=33
2012-12-10 11:20:28 +00:00
Jean Delvare
0c36e4a3d8 - Back to bz2 archive format as old products lack xz.
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=37
2012-12-06 15:20:24 +00:00
Jean Delvare
8f63ffa22d - Add missing build requirement: xz.
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=36
2012-12-06 15:04:53 +00:00
Jean Delvare
89dd502416 - Version 2.7.1
+ Patch no longer gets a failed assertion for certain mangled
    patches.
  + Ignore destination file names that are absolute or that contain
    a component of "..", except when working in the root directory.
    This addresses CVE-2010-4651.
  + Support for most features of the "diff --git" format, including
    renames and copies, permission changes, and symlink diffs.
    Binary diffs are not supported yet; patch will complain and
    skip them.
  + Support for double-quoted filenames: when a filename starts
    with a double quote, it is interpreted as a C string literal.
    The escape sequences \\, \", \a, \b, \f, \n, \r, \t, \v, and
    \ooo (a three-digit octal number between 0 and 255) are
    recognized.
  + Refuse to apply a normal patch to a symlink. (Previous versions
    of patch were replacing the symlink with a regular file.)
  + New --follow-symlinks option to allow to treat symlinks as
    files: this was patch's behavior before version 2.7.
  + When trying to modify a read-only file, warn about the
    potential problem by default. The --read-only command line
    option allows to change this behavior.
  + Files to be deleted are deleted once the entire input has been
    processed, not immediately. This fixes a bug with numbered
    backup files.
  + When a timestamp specifies a time zone, honor that instead of
    assuming the local time zone (--set-date) or Universal
    Coordinated Time (--set-utc).
  + Support for nanosecond precision timestamps.
  + Many bug fixes.
  + Clarify the message printed when a patch is expected to empty
    out and delete a file, but the file does not become empty.
  + Various improvements to messages when applying a patch to a
    file of different type (regular file vs. symlink), when there
    are line ending differences (LF vs. CRLF), and when in
    --dry-run mode.
  + Ignore when extended attributes cannot be preserved because
    they are unsupported or because permission to set them is
    denied.
- patch-revert-e0f70752.patch: Dropped, original bug fixed
  upstream.
- patch-stdio.in.patch: Dropped, merged upstream.

OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=35
2012-12-06 14:43:28 +00:00
Stephan Kulow
5e8bb3b532 Accepting request 133232 from devel:tools
- patch-stdio.in.patch:
   Fix build with missing gets declaration (glibc 2.16)

OBS-URL: https://build.opensuse.org/request/show/133232
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/patch?expand=0&rev=32
2012-09-13 05:07:24 +00:00
Stephan Kulow
2c113766b1 - patch-stdio.in.patch:
Fix build with missing gets declaration (glibc 2.16)

OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=33
2012-09-07 12:46:28 +00:00
d6b22c081d Accepting request 128103 from home:a_jaeger:FactoryFix
Fix build with missing gets declaration (glibc 2.16)

OBS-URL: https://build.opensuse.org/request/show/128103
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=32
2012-08-07 07:30:43 +00:00
Stephan Kulow
744f4fc71c Accepting request 113094 from devel:tools
- Revert broken upstream commit (bnc#755136).
- Update to a less ancient alpha snapshot.

OBS-URL: https://build.opensuse.org/request/show/113094
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/patch?expand=0&rev=30
2012-04-12 07:44:52 +00:00
Jean Delvare
0a622f8d7f - patch-revert-e0f70752.patch: Revert broken upstream commit
(bnc#755136).

OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=30
2012-04-06 12:24:18 +00:00
Jean Delvare
32ed207b62 xz isn't available in SLE11 SP1 and older, so stick to bzip2 for now.
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=29
2012-04-05 08:25:04 +00:00
Jean Delvare
edf8511579 Add missing BuildRequires.
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=28
2012-04-04 18:41:46 +00:00
Jean Delvare
231fb6e34a - Version 2.6.1.136
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=27
2012-04-04 17:17:36 +00:00
Stephan Kulow
23f7e8097f replace license with spdx.org variant
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/patch?expand=0&rev=29
2011-12-06 17:36:03 +00:00
Ruediger Oertel
044aea8b43 Accepting request 86710 from devel:tools
- cross-build fix: use %configure macro (forwarded request 86685 from uli_suse)

OBS-URL: https://build.opensuse.org/request/show/86710
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/patch?expand=0&rev=27
2011-10-06 14:44:41 +00:00
2c983da3bb Accepting request 86685 from home:uli_suse:branches:devel:tools
- cross-build fix: use %configure macro

OBS-URL: https://build.opensuse.org/request/show/86685
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=25
2011-10-05 15:23:39 +00:00
Sascha Peilicke
57e09f332d Autobuild autoformatter for 66399
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/patch?expand=0&rev=26
2011-04-07 08:07:32 +00:00
OBS User buildservice-autocommit
8370b5d1b8 Updating link to change in openSUSE:Factory/patch revision 26.0
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=d36540181dc7f1b623796d54ec610ff6
2011-04-07 08:07:32 +00:00
Sascha Peilicke
b72fc26176 Accepting request 66399 from devel:tools
Accepted submit request 66399 from user coolo

OBS-URL: https://build.opensuse.org/request/show/66399
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/patch?expand=0&rev=25
2011-04-07 08:07:03 +00:00
Jean Delvare
cffc447f94 Document the conflict with patchutils < 0.3.2.
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=23
2011-04-04 15:31:57 +00:00
Jean Delvare
4a75e4b044 - Version 2.6.1.116:
+ Patch now ignores destination file names that are absolute or
    that contain a component of ".." (CVE-2010-4651, bnc#662957).
- Drop unified-reject-files-compat.diff. Compatibility has been
  provided for the past 18 months, hopefully nobody is relying on
  it any longer.

OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=22
2011-04-04 13:15:18 +00:00
OBS User autobuild
97191683e0 Accepting request 49168 from devel:tools
Copy from devel:tools/patch based on submit request 49168 from user coolo

OBS-URL: https://build.opensuse.org/request/show/49168
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/patch?expand=0&rev=23
2010-09-27 13:51:16 +00:00
OBS User autobuild
f47cd05101 Accepting request 49168 from devel:tools
checked in (request 49168)

OBS-URL: https://build.opensuse.org/request/show/49168
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=21
2010-09-27 13:51:15 +00:00
Andreas Gruenbacher
873f1112d9 Accepting request 42404 from home:jengelh:smp
Copy from home:jengelh:smp/patch via accept of submit request 42404 revision 2.
Request was accepted with message:
reviewed ok.

OBS-URL: https://build.opensuse.org/request/show/42404
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=20
2010-07-02 08:21:11 +00:00
OBS User autobuild
4f6c787180 Accepting request 39416 from devel:tools
Copy from devel:tools/patch based on submit request 39416 from user agruen

OBS-URL: https://build.opensuse.org/request/show/39416
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/patch?expand=0&rev=20
2010-05-05 20:51:18 +00:00
OBS User buildservice-autocommit
1a4053bd8e Updating link to change in openSUSE:Factory/patch revision 20.0
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=1fb07bfae10cb5cabf8c560f45b3402d
2010-05-05 20:51:18 +00:00
OBS User autobuild
fb3b41f19d Accepting request 39416 from devel:tools
checked in (request 39416)

OBS-URL: https://build.opensuse.org/request/show/39416
OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=19
2010-05-05 20:51:17 +00:00
Andreas Gruenbacher
e6cdd7d5c3 - Version 2.6.1.81:
+ Fix backup file detection for deleted files
  + Allow to create and delete empty files
  + Stick to the best name in the reversed-patch check
  + Various portability improvements

OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=18
2010-05-04 23:37:55 +00:00
OBS User autobuild
517563b876 Accepting request 39270 from devel:tools
Copy from devel:tools/patch based on submit request 39270 from user agruen

OBS-URL: https://build.opensuse.org/request/show/39270
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/patch?expand=0&rev=19
2010-05-03 19:39:00 +00:00