diff --git a/ncurses-fix.patch b/ncurses-fix.patch deleted file mode 100644 index 028f6ff..0000000 --- a/ncurses-fix.patch +++ /dev/null @@ -1,52 +0,0 @@ -From c6a85163619ed1cee89ab047a0d98108ed46828d Mon Sep 17 00:00:00 2001 -From: Daniel Shahaf -Date: Fri, 28 Aug 2020 02:36:35 +0000 -Subject: [PATCH] github #64: Fix a build-time error when building against - ncurses that hadn't been built with --enable-wgetch-events. - -The --enable-wgetch-events codepath is experimental (according to -ncurses-6.2/INSTALL) and off by default (according to -ncurses-6.2/configure.in). With that codepath disabled, the macro -KEY_EVENT is not provided, which (before this commit) manifested as a -build-time error: - - [ 245s] gcc -c -I. -I../../Src -I../../Src -I../../Src/Zle -I. -DHAVE_CONFIG_H -DMODULE -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -Werror=return-type -flto=auto -g -fPIE -D_DEFAULT_SOURCE -D_XOPEN_SOURCE=600 -I/usr/include/ncursesw -fPIC -o curses..o curses.c - [ 246s] In file included from curses.c:210: - [ 246s] curses_keys.h:93:15: error: 'KEY_EVENT' undeclared here (not in a function); did you mean 'KEY_RESET'? - [ 246s] 93 | {"EVENT", KEY_EVENT}, - [ 246s] | ^~~~~~~~~ - [ 246s] | KEY_RESET - -curses_keys.h is only used for setting the "kevent" output parameter of -'zcurses input' (and the associated $zcurses_keycodes special variable), -so there's no harm in just leaving KEY_EVENT out of it. (That codepath -deals gracefully with numeric values that don't correspond to any of the -known compile-time values, as that can happen whenever the build- and -run-time versions of ncurses don't provide the same set of KEY_* macros, -with or without relation to that configure flag.) - -Reported by Martin Liska. ---- - ChangeLog | 6 ++++++ - Src/Modules/curses_keys.awk | 7 ++++++- - 2 files changed, 12 insertions(+), 1 deletion(-) - -diff --git a/Src/Modules/curses_keys.awk b/Src/Modules/curses_keys.awk -index ffb182c35..25bd63c7e 100644 ---- a/Src/Modules/curses_keys.awk -+++ b/Src/Modules/curses_keys.awk -@@ -12,8 +12,13 @@ BEGIN {nkeydefs = 0} - - END { - printf("static const struct zcurses_namenumberpair keypad_names[] = {\n") -- for (i = 0; i < 0 + nkeydefs; i++) -+ for (i = 0; i < 0 + nkeydefs; i++) { -+ if (name[i] == "EVENT") -+ printf("#ifdef KEY_EVENT\n") - printf(" {\"%s\", KEY_%s},\n", name[i], name[i]) -+ if (name[i] == "EVENT") -+ printf("#endif\n") -+ } - printf(" {NULL, 0}\n") - printf("};\n") - } diff --git a/zsh-5.8.1.tar.xz b/zsh-5.8.1.tar.xz deleted file mode 100644 index 6d6b4a9..0000000 --- a/zsh-5.8.1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:b6973520bace600b4779200269b1e5d79e5f505ac4952058c11ad5bbf0dd9919 -size 3200540 diff --git a/zsh-5.8.1.tar.xz.asc b/zsh-5.8.1.tar.xz.asc deleted file mode 100644 index 8597690..0000000 --- a/zsh-5.8.1.tar.xz.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQEzBAABCAAdFiEEfKfsqvBiFrkPiUFGrPgUbK6Mu8QFAmIHy2YACgkQrPgUbK6M -u8RlaAgAxhHK9+kn+yzsS2/eED+VjLjCNcyPqdVdBl+bS4xeN5v2Ga0D36TfYJ4J -3n6INHTeR8gpocFyY5RRxZcDeGPtsPV4JQlmAJMa43piLP1LZvbgKAVeooWWeIKk -JMzXXAKWhZQ2+IG+OXlLNaHSLy6YBJ//Kj3lUkI7NHLSjOhce9ER1QwrHyeHmsKV -RmjeKlu4gwCPtXGgRmRihnIYJNI38db9Hc2vjunasGaM30l+8ymeVBjH395EDXL7 -bfn8Vb0rN6TQY5q+4kVkG9J6m7kfgozcbCuiygsDG7zPdbI6Iwgzx+WmMoKWFfX6 -y5MZIeVwkWUscDcghU8uUhQ2mu3pmw== -=2cR1 ------END PGP SIGNATURE----- diff --git a/zsh-5.9.tar.xz b/zsh-5.9.tar.xz new file mode 100644 index 0000000..7360173 --- /dev/null +++ b/zsh-5.9.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:9b8d1ecedd5b5e81fbf1918e876752a7dd948e05c1a0dba10ab863842d45acd5 +size 3332400 diff --git a/zsh-5.9.tar.xz.asc b/zsh-5.9.tar.xz.asc new file mode 100644 index 0000000..6f5d85a --- /dev/null +++ b/zsh-5.9.tar.xz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- + +iQEzBAABCAAdFiEEfKfsqvBiFrkPiUFGrPgUbK6Mu8QFAmJ///QACgkQrPgUbK6M +u8RgPgf+N/yJ+ltJouICaa8fYiYxN0uuYhCeBDVmHuPdwFBPl/Fa5npXkuvo2s/0 +1ho5VfuU08B856GcBpraeuNqN74WNaaZ1E2P8ZFFg1Uw3xjxyg1lqjvkJZrrYURm +tZNoov33jeyKbyTaNxTHgIujyBE3Uu40wpLoIOL3jO4PV0useJyw1jj5CsnvhN1b +3S4X99gre3J0SahNDTGltmCwtO/nL3uZh0+FYNagJMF9ZTV9/BQEjBlozBWU+sPa +rBpbr9A4p/AY2GQti03EmP/HXicaX397aRlBqgfjSRkMJpvaDnVnuXY53uLVOKdW +sg6FYiIrO54Q6bEzJV9JfhdvqQtU4A== +=BNV9 +-----END PGP SIGNATURE----- diff --git a/zsh.changes b/zsh.changes index 47810e7..8b92759 100644 --- a/zsh.changes +++ b/zsh.changes @@ -1,23 +1,135 @@ +------------------------------------------------------------------- +Sun May 15 17:44:40 UTC 2022 - Dirk Müller + +- update to 5.9: + zsh 5.9 is dedicated to the memory of Sven Guckes, who was, amongst other + things, a long-time zsh advocate. For more information, see: + + https://linuxnews.de/2022/02/sven-guckes-verstorben/ + https://groups.google.com/g/vim_announce/c/MJBKVd-xrEE/m/joVNaDgAAgAJ + + When unsetting a hash element, the string enclosed in square brackets is + interpreted literally after any normal command-line-argument expansions. + Thus + unset "hash[$key]" + first expands $key as usual for a double-quoted string, and then interprets + that result as the exact hash element to unset. This differs from previous + versions of the shell, which would also remove a leading backslash for an + unusual subset of characters in the expansion of $key. Note this also + means, for example, that now + unset 'hash[ab]cd]' + unsets the element with key "ab]cd" rather than silently doing nothing. + + The function command learnt a -T option to declare a function and enable + tracing for it simultaneously. + + The option SHORT_REPEAT was added to enable the short syntax of + SHORT_LOOPS for the repeat command only. It is disabled by default. + + The _arguments function now supports NUL-delimiting optargs in the + opt_args array via the -0 option. Developers of completion functions + should find this easier to handle reliably than the default + colon-delimiting behaviour. + + The zsh/system module's `zsystem flock` command learnt an -i option to + set the wait interval used with -t. Additionally, -t now supports + fractional seconds. + + The option CLOBBER_EMPTY was added to enable the overwrite behaviour + of CLOBBER for empty files only. It is disabled by default. + + A (-) expansion flag was added. It works like (n) but correctly sorts + negative numbers. + + The (*) expansion flag enables EXTENDED_GLOB for pattern matching. + For example, ${(*)sample/(#b)*(pat)*/${match[1]}} uses backreferences + even if EXTENDED_GLOB is not otherwise set. However, this does not + descend into nested exapansions, and doubling as (**) does not disable + EXTENDED_GLOB. + + The compinit function learnt a -w option to explain why compdump runs. + When run without the -i or -u options and compaudit discovers security + issues, answering "y" to the "Ignore insecure ..." prompt removes the + insecure elements (like the -i option) where previously it ignored the + result (thus formerly like the -u option). Further, removing those + elements includes dropping directories from the $fpath array. + + The zsh/datetime module's strftime builtin learnt an -n option to omit + the trailing newline when printing a formatted time. + + The XTRACE option is now disabled while running user-defined completion + widgets. This corresponds to long-standing behavior of other user ZLE + widgets. Use the _complete_debug widget to capture XTRACE output, or + use "functions -T" to enable tracing of specific completion functions. + + The fc builtin learnt an -s option which is a POSIX equivalent to the + `fc -e-` method of re-executing a command without invoking an editor. + + The option CASE_PATHS was added to control how NO_CASE_GLOB behaves. + NO_CASE_GLOB + NO_CASE_PATHS is equivalent to the current NO_CASE_GLOB + behaviour. NO_CASE_GLOB + CASE_PATHS treats only path components that + contain globbing characters as case-insensitive; this behaviour may + yield more predictable results on case-sensitive file systems. + NO_CASE_PATHS is the default. + + With the new TYPESET_TO_UNSET option set, "typeset foo" leaves foo unset, + in contrast to the default behavior which assigns foo="". Any parameter + attributes such as numeric type, sorting, and padding are retained until + the parameter is explicitly unset or a conflicting value is assigned. + This is similar to default behavior of bash and ksh. This option is + disabled by default. + + The compadd builtin's -D option can now be specified more than once. + + The zsh/zutil module's zformat builtin learnt an -F option which behaves + like -f except that ternary expressions check for existence instead of + doing math evaluation. + + The conventional syntax used to indicate units, ranges, and default values + in completion descriptions (e.g. `timeout (seconds) (0-60) [20]`) is now + recognised by the completion system itself. These components are parsed + out of the description and can be individually styled. A _numbers helper + function has been added to help function authors offer rich completion + for these values. + + The log builtin, WATCH parameter, et al., have been broken out into a + separate module, zsh/watch. The module is enabled by default. + + The zsh/watch module's WATCHFMT parameter now supports colours via the + %F and %K escapes. + + The STTY parameter can now be set to an empty string before running a + command to automatically restore terminal settings after the command + finishes. + + The "jobs" command and "$jobstates" and related parameters can report on + parent shell jobs even in subshells. This is a snapshot of the parent + state, frozen at the point the subshell started. However, if a subshell + starts its own background jobs, the parent state is discarded in order + to report on those new jobs. + +- drop ncurses-fix.patch: upstream + ------------------------------------------------------------------- Sun Mar 20 20:03:32 UTC 2022 - Dirk Müller -- update to 5.8.1 (bsc#1196435, CVE-2021-45444): - * CVE-2021-45444: Some prompt expansion sequences, such as %F, support - 'arguments' which are themselves expanded in case they contain colour - values, etc. This additional expansion would trigger PROMPT_SUBST - evaluation, if enabled. This could be abused to execute code the user - didn't expect. e.g., given a certain prompt configuration, an attacker - could trick a user into executing arbitrary code by having them check - out a Git branch with a specially crafted name. + - update to 5.8.1 (bsc#1196435, CVE-2021-45444): + * CVE-2021-45444: Some prompt expansion sequences, such as %F, support + 'arguments' which are themselves expanded in case they contain colour + values, etc. This additional expansion would trigger PROMPT_SUBST + evaluation, if enabled. This could be abused to execute code the user + didn't expect. e.g., given a certain prompt configuration, an attacker + could trick a user into executing arbitrary code by having them check + out a Git branch with a specially crafted name. - This is fixed in the shell itself by no longer performing PROMPT_SUBST - evaluation on these prompt-expansion arguments. + This is fixed in the shell itself by no longer performing PROMPT_SUBST + evaluation on these prompt-expansion arguments. - Users who are concerned about an exploit but unable to update their - binaries may apply the partial work-around described in the file - Etc/CVE-2021-45444-VCS_Info-workaround.patch included with the shell - source. [ Reported by RyotaK . Additional thanks to - Marc Cornellà . ] + Users who are concerned about an exploit but unable to update their + binaries may apply the partial work-around described in the file + Etc/CVE-2021-45444-VCS_Info-workaround.patch included with the shell + source. [ Reported by RyotaK . Additional thanks to + Marc Cornellà . ] ------------------------------------------------------------------- Fri Oct 16 10:27:34 UTC 2020 - Ludwig Nussel diff --git a/zsh.spec b/zsh.spec index 63c1d37..e5a30aa 100644 --- a/zsh.spec +++ b/zsh.spec @@ -25,12 +25,12 @@ BuildRequires: texi2html BuildRequires: texinfo %endif Name: zsh -Version: 5.8.1 +Version: 5.9 Release: 0%{?dist} Summary: Shell with comprehensive completion License: MIT Group: System/Shells -URL: http://www.zsh.org +URL: https://www.zsh.org Source0: https://downloads.sourceforge.net/project/zsh/zsh/%{version}/zsh-%{version}.tar.xz Source1: https://downloads.sourceforge.net/project/zsh/zsh/%{version}/zsh-%{version}.tar.xz.asc Source2: %{name}.keyring @@ -40,7 +40,6 @@ Source5: zprofile Patch1: trim-unneeded-completions.patch # PATCH-FIX-OPENSUSE zsh-osc-completion.patch -- Fix openSUSE versions in osc completion Patch2: zsh-osc-completion.patch -Patch3: ncurses-fix.patch BuildRequires: groff BuildRequires: libcap-devel BuildRequires: ncurses-devel @@ -100,7 +99,6 @@ This package contains the Zsh manual in HTML format. %patch1 -p1 %endif %patch2 -p1 -%patch3 -p1 # Remove executable bit chmod 0644 Etc/changelog2html.pl @@ -109,7 +107,7 @@ chmod 0644 Etc/changelog2html.pl perl -p -i -e 's|%{_prefix}/local/bin|%{_bindir}|' \ Doc/intro.ms Misc/globtests.ksh Misc/globtests \ Misc/lete2ctl Util/check_exports Util/helpfiles \ - Util/reporter + Util/reporter Functions/VCS_Info/test-repo-git-rebase-* %build