From 34ab9541b612ed7e486e1d8fbbbc092acbbb64091262771d04263c5631913355 Mon Sep 17 00:00:00 2001 From: Martin Pluskal Date: Thu, 1 Aug 2024 05:09:25 +0000 Subject: [PATCH] Accepting request 1190482 from home:wfrisch:branches:devel:tools - CVE-2019-20633.patch: Fix double-free/OOB read in pch.c (bsc#1167721) OBS-URL: https://build.opensuse.org/request/show/1190482 OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=70 --- .gitattributes | 23 + .gitignore | 1 + CVE-2019-20633.patch | 25 + abort-when-cleaning-up-fails.patch | 48 ++ dont-follow-symlinks-unless-asked.patch | 103 +++ ed-style-01-missing-input-files.patch | 30 + ...e-02-fix-arbitrary-command-execution.patch | 201 ++++++ ed-style-03-update-test-Makefile.patch | 35 + ed-style-04-invoke-ed-directly.patch | 35 + ed-style-05-minor-cleanups.patch | 95 +++ ed-style-06-fix-test-failure.patch | 24 + ed-style-07-dont-leak-tmp-file.patch | 95 +++ ed-style-08-dont-leak-tmp-file-multi.patch | 72 +++ fix-segfault-mangled-rename.patch | 25 + fix-swapping-fake-lines-in-pch_swap.patch | 27 + pass-the-correct-stat-to-backup-files.patch | 59 ++ patch-2.7.6.tar.xz | 3 + patch-2.7.6.tar.xz.sig | 16 + patch.changes | 611 ++++++++++++++++++ patch.keyring | 476 ++++++++++++++ patch.spec | 76 +++ 21 files changed, 2080 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 CVE-2019-20633.patch create mode 100644 abort-when-cleaning-up-fails.patch create mode 100644 dont-follow-symlinks-unless-asked.patch create mode 100644 ed-style-01-missing-input-files.patch create mode 100644 ed-style-02-fix-arbitrary-command-execution.patch create mode 100644 ed-style-03-update-test-Makefile.patch create mode 100644 ed-style-04-invoke-ed-directly.patch create mode 100644 ed-style-05-minor-cleanups.patch create mode 100644 ed-style-06-fix-test-failure.patch create mode 100644 ed-style-07-dont-leak-tmp-file.patch create mode 100644 ed-style-08-dont-leak-tmp-file-multi.patch create mode 100644 fix-segfault-mangled-rename.patch create mode 100644 fix-swapping-fake-lines-in-pch_swap.patch create mode 100644 pass-the-correct-stat-to-backup-files.patch create mode 100644 patch-2.7.6.tar.xz create mode 100644 patch-2.7.6.tar.xz.sig create mode 100644 patch.changes create mode 100644 patch.keyring create mode 100644 patch.spec diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/CVE-2019-20633.patch b/CVE-2019-20633.patch new file mode 100644 index 0000000..9ad3cd1 --- /dev/null +++ b/CVE-2019-20633.patch @@ -0,0 +1,25 @@ +commit a09d9519a57e84d8e2ad592fbba09e8a9faf55f8 +Author: Wolfgang Frisch +Date: Tue Jul 30 14:17:32 2024 +0200 + + Fix double-free/OOB read in pch.c (CVE-2019-20633) + + see also: https://savannah.gnu.org/bugs/index.php?56683#comment1 + +diff --git a/src/pch.c b/src/pch.c +index fd9c480..57c76de 100644 +--- a/src/pch.c ++++ b/src/pch.c +@@ -1183,8 +1183,11 @@ another_hunk (enum diff difftype, bool rev) + while (p_end >= 0) { + if (p_end == p_efake) + p_end = p_bfake; /* don't free twice */ +- else ++ else { + free(p_line[p_end]); ++ p_line[p_end] = NULL; ++ p_len[p_end] = 0; ++ } + p_end--; + } + assert(p_end == -1); diff --git a/abort-when-cleaning-up-fails.patch b/abort-when-cleaning-up-fails.patch new file mode 100644 index 0000000..6052dd9 --- /dev/null +++ b/abort-when-cleaning-up-fails.patch @@ -0,0 +1,48 @@ +From: Andreas Gruenbacher +Date: Fri, 28 Jun 2019 00:30:25 +0200 +Subject: Abort when cleaning up fails +Patch-mainline: Yes +Git-commit: b7b028a77bd855f6f56b17c8837fc1cca77b469d +References: boo#1111572 savannah#54845 + +When a fatal error triggers during cleanup, another attempt will be made to +clean up, which will likely lead to the same fatal error. So instead, bail out +when that happens. +src/patch.c (cleanup): Bail out when called recursively. +(main): There is no need to call output_files() before cleanup() as cleanup() +already does that. +--- + src/patch.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +--- a/src/patch.c ++++ b/src/patch.c +@@ -681,7 +681,6 @@ main (int argc, char **argv) + } + if (outstate.ofp && (ferror (outstate.ofp) || fclose (outstate.ofp) != 0)) + write_fatal (); +- output_files (NULL); + cleanup (); + delete_files (); + if (somefailed) +@@ -1977,7 +1976,6 @@ void + fatal_exit (int sig) + { + cleanup (); +- + if (sig) + exit_with_signal (sig); + +@@ -1997,6 +1995,12 @@ remove_if_needed (char const *name, bool + static void + cleanup (void) + { ++ static bool already_cleaning_up; ++ ++ if (already_cleaning_up) ++ return; ++ already_cleaning_up = true; ++ + remove_if_needed (TMPINNAME, &TMPINNAME_needs_removal); + remove_if_needed (TMPOUTNAME, &TMPOUTNAME_needs_removal); + remove_if_needed (TMPPATNAME, &TMPPATNAME_needs_removal); diff --git a/dont-follow-symlinks-unless-asked.patch b/dont-follow-symlinks-unless-asked.patch new file mode 100644 index 0000000..b05afcb --- /dev/null +++ b/dont-follow-symlinks-unless-asked.patch @@ -0,0 +1,103 @@ +From: Andreas Gruenbacher +Date: Mon, 15 Jul 2019 16:21:48 +0200 +Subject: Don't follow symlinks unless --follow-symlinks is given +Patch-mainline: Yes +Git-commit: dce4683cbbe107a95f1f0d45fabc304acfb5d71a +References: boo#1142041 CVE-2019-13636 + +* src/inp.c (plan_a, plan_b), src/util.c (copy_to_fd, copy_file, +append_to_file): Unless the --follow-symlinks option is given, open files with +the O_NOFOLLOW flag to avoid following symlinks. So far, we were only doing +that consistently for input files. +* src/util.c (create_backup): When creating empty backup files, (re)create them +with O_CREAT | O_EXCL to avoid following symlinks in that case as well. +--- + src/inp.c | 12 ++++++++++-- + src/util.c | 14 +++++++++++--- + 2 files changed, 21 insertions(+), 5 deletions(-) + +--- a/src/inp.c ++++ b/src/inp.c +@@ -238,8 +238,13 @@ plan_a (char const *filename) + { + if (S_ISREG (instat.st_mode)) + { +- int ifd = safe_open (filename, O_RDONLY|binary_transput, 0); ++ int flags = O_RDONLY | binary_transput; + size_t buffered = 0, n; ++ int ifd; ++ ++ if (! follow_symlinks) ++ flags |= O_NOFOLLOW; ++ ifd = safe_open (filename, flags, 0); + if (ifd < 0) + pfatal ("can't open file %s", quotearg (filename)); + +@@ -340,6 +345,7 @@ plan_a (char const *filename) + static void + plan_b (char const *filename) + { ++ int flags = O_RDONLY | binary_transput; + int ifd; + FILE *ifp; + int c; +@@ -353,7 +359,9 @@ plan_b (char const *filename) + + if (instat.st_size == 0) + filename = NULL_DEVICE; +- if ((ifd = safe_open (filename, O_RDONLY | binary_transput, 0)) < 0 ++ if (! follow_symlinks) ++ flags |= O_NOFOLLOW; ++ if ((ifd = safe_open (filename, flags, 0)) < 0 + || ! (ifp = fdopen (ifd, binary_transput ? "rb" : "r"))) + pfatal ("Can't open file %s", quotearg (filename)); + if (TMPINNAME_needs_removal) +--- a/src/util.c ++++ b/src/util.c +@@ -388,7 +388,7 @@ create_backup (char const *to, const str + + try_makedirs_errno = ENOENT; + safe_unlink (bakname); +- while ((fd = safe_open (bakname, O_CREAT | O_WRONLY | O_TRUNC, 0666)) < 0) ++ while ((fd = safe_open (bakname, O_CREAT | O_EXCL | O_WRONLY | O_TRUNC, 0666)) < 0) + { + if (errno != try_makedirs_errno) + pfatal ("Can't create file %s", quotearg (bakname)); +@@ -579,10 +579,13 @@ create_file (char const *file, int open_ + static void + copy_to_fd (const char *from, int tofd) + { ++ int from_flags = O_RDONLY | O_BINARY; + int fromfd; + ssize_t i; + +- if ((fromfd = safe_open (from, O_RDONLY | O_BINARY, 0)) < 0) ++ if (! follow_symlinks) ++ from_flags |= O_NOFOLLOW; ++ if ((fromfd = safe_open (from, from_flags, 0)) < 0) + pfatal ("Can't reopen file %s", quotearg (from)); + while ((i = read (fromfd, buf, bufsize)) != 0) + { +@@ -625,6 +628,8 @@ copy_file (char const *from, char const + else + { + assert (S_ISREG (mode)); ++ if (! follow_symlinks) ++ to_flags |= O_NOFOLLOW; + tofd = create_file (to, O_WRONLY | O_BINARY | to_flags, mode, + to_dir_known_to_exist); + copy_to_fd (from, tofd); +@@ -640,9 +645,12 @@ copy_file (char const *from, char const + void + append_to_file (char const *from, char const *to) + { ++ int to_flags = O_WRONLY | O_APPEND | O_BINARY; + int tofd; + +- if ((tofd = safe_open (to, O_WRONLY | O_BINARY | O_APPEND, 0)) < 0) ++ if (! follow_symlinks) ++ to_flags |= O_NOFOLLOW; ++ if ((tofd = safe_open (to, to_flags, 0)) < 0) + pfatal ("Can't reopen file %s", quotearg (to)); + copy_to_fd (from, tofd); + if (close (tofd) != 0) diff --git a/ed-style-01-missing-input-files.patch b/ed-style-01-missing-input-files.patch new file mode 100644 index 0000000..66af65e --- /dev/null +++ b/ed-style-01-missing-input-files.patch @@ -0,0 +1,30 @@ +From: Andreas Gruenbacher +Date: Fri, 6 Apr 2018 11:34:51 +0200 +Subject: Allow input files to be missing for ed-style patches +Patch-mainline: yes +Git-commit: b5a91a01e5d0897facdd0f49d64b76b0f02b43e1 +References: bsc#1088420, savannah#53566, CVE-2018-1000156 + +* src/pch.c (do_ed_script): Allow input files to be missing so that new +files will be created as with non-ed-style patches. +--- + src/pch.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +--- a/src/pch.c ++++ b/src/pch.c +@@ -2394,9 +2394,11 @@ do_ed_script (char const *inname, char c + + if (! dry_run && ! skip_rest_of_patch) { + int exclusive = *outname_needs_removal ? 0 : O_EXCL; +- assert (! inerrno); +- *outname_needs_removal = true; +- copy_file (inname, outname, 0, exclusive, instat.st_mode, true); ++ if (inerrno != ENOENT) ++ { ++ *outname_needs_removal = true; ++ copy_file (inname, outname, 0, exclusive, instat.st_mode, true); ++ } + sprintf (buf, "%s %s%s", editor_program, + verbosity == VERBOSE ? "" : "- ", + outname); diff --git a/ed-style-02-fix-arbitrary-command-execution.patch b/ed-style-02-fix-arbitrary-command-execution.patch new file mode 100644 index 0000000..86af19e --- /dev/null +++ b/ed-style-02-fix-arbitrary-command-execution.patch @@ -0,0 +1,201 @@ +From: Andreas Gruenbacher +Date: Fri, 6 Apr 2018 12:14:49 +0200 +Subject: Fix arbitrary command execution in ed-style patches +Patch-mainline: yes +Git-commit: 123eaff0d5d1aebe128295959435b9ca5909c26d +References: bsc#1088420, savannah#53566, CVE-2018-1000156 + +* src/pch.c (do_ed_script): Write ed script to a temporary file instead +of piping it to ed: this will cause ed to abort on invalid commands +instead of rejecting them and carrying on. +* tests/ed-style: New test case. +* tests/Makefile.am (TESTS): Add test case. +--- + src/pch.c | 91 +++++++++++++++++++++++++++++++++++++++--------------- + tests/Makefile.am | 1 + tests/ed-style | 41 ++++++++++++++++++++++++ + 3 files changed, 108 insertions(+), 25 deletions(-) + +--- a/src/pch.c ++++ b/src/pch.c +@@ -33,6 +33,7 @@ + # include + #endif + #include ++#include + + #define INITHUNKMAX 125 /* initial dynamic allocation size */ + +@@ -2389,24 +2390,28 @@ do_ed_script (char const *inname, char c + static char const editor_program[] = EDITOR_PROGRAM; + + file_offset beginning_of_this_line; +- FILE *pipefp = 0; + size_t chars_read; ++ FILE *tmpfp = 0; ++ char const *tmpname; ++ int tmpfd; ++ pid_t pid; ++ ++ if (! dry_run && ! skip_rest_of_patch) ++ { ++ /* Write ed script to a temporary file. This causes ed to abort on ++ invalid commands such as when line numbers or ranges exceed the ++ number of available lines. When ed reads from a pipe, it rejects ++ invalid commands and treats the next line as a new command, which ++ can lead to arbitrary command execution. */ ++ ++ tmpfd = make_tempfile (&tmpname, 'e', NULL, O_RDWR | O_BINARY, 0); ++ if (tmpfd == -1) ++ pfatal ("Can't create temporary file %s", quotearg (tmpname)); ++ tmpfp = fdopen (tmpfd, "w+b"); ++ if (! tmpfp) ++ pfatal ("Can't open stream for file %s", quotearg (tmpname)); ++ } + +- if (! dry_run && ! skip_rest_of_patch) { +- int exclusive = *outname_needs_removal ? 0 : O_EXCL; +- if (inerrno != ENOENT) +- { +- *outname_needs_removal = true; +- copy_file (inname, outname, 0, exclusive, instat.st_mode, true); +- } +- sprintf (buf, "%s %s%s", editor_program, +- verbosity == VERBOSE ? "" : "- ", +- outname); +- fflush (stdout); +- pipefp = popen(buf, binary_transput ? "wb" : "w"); +- if (!pipefp) +- pfatal ("Can't open pipe to %s", quotearg (buf)); +- } + for (;;) { + char ed_command_letter; + beginning_of_this_line = file_tell (pfp); +@@ -2417,14 +2422,14 @@ do_ed_script (char const *inname, char c + } + ed_command_letter = get_ed_command_letter (buf); + if (ed_command_letter) { +- if (pipefp) +- if (! fwrite (buf, sizeof *buf, chars_read, pipefp)) ++ if (tmpfp) ++ if (! fwrite (buf, sizeof *buf, chars_read, tmpfp)) + write_fatal (); + if (ed_command_letter != 'd' && ed_command_letter != 's') { + p_pass_comments_through = true; + while ((chars_read = get_line ()) != 0) { +- if (pipefp) +- if (! fwrite (buf, sizeof *buf, chars_read, pipefp)) ++ if (tmpfp) ++ if (! fwrite (buf, sizeof *buf, chars_read, tmpfp)) + write_fatal (); + if (chars_read == 2 && strEQ (buf, ".\n")) + break; +@@ -2437,13 +2442,49 @@ do_ed_script (char const *inname, char c + break; + } + } +- if (!pipefp) ++ if (!tmpfp) + return; +- if (fwrite ("w\nq\n", sizeof (char), (size_t) 4, pipefp) == 0 +- || fflush (pipefp) != 0) ++ if (fwrite ("w\nq\n", sizeof (char), (size_t) 4, tmpfp) == 0 ++ || fflush (tmpfp) != 0) + write_fatal (); +- if (pclose (pipefp) != 0) +- fatal ("%s FAILED", editor_program); ++ ++ if (lseek (tmpfd, 0, SEEK_SET) == -1) ++ pfatal ("Can't rewind to the beginning of file %s", quotearg (tmpname)); ++ ++ if (! dry_run && ! skip_rest_of_patch) { ++ int exclusive = *outname_needs_removal ? 0 : O_EXCL; ++ *outname_needs_removal = true; ++ if (inerrno != ENOENT) ++ { ++ *outname_needs_removal = true; ++ copy_file (inname, outname, 0, exclusive, instat.st_mode, true); ++ } ++ sprintf (buf, "%s %s%s", editor_program, ++ verbosity == VERBOSE ? "" : "- ", ++ outname); ++ fflush (stdout); ++ ++ pid = fork(); ++ if (pid == -1) ++ pfatal ("Can't fork"); ++ else if (pid == 0) ++ { ++ dup2 (tmpfd, 0); ++ execl ("/bin/sh", "sh", "-c", buf, (char *) 0); ++ _exit (2); ++ } ++ else ++ { ++ int wstatus; ++ if (waitpid (pid, &wstatus, 0) == -1 ++ || ! WIFEXITED (wstatus) ++ || WEXITSTATUS (wstatus) != 0) ++ fatal ("%s FAILED", editor_program); ++ } ++ } ++ ++ fclose (tmpfp); ++ safe_unlink (tmpname); + + if (ofp) + { +--- a/tests/Makefile.am ++++ b/tests/Makefile.am +@@ -32,6 +32,7 @@ TESTS = \ + crlf-handling \ + dash-o-append \ + deep-directories \ ++ ed-style \ + empty-files \ + false-match \ + fifo \ +--- /dev/null ++++ b/tests/ed-style +@@ -0,0 +1,41 @@ ++# Copyright (C) 2018 Free Software Foundation, Inc. ++# ++# Copying and distribution of this file, with or without modification, ++# in any medium, are permitted without royalty provided the copyright ++# notice and this notice are preserved. ++ ++. $srcdir/test-lib.sh ++ ++require cat ++use_local_patch ++use_tmpdir ++ ++# ============================================================== ++ ++cat > ed1.diff < ed2.diff < /dev/null || echo "Status: $?"' < +Subject: Update tests/Makefile.in +Patch-mainline: no, temporary integration +References: bsc#1088420, savannah#53566, CVE-2018-1000156 + +Previous patch modifies tests/Makefile.am. Mirror the changes to +tests/Makefile.in so that we don't need automake. +--- + tests/Makefile.in | 8 ++++++++ + 1 file changed, 8 insertions(+) + +--- a/tests/Makefile.in ++++ b/tests/Makefile.in +@@ -1308,6 +1308,7 @@ TESTS = \ + crlf-handling \ + dash-o-append \ + deep-directories \ ++ ed-style \ + empty-files \ + false-match \ + fifo \ +@@ -1638,6 +1639,13 @@ deep-directories.log: deep-directories + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ ++ "$$tst" $(AM_TESTS_FD_REDIRECT) ++ed-style.log: ed-style ++ @p='ed-style'; \ ++ b='ed-style'; \ ++ $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ ++ --log-file $$b.log --trs-file $$b.trs \ ++ $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) + empty-files.log: empty-files + @p='empty-files'; \ diff --git a/ed-style-04-invoke-ed-directly.patch b/ed-style-04-invoke-ed-directly.patch new file mode 100644 index 0000000..ab76462 --- /dev/null +++ b/ed-style-04-invoke-ed-directly.patch @@ -0,0 +1,35 @@ +From: Andreas Gruenbacher +Date: Fri, 6 Apr 2018 19:36:15 +0200 +Subject: Invoke ed directly instead of using the shell +Git-commit: 3fcd042d26d70856e826a42b5f93dc4854d80bf0 +Patch-mainline: yes +References: bsc#1088420, savannah#53566, CVE-2018-1000156 + +* src/pch.c (do_ed_script): Invoke ed directly instead of using a shell +command to avoid quoting vulnerabilities. +--- + src/pch.c | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +--- a/src/pch.c ++++ b/src/pch.c +@@ -2459,9 +2459,6 @@ do_ed_script (char const *inname, char c + *outname_needs_removal = true; + copy_file (inname, outname, 0, exclusive, instat.st_mode, true); + } +- sprintf (buf, "%s %s%s", editor_program, +- verbosity == VERBOSE ? "" : "- ", +- outname); + fflush (stdout); + + pid = fork(); +@@ -2470,7 +2467,8 @@ do_ed_script (char const *inname, char c + else if (pid == 0) + { + dup2 (tmpfd, 0); +- execl ("/bin/sh", "sh", "-c", buf, (char *) 0); ++ assert (outname[0] != '!' && outname[0] != '-'); ++ execlp (editor_program, editor_program, "-", outname, (char *) NULL); + _exit (2); + } + else diff --git a/ed-style-05-minor-cleanups.patch b/ed-style-05-minor-cleanups.patch new file mode 100644 index 0000000..a2582dc --- /dev/null +++ b/ed-style-05-minor-cleanups.patch @@ -0,0 +1,95 @@ +From: Andreas Gruenbacher +Date: Fri, 6 Apr 2018 20:32:46 +0200 +Subject: Minor cleanups in do_ed_script +Git-commit: 2a32bf09f5e9572da4be183bb0dbde8164351474 +Patch-mainline: yes +References: bsc#1088420, savannah#53566, CVE-2018-1000156 + +* src/pch.c (do_ed_script): Minor cleanups. + +Backporting notes: adjusted because we don't have commit ff1d3a67da1e +("Use gnulib execute module") so the context is very different. +--- + src/pch.c | 56 +++++++++++++++++++++++++++----------------------------- + 1 file changed, 27 insertions(+), 29 deletions(-) + +--- a/src/pch.c ++++ b/src/pch.c +@@ -2395,6 +2395,8 @@ do_ed_script (char const *inname, char c + char const *tmpname; + int tmpfd; + pid_t pid; ++ int exclusive = *outname_needs_removal ? 0 : O_EXCL; ++ + + if (! dry_run && ! skip_rest_of_patch) + { +@@ -2442,7 +2444,7 @@ do_ed_script (char const *inname, char c + break; + } + } +- if (!tmpfp) ++ if (dry_run || skip_rest_of_patch) + return; + if (fwrite ("w\nq\n", sizeof (char), (size_t) 4, tmpfp) == 0 + || fflush (tmpfp) != 0) +@@ -2451,35 +2453,31 @@ do_ed_script (char const *inname, char c + if (lseek (tmpfd, 0, SEEK_SET) == -1) + pfatal ("Can't rewind to the beginning of file %s", quotearg (tmpname)); + +- if (! dry_run && ! skip_rest_of_patch) { +- int exclusive = *outname_needs_removal ? 0 : O_EXCL; ++ if (inerrno != ENOENT) ++ { + *outname_needs_removal = true; +- if (inerrno != ENOENT) +- { +- *outname_needs_removal = true; +- copy_file (inname, outname, 0, exclusive, instat.st_mode, true); +- } +- fflush (stdout); +- +- pid = fork(); +- if (pid == -1) +- pfatal ("Can't fork"); +- else if (pid == 0) +- { +- dup2 (tmpfd, 0); +- assert (outname[0] != '!' && outname[0] != '-'); +- execlp (editor_program, editor_program, "-", outname, (char *) NULL); +- _exit (2); +- } +- else +- { +- int wstatus; +- if (waitpid (pid, &wstatus, 0) == -1 +- || ! WIFEXITED (wstatus) +- || WEXITSTATUS (wstatus) != 0) +- fatal ("%s FAILED", editor_program); +- } +- } ++ copy_file (inname, outname, 0, exclusive, instat.st_mode, true); ++ } ++ fflush (stdout); ++ ++ pid = fork(); ++ if (pid == -1) ++ pfatal ("Can't fork"); ++ else if (pid == 0) ++ { ++ dup2 (tmpfd, 0); ++ assert (outname[0] != '!' && outname[0] != '-'); ++ execlp (editor_program, editor_program, "-", outname, (char *) NULL); ++ _exit (2); ++ } ++ else ++ { ++ int wstatus; ++ if (waitpid (pid, &wstatus, 0) == -1 ++ || ! WIFEXITED (wstatus) ++ || WEXITSTATUS (wstatus) != 0) ++ fatal ("%s FAILED", editor_program); ++ } + + fclose (tmpfp); + safe_unlink (tmpname); diff --git a/ed-style-06-fix-test-failure.patch b/ed-style-06-fix-test-failure.patch new file mode 100644 index 0000000..f641d72 --- /dev/null +++ b/ed-style-06-fix-test-failure.patch @@ -0,0 +1,24 @@ +From: Bruno Haible +Date: Sat, 7 Apr 2018 12:34:03 +0200 +Subject: Fix 'ed-style' test failure +Git-commit: 458ac51a05426c1af9aa6bf1342ecf60728c19b4 +Patch-mainline: yes +References: bsc#1088420, savannah#53566, CVE-2018-1000156 + +* tests/ed-style: Remove '?' line from expected output. +--- + tests/ed-style | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +--- a/tests/ed-style ++++ b/tests/ed-style +@@ -31,8 +31,7 @@ r !echo bar + ,p + EOF + +-check 'patch -e foo -i ed2.diff 2> /dev/null || echo "Status: $?"' < /dev/null 2> /dev/null || echo "Status: $?"' < +Date: Thu, 3 May 2018 14:31:55 +0200 +Subject: Don't leak temporary file on failed ed-style patch +Git-commit: 19599883ffb6a450d2884f081f8ecf68edbed7ee +Patch-mainline: yes +References: bsc#1092500, savannah#53820 + +Now that we write ed-style patches to a temporary file before we +apply them, we need to ensure that the temporary file is removed +before we leave, even on fatal error. + +* src/pch.c (do_ed_script): Use global TMPEDNAME instead of local + tmpname. Don't unlink the file directly, instead tag it for removal + at exit time. +* src/patch.c (cleanup): Unlink TMPEDNAME at exit. + +This closes bug #53820: +https://savannah.gnu.org/bugs/index.php?53820 + +Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)") +--- + src/common.h | 2 ++ + src/patch.c | 1 + + src/pch.c | 11 +++++------ + 3 files changed, 8 insertions(+), 6 deletions(-) + +--- a/src/common.h ++++ b/src/common.h +@@ -94,10 +94,12 @@ XTERN char const *origsuff; + XTERN char const * TMPINNAME; + XTERN char const * TMPOUTNAME; + XTERN char const * TMPPATNAME; ++XTERN char const * TMPEDNAME; + + XTERN bool TMPINNAME_needs_removal; + XTERN bool TMPOUTNAME_needs_removal; + XTERN bool TMPPATNAME_needs_removal; ++XTERN bool TMPEDNAME_needs_removal; + + #ifdef DEBUGGING + XTERN int debug; +--- a/src/patch.c ++++ b/src/patch.c +@@ -1999,6 +1999,7 @@ cleanup (void) + remove_if_needed (TMPINNAME, &TMPINNAME_needs_removal); + remove_if_needed (TMPOUTNAME, &TMPOUTNAME_needs_removal); + remove_if_needed (TMPPATNAME, &TMPPATNAME_needs_removal); ++ remove_if_needed (TMPEDNAME, &TMPEDNAME_needs_removal); + remove_if_needed (TMPREJNAME, &TMPREJNAME_needs_removal); + output_files (NULL); + } +--- a/src/pch.c ++++ b/src/pch.c +@@ -2392,7 +2392,6 @@ do_ed_script (char const *inname, char c + file_offset beginning_of_this_line; + size_t chars_read; + FILE *tmpfp = 0; +- char const *tmpname; + int tmpfd; + pid_t pid; + int exclusive = *outname_needs_removal ? 0 : O_EXCL; +@@ -2406,12 +2405,13 @@ do_ed_script (char const *inname, char c + invalid commands and treats the next line as a new command, which + can lead to arbitrary command execution. */ + +- tmpfd = make_tempfile (&tmpname, 'e', NULL, O_RDWR | O_BINARY, 0); ++ tmpfd = make_tempfile (&TMPEDNAME, 'e', NULL, O_RDWR | O_BINARY, 0); + if (tmpfd == -1) +- pfatal ("Can't create temporary file %s", quotearg (tmpname)); ++ pfatal ("Can't create temporary file %s", quotearg (TMPEDNAME)); ++ TMPEDNAME_needs_removal = true; + tmpfp = fdopen (tmpfd, "w+b"); + if (! tmpfp) +- pfatal ("Can't open stream for file %s", quotearg (tmpname)); ++ pfatal ("Can't open stream for file %s", quotearg (TMPEDNAME)); + } + + for (;;) { +@@ -2451,7 +2451,7 @@ do_ed_script (char const *inname, char c + write_fatal (); + + if (lseek (tmpfd, 0, SEEK_SET) == -1) +- pfatal ("Can't rewind to the beginning of file %s", quotearg (tmpname)); ++ pfatal ("Can't rewind to the beginning of file %s", quotearg (TMPEDNAME)); + + if (inerrno != ENOENT) + { +@@ -2480,7 +2480,6 @@ do_ed_script (char const *inname, char c + } + + fclose (tmpfp); +- safe_unlink (tmpname); + + if (ofp) + { diff --git a/ed-style-08-dont-leak-tmp-file-multi.patch b/ed-style-08-dont-leak-tmp-file-multi.patch new file mode 100644 index 0000000..c990bbb --- /dev/null +++ b/ed-style-08-dont-leak-tmp-file-multi.patch @@ -0,0 +1,72 @@ +From: Jean Delvare +Date: Mon, 7 May 2018 15:14:45 +0200 +Subject: Don't leak temporary file on failed multi-file ed-style patch +Git-commit: 369dcccdfa6336e5a873d6d63705cfbe04c55727 +Patch-mainline: yes +References: bsc#1092500, savannah#53820 + +The previous fix worked fine with single-file ed-style patches, but +would still leak temporary files in the case of multi-file ed-style +patch. Fix that case as well, and extend the test case to check for +it. + +* src/patch.c (main): Unlink TMPEDNAME if needed before moving to + the next file in a patch. + +This closes bug #53820: +https://savannah.gnu.org/bugs/index.php?53820 + +Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)") +Fixes: 19599883ffb6 ("Don't leak temporary file on failed ed-style patch") +--- + src/patch.c | 1 + + tests/ed-style | 31 +++++++++++++++++++++++++++++++ + 2 files changed, 32 insertions(+) + +--- a/src/patch.c ++++ b/src/patch.c +@@ -236,6 +236,7 @@ main (int argc, char **argv) + } + remove_if_needed (TMPOUTNAME, &TMPOUTNAME_needs_removal); + } ++ remove_if_needed (TMPEDNAME, &TMPEDNAME_needs_removal); + + if (! skip_rest_of_patch && ! file_type) + { +--- a/tests/ed-style ++++ b/tests/ed-style +@@ -38,3 +38,34 @@ EOF + check 'cat foo' < ed3.diff < baz < +Date: Mon, 12 Feb 2018 16:48:24 +0100 +Subject: Fix segfault with mangled rename patch +Patch-mainline: yes +Git-commit: f290f48a621867084884bfff87f8093c15195e6a +References: bsc#1080951, CVE-2018-6951, savannah#53133 + +http://savannah.gnu.org/bugs/?53132 +* src/pch.c (intuit_diff_type): Ensure that two filenames are specified +for renames and copies (fix the existing check). + +diff --git a/src/pch.c b/src/pch.c +index ff9ed2c..bc6278c 100644 +--- a/src/pch.c ++++ b/src/pch.c +@@ -974,7 +974,8 @@ intuit_diff_type (bool need_header, mode_t *p_file_type) + if ((pch_rename () || pch_copy ()) + && ! inname + && ! ((i == OLD || i == NEW) && +- p_name[! reverse] && ++ p_name[reverse] && p_name[! reverse] && ++ name_is_valid (p_name[reverse]) && + name_is_valid (p_name[! reverse]))) + { + say ("Cannot %s file without two valid file names\n", pch_rename () ? "rename" : "copy"); diff --git a/fix-swapping-fake-lines-in-pch_swap.patch b/fix-swapping-fake-lines-in-pch_swap.patch new file mode 100644 index 0000000..0e90999 --- /dev/null +++ b/fix-swapping-fake-lines-in-pch_swap.patch @@ -0,0 +1,27 @@ +From: Andreas Gruenbacher +Date: Fri, 17 Aug 2018 13:35:40 +0200 +Subject: Fix swapping fake lines in pch_swap +Patch-mainline: Yes +Git-commit: 9c986353e420ead6e706262bf204d6e03322c300 +References: boo#1080985 savannah#53133 CVE-2018-6952 + +* src/pch.c (pch_swap): Fix swapping p_bfake and p_efake when there is a +blank line in the middle of a context-diff hunk: that empty line stays +in the middle of the hunk and isn't swapped. + +Fixes: https://savannah.gnu.org/bugs/index.php?53133 +--- + src/pch.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/src/pch.c ++++ b/src/pch.c +@@ -2115,7 +2115,7 @@ pch_swap (void) + } + if (p_efake >= 0) { /* fix non-freeable ptr range */ + if (p_efake <= i) +- n = p_end - i + 1; ++ n = p_end - p_ptrn_lines; + else + n = -i; + p_efake += n; diff --git a/pass-the-correct-stat-to-backup-files.patch b/pass-the-correct-stat-to-backup-files.patch new file mode 100644 index 0000000..a391393 --- /dev/null +++ b/pass-the-correct-stat-to-backup-files.patch @@ -0,0 +1,59 @@ +From: Takashi Iwai +Date: Wed, 6 Apr 2022 10:48:35 +0200 +Subject: Pass the correct stat to backup files +Patch-mainline: Yes +Git-commit: c835ecc67b7e37c0d0b7dd7e032209fdaa285808 +References: boo#1198106 savananh#62364 + +The last case to call output_file() in the main loop is + output_file (outname, NULL, &tmpoutst, NULL, NULL, + file_type | 0, backup); +and this essentially means to create a backup file (where to=NULL) +only if backup=true, and does nothing else. + +And, in the current code, the passed file stat (&tmpoutst) is a file +stat of the temporary file that has been processed, not the original +file (outname) to be backed up. When the backup is performed +immediately, this is no big problem. However, output_file() may +schedule the deferred handling, and the given file may be backed up at +a later point. The problem is that create_backup() tries to avoid the +backup of the same file twice, and it checks the given stat i-node +number in the hash list. Since it's a stat of a temporary file, the +same i-node number may be reused once a temp file is deleted and +another is created. This results in a false-positive detection of the +already existing file, eventually missing a backup file. + +This patch attempts to address the issue: +- Modify the condition for better understanding, clearly indicating + that the code there is for creating a backup file +- Pass the stat of the original file instead of a temporary file + +BugLink: https://bugzilla.opensuse.org/show_bug.cgi?id=1198106 +Signed-off-by: Takashi Iwai +Signed-off-by: Jean Delvare +--- + src/patch.c | 13 ++++++++++--- + 1 file changed, 10 insertions(+), 3 deletions(-) + +--- a/src/patch.c ++++ b/src/patch.c +@@ -611,9 +611,16 @@ main (int argc, char **argv) + output_file (NULL, NULL, NULL, inname, &instat, + mode, backup); + } +- else +- output_file (outname, NULL, &tmpoutst, NULL, NULL, +- file_type | 0, backup); ++ else if (backup) ++ { ++ struct stat outstat; ++ ++ if (stat_file (outname, &outstat) != 0) ++ say ("Cannot stat file %s, skipping backup\n", outname); ++ else ++ output_file (outname, NULL, &outstat, NULL, NULL, ++ file_type | 0, true); ++ } + } + } + } diff --git a/patch-2.7.6.tar.xz b/patch-2.7.6.tar.xz new file mode 100644 index 0000000..86657c7 --- /dev/null +++ b/patch-2.7.6.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:ac610bda97abe0d9f6b7c963255a11dcb196c25e337c61f94e4778d632f1d8fd +size 783756 diff --git a/patch-2.7.6.tar.xz.sig b/patch-2.7.6.tar.xz.sig new file mode 100644 index 0000000..3265192 --- /dev/null +++ b/patch-2.7.6.tar.xz.sig @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIcBAABAgAGBQJaed0dAAoJENW/n+sDE2U62ScQAK02GcPxJccBefkcuC6q/or9 +f1im2lIpc1YJqxHmmhDeRu9twjuFycUV55hud+OroJe2xYKZrI6oUwJBldKTRfHu +whlhRzERO3U4z9pvi8XWbKvObsmqSBIgsM72oby4aPLCWk7IpJprR6BnRZdtnBg1 +jzM3Yka8k01+dmVH2rsoSEGAe9sZbXJazBoYg8N/wHKe2+NY4W3esZ7flxQJ9RvB +GxjVU/KbyoNXIoFU4EnMalcLTZTHThhv2kQ1/cQZ+gt/1+f00DoieaUaIg3qB8jX +IqYE4GvXILgx8+REE3utt0zKv7pYGBNRkuACUE2hLZoY4SporJ0J63/7Y8zrzjxQ +GE27+DcjxBQGd1GnpO/Xb4kpqBGyn4KrlBIiHkhk2GgyBewpXPMog3cJki7A/1vz +Qb+JTY8PBqvOe7DmxW4Bp1vX6eOKn14FDQ7q3ZPjAd52Jtn7GUEt4etCduQh7ZNt +ElLLvpPro1wxG1bTbA3+TysCd+9XWWjwKJlPK5Jbdii0R73iy386UZGN1t1kmBzS +1mn3nh82z/XO9lPU3e1WP0BANAzTrNqA66ZbfQ9fIu6UO8R/+ygT7U5yie+X3xwP +kM6HR6oD0eDkqbPbOr8hey0kPG3FAWkZ47Oju5ad1ntUBFj4buLybEY0e08hncJS +gdt7wrbeKKxzdrcyQ1qy +=mjHo +-----END PGP SIGNATURE----- diff --git a/patch.changes b/patch.changes new file mode 100644 index 0000000..eb3ad5b --- /dev/null +++ b/patch.changes @@ -0,0 +1,611 @@ +------------------------------------------------------------------- +Tue Jul 30 12:19:54 UTC 2024 - Wolfgang Frisch + +- CVE-2019-20633.patch: Fix double-free/OOB read in pch.c (bsc#1167721) + +------------------------------------------------------------------- +Thu Feb 29 14:53:57 UTC 2024 - Dominique Leuenberger + +- Use %autosetup macro. Allows to eliminate the usage of deprecated + %patchN. + +------------------------------------------------------------------- +Tue May 24 14:16:43 UTC 2022 - Stephan Kulow + +- Do not link unversioned file by URL +- Replace group keyring not intended for release checking with + (expired since 2018) public key of Andreas + +------------------------------------------------------------------- +Tue May 10 16:41:54 UTC 2022 - Jean Delvare + +- fix-swapping-fake-lines-in-pch_swap.patch: Fix swapping fake + lines in pch_swap. This bug was causing a double free leading to + a crash (boo#1080985 CVE-2018-6952). +- abort-when-cleaning-up-fails.patch: Abort when cleaning up fails. + This bug could cause an infinite loop when a patch wouldn't + apply, leading to a segmentation fault (boo#1111572). +- dont-follow-symlinks-unless-asked.patch: Don't follow symlinks + unless --follow-symlinks is given. This increases the security + against malicious patches (boo#1142041 CVE-2019-13636). +- pass-the-correct-stat-to-backup-files.patch: Pass the correct + stat to backup files. This bug would occasionally cause backup + files to be missing when all hunks failed to apply (boo#1198106). + +------------------------------------------------------------------- +Wed Sep 29 10:33:36 UTC 2021 - Dominique Leuenberger + +- Do not query %{verbose} to add V=1 or not: verbose changed + semantics between rpm versions and there is currently no variant + supporting rpm < 4.17 and rpm >= 4.17. + +------------------------------------------------------------------- +Wed May 9 09:52:04 UTC 2018 - jdelvare@suse.de + +- ed-style-07-dont-leak-tmp-file.patch, + ed-style-08-dont-leak-tmp-file-multi.patch: Fix temporary file + leak when applying ed-style patches (bsc#1092500, + savannah#53820). + +------------------------------------------------------------------- +Wed Apr 18 11:16:34 CEST 2018 - jdelvare@suse.de + +- Add ed as BuildRequires so ed-style patches can be checked by + the test suite. + +------------------------------------------------------------------- +Wed Apr 18 08:53:00 UTC 2018 - jdelvare@suse.de + +Fix CVE-2018-1000156 (bsc#1088420, savannah#53566). +- ed-style-01-missing-input-files.patch: Allow input files to be + missing for ed-style patches. +- ed-style-02-fix-arbitrary-command-execution.patch, + ed-style-03-update-test-Makefile.patch: Fix arbitrary command + execution in ed-style patches. +- ed-style-04-invoke-ed-directly.patch: Invoke ed directly instead + of using the shell. +- ed-style-05-minor-cleanups.patch: Minor cleanups in do_ed_script. +- ed-style-06-fix-test-failure.patch: Fix 'ed-style' test failure. + +------------------------------------------------------------------- +Thu Mar 22 09:43:43 CET 2018 - jdelvare@suse.de + +- Move COPYING from %doc to %license. + +------------------------------------------------------------------- +Wed Mar 21 16:44:09 CET 2018 - jdelvare@suse.de + +- Add AUTHORS and COPYING to %doc. +- fix-segfault-mangled-rename.patch: Fix segfault with mangled + rename patch (bsc#1080951, CVE-2018-6951, savannah#53132). + +------------------------------------------------------------------- +Wed Feb 7 18:43:51 UTC 2018 - astieger@suse.com + +- patch 2.7.6: + * Files specified on the command line are no longer verified to + be inside the current working directory, so commands like + "patch -i foo.diff ../foo" will work again + * Fixes CVE-2016-10713 (Out-of-bounds access within + pch_write_line() in pch.c could possibly lead to DoS via a + crafted input file; bsc#1080918) + * Various fixes + +------------------------------------------------------------------- +Sat Mar 7 10:42:46 CET 2015 - jdelvare@suse.de + +- patch 2.7.5 + Fixes a functional regression introduced by the previous update. + + Patching through symbolic links works again, as long as the + target is within the working tree. + +------------------------------------------------------------------- +Mon Feb 16 11:51:58 CET 2015 - jdelvare@suse.de + +- patch 2.7.4 + Fixes a functional regression introduced by the previous security + fix. The security fix would forbid legitimate use cases of + relative symbolic links. + [boo#918058] + + Allow arbitrary symlink targets again. + + Do not change permissions if there isn't an explicit mode + change. + + Fix indentation heuristic for context diffs. +- Please also note that the previous update fixed security bugs + boo#915328 and boo#915329 even though it did not say so. + +------------------------------------------------------------------- +Fri Jan 23 00:58:35 UTC 2015 - andreas.stieger@gmx.de + +- patch 2.7.3 + Contains a security fix for a directory traversal flaw when + handling git-style patches. This could allow an attacker to + overwrite arbitrary files by applying a specially crafted patch. + [boo#913678] [CVE-2015-1196] + + With git-style patches, symlinks that point outside the working + directory will no longer be created (CVE-2015-1196). + + When a file isn't being deleted because the file contents don't + match the patch, the resulting message is now "Not deleting + file ... as content differs from patch" instead of "File ... + is not empty after patch; not deleting". + + Function names in hunks (from diff -p) are now preserved in + reject files + This change was previously added as a patch. [boo#904519] +- Version 2.7.2 differed from the above only slightly. +- packaging changes: + + Verify source signatures + + Removed patches now upstream: + * error-report-crash.patch + * reject-print-function-01-drop-useless-test.patch + * reject-print-function-02-handle-unified-format.patch + + run spec-cleaner + +------------------------------------------------------------------- +Mon Nov 10 11:37:03 CET 2014 - jdelvare@suse.de + +- reject-print-function-01-drop-useless-test.patch: Drop useless + test in another_hunk(). +- reject-print-function-02-handle-unified-format.patch: Preserve C + function name in unified rejects (bnc#904519). + +------------------------------------------------------------------- +Tue May 20 07:44:03 UTC 2014 - schwab@suse.de + +- error-report-crash.patch: fix crash after reporting error during option + parsing + +------------------------------------------------------------------- +Thu Dec 6 16:19:25 CET 2012 - jdelvare@suse.de + +- Back to bz2 archive format as old products lack xz. + +------------------------------------------------------------------- +Thu Dec 6 15:34:14 CET 2012 - jdelvare@suse.de + +- Version 2.7.1 + + Patch no longer gets a failed assertion for certain mangled + patches. + + Ignore destination file names that are absolute or that contain + a component of "..", except when working in the root directory. + This addresses CVE-2010-4651. + + Support for most features of the "diff --git" format, including + renames and copies, permission changes, and symlink diffs. + Binary diffs are not supported yet; patch will complain and + skip them. + + Support for double-quoted filenames: when a filename starts + with a double quote, it is interpreted as a C string literal. + The escape sequences \\, \", \a, \b, \f, \n, \r, \t, \v, and + \ooo (a three-digit octal number between 0 and 255) are + recognized. + + Refuse to apply a normal patch to a symlink. (Previous versions + of patch were replacing the symlink with a regular file.) + + New --follow-symlinks option to allow to treat symlinks as + files: this was patch's behavior before version 2.7. + + When trying to modify a read-only file, warn about the + potential problem by default. The --read-only command line + option allows to change this behavior. + + Files to be deleted are deleted once the entire input has been + processed, not immediately. This fixes a bug with numbered + backup files. + + When a timestamp specifies a time zone, honor that instead of + assuming the local time zone (--set-date) or Universal + Coordinated Time (--set-utc). + + Support for nanosecond precision timestamps. + + Many bug fixes. + + Clarify the message printed when a patch is expected to empty + out and delete a file, but the file does not become empty. + + Various improvements to messages when applying a patch to a + file of different type (regular file vs. symlink), when there + are line ending differences (LF vs. CRLF), and when in + --dry-run mode. + + Ignore when extended attributes cannot be preserved because + they are unsupported or because permission to set them is + denied. +- patch-revert-e0f70752.patch: Dropped, original bug fixed + upstream. +- patch-stdio.in.patch: Dropped, merged upstream. + +------------------------------------------------------------------- +Tue Jul 17 08:40:27 UTC 2012 - aj@suse.de + +- patch-stdio.in.patch: + Fix build with missing gets declaration (glibc 2.16) + +------------------------------------------------------------------- +Fri Apr 6 14:22:12 CEST 2012 - jdelvare@suse.de + +- patch-revert-e0f70752.patch: Revert broken upstream commit + (bnc#755136). + +------------------------------------------------------------------- +Wed Apr 4 19:03:25 CEST 2012 - jdelvare@suse.de + +- Version 2.6.1.136 + +------------------------------------------------------------------- +Wed Oct 5 12:33:53 UTC 2011 - uli@suse.com + +- cross-build fix: use %configure macro + +------------------------------------------------------------------- +Mon Apr 4 15:11:04 CEST 2011 - jdelvare@suse.de + +- Version 2.6.1.116: + + Patch now ignores destination file names that are absolute or + that contain a component of ".." (CVE-2010-4651, bnc#662957). +- Drop unified-reject-files-compat.diff. Compatibility has been + provided for the past 18 months, hopefully nobody is relying on + it any longer. + +------------------------------------------------------------------- +Fri Jul 2 06:57:49 UTC 2010 - jengelh@medozas.de + +- Use %_smp_mflags + +------------------------------------------------------------------- +Wed May 5 01:28:12 CEST 2010 - agruen@suse.de + +- Version 2.6.1.81: + + Fix backup file detection for deleted files + + Allow to create and delete empty files + + Stick to the best name in the reversed-patch check + + Various portability improvements + +------------------------------------------------------------------- +Sun May 2 15:57:54 CEST 2010 - agruen@suse.de + +- Fix the linker library order. + +------------------------------------------------------------------- +Sun May 2 14:40:09 CEST 2010 - agruen@suse.de + +- Be more verbose when %verbose is defined. + +------------------------------------------------------------------- +Sun May 2 14:01:47 CEST 2010 - agruen@suse.de + +- Version 2.6.1.64: + + Support for most features of the "diff --git" format: renames + and copies, permission changes, symlink diffs. (Binary diffs + are not supported yet; patch will complain and skip them.) + + Support for double-quoted filenames: when a filename in a + context diff starts with a double quote, it is interpreted as + a C string literal. The escape sequences \\, \", \a, \b, \f, \n, + \r, \t, \v, and \ooo (a three-digit octal number between 0 and + 255) are recognized. + + Refuse to patch read-only files by default, or at least warn + when patching such files with --force or --batch. + + Refuse to apply a normal patch to a symlink. (Previous + versions of patch were wrongly replacing the symlink with a + regular file.) + + When a timestamp specifies a time zone, honor that instead of + assuming the local time zone (--set-date) or Universal + Coordinated Time (--set-utc). + + Support for nanosecond precision timestamps. + + Many portability and bug fixes. + +------------------------------------------------------------------- +Sun Jan 31 16:22:05 CET 2010 - agruen@suse.de + +- Version 2.6.1.9: + + Skip another ed-dependent test when ed isn't installed. + + More portability fixes. +------------------------------------------------------------------- +Wed Dec 30 17:14:24 CET 2009 - agruen@suse.de + +- Version 2.6.1: + + Support for diff3(1) style merges which show the old, original, + and new lines of a conflict has been added (--merge=diff3). + The default still is the merge(1) format (--merge or + --merge=merge). + + Bug and portability fixes. + +------------------------------------------------------------------- +Sun Dec 6 17:32:57 CET 2009 - jengelh + +- enable parallel building + +------------------------------------------------------------------- +Fri Nov 13 15:45:06 CET 2009 - agruen@suse.de + +- Version 2.6. + +------------------------------------------------------------------- +Mon Sep 7 13:30:46 CEST 2009 - agruen@suse.de + +- Version 2.5.9.122: + + Try to preserve the owning group of patched files. +- Add --unified-reject-files backwards-compatibility patch to + older SUSE versions of patch. + +------------------------------------------------------------------- +Mon Jul 20 10:12:48 CEST 2009 - agruen@suse.de + +- Version 2.5.9.120: + + When copying files, use full_write() from gnulib instead of + write(). + + The -m option hasn't been officially allocated yet. Use only + the long form for now (--merge). + +------------------------------------------------------------------- +Fri Jun 19 08:33:32 CEST 2009 - agruen@suse.de + +- Version 2.5.9.118: + + Change the default value of PATCH_GET to 0. + + When merging, make sure that hunks will not end up "out of order" + + When the file to patch is specified on the command line, + apply all patches to that file + + Some portability fixes/improvements + + Don't fail when removing nonexistent files in move_file + +------------------------------------------------------------------- +Wed Apr 8 16:47:49 CEST 2009 - agruen@suse.de + +- Version 2.5.9.109: + + Preserve timestamps in reject files. + + Add support for sending output to standard output. + + Allow special characters in filenames read interactively. + + Don't forget to NUL terminate ptimestr in fetchname(). + +------------------------------------------------------------------- +Tue Apr 7 14:29:16 CEST 2009 - agruen@suse.de + +- Version 2.5.9.104: timestamp parsing fix, 64-bit fix. + +------------------------------------------------------------------- +Mon Apr 6 18:59:55 CEST 2009 - agruen@suse.de + +- Version 2.5.9.97: Another bugfix. + +------------------------------------------------------------------- +Mon Apr 6 15:04:50 CEST 2009 - agruen@suse.de + +- Version 2.5.9.95: Gnulib update, bug fixes. + +------------------------------------------------------------------- +Fri Apr 3 22:35:33 CEST 2009 - agruen@suse.de + +- Update to version patch-2.5.9.77: updated manpage and NEWS, no + strict depenency on ed in the test suite anymore, and slightly + improved handling of asymmetric hunks. + +------------------------------------------------------------------- +Thu Apr 2 16:21:14 CEST 2009 - agruen@suse.de + +- Update to version patch-2.5.9.69 which has all our patches + merged in one form or anther, along with many other fixes and + improvements (see NEWS). + +------------------------------------------------------------------- +Tue Feb 24 12:56:06 CET 2009 - agruen@suse.de + +- Include patch headers in reject files so that they form proper + patches themselves. +- Rewrite the unified reject files patch; this is much cleaner + now. +- Add an improved strategy for locating merges. + +------------------------------------------------------------------- +Tue Feb 3 06:10:49 CET 2009 - agruen@suse.de + +- Implement diff3-style merges (including several fixes and + improvements). + +------------------------------------------------------------------- +Wed Apr 23 10:53:19 CEST 2008 - agruen@suse.de + +- remember-backup-files.diff: Fix bug when a file is touched by + the same patch more than twice. Move the test cases from the + patch header into separate files. +- patch-2.5.9-cat_if_device.diff: No need to remember the device + we write to as a backup file. + +------------------------------------------------------------------- +Fri Nov 2 01:57:03 CET 2007 - agruen@suse.de + +- Patch fails to apply hunks with asymmetric context correctly. + +------------------------------------------------------------------- +Wed Jan 25 21:30:47 CET 2006 - mls@suse.de + +- converted neededforbuild to BuildRequires + +------------------------------------------------------------------- +Thu Jan 12 07:52:31 CET 2006 - agruen@suse.de + +- remember-backup-files.diff: Fix case where a patch modifies a + read-only file more than once while --backup is used (test case + in the patch header). + +------------------------------------------------------------------- +Thu Aug 18 18:09:59 CEST 2005 - mmj@suse.de + +- --reject-unified is called --unified-reject-files [#105151] + +------------------------------------------------------------------- +Wed Jun 29 13:50:06 CEST 2005 - mmj@suse.de + +- Don't compile with -f-signed-char [#93883] +- Don't strip explicitly + +------------------------------------------------------------------- +Tue Jan 4 21:11:54 CET 2005 - mmj@suse.de + +- Add patch to make patch able to write reject files to devices, + named pipes and sockets [#45794] + +------------------------------------------------------------------- +Sat Jan 25 02:30:00 CET 2004 - agruen@suse.de + +- Add --reject-unified option to produce unified reject files: + Before, unified reject files were produced if the patch itself + was unified; this could sometimes have been annoying. +- If a patch with C function names (diff -p) has rejects, include + the function names in the reject files. + +------------------------------------------------------------------- +Sun Jan 11 11:17:55 CET 2004 - adrian@suse.de + +- add %defattr + +------------------------------------------------------------------- +Tue Oct 7 15:03:22 CEST 2003 - agruen@suse.de + +- remember-backup-files: Also include the file timestamps in the + hash table for non-POSIX-compliant systems that don't guarantee + that i_dev + i_ino uniquely identifies a file. +- #32031: Create --global-reject-file even if --dry-run is + specified. Add a missing '\n'. + +------------------------------------------------------------------- +Wed Jul 16 15:21:44 CEST 2003 - agruen@suse.de + +- Replace trailing-cr-fix.diff with official upstream version that + fixes this bug differently. + +------------------------------------------------------------------- +Mon Jun 30 13:30:33 CEST 2003 - agruen@suse.de + +- trailing-cr-fix.diff: Fix a bug in carriage return detection + (DOS files) in the unified diff path. +- Disable patch that adds comments to C preprocessor style + merges, as specified by POSIX.1-2001. + +------------------------------------------------------------------- +Wed Jun 25 16:46:41 CEST 2003 - agruen@suse.de + +- Fix bug introduced on June 5 that broke remember-backup-files. + +------------------------------------------------------------------- +Tue Jun 24 17:35:09 CEST 2003 - agruen@suse.de + +- smart-reject-file-format.diff: Work around a special case in + which patches are not terminated with a '^' in the internal + representation. The resulting error message was "internal error + in abort_hunk". + +------------------------------------------------------------------- +Thu Jun 5 09:38:17 CEST 2003 - agruen@suse.de + +- Temporary reject file logic: Ooops, now must only close the + temporary reject file after processing all patches, instead of + after each patch. + +------------------------------------------------------------------- +Thu Jun 5 01:00:38 CEST 2003 - agruen@suse.de + +- Upgrade to 2.5.9: Several fixes, obsoletes + rename-same-file.patch. +- Fix and adapt global-reject-file patch: + + The global reject file included corrupted headers for each + rejected hunk, instead of one header for each file with + rejects. + + Rename --global-reject to --global-reject-file. + + Simplify temporary reject file logic. + + Adapt to unified-reject-files patch (which has different + headers). + + Add entry in man page. +- Fix a bug in smart-reject-file-format: Files that are created + are identified by `-0,0'; before the patch was generating + `-1,0' in reject files. +- Switch remember-backup-files.diff over to use gnulib's hash + tables instead of glibc's binary trees, requested from upstream + to ensure greater portability. +- Add /* SYM */ comment to #endif lines for patch -D SYM, too. + +------------------------------------------------------------------- +Wed Apr 9 19:33:59 CEST 2003 - agruen@suse.de + +- Fix another bug with hard links and backup file generation. +- Fix backup file generation if the same file appears in the + patch more than once. + +------------------------------------------------------------------- +Wed Mar 26 14:00:55 CET 2003 - mmj@suse.de + +- Update to 2.5.8: + + Bugfixes + + patch -D now outputs preprocessor lines without comments, as + required by POSIX 1003.1-2001 + + File names in context patches may now contain spaces, so long + as the context patch headers use a tab to separate the file name + from the time stamp + + Perforce is now supported + + Patch lines beginning with "#" are comments and are ignored + +------------------------------------------------------------------- +Wed Jan 15 16:50:57 CET 2003 - agruen@suse.de + +- Fix a bug with hardlinks (see rename-same-file.patch) + +------------------------------------------------------------------- +Tue Sep 17 17:34:28 CEST 2002 - ro@suse.de + +- removed bogus self-provides + +------------------------------------------------------------------- +Wed Feb 6 12:05:34 CET 2002 - coolo@suse.de + +- called suse_update_config + +------------------------------------------------------------------- +Mon Jun 25 12:46:18 CEST 2001 - uli@suse.de + +- added patch adding "--global-reject" option by ak@suse.de +- bzipped tarball + +------------------------------------------------------------------- +Tue Mar 6 20:36:46 CET 2001 - bk@suse.de + +- update to 2.5.4, added 2 patches from PLD and use buildroot + +------------------------------------------------------------------- +Wed Nov 8 17:41:23 CET 2000 - uli@suse.de + +- now builds with -D_GNU_SOURCE, should avoid miscompilation that + breaks LFS support +- added fix for offset output by Alessandro Rubini +- added fix and enhancement for --ifdef by Pete Buechler + +------------------------------------------------------------------- +Sun Feb 27 20:16:11 CET 2000 - @suse.de + +- added missing CFLAGS quotes. + +------------------------------------------------------------------- +Sun Feb 27 19:07:58 CET 2000 - bk@suse.de + +- added PPC fixes by Uli back again (-fsigned-char, CPPFLAGS) + +------------------------------------------------------------------- +Fri Feb 25 17:44:41 CET 2000 - schwab@suse.de + +- Specfile cleanup, get rid of Makefile.Linux +- /usr/man -> /usr/share/man +- Add group tag. + +------------------------------------------------------------------- +Mon Sep 13 17:23:57 CEST 1999 - bs@suse.de + +- ran old prepare_spec on spec file to switch to new prepare_spec. + +------------------------------------------------------------------- +Wed Aug 18 12:13:35 MEST 1999 - uli@suse.de + +- fixed for PPC (-fsigned-char, CPPFLAGS) + +------------------------------------------------------------------- +Tue Mar 16 14:58:42 MET 1999 - ro@suse.de + +- update to 2.5.3 using diff from jurix + +------------------------------------------------------------------- +Wed Jan 13 15:45:28 MET 1999 - bs@suse.de + +- applied patch from Egbert Eich (problems with non existing files fixed) + +------------------------------------------------------------------- +Thu Nov 5 00:19:13 MET 1998 - ro@suse.de + +- use libc's basename() for glibc + diff --git a/patch.keyring b/patch.keyring new file mode 100644 index 0000000..4cca40f --- /dev/null +++ b/patch.keyring @@ -0,0 +1,476 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFTPFLYBEADBrxJPwnt2QgT37vlDu1pRSdhcyOlbzY5WTlizJO+VQxJ4VO35 +wRmd1KAg7DmCHqZ5HZG301wqIET3ICifVFORIbDLX9HKUqgShmDSa5GV7hW5fe9f +9jOyQfNu4PqdqrzRk/tE6j3jMbp2uAe18cgNNFnlGfhZo+G8DbwoRE8/HGj8WKLg +rzdpSFMuQgUzein/dIbFzpuiqZlW4SfEX2Aj8k7vaLX0RSJ0hiZ8DUdY4+bThdU0 +7fKzmtVuF+uMYHpWkgXoRi5FoPRckAM+0OOojcj3mrCi3piU1XvLEvBd6UHRQeD9 +BYYVrNRPi5ci7EG6gOeLIuhANVCq/xTlrgsIEmGuQTrD9eGpyRMMZANrwYwms/db +G5RZ1G3PY8r0tNZaBEnZYtQVVfQDQPaBMRAQ4pi73SYBFvxRsEFE8Ce4UgXyLEN8 +bL0fqVjOkUeRcTPo9YB/e/jYlrvm+n2+Ql3L/xcZXpuDZC/LlGYQ1ZtD2ikiGCyh +W3TTg33Zx0LB2Hg+/N7MhhkbOmFesQ8ASkfCgnub+FU7JZ4uA9u+mdH3D7CXtM44 +qHdr/DgamhhvC+2inA1tsfoD/Cvy3qncd49J4nCJ2A+n1mRZOlWKC5DUXQoC1A6G +D5b7uCmliglUncHNKAtrgBGHYEkqX/puKMv5aYe64cNZmlLXEFD/mddtVwARAQAB +tCdBbmRyZWFzIEdydWVuYmFjaGVyIDxhZ3J1ZW5Aa2VybmVsLm9yZz6JAj4EEwEC +ACgCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJZ3j0mBQkG8FvuAAoJENW/ +n+sDE2U6XiEP/0YXUDLSsBJnNkNk7F39JrNSbXiCvZt3F3T7Seef3ccdQRc8AAiX +6JgHrcksGz6kDLAe25mAomvPkCr26Q5QZlAxYNThcbFknItQXNENngYNGVSiBWhT +gVLacdjk/1Sl1zaIoxbU4Kn6dejIbfOPkS/9T8/K+ph/FPg7ESRkjv8pl8JE9A8/ +SnVJcXJHUkptYxYezN6N/BiHKZ3a2gNIocadVSwX2eqlHnKcTNrAspKuGe+5CrYc +KDL4YhRYxo6iBLMIoXfvoxbdP1JcfxtNfyoLOjHpxPPYB/wG9GQ8kIuvk7ySz8iO +Gv+OCA2hfjus5FKj/NCej94gjf8hv/NykIb2GK3ALHDjcSLoY1eTnwo+bnB3FPCN +aYmZu5PXQXIkpdaeODrCFKc+jeVBXROsu4I38Cyfkr5+6pE8/0J6sLUWNrH86aNE +uLRbcGLVbr17FDKjTHR3nbl5rHeCO2A8GHuyziJH67wArrWLgT4BY3wylPZ2ZQdY +sDK6AZzlvwds2YZyPWniNU96ZnGsxcICcFaXABAhERv5I+QNRz4f7N+WdsNzfn93 +u4jkXS506a8UWni2+Z3OerOVxgcRjgyR2pWi6fwS/7kSsONX9PRWYnW0aaz3oCzt +c8OuegpcrALIwouaPfz9IHHDpLLK5A7HIZ/HFnV6epNDkhFD4KG6JGD9iQIcBBAB +AgAGBQJUzxm7AAoJEMTJJ81dGzbX3WoP+wc6Pt9TN9GuFqarONUg/Z5u6YqY/twB +WkNImViKXOOe0iK0320jSi0TNZ1PkGz/2rfsb0T6PK0rJGlMhEPteuAhiKCcWcZW +72oKnb3jKr+kJOc049zpbwzi8V/bsCOBp5w8fhXKjZcHv5UbJ7K0wOw2sIphsgo4 +nCkf8qXTvHwwJdE+jrnVckN7GeFwEpOthFP42NVYVuCCScXWnV3k6TEJclkuIQCl +BB8CqaE2ebBt2PiAS9pi89LmLUo1nfyzeBh5Ub1tbcGhsCDjd3VJ5IabDM8Tw3Vz +5I4CkAdx88c6jEbVzywvWpEFB7MVM61Rz9R68wMkhJYrKAdaGGPZxxntZ4XSk35Y +2Xza6RH5zFblsq4Pa9FJr70mFNy3g2mqLL6yB9fVCMnO2lqAlxRel+T8hjeFJZFL +aP/R4n8vchchk2r7G1chI6AK0wdcbXckAF9FRrrq9hdtGNrSx4NwI1w0TP0L5yMY +ZfaNism+76BlCuGaNnzZmhu6josd7/TXdDNb2tZDbmn5FQrQCf3NUG+ktPxlLxAa +xLjOWW7Ss9IGCQUktsM3jVC3rZA/BM1PDg0aKPLx+rhT3CIbVMF11PF9j9q8IC7B +XG7MgRVZ2QIM/ExvzuCa9HDCJ7/NfuioFKKUf016KSSzHeYQrjguvlQXum56dbe/ +00TGRNI2IcYciQEcBBABAgAGBQJU03EiAAoJELZxV/OnDUU37e8H/0yDE7kr9J91 +JEpvz80sPm61UNIrRoVpTZiC09Ze0vXKhJtpImLQlC8RwuEVWDnPEiV0HzTVeMkB +AgcEwI/8cEA9p1aWm3pVDt/Bv0EzDxvg9KFg3rwzVnXnlLdNahnNIShwJh3agxyf +4tUjgns1j+KePjFNEtTuSMIl3jjOBPlGgRc/VttUZgbmdSnBdXdIHzTDbgYU+Yza +B34bs7/P9Z2PqS58KeB8+Vy3b3LFsbbDuJYaA4Uz7G4MpYuzpzxFAULUlvG69PsZ +4JpQYWnb8eCN2v0kQop2QctbpikMQ+q3BZFUDWVJ82sfUDihJ5MTUHXQnCMPSv6l +ZyL6ogv907eIRQQQEQIABgUCVNNzfAAKCRDy4kX7QPBpQBjXAJ475XzF4+nFhxLO +bLxJLAxmnvvWqACWKuK9pCjE8iGIyQg1wR3NNm8GTIhGBBARAgAGBQJU03LIAAoJ +EPLiRftA8GlAQa8AnRJv6x5uCMn7hdqvFR6xoQR9uJXLAJ9svda5ILqx6P7NS3kr +kg9dCE/YuYkCHAQQAQIABgUCVNYZywAKCRCpwXbMf6x9VprbD/96k2BY8DJX6E0P +zwLnI1U32Un6G775wAlO0bvhquM9lFvd2YAkjQrOBOK/CTulcE9PGcIGB2vWBrHv +a1Q2M2PVRVzRDCK/fo8Lb4LMqNBcLOqOb+cTGxaM6SYKLOwRUdbH4XOeaqCwebs3 +QYOCpnC0Ec8GwGi8sDJ4liDbkawJCbc+kV3J6XfDmDGrtXJoSKoAFwoeWA9FWk1V +uUFveXorSsTqXv+wpSRF4kGcx0T1s60aynmmZObtvcZnTZeAdS1SJRkK+nLXhKW2 +N8W1ZDJ+9Eo06ope8WJAVrKbQJEn63hqf7wKytzWfbwOpG2eddbalVculuD7RZu0 +gPKCzA21Vsgdh50rb595HFvwxxjzK03pWBpICQTOsf49j/aSqCfx0HIRZkOa34n8 +oo9oFHhsYR4VdEgNnr6nBzGdckgyXoX8ONtCSQZtpteR0B90UgCbXjr8dQQBGbcS +x3serk+VxDCT6AkChfmb/eeQE2URbF0EAnQalJDeRMDgZ3yfER519nCuVkpDeJN8 +wO7RqK/U0cl7w5e2PFumqUITCB9+gXpvOeCEWk85GwVX27mvLRAn31prHNt6G6RU +yeJLs6Br+RbVtGT1xAiM7n/9dyJYtoVtKKf13ON75eUANyDqa4aFGOP7vUbvTvs6 +B43Erh9NvQM/55lb/9p+0lXbTSmh5IkCHAQQAQoABgUCVNN4tgAKCRD4wdZH0T2B +iYxQD/9DJfHB/XltetBYTbZJ1dA4wBNz0yt+ZQ0Wfw0kv8Zx9aiRMpPzMhzhImVJ +o4D/5OTLvPGy6shQscU1qk2TGbo0/yDFfkeSdrmfSKheaQAq2BJnukcX+VKgpSbF +zIZL+O6rwRZXpPVvoLccLf6dowqKYSJh+bXbKx/xrotnw9+wcvTtCtS4aeBtUssb +2yI5DH13Bu+nqzVLbuzERSv5Wpzs2IJLHu4DjuLT4y5hRtStvHcr9oLOiN3p0wUQ +px7r6T/CxDmwXbFMRxgt9GvUgjbDqyXbT24oUQHnxDcgRROTD0HEhS8us1K6iKji +on7CXRtsNM0VfPeiwb/Te93P4BM7rAQQ/542ZrFwmcrkQvtiEoatPGc5FQZqEGRj +E3bgaQnKLvtt+r4FTqMRWy7Z1uyII9Tr4/3tWxaD65l7CQU0gZEvxc2Kl9QxjcKr +lb3ZYTyaZVzAKz5MgNr/SqnLts9sBik5IXCqhvjGKFZZVIwOBgkkzQ9UxX6rRzO/ +Gu/q6oBUe/bbCy+KT08suoXj+3FTCJphf7KJ94FOKW6KIuETFTIw5yrFYlK0B3zh +dSEELsLiansSE1YB5E7b3DeYhSHMgjaAIf5B4AKz+nk7o77N2G0rkF7pVMmFz/8l +oibEBLLY6V537XIm2O/s8/2XupRbho1UmFKpeHhG0qgGwp/9zYkCHAQQAQIABgUC +VNOa1gAKCRDK4N5uGv/I0qY/EACpUr3Bp6S6gcxdlWvVN58Z5BNo1K96xRGB8fPj +iig7O0IG43T1qK58i6T4t26v8jaAVkp6k34Hsf3e0t1zV/jPNvsRtBCVdCGZ/sIg ++UhCGxNXLmSuqTtS14sw8pVxarCfNC8i/yVRXh2IopUjF0SIF+gGbau9Bq8WZ6XN +RlPWhcPQor/KfOZXkJWVMSBDt/SaXYBqeNQtjOKBxeoX6chQOVNgRWHrG8vZNi5S +UwgnQnRnIXCiPkKc6CxGKNElVOdb61kQDRDd7lGfSIrCYPTdWAJB9rOL8YzfCPMA +JI9aDoVZ5NBAhjTwIuCcWqrEqbDkT9Qa/a3cx8D2WYmgik52ItViGeucmEJ0zNFN +Yau5IHZMi1HVI5zZF262KMLCC1vV562FvSRSzEqUL6+XGUonryVdKu67rUZysKAg +Lp1uhR5UFOsHkOIheIMUMwD2LoU3Xc3JNJg4hSraPdmLSkBbsRDaPnZn8DJW7hXs +qsPF4nQPdtTFDJkbj89nOfOsbPfyqXONZmqfNIO1l5U+vtLpN7YCW2buP8az+h4q +8Uy0S21TJBb9UHMuW4ZTgI1GGOBcNoJtIxFPZu0d2gK7LmUo6OaWiHAfFyj4mYFJ +gfUMAMYbzkxxdCT2vT2uICr9bCMFGQ9qTolpB/kt5Y/YEdcAXEmAyA73tcDRpzzi +ZenInYkCIAQSAQIACgUCVNuIZQMFATwACgkQXiyr6rJseFJClQ/9EgUj495wJa0h +MXPFcbJnBK8S789ig72mK8wS+BT1S+JDiMNV0JRYE3Qze5TPfRzwYU2FYf6VXMiZ +egaQFUFfx561S/FTJAveEi+0bbGqWc502i/+qOMdHG2sx/IoYwmzi4mJGbThuswy +OoOU/1jKGDO1vvY207XiQ/JZhY9DqeeLnRKxrMAOxyvZfFYn/Xgi4pMasbng7YQM +tEJiQ+aYhLWQeyMlLLgnY56B7vhaKw9EaRnaENhhMf+EZy9eT0tdPwRzDmLCW6Rl +D/a7Or2cZOlustS7l9lXzCIfQp8z/hXBu7s9H+JFr21TTdBSonNdhTvPMOD93Xrq +u6vN4kRfDS7QoEjUlnlS39eUibcMqs4q7fnXXAvlWAVTyV1XVodBUY5VulHvKTms +vn41mrQKDGwkNDGCouT/7Ewv3rIT7RqknDgJVVJG/I2GG/rQEN5jsgeuSBgxzTMX +zkkm6SZvpBYFOeXH5Zd1T9qUcdn77BKHEMLgciAiNlxugKR1DFDHdBXxqcIyelHZ +XIgXw/UGdYvPhCl5cV8ZiBkIrFFlb5xRcSRN2sxoM6j+LCekBGK14o4d8eeaGka8 +xNbnFSNZ5sZhQiO+SycJywSiRAsiSEAv+5fThz/0vJXxgeczOdOGcg2NEphNTrOM +ICA6vT+7bVS7QXRdqNZGXaRdLy8Y4bWJARwEEAECAAYFAlTeE5EACgkQ14th09/3 +ejs3wggAistXO299y9YBCP/uODLY0yWYsYV5VVz0jS7e46pEInLY8/uk14uJZlaH +wUJLQhS3HUU8Bay+lsY6npK1qDUbcU5W0CG/nRUvkO9+qG0q82AeBKt1RhJudlz9 +B9ZLed/mQ0AXzogOQ4bx9s1PPRijkROs+6Xip4tSORefcrvuYNPq35kZtRc4qSLV +4MAwfmbeHBxJLd54bYn2E0hxSzkCIk7TFt0f3ZcTcHZsTfMnco/eZsLdwr6mPonj +e9AsKdEoSmYma2btsNU/Cud9px11Y4xFAsr0yVHVU1L22VPxMicRZdqsj5CiwFI5 +pEM9b68ir5e3ulZjreZVH4WkvyvUBokCHAQQAQgABgUCVOysTgAKCRB/jVfCQM7I +CUd9D/49+FExRV0It+eb9stCsefcuhBVon90Ey8lvxq/ql3cKAELtsZZlIP5K+Vq +ZHkpp65D6cYWi9lo2SVwJTBOhWF1deNruVVEaTKHzTIoxCRteyhy+FWIm8mpZqTW +A3C8uWJXFt9ehKtLMRAcL5ZDCcIDpHLQfdBzW4AsPeWmpCZKBPx2YkY7BF+BHCzP +L5eEjBIpH3tJW/QQg5Yr2fv8j2n/pVGNAUKGfKrvvyRlRJiBXXPfhv3xiuLkTbjR +OAcpW1WrSrR43gEDw0laNV6u9PWC3RZxY+urZP0b0JgoXzkL2WzC4i12Cm/8jm0v +aiCHecaEHY+Nzl88p7yHI2Sy5wXvjqnDlYtbYEjdqJBP0HjDGznv1ZQufkOVmwxB +ONpBc83aPVaeAqAm+27y+kV+e23cSD8TGOkXQQqcFy2cD2r2KnBin5xcSKRV7S0L +VdElGDhX33f0ku53iCEYENsLKE/tRgdFbQkY1JHxjrVMSlMdzT0KhzdzuSRcgmig +JilwqXQctuQXK6SecswWsSB2WlAWY5aib+d0+ZPMI5aKMr0VJAWDm/EU3ZOnWli4 +YTHMPjd2q+0P/vjGty9EyhxfYXOnfKefQsbCvQLkkpwQI0kx8LJrNvrm7Yl//z7k +0llgUVUG98SXpO7sH/sw5IgIFyVgIk3RLzZCZW/NsnjJAJ5954kCPgQTAQIAKAUC +VM8VNwIbAwUJA8JnAAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQ1b+f6wMT +ZTrf+g//Sridg69quv8Lb3vkP9yN8XrBs90SYDeEWAXB4u1SZJrMpM2wikW4PatI +ReN9C1NX7wEMbYl24+3erb1YdFHQiNfYkwS5ixJ0XpPoe5385h52kfKKY6Qq6iE6 +wn6jSAoS/0Kb46uKAq4kewfFRP4UegTiVOMe388r3VlDYRSIe2rqXVtBDGz4hsIv +DWskh9wkCsvpGNh/Wo9ofwRiqEn1F4MFJcV0Ncjt4/ZUp15xV5RPfoSrIGsC3JDn +6XeSuRqcloIJrfu1+LIuQScb/EZNKvPjAUxGGRnBKMnzs4cxDtekZ6vKRS2XzHdr +ZkdK5XtAvQspyOjy7IJmTfzzhsJADUMd/mlOPUBiX29J/gsBCVK4GedNa1muXpub +8e/KmsyV9I/JncURe40d97JicEpeZG/KE/lnC8i8pkfDHhC7ifPp1BsayGprJLos +ou9yXTk4VZrrthcb3qwwja0U11C5gor+Sy91LBTu9rqSGlWzQHYqeBakk5ytoYVu +5l2p3USJu97o2pHN7imGPhn41S8HxCMy9cyRPZhJd25uzL5AKvpbKPiUE38HE6nj +W2rY4C6BLb2lzgaiI6h3Ldfz2ca8P3Hb+LTB1z6TK9Cs/mIuKJ6bWPfcHNH6h4dh +S7eFrQ9M4dJkmxt5W5pGS4NlIRcQwl0uNvqOT1CdTapkC/akR7y0KUFuZHJlYXMg +R3J1ZW5iYWNoZXIgPGFncnVlbmJhQHJlZGhhdC5jb20+iQI+BBMBAgAoAhsDBgsJ +CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCWd49KQUJBvBb7gAKCRDVv5/rAxNlOhW9 +EACYBDZ5gVMO14vrg91Sox/5ENNzF/IItIh4cb0ZnM//a1Ry+HnwzWS0Vi4+nlPP +r+9Vi8CGIbtscw9zKeMMbvbifMGfW5GOND5/eW6NFYZ2Cyz19iWnPr0WNskmp7H1 +pjtyY7nFoqshKp51s2GyaoAVSBb/xRjRBLTfLoZwIk6dOWg7//JuYIBos5M+4G/v +PlF6VmbxvziqygF1M4U+iOT5gCJFewQALcjgQmkEr6KWa+ZGgWUVnrFJVAV1bW3C +JFocewh0LIrpyfp5EVOOLTfNh1DZVYCsYAm40r0o4wRwPrw0lc/xf0S1ckYWuVYE +6pDB2OYKqaneNZYQIa/iPohExGl5r7ieSaOKatJ+4R+NEapO2b1gNyRDobM6+exZ +8YIjImrBby+c0msjF5sPSOK3hDzCr7SkVu5XRJS5n6eQ8CZi2QewjS96KYhiamPR +oijYfz/S0QUgpYQkZLKuTZUiWpvuaY48Q25tBEp/Kyo1hCviW5MgAwpHgepcpfOl +WNqO6DHtEPbIwGcU1GzfI21mornVO63jUVMwx+mpmDxiXfB+pE1ka8QOfj99IvjF +RScg15Smu5WOn1GDj3uEsB4TLJsal87eRRnIa7ATgv3nomNQ2pVFRSx45aPtQliJ +jC3npSINwu5k6rYvsAFcS0Ux1EIYN+DnM9yFZjE1NdOFW4kCHAQQAQIABgUCVM8Z +uwAKCRDEySfNXRs2128iEAC/ugMv2SkDLBnkCcUq9yeiZmx8KsVygu4+SucA6WIr +TsTqIEmvGF+an1fmAk0KQ5i1oGMW8mntICuYDN7EBInzIYFdDwK97fJ9gwyPandh +1BHP9serLaAcdsCXn2jyhIOmlUZsiPq57JK1JqYTWAo0ExMI9CGWWIu7oD9FSr4Q +5QJuFd9dE/Lb/rB3Cu0sG16PtHSUyc462sxVc/lHuSJh+2Gn3RiqgXnPXrNAAuk/ +W6+I2hblvwsZ/nFkKznzzyUIy5Vl96B6OzCYW1RWcYPutM4+2qiRydZDzc9Xx4kO +NTQCjispzqNTnD/xRF3rWukMW0WOgFdxNznQrS0ECBw8LHhZOjTIi7C+gLmMKnnR +CGTgkYevBJ2xky4Lx9zatAj8d+2FtUr9Ydho7gSrRz3QPxKHalwSU76s1o13z0b1 +qP5hm/tqDoo33I0DWePXB8uAG1EnA0/1e90O8t6VZiXSA6aeGh4tkW9A93P4htDc +NwFRc1KbRzEXmGPCqixy9xecyKjwVhpziSJ/LLxsc1oFmYeHyus8DpkTI3porfow +WgJq/8GFkhFsd+SQjAmIdx5YTVD8i+TqeqJjJM08fKB7+uy7fNpsibX4XOog7TBc +fW9csY8Y841O9apLuv82HMxp6CcGemSRJ0iX1CnZJcXM0XWvUZfc+bjaqS0s4QzZ +oIkBHAQQAQIABgUCVNNxJQAKCRC2cVfzpw1FN6F7B/0W4nWHTwhBUhAZH/oEy6bm +zAEy3qmodDMHgR0oZKl313dUtlCHlKncbIunybTT7m3gDMbIioxdWjI1zrnk+TXr +AbfFT24WL+UQqUhZddXTOXEuOUOU16A97V/w7oxoqr+JptRtKZ55N6rbcMF8/0wg +41jwTGqKUmjcAXztCvtt/2+i5wlh8IIAZwlfQzuHshLzyFjOL8Rm0qkt0kRT8a90 +mUKtQBBGfD7yDRuSi93zLfb/eZ77QwhVxaFwSAPQPwIxUVZz7V5h1j9jyiccceCT +ploc2bpD/2Qoj+Xj4B9g3muQL9Kl2NvFXjNK6yukoBMGR1ScxVerD+CJVZ1mDzno +iEYEEBECAAYFAlTTc3wACgkQ8uJF+0DwaUDCGwCglsTbGVZFnplq2E3LoqvKfR4R +4Y4AniFA3W2fO2wU1YUqFbT4hRwelGPGiQIcBBIBAgAGBQJU1Q4oAAoJEGC8u09c +1/nv7EEQAJuGP+93XVRH8xmYYm2ErHzX4I7dc3q+ETtIjyJKNDkT5kzg1EZjmVx+ +IyOvAlwlhP3ARuawGL5iClthwfFgCX+ubsWjzBy4mYt+0XVI0eXJlpfLH86ptoao +F+WX8iPoHiNvBuflGq+stso9JRr3dWcuMaJW2em/7Ugrpq7DUbdINX7nwnRg/Ull +zZUDbq/CGvZe5HFRACGfd3qs+uQQQ4ZOwf/Sho3tGHGwk4t200x7zDcSkWGfgyiO +bFfGz+SHNT3OMgLg9ceNKnnxrBbfm9dpifZF4e18svxDKrXTLAXITHzdt3+V08vr +V+N9fnk4eWyWKTUfo6ZKLK7u1YGls3nTN8TdjLnjwmKjGemPyC9kIlN5bfiO9+qr +Zg8K2tTPtFHEjocekoF7N2UDtLL+S+XY6dn0/V8vB8UVvSMweQre/SI24fucZDYj +7BmqOIhH/chQAOjmShO3l3gLOn9YUxWN8Vw6U+mXqVO70qMgVg0pDv5DLkJuIqpo +ypgCK9Swb0lE4hgIbkuWjQHdrW3+bNKY4s40KS0N6RcHUrp3qILnraCUwEFCJovT +/3V19yGFJU3lwIzEwx4468CNvjUP70tqX1RFk9gqSZnmWlmE0VggVkUYJgTNhsak +g7kfNITjXWKbULgUetnoU+kaxtfEsNVEWmK6E3HE5SxDhQGRoGrPiQIcBBABAgAG +BQJU1hnQAAoJEKnBdsx/rH1WNv0P/Rtw7WT0eK+Af913/RRayGviNZyhc6lZBzwy +VmcccYcumzi5dnPjjHKp4qPAxE/CrOnH4fOSXdAZChlanAZaVqvsIGmf4Pbe++xY +r0zcGx+oU07Xgj2oV5ahg7fvexigpDUWDqrWrsO0aaREVzXpXELCwYkn4iZuaDxU +kWFtQp/zE6vtK1ujSBxSUSrP/kEmoQQtirqU/2FsvwckZrpfoxCQhK3evostrb/K +Q/FdPSUVFek4o9Gq9W7zpVXlmKpbB6dgNt3tyyenF3KE/CmVS2df5RN+RGxLAG7V +RSSuS9+Of87KdKc3YDzc5uVI1kRjqCHPXBpYFQxJlM1PcLMtcuLOMINcVMg7Fcc5 +r9Dl7vvk5OgZrDY/dhbj5qmM4EEtlEE/FuTv6HmQkkGsWDW2UhAW6gby6gDQPESG +hVayRHUCovx9nEjwAg3uNEHIRRjmz2p8qxteKFmGHtrkFwbY4DHMstWimWQqNvNn +jQcVZ6TdwpRU19pEaBz6TZMFUuK4LoFM0fmbTTED8sfhslPOIasW6ycnfgOL51rH +yBk3W+8fptjJU+GBMG4aIWPzVeSifk5iC5yvM5sA7ntJk1zjLhdnPyAtw5GfiSoX +DnwpIXXUKOJCPtEyLo5c+mAXZjIOac30qxy4oUM3lw1QGNV1+VDhO1Gx0HQblh7s +df6YB3LxiQIcBBABCgAGBQJU03i2AAoJEPjB1kfRPYGJqWsP/jMJq1PHJYVvtzNB +jCBy8xzuVGsLfX24YlYIcarXgYYd6B/qLryvYo+Xwicy/FvmYCAinqMchnXB/cUq +MLqP9llKPY3A1S+ZCFYTEDTWN/tXaDz2yOAXQKwAmkLfW1YuDmnTEGc5R9cJzYQp +Cd5A0ZUiZEjsRyyGgjueZIFSaDAUqJBXG+QZ9wJflTjNp603hFZ8Q6sxcZF7xW77 +Lh8tBrwD2Sxd79BpGFGo58b1xFEiHxgmCyPPyMG+O78skmUiXrzsy3BV3axNlabR +hviAq4QpCZmALHOudG1hFRJipLWLz9PKyGZV1o6WY4mMyX1CoIfYDXS4v1995NMS +yh1Z6MjwgwI1EF+/BDda0uuQK2fzbYuOq2H/8xjTV4VXVnpc9BhSIStWSJirLbcn +cS9REpeYzCerGzUjJo3HQG3eX++RbILrZnG18mk+GbN2yiRAyAs2PeK64NMmO0H5 ++t26Sp+fHcpdinaLyTGeoyMmjB9EICH8ovUXLze/w+kJFB4C78klTQyFCy0FtQeS +UyBBeZdNB26rR7xMekVLcnfuxfolET+Bpx1thvlQcBIhfL6zmMXxaNrdCRcm6T/a +Eufl1+rfk4MIRzLKUAm0Tx8Hfk2rkf95AIDqE+rG0gwueFyk3a9DNNzKfO1TFqzI +vburgoFo0JnDxiWE2rec7F1FFilMiQIcBBABAgAGBQJU05rWAAoJEMrg3m4a/8jS +XwAP/1nZlnPeR+3Mx19HKfdH0+X3SgX7N9RS0BxqmeB+MbXtXTh7evxgAHa6jslE +a4YSLgwMwI9WWymNIt9I8VAcEIwRhpXIJM8TAh0VkSCzzFeRLy1ITZChILfYoQdR +TxNsgHUFRGMWUS6lLkPUxA/wkA58llMV+4Jk3decD3OPzX9GhdNtLLvCCNyVzaa0 +oRhHhKeFaV5lmHFFfzZJ9Qbu+4hlYEn++h1PysihrA18et+6VyW05e9EUp7xN5o+ +LmkoSCCMHPogKIdI25KPo72aqk1WtqWEHsPrvrU7jNDdfy+jtX4/yZ9ftpRZ1KGg +SqrBRz9fH+nPqr/tdwlKZ3JDsH7xWXDuuLtr68C9pXZMHTc7ty1zdqWuNzvFJOKI +YG69KuHhVmTHiPgApE0fgg5iArEJRLKRf6cLKu5tiJbw0ar/4V1MIniWoglJghje +3dHJ9zN4h6bv2wf6GYPHN7j2t+6ImjWtOfArODF3gU5P6KG6QHAK1PTDuM9L/2J7 +SdBRzBG0Bh7Mos2h/7urnGaoUlM0Ffwq7Y0DzZFFZX+fCy9b8ylC3JNvAAZScwR6 +QNU/LRm1Z0+52FgKCe/IMwn8/q/xYMSn6E4qqj2eHbRZWFTmL7gijT+pzqhTQDmo +mJ07lCIEYX90JYdXZ7TQripYIDRUHxAObsnjLguPLTRfePuoiQIgBBIBAgAKBQJU +24hlAwUBPAAKCRBeLKvqsmx4Uih0EACMPUwUwjfQ/ZYA2Qrc+xE2wnbDl1n+82YT +bLU+fqnbWej2tyTWIsIuJGoQCImt05FOrPnIqqQjblH3L7vsM03PuQCf40ql3kk8 +tLCjEYdvAJRbGqYkYBELu11PG4JyvIpUdUtkMxrwY2YXVvb05SIE/jCaQFQ+ctSB +FTHciHnD5Asyy2dIEvBW34m7tEHaxMuQjSiaxh+LxUcRI+nboVEt+tMKX7yR0aKX +yUoKFWaCHHhrr0KJ9szgTdJ3EXjqgc0yzcxSU7OC+CfL8jNtilcmGLuVsC9sjkQe +WJa2LPHSk+2GqAcwmJqAP5G1vhbvU+4cI3gyTI/QPkqqJ/2IOXGSD10bvS/EGRSR +MJ9VYlmQDGlncKPxV66wiVTxcBNLqJJJWDvaAIFMF/kAAs7t86AoFCW5LMeUh+HH +gcaRNlXfd8qfyiZyDDZkVZptujSWdntcEiH3SSDcHo1+zyRC5HkeJZzQ2KWCzXsI +EvGEcTEgJ6M5YCqR4YtaGT/6EVEV3Uc2uAIEFJmBG+rgX6GUR6N1bNuv/pBk2rPP +Ex2CNEQCr1hdHu5G9WRGkXC1uTUwXENBEK6nWBmY0BzFT6lpRvfNeYEpyyNGc5YW +NFXNgB7hBMIDUslBKBZTXSdczPg1x6URyMj2qkCBHktg8o9rUzkNlKGetE4/2x/m +xhNu+7vVBIkBHAQQAQIABgUCVN4TkQAKCRDXi2HT3/d6O386B/9djCuEaXGP10no +2GPLlMzuDVEfBJXtu28lJrYpYETwYZVjAFzSGlq5/hm3Fo5I3ySLcbikZQZFTXjZ +dp/bn0IIaAfzS1bCA0TK7lvrvFI7X7xf0hB5bOZwpDhYtzveVFC/m+YZoM5ooQvO +1WxZc+Ktfcn/p4sBHoJLR+AF5uErHquPj3wuAoZWhlmigQEAMN8oIden7DAqoKlk +Gwdvq15AMb1zA7t7z/BUEFPrqYgbuXdxhtqbOaGCojbniQjlheK3Y3fBRStLzyUf +bJygFLWNMhb0fQPmORTr0HKfHh0mmyBF+hqbmEgCMrq0ISDU/4AKbB6NTLlRKloZ ++l5DSyyPiQIcBBABCAAGBQJU7KxOAAoJEH+NV8JAzsgJe/kQALDJ/Pz6Tst46eTA +Y0WniZgIDgxGlMxLT5ip5DquZ1CQKoBvP0b1XVpM4Uk9DdqUK0Rw0+YSu7Smcsx6 +biAmAgzA27jTYV00NC/rmMy5RTBbe+g/rBwsV+F9UuEf55GJYFQiJkobR7N2MUYS +P3hGParqQ5byhOsYzPrQnJuq1ePgXkvd0XHjyOda0Os/WfkQyXsGNypDG3NBuCJ4 +Gh0M6TMQA9LnkUWRUQWfs5m0J24KBGdhi9mgHZJAR+VSoxRXrw8eC4/QL33HbrWN +QMWNw89ZGw0s5ReWqHWSyMZwC0urvXeDS8c3Oj8ZOPJ6GCzs3IDQF2Yx3i2hdhri +4JjG1tIIj7l7OD0w8jXlLZMFJUUkiYfGlrv+ZYziS7ApAZsu/bHXTcNfWWtRmouE +kQxg9aWxXSC692Wjx20aic/dfZ+quNRmxRiLBfTbqBGHfuPnXyv56dtgKq2Ye/0O +ZQPkUscLEfkJqVShk2rm1CEkugsBMV03yUDoYKx08eTWk7uYoSNKtt0lKgOpjDdE +NarG8fAZWPg4E9ScGnrBkOaBnSY7LSavCb8U1eL87zyHcB4vVEpsA5UamJO66b9Z +/6SFAw6Pkx0b8CZgPHJU+L324eOnn3EmP/mWDneux3ofzjR0KpuZDnJr9amAaJhl +JX/UOoKfp6DXyQS9ORcOdaY8j/VAiQI+BBMBAgAoBQJUzxS2AhsDBQkDwmcABgsJ +CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRDVv5/rAxNlOkRTD/46jnPeXkIAj074 +L3lf4rqCn9plpxBS1IZzw0DX0nxB1N46DsFC57eVsXxu3QOnUVYFQx0eHfddkZFG +ex3MuJkQ2Cv+XpbFyOnllx5R5KgZlRfkooGK4rixk9vd5nqnFsJMNZAqVwXVpgKJ +hXPy82xJsjMaeOFd5HxkxdLVqqKdjwRz9r0EczU+YUcIcYfNshjW9aptqyEF577N +13VNrV1TMLBfb+ysUmBSA0R6djhoJNcWKFOKJeUoiATyJKRmUJaOl8HQcHTmSqsZ +P0jxzBBMGXhuoVSGqaRtYOc2Zv7w7GgJVyla6YoTbX5TzZz6u/8Q+WnzoDc5xA0k +VVFSG1Qb5+zH6rKSwk6xkVD4TKUokz3aKXlPF25ZZLIe6qwMq1C9V5xjnMc1Js+j +0PRBbgvOLVxqII7L0sDUuSHzxpuxUwKwvYHBxE06N7VNBy6sdYO5Qb7fsXK3IXlB +N8qGL7452pnb8j+Rze3wPO6iU3/EV5yTe3NnDBYacQqHWlCGa8VS9UlCxezskg5S +90pPFXhDmc5GfFQP7sAVe3PbtIqBx7k0LnNUHgEV6gyQfrJuLOkIzMivZ1MLRlL+ +H7ityv/w8h3PhFpdu2aoIAMH117TVeMOyJCEg+BMc1IP6HKT2kHokXDcHLY1Q9Lq +j93BCCkcJQaZAfnjECY6iU9KgbEv9rQzQW5kcmVhcyBHcnVlbmJhY2hlciA8YW5k +cmVhcy5ncnVlbmJhY2hlckBnbWFpbC5jb20+iQI+BBMBAgAoAhsDBgsJCAcDAgYV +CAIJCgsEFgIDAQIeAQIXgAUCWd49KQUJBvBb7gAKCRDVv5/rAxNlOgByEACSPrPT +zTRIc6rOFlHphzxEk595vWrgfDxCBP7GTM6WdpbAhdtlItHUmYk1l8CLKJD1dDUf +xCUMz2roVVkN/KRLqQNE1eVPNFENMsRPwC8o2tztxewZZrwavFQburhn6H/gz9QN +6e8qaQwdhYA/FlGvi3+wYeQm5XdVHLLbHFsuQwknKYoKW2TMLfBiFxhw5EZNbROc ++4OB4nlT0iGGieq8Xgl1OeTmF8Zv0mOykSYOe2VEupihtRezhRFwLi/opCToqHjm +tfCut2PQTLVop1K4ONTbqTEbb+2PpXX7o8vRJFm3nuhZku+KYDwDEZg9PiEMGpDB +k8tbhz+7oaw9CpPjtqv0t+qnl/ouc4V25n5BY/LJejCaMOwZGrQhUMJ+6MvBivmt +IUmvBWMeaERn50raqf0cWURD6sjVFjWcPbMA5kSPRWcGKiOYm0n4VwqUvKZcJNtK +PzwwTv2Xll5eXJOEYxHLJaCIJntJkmyqs3ug7cL2FYJuSv9ZrXZogv6Y9p5j1cs6 +1NIRvSLgqyP6NbzU8ljsZOs+Nfxes7oOUkoEMPIU2iznXfV4gC0gm4aN/letfepj +eOZe1Ofh2vWqXBcpoYEKDCPoS18XDdsmcw/04jdQ5uU/zA5CuiCyrVUjAMh/oaoa +9vPXUDArbqcf4dMfEZFwU+JPtx2+1VRJ/CJaR4kCHAQQAQIABgUCVM8ZuwAKCRDE +ySfNXRs21481EACdJPqf6glkX6azhM05SUAVwoEkCA2EpGzJePnZqKhUNE8bcHWW +xot0l7N/Z7lLqEzoX2839jEahP3wvZdSy8IrFpJ24qXX+L501p2ZBQbsHxXCjpqq +HI9UNBLmoN/BNpgqHEf6TeWJ4TQaVpEMcnEboxO+XPGlZJz6u3GqqQoz+GqOsL5K +NukihhzEFOtBf4fOSkwzghjJTe6JCMBQnpVhG3/0n6EH3W9/zFtmXKaFLIYau6kf +ihzi0sj4Kz4j9ho7fjTFKjoD59uAwEacGitytclSBDvEl6fUEwdPsLB//LXaiqQ1 +isFOGaKpVZm+EuOcrkBS5mtTYZ8AVsRzX3FJl30ACaag6fyZlCJ9pxZeotNxkiCc +r/4+rzZCBBzhVUaWPybJcgyFE4Y88ByrMrCYRiOXPSuUiBC9SEG/H/srk9fsxqfB +KNitqrFYCt0bg04e5mEHOtWHh7oCTaqjYWHN3RZU+ROK/aQUR/c21sGWbngAwjbv +7AZp16uvekWpI9/B4iQKOnyX/mTd0DBFj7L5FxnYl70IhnlZdGptO8bKFObEh6Ey +jCYvcbsIgBVvjWF2Lo55KcBRc5MgenP8h9ppzTeHnW7YqVsgQJ7N26MFRFeBT3vw +O39/i5Wx6HE+jZ0OKUDRvjlSor5EdYTlnm7u+UN4phdsSU0OFBGMEkWuI4kBHAQQ +AQIABgUCVNNxJQAKCRC2cVfzpw1FN8yzCACOHsVbUJhbdWA1Ya9mluTehyIlxQlP +URcMSUtgBoDZgDv4wVGqD/QFQ1ScuE1/Eq2bLfHNy1yGDXVGYkE/QjQ8CEUjUc8+ +vnSLm29VfaeB8DxOrHhaqzwuf1XZy5Oc/s+6gUrqfn7fe72apU/Rx0/qHBAzZIl1 +t4QCM0hzEKYONlpVYAZVoXBKY6SSZubUWRehUAhN3RnChwMxDA9MPNXqu5m9FjNY +WV5qQwqbn3dT5P8vd7bh461ZVkAs50NfVx31wlNd1369g3BZkcg7dw1yfa6BzpdT +Ln49yjyd9PVpIfxK+MSo/q6fOMqB5RDpXB8/HzfO1S58AO8pMsqy0sIOiEYEEBEC +AAYFAlTTc3wACgkQ8uJF+0DwaUBSlgCgkyvYlDGX2klLWUykqBb74aiU1MsAnRKi +Qsl9Iq7wlgJiuom+VavQK55/iQIcBBABAgAGBQJU1hnQAAoJEKnBdsx/rH1WNBUQ +ALeo4BYHvwshaUoB+KE6k6lkEeiUZ4BxJOgNdUv3nHAvdxCYpEQmiaEQzViwe+8A +bEqDxMjAYteQDNQUZuODhSQYh1SKF6i4xh61mN1RKOtAUqk8xjbvKnN1uc2EoCZc +vHyP0O9xQl/M1QJX3Wj98Hx/wo9tSFgdyIfFLl1AR4XKHc5qE9F+9guIfXwKlFth +m8ir6MK2rafmYcVNBkj6p7h2OZT6NyQdGqWCdhR7yIkENTUms40sulXKPEmhwIux +T86cjZXg6+e3vvA2xdkoILHSHzO3j8DCMTnEaVten53grDKFwsSSMWjrMeuSz/4X +Qxb733LYTNXykMeyTonGGqiDKueJwfTCbaHm4Tx6zn1V9+5kAZaTVsJuHH8nGKzd +gE98sqUBz//nj112aOAH9LYjRieZ1u7mCzVvOUCX1lf2ZNniaRn6S60pYqW9BXs1 +LrfeNcE6qcd0146z9JAiWFq1DlXk9/D5uIvGFLoV9tRtPnKchC/UU/IjUO0moWOj +jrldwFmXHpjaNCxe3oGcKctLY9pFdEfzV210JQpyvkTjSpAqmyjnOcq8SVlRHazf +wCl9VvTxFydD//Z6DfFLMQxG1dqZl5fd0+o0H1acbfsaRGBo98KuM6rDUxIBG+/q +8ZXLPvVA5IBu3xF80MsRanQbcfIvVG10Pm4Lzn9+arQJiQIcBBABCgAGBQJU03i2 +AAoJEPjB1kfRPYGJR0QQAIFN5+oRf90ZfjUMST/uFdrBou2qRzeKS2GAjqIJWRFW +01WpBVYfXnLPfZ10LnAMKsmHAF4WVE5EaAoODttdVO3aV9GJheGpOQ8CjprPDq2i +aNO/ljSU4N7EQ3dxUpLtSedIz4KF0vV3HylqxOUvaXT2PDe/U6KgUgo9HBTvOGkQ +s1S84FbNCx8HbruWd0xt75CtdDoHtJRDKznZmsT5eSmbDMHMssQeVX/6w3fxkk9r +FXIPFWOChLhk6jbyYTYw2u9ompy0qo/uaWoewQdjivY8GdoxINapDjz0MmX7CeKL +nivmkDGu2dyPc/jVCgtduUfKlnXPogKJki2n8xmK6ZpUlB1wQRKA/+SmO/QTIBa6 +ZfOJj+NNOaCBcBTZ2fxNy63r8Ggo0jxjMFLROaHe0k5Xqv6Wjml+TbzEE7KgAGDi +CTouY0mYU2tXmv3JnFscNHcWIiQo980na+qm2Mv24yl2BlhdTRybmPfCGXQZ0bGL +xIT+oPpnOb86P24M8SY0b2eIAxSAmfF0xIP2Rq0xgeusDqjIN7LsSdvTSJo3ZSY3 +1jmn2U4yWXpZ6ln+qkJ2bEN7DbDKZEQISimjImZJfb6RpWwZczIMhoplM4kMiiu8 +QI0y2kDLV42zlkgHLuW7l1jujFquBV660vpt4hmPb1P3+9TvIUKnbyICdf2zinbY +iQIcBBABAgAGBQJU05rWAAoJEMrg3m4a/8jSEvoP/i+/JKS1Tqqenrm4EQrsV1c+ +ltAui01Ua5zNh8ISe6E7l5+SQLu8pC6gKfjgu3vtxNSlc2FRlNIycXJDt8vNoQIA +BVcBbsD+qDbj+eReVYVbJsFcUHwsP1BGYrWFmoEktYLuWRGj2kiUjc0IclE7OxF6 +eT0+EXjeMmrH9IC4SxZ9J9OiY5Rnr80rmY6/sZ2hkMyQL8nxrlwH1TIMXMvEoudQ +rCT80UaITk3OoSz4pPq5H3jGyd+LHpeXjCTbJxOEb0UwmgFPvXhY8+4JP4ggd8vp +i61ELYdnfXd40KopOT0JMRRBvmg61pKUpxvf7uoTmCT9rL/5f1kvA+qMpauy8Qxu +5PL8UN99xYYdB0Na79mIttXwAdOlKiomud1JJutvmMoBEewIJPjW0LuUEL0Z79Ra +0ml/tZ2gygu/34tms04fFFuPmMruyOm4TtVfJB3LTT4EpAAnICXkZbc+Ct+DYVCj +4JzuZi4G4YMskbNG4WZn+mEXnNDLqqSaScIQl6/rZU2ha33DuOEBC/CYZhBqCz3i +MqLiWveUOHuinDVE+odAK+IfAKrDjfBAXv41eNsRiRrHeVKV04y62n81bAtW9mfc +3CbgOCKFp5wRZu0pZyU3uKPUdbEo/r9ovKuRmE0MtiZh0wgUtYGmWKptfO6a3V/o ++11V0cDeQIQbaKTDjhiViQIgBBIBAgAKBQJU24hlAwUBPAAKCRBeLKvqsmx4Uid/ +D/4yKO4MNpgNZIGKiHT9Q9UNuLYMoCdSl0FV5VcQyAjwzfcJ7AAcFin8w5TaX7PU +viblZrkkS1UKf31SM4GPvNl7I9LaYbNm4f1hwaQyJ8YpmJy9hOw16PMG5BmitdqQ +fer0cAgdW8abcOwft+ka5e0wHT8+qc2Q30astjbs+FCvxBu8bgzfvkiomjWH/CIS +tPLN7IVi/0uBT8a0qPYmcTD8fi7ElISXV4DtQmgKGDsvKBj6bvzoCCjr846qdT1g +z6ZF/VEu5Gc4o2gWT2n2JMS7MWxLuux2Oebgmx78RaJ1OkuBOunLwjtQj1kj1oPL +22w/eeIquesnrNL7yeYVtVcE5WVLMM5JiMFUqEz35mvPndMcevP6moOIr3vhySyj +gZhZt7kmbSw1WGcBIlYoOiPiNo+znPMqcNhFh3C1CRecup0m5X6adCCui/zsSIzR +mhpbVbN9YY9b8CoqK9FCw4mughIxWfh4+Zm0opr0TT7XinqCRSgdqGDijfAwPNk6 +/ZL1Jatlr41zGimRaqMId0M8sxbTgFaWAtlkVYHEgwrs7QaYgZ4/tFaGzbVmkCm+ +OMavfcOn4d3Bz34obhUpJHq+XpnyP6fPvaZ+e6u1UWnR5sRomtJRtUncLo7ZZiIL +yBP5idB1l+I8ReSiyZyyOuVRHcWKRi3DB6b3I8cjbrgq5YkBHAQQAQIABgUCVN4T +kQAKCRDXi2HT3/d6O2rJB/4yHVaX0maGVblkt74bTKgHBOA9VuGWr78bJvVnOho5 +wRacXEca9te9ofM32JtL7c3rNiNHvRuyutu4pFKqvQ7lrzQCWdLG7zlW4gNcJg3A +R4Sz35S35bwnc46aiFbFvo+J3IWHXXxsmgQ5eICGGqT8Yp7nFwOFruc6308j/nRv +fbgbNHlbHhxb+VlwmskNBCaDZ34eOvfl0V4GdItXaw0IOLOLeVNbSCCspI9kI8mH +lqnWCRxvDpb14UZHC1O2/VBmsQoc+7ZyizD0HpH9M4aPqiFBb5EtOunZYyda150F +1aAiM1YF32hZJA8XRszC1ttqCEr+K47PWZvPcZPgwSxJiQIcBBABCAAGBQJU7KxO +AAoJEH+NV8JAzsgJ1Y4P+wRFI8J0nO/dK9r6UvT9o8M51CfMOYd4q2gkSGbwtstJ +dg+4Nk902sEPfIgh8vVf6bvCd0XON3r4q+44KeL58wCAzgw28jGphYb/fEupka+0 +nqYtJ6kArCSMNT4QN8txN4kyzMp8dMsqDABS0m3WgpYuGqO7BeQY/jVuF/ZIB9tp +SpUBICvRxSuJOZA4BzY3geqY2I4xY5VuqNYjg8dtLUW4rizZWQGZVdmXvviou9uZ +8IOZALjYYaN09PfxDOdvE2rveyTvp+Rs5TkMJ0Pl9gfU//v5AqMO5ABzV62g0VDc ++xpYDsBVFQWy1vZ3aJGLeafvPttXJwQHPIs4mKFePct7Stlmgf7xS4dP18Cl8fnY +yiToH/prkTrfJLXgAmala4mr5y6SvfTxOGkYQ/o8TQaH/mBIIQfpi+l1SzhqwNKo +1bjGFCd0G8oktMa2HEmpEfSaa+Ydd0Rs2V7/u3QobE1KMyT3QTJpYHGyePqdtybR +Q0YWJI/OBDT0ttRjPNBizvlZR99ddMs4dWensmd/hzdZZryxUwvpFzT8gtdnNxE9 +Mf2NHYrXRQie0mjDVSNWzgvpEFatzja2rt3lYikWXi3tIv20r/E7RopRCMzqivB9 +JzE5ZTFshx4S43QKASTLYqN+dGEsRwcTjrpOlgKsfkZHcZj1yOf6PKJpun523bjj +iQI+BBMBAgAoBQJUzxUMAhsDBQkDwmcABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIX +gAAKCRDVv5/rAxNlOonCEADBgoFsIA+x0mp/sEPWqQiIs5Q482HHmO+XFOgLC6gV +W5wSU345uSLATHfGJA1idH9h9qtQALKE2A7YyzVqqBNi0DzrR+fr0jHfyUadZOqm +R5MHSuGeGhu+x7nQh5i6OsxYMIVSU71tMNlTfyVGWtRgfV5siTLVCAjhpJ0e8Jim +6225mPXL767Q0WyboC5CIohqrQOifubD5qmsPDsY+y8vgLWzDjjF/pgHA4YIfFjM +VOBNJWS4z0h8bqScbURM9A84bznctst+3y1QoIIVQc7GIP9mGIqbYGZ1t4TWuyd9 +RkaBi3pafkbgCgDR/LaHCKHPJkda9JsOs0UCN3LNG36KrAWWazksdWC5H7oXdHss +CpvJoUSW0mPmblCZHQUx2gp1WNE3UnwJbrmOdKogQaZzVLnNLPT4xFU1xF3dVUg9 +7g6/KHs/Eb1B8xoiD0T67iSa9LzRyuos6Kuerx1u7SrDGIBl0ViwV2erB9dC+hsL +ZKmE8A/lHyM3r6NSzQXtAbXKVdp1iC2LlqWKUxCOa/KgrGK5yvGVRQsuaMEPGUhw ++SZaffut/bHX/P6U1U61+Z4WsXQ1gHtJ/Pa9U+GfLolUzb7SamqHilaCGU5KBsvm +jGxv412Vc7njAXRAwycFyOViDBpQAajF/YQ6O37UzMdY1pLMlWIkL+3R1vtJ1kRc +hLQkQW5kcmVhcyBHcnVlbmJhY2hlciA8YWdydWVuQGdudS5vcmc+iQI+BBMBAgAo +AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCWd49KgUJBvBb7gAKCRDVv5/r +AxNlOlSTD/9S0jeevyMV2e0t7lJwKZK26EqMvJZiuwJXyZ6AGm/uvGq83eJRC5MA +dcCK99l4C6vnkMPYYaZptl6Ov0hrKyEm1smm8wgDx3egLWmXSAYqdxuzQ95/ZOfW +Nw+sNPjWJ7EUQ6XGljGnDpbm620Yizp5+XfkZQM3GGMBvQ/m3PjEBctvrOzUpvRy +r2WB4aOybZpSReqZsIESWpbfrYUSwNd1wo7QMrB6AOFn6c36jdTyrmXd9TTUB19s +VmJK6udk+ZtUxHv5PkSI4Woq2+Kgfy6KF7vSDpRJ2p39CINrXPghL4fphJ3+H2xw +REAQyotUZm7prLhroCS4sO0W6AbYOnir2pc7lddpAo4Qc2XLc1LPVAaG664LbH+P +jwi3HrDYdzbxRLkWMcCEqj3h9HOXsI89wjCyEdACb62C8Ro3z44patL3mp/rEYZ4 +2wTvY8AlW/V4U5Nc2BY2FoXftFqrpxhBHHma74r+Z2XuJyea16dwtUKZHBr4jWUA +wzbvrM9J+W07XOKP3TXS1pbp6lOW46ii7e8sKhxC7bfNDdCAasUFyKOp6BBw0QPv +n7TRb6U4lM6TlDwt7OR5jzxCbnvJIUY2KDSwiZayQliIgRCANyiA1dZvvUicg4Eo +JMjdqM7tICTcwEZn7oM1hujTUtXH2Eb990r5/dzuxCXrQbi1f6o3jYkCHAQQAQIA +BgUCVM8ZuwAKCRDEySfNXRs21/kSD/0Wok7ONJBbMdcaZLF7c4Ge1/CX1h5a19dQ ++VfpNKWBtobDxnZiOdMXfx4v2d0hVzIOBD3bEgCCBkYPjmWSgBRMxVPsnTylq+Li +2TzEc9lV8N5D5M4K/o19bUmy6CSWAmXTHeWviIEmpCLFEm4fiil5Abz75mIzmDTt +jrDRrypZq6Vd/m+aRzQLxkjm1PRMnd0GuxJel5wS+Th9MMM4RNJoJSwT95IDx5cL +bjJ1lI7ZPTaWXfIS3aN3+zOJsu7G+lFRUqLcrhdlt3zG3esB+7Pa54OodQ+JB3Ow +8sf8elJ1dgW7sQDemSM+hzk9IgkbHzPGIe3j1++wPEwYLxEGvf8fgNN62X0B3Ch7 +ePqNtyz2SiIl/BkR7Y9NcZSH5RjQGs1IH04suHPb1OIz3vXmdbRxM64uvB3CDobm +UNcqKY9HQFOzO9z21ZiRg+jWACsuvJ4+6VLS/XN0vHoNROSG4t9HOIQTa5GYVFoS +twgbTN5fP2XUL8/r87tAN443Dt4DFBMo4PvUCVvthZIB/Jfw4EgUOmsmpw4TQqDP +gE8nNWW/V14agNTOU4k/cnOMV1c/C0jMpblvJwq4NzbGNG8/AC/CVkbHV5gHRw1W +SrDJ+wBPVwlNYEm1MYvdYWfN10IyeZfeSfEeUxB4V5AtGTpypITedX3OXMEqJ2RB +t2Kp7FAwMYkBHAQQAQIABgUCVNNxJQAKCRC2cVfzpw1FN20IB/46wzCgYELxt94M +w2EwgYrA7enk69mvYsq0PTWHKGsOmZTEhm1+YV59jINhDhUFCAnKiGb35AuXpFTm +oI6KtfB5rrWz8dc97ez5lRqQ1b4499Byi5Ut24WLfVt30pMkl6G/81t/fGfYxEoV +5E914mCMMprlvwY0MzFyOBK49kJIH6gWVX4Dq482FdNclMnVw0zTGrnsbRtBleaJ +p9wXDICohIuM8EnloLQKOrhSyuBze9y3TpJCaGFa5dxgL0rUI2oKsjbgQp9okSLM +7vh79DvL0MWjlCIoAHBTXS4X0YgJ3agfiSKh2hLBz04Gd/xOIhjs65RcKaj5E1VP +z3/l0byfiEYEEBECAAYFAlTTc3wACgkQ8uJF+0DwaUDtQACfWsxhR2aUaF2fI7WI +x73Ljq+rhJwAnApKusV5tX2xrMKpyKoRfvi40D3kiQIcBBABAgAGBQJU1hnQAAoJ +EKnBdsx/rH1WW54QAIue3rnxcP4uhDHNPNVbjFY2SjXZYAE/JWPtNqrVIH6UutmL +st03FwekjRKHyt7oG4MPSw6tiixgSWtA+Fru0rXIdYHNcYBWhAvq3B583a/EVaFg +tVnuMTj0EFp0IxB/fxImXTsHosQBEEAr/bzhQDUROYDAPpTNoiFjFW972eX8poXY +ABUIK5/TRBUsVEkqm1PWAThWg1IPrJbe/9vhwjQysocFB+TpcTS8XSHbAe/mjIew +AXMNpKwfZh2WKoZzF4ecSnEjSpaitoODkMwZdaup1O1GRek0rAZTvGNHiACwakXh +FK+8juoAI7O1PZM65ZEMbl8uyU86EKJdKyiTrd48YIu2P7ShBgix35HpVFEL1znv +bhgcGBlXoyU8JbK5RhRfXsjIwkxaQdmTFF7zsFypuurpSS7VPBkL4CU/254ozdjW +jzMWbtb54jqsjbL20WWJRZnhKPmwlJMo1XuYUkFXnPoBbPDDm8bIW5zHWabKXlQs +6TY3u2Y3a6QA28Ib4LHg9VZDXRrPUPMtdHbvvpHIGP83AxPaZVy0J3X3HbmnR/0f +sA93T2uWm2f+XWUkizwjnI6gMTZGrDXkhpNwp2B6eEEQkT2GolCtyxoBV9dGqaab +AVromrjzLdpCx7z7t7r3gl2zyiqfy9FTtWwc4Yfu0oZMXc3/oWCq47NgBZLHiQIc +BBABCgAGBQJU03i2AAoJEPjB1kfRPYGJdtIP/it0L/iKakus0dHYAtsGEozeJAuQ +0D//ML5PIXqEQLrIfeS9BSLKO2LtYUQItphD7cMVAoBGOb2dIxtgm6jT/y624p1s +ShAUWB9HOgz09MJAfPIisDCM6coRtSscQxVrVBK0S7ePCbjZaGy7XN/C+7Mc9wWE +c3XE54wAlmBcFZ3IdFRSSyPWpDyRuTHbalLS9ctQ3CgM1lypASmh9lwtunRcTBMz +ceoRU5r72NmUR/CkIIB8lTGmf3zVrihUtpOMHfatsVHCSco1UKzAlbKowdYkKl3M +yqQOLPa40OQ/1hhyGQdrzkTyPQS8g+dW3hViZ88WomLVT+QdcS1lGPKgZ84ZLeVs +mOls5edu1XJho9M3sLZZ3+sg0kQtsVfdU4AUxr7YpiJVlmL8LY4AZbCN98/q9Y/o +4baceWiIZEE4RCuvZnFlFDZRX4/bCggTfKJjqJ4DrPFHaHAlBeW/bcyqWQvfEooO +SV+Lrk9W3ZXaNeWf05Y7BnwvhFHQNCIfeFxK5YTiMGPwkM46DicXvyzDphJCeLI8 +yXGUcmu7V1tXrQ/wK1OyV+7YsnjG/2wlmN44LHucx755hMxLaAVIshoEI+mrDE9W +wecxo1NW4++yOd2swYVbkdlrXXV81v/l/9FpNZWGJXwgVLKASO56/iG4/xF/eblc +pGRebr6fL7aHkRhuiQIcBBABAgAGBQJU05rWAAoJEMrg3m4a/8jSiYIQAKCfXdVV +SjBh25T4/ck1erWVb6CeOGIB02sxmwwIFkqqhaF3kNO4j+OyPIWGNr+5evk/alFe +c7qvyn4GV+zLn4PVMPlHjrtJSN0HHc4HVhJ4xDLAZRobPdrFyT3y+H9s5fWJVwGS +6iQsKGfDZlc+Ks0xb5EQjqWHHljb4NYkpR/sWNb7uFd8BGqcVNG0LgF1RZIu9V+L +siF4Vt36+dijQ/lCLSYNBeDLsZWZZkvxcQZy6SCnkwGVpf22v1fJqis2zoNzFI6b +8i9imsdT7V/cE5aufcBnt3NX9ozBaVtZ3I8M3ote0s8jOWMUywHEPEnEr9O0Y0O4 +SX6Qe7wtj/ph9G6SQBPh9MMR1tsyz9gpw6Zkahr9vcjyuy7XFAyDSjEZPgQYJeml +L7AktJDBTVHdOggsNfKbJNU+noroLNn39k8XX5Va7EWBk/0BYTNrYkqLvFC0GRkl +jf/f34umQI6SzX6S8XvGhvySnvqDhBeIbk9zkKCu51fD91NohJJn+SvMFp4t4gHn +WLbaUk9c08QVb3UMVOEcgjj3FmQrk70hsLef+o5RVfnQciAkse5FtqZIzPoG3Aw9 +BWTKEcEQC2OPGqRDzNZbMsGnsgDvCtUww2YuaNL8b7HA1i9lb8e4+UV4SWK6pCw8 +nyV5RGAmqIlKK6kyodaLDg8fkU3wXElsXYwWiQIgBBIBAgAKBQJU24hlAwUBPAAK +CRBeLKvqsmx4UuBYD/4s2MNZgo1SlQ4PAaqi5iVBuTtkAjHNrhBSCr4xAn75Orf+ +HbHtA9N1KlNWoVCli2KjIFzuVFo3uou63mV05EYuVvS+IHDGKjiRsdTqN5P3lSBX +jgFkGAhqpZWGDf0NbLqdRkuvIjeE9QaUXw81irSItA0AR7SPi+uuWqqeAex+7Ymi +NqBxN9tYEe2AuOMIeHrztIytDmwl7Ki86u/RRUfDGuMPjVmemHANsYcqHuc5R+wV +tJ/f8yUETprzRpBoInHhUiG0dPsrvHSrC6aiwO9jKLHnrWUrvlud9S/UZ69jJAeW +tidkHyGjNjAOaz8JXjPfLFDu2avNm+0TfdP/j4XXoBdKUBeF7gXdhVqAgP8iOKIl +y9Uk2QsTkY6iN0azfaWOoTaG9qzOmyzGnpqTWj0TJz9cd+Tm3OwaSdedwv+8qE0q +lMWftqWgVTX9vVh8msoC/p4AfVQatBc0my0+oveKlnoedGtmL3iniaIExeoBdWTp +nP2vgifUeGAk4naUPrRMzBXcof1K3thEb9F4IApw06oCPNXurMiCccreSqIAiC4Q +SnB7dm4hUVFaMZpEbDd6BvLNBZFONanXCizwZHPF7UWTd7thi652OT8WpKyiWgvL +tgFi8uvROY7I8SmcugKam2ZObE8WpGCaZanueWSWGS43QOpGIjPts+ow+zgGM4kB +HAQQAQIABgUCVN4TkQAKCRDXi2HT3/d6O4zACACTt8quvuzt7oQSCNcaHRzMDPrQ +ycbrOGJM/7PZoi4SJX+gPEFrn2KV3VoKXYBetvjw7YGp71NEgBuXQIc5Buc0mGxB +ES9cDjRCnMn1Xa+K6OJ6LFEhibQVyA8c769pcUOl2V8NjbasWJD3d/50mXJVupKN +7UQr+0kiL0+jGW1w6mXuwL+Ea4S/WFVz4XafC5Sj/TvhxOyZjIxgl251F9HWvS7q +duZ+mI/0/H+VgWK5anSztuz5071t18mtJPW8mr5XogGR9MV2NjNGurKLWjFK1JNR +D/yxkcW/MxE03fySq3ZgnCrIF0SvfymNi9Rr9HaGSQ+6QdYr14VFwHmzMkv4iQIc +BBABCAAGBQJU7KxOAAoJEH+NV8JAzsgJKcYQAMmaD2LWWnmSH5qu1wzghQqfad8O +pQZYqA9VUKJfkfKMwpDv5cRLj16F2vkt6SG0DAwJIw4qdcSctQQiktOsqcauWRqM +vTE4SQIB4teJqe+m8QkkWHFqoG82x193t6DPypSJOJxZnkW09FwPleQ8qJ6lXHTi +ctJ2k4KxOMfbRphKNumSStrrxbvRbCN6XRS6R5liUTjE7WpO93wN1nzknWF+tRU+ +CFGj9uaRO+tFocXiBvS2l3RoSsyLNrhsHSFUFzNaeKV2B8QbVabV2S1elIPnsJcB +QJ7zZLKt0RfIYGssMmV8ZenOFKIQ6oNEe3/ooTL/BqFVq14Zs3lHokJJnzE0/OBR +RhYAR5YnugUKyicSuzfplB1xhlLOWZ+yrkAE/eIyx89lNgbCTbPDnphQ4dX7QB4D +zyo4bIomVMORDB9IuRjVr7RQEREu33d0AKxS6WcobyQvJSWL/GmflNE0gsuSKp5W +vpetxMt4kk294i+1VXKrA+tkmffZiSFBXEVlG29a+bu/ri+8AN0GQevIwHKWjWUa +4S8/aMRB+vped65HGpnsceyRSsh2DQmGu+xiIm5djYoA3b7MvlQI5LlPattGKp+n +P/Qca0QvuUfrlbEJR2Go0HkpwPDKuHgg5bOyisyAC3np2KMeoD1qIuvWFuOid2S6 +0Xzt4mp8m2lkoBahiQI+BBMBAgAoBQJUzxUnAhsDBQkDwmcABgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRDVv5/rAxNlOqZYD/9K0yqXKKaqPp8jFfYgDKXLrmy9 +3UgQZarwBnuN0rUmjrWdvaa/E+Dl3shaktVRJ8+FpIvKIjyi6NekWIjbVJdqTmxG +qm4+5TJaKs5JiktqK+DRrxzzyCiklfz8cNU4rdsuISTxiX00fKwei4JxeK+FbZ8P +BPTiDSIRALh0RF2peBM7deCDqQTcPOykdY1zs48EI5/L13KYG7fA/MiLuKg04gVi +CRNVG5ecvGtqmp+I4PPrXDBlEa3BYq3SL6+e9GNunqQeM40pWBdToyiHFlFdQGXP +BNuwo1jpieRiuIk+QoEaazfBvho+ltgzOukYGSmxwDLtaQnnz8P1fhMuxTemm42t +YMVQukrzrWpwxcJn6kJTBfIjS6twNlDPZECVTbKZ6J2WGVozLOcso2RZyq2oj7en +t1D0qyUF2ARoYhrhQrbyCUuiLwU09a+Y+QYaMpG0weEYCtUa6M5SQPPEe0ItR+qS +zIKVClVXupkD2G+oOSriU9SN1Tr7oR+SUNWxdESCytmBYkerez4aYgh5Zo6Dtsb0 +SAMYi6W09hULE8xFU0xuaoNKAl4R6LrY1OmzllWeWWhMSD9fFtFE7NH7mgsKfffk +7LxKKS4pbWVZfU0gO2tCpkQT8Wv5ivNsFEhlMayvan1gzEghUjwOPB5eBL9SDqMC +nPb/zcGKBzTKaB6NsbkCDQRUzxS2ARAAvclQPdxw7YIB9GMjgdvvEWw4Rs1hi+He +lpSq66s2j9g+9gtkmbMX3kch6dX8FS7uA5w9PqYlUt/YPRD7OUmB6UYB7qJH31h2 +oYASDmfB1qfX1CMDCeWaAVy6NLZN6JFfb1uh85Sg0noQpj1pfb9J9O6Qc7mPTJOz +/rElfAgTBXMH/WgZ2k7lW9zTGQatLIcBFlqlKFNaJXZoJJLddD59AmaqJ76yYxGR +1w/zNiMuRCOKRLOUo0GDPEPJuqyrx1f4sZ3qLilQU8Ud7ChtrDbu9XM+cbQ+aT+k +BJuGZaHAWqD1dm5IL5Cl2bCC73uHvjAr0zzEd1c7S2kDgdEuOm08HXeaO+JtaByx ++S1UnHquY+EPbuZReXCaOMeTfJR2kGL3sW90T9/Ln+IERR9PqAvaiInTkU261GEA +siEjWchExXhEmhBeF8bXW7KuPj/1Rsbv+Ot2GIhW3+4U+xHnN3dK0I6r8lY8pP1f +nxhnoDyKh7PemvfHuShf5/BwB9TPAEjxcGjOUF1KL+hiDalfsaBZNlm6Dkltt2xa +g5qu0L6tHyiiPkhf5clO6qy1c5Y7ffQL6rvJGZQvQFMgzD8BqsaRHSNEyG8thnw8 +xa/dmuuixZtqywyFqz2CCa6Q9LUgf3VyhJXecNGXUFn2chvXjWQ+tldfZjdZT6cL +pELi6BJPCiMAEQEAAYkCJQQYAQIADwIbDAUCWd49WwUJBvBcIgAKCRDVv5/rAxNl +OnNxD/4x87qOvFnKtXGguFrZSaL/0tCvjCfNyLPFB0T8Tssso5uGADEIlLHyP8Z8 +GOhIBF6RZVyEFsRElwf9Srl2jomQxCWHVvYXKYpQdLyUIqidHbgp664SDTGJpR3W +f/wPwbyEzE+qOWEg8wU2qoDkeCcOYoqE9R78TzKzjYMMKYrXqUrE9ONSc/qpOcWt +P50tIb50XsENYKzWaOzu8cm2uI/iKybXFtCwXFFER0E+QH8sWwKCSOlviuCOojRw +znlqxllRlI8L3Vkyd1s7vK6O3aIax7kE6ULnxycKPBDp1hzNh79kQPV1zR7lV/tO ++FmhhgNCMuf/71d2yM4s7ezJhIKf4Wi37wu2xCwA4WKnWX4vn46jxn9bwpF4r2YG +uJNYKuM3xUAO5mvdr4aRGFDfHutyrYV6u4EGoX0bGVIjvVs2dEhvkkzneVtACmYq +lfpWiexyQc0342B2utmhEDIRFKmxacTRH0EJWIuDrrAN2Byq2GCJQZJdNCyh2Ikq +37qepkc9eaLiubWNsmz3e9YKO7WiJBeACZIGsqqmym8vJfJMlG7iyHXsEKFtFwLl +/1BsRqvcKMAh9uuXCWB5pWZ2x4GU1ZnE+OUJmffffZd+P2qDIAuf8aLORCS2F1Xh +fwrp+GJ2VnIQlZqoLHNmUaAbejrq8CRDlhXelX8o6OZgN0MuvA== +=C+9j +-----END PGP PUBLIC KEY BLOCK----- \ No newline at end of file diff --git a/patch.spec b/patch.spec new file mode 100644 index 0000000..7abe3f5 --- /dev/null +++ b/patch.spec @@ -0,0 +1,76 @@ +# +# spec file for package patch +# +# Copyright (c) 2024 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +Name: patch +Version: 2.7.6 +Release: 0 +Summary: GNU patch +License: GPL-3.0-or-later +Group: Productivity/Text/Utilities +URL: http://ftp.gnu.org/gnu/patch/ +Source: http://ftp.gnu.org/gnu/patch/%{name}-%{version}.tar.xz +Source2: http://ftp.gnu.org/gnu/patch/%{name}-%{version}.tar.xz.sig +# https://savannah.gnu.org/people/viewgpg.php?user_id=15000 +Source3: patch.keyring +Patch1: fix-segfault-mangled-rename.patch +Patch2: ed-style-01-missing-input-files.patch +Patch3: ed-style-02-fix-arbitrary-command-execution.patch +Patch4: ed-style-03-update-test-Makefile.patch +Patch5: ed-style-04-invoke-ed-directly.patch +Patch6: ed-style-05-minor-cleanups.patch +Patch7: ed-style-06-fix-test-failure.patch +Patch8: ed-style-07-dont-leak-tmp-file.patch +Patch9: ed-style-08-dont-leak-tmp-file-multi.patch +Patch10: fix-swapping-fake-lines-in-pch_swap.patch +Patch11: abort-when-cleaning-up-fails.patch +Patch12: dont-follow-symlinks-unless-asked.patch +Patch13: pass-the-correct-stat-to-backup-files.patch +Patch14: CVE-2019-20633.patch +# See bnc#662957. The fix for CVE-2010-4651 breaks the way interdiff was +# invoking patch, so interdiff had to be fixed too. +Conflicts: patchutils < 0.3.2 +BuildRequires: ed +%if 0%{?suse_version} < 1220 +BuildRequires: xz +%endif + +%description +The GNU patch program is used to apply diffs between original and +changed files (generated by the diff command) to the original files. + +%prep +%autosetup -p1 + +%build +export CFLAGS="%{optflags} -Wall -O2 -pipe" +%configure +make %{?_smp_mflags} + +%check +make %{?_smp_mflags} check + +%install +make install DESTDIR=%{buildroot} + +%files +%doc AUTHORS NEWS README +%license COPYING +%{_bindir}/patch +%{_mandir}/man1/patch.1%{ext_man} + +%changelog