Accepting request 1067037 from home:dspinella:branches:Base:System

* bsc1202436-2.patch * go-testsuite-test-hang.patch OBS-URL: https://build.opensuse.org/request/show/1067037 OBS-URL: https://build.opensuse.org/package/show/Base:System/tar?expand=0&rev=121
2023-02-23 14:09:58 +00:00 · 2023-02-23 14:09:58 +00:00 · 3a08e2884b
commit 3a08e2884b
parent 87aff9e33b
3 changed files with 21 additions and 5 deletions
--- a/bsc1202436.patch
+++ b/bsc1202436.patch
@ -0,0 +1,14 @@
+diff --git a/src/extract.c b/src/extract.c
+index 37ab2956..b70b6c2f 100644
+--- a/src/extract.c
+++ b/src/extract.c
+@@ -854,6 +854,9 @@ maybe_recoverable (char *file_name, bool regular, bool *interdir_made)
+     case EEXIST:
+       /* Remove an old file, if the options allow this.  */
+ 
+      if (strlen(file_name) == 1 && *file_name == '.')
+          return RECOVER_NO;
+
+       switch (old_files_option)
+ 	{
+ 	case SKIP_OLD_FILES:
--- a/tar.changes
+++ b/tar.changes
@ -6,9 +6,9 @@ Tue Feb 14 11:07:40 UTC 2023 - Danilo Spinella <danilo.spinella@suse.com>
  (CVE-2022-48303, bsc#1207753)
  * fix-CVE-2022-48303.patch
 - Fix hang when unpacking test tarball, bsc#1202436
-  * remove bsc1202436.patch
-  * bsc1202436-1.patch
  * bsc1202436-1.patch
+  * bsc1202436-2.patch
+  * go-testsuite-test-hang.patch

 -------------------------------------------------------------------
 Tue Dec 27 13:22:21 UTC 2022 - Ludwig Nussel <lnussel@suse.com>
--- a/tar.spec
+++ b/tar.spec
@ -51,12 +51,13 @@ Patch11:        tar-fix-extract-unlink.patch
 # PATCH-FIX-SUSE danilo.spinella@suse.com bsc#1202436
 Patch12:        go-testsuite-test-hang.patch
 # PATCH-FIX-UPSTREAM danilo.spinella@suse.com bsc#1202436
-Patch13:        bsc1202436-1.patch
-Patch14:        bsc1202436-2.patch
+Patch13:        bsc1202436.patch
+Patch14:        bsc1202436-1.patch
+Patch15:        bsc1202436-2.patch
 # PATCH-FIX-UPSTREAM danilo.spinella@suse.com bsc#1207753
 # tar has a one-byte out-of-bounds read that results in use of
 # uninitialized memory for a conditional jump
-Patch15:        fix-CVE-2022-48303.patch
+Patch16:        fix-CVE-2022-48303.patch
 BuildRequires:  automake >= 1.15
 BuildRequires:  libacl-devel
 BuildRequires:  libselinux-devel
@ -136,6 +137,7 @@ it may as well access remote devices or files.
 %patch13 -p1
 %patch14 -p1
 %patch15 -p1
+%patch16 -p1
 cp %{S:3} tests

 %build