This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 3.x development tree".
The branch, master has been updated via 5447802fdc59ea866d6287d82e0f6920443c2816 (commit) from 0038068c61ce274ca414b29020f3314a0247bb64 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 5447802fdc59ea866d6287d82e0f6920443c2816 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Sep 12 19:39:13 2012 +0200
patch: Update to 2.7.
-----------------------------------------------------------------------
Summary of changes: patch/patch.nm | 8 +- patch/patches/patch-2.5.4-sigsegv.patch | 42 ----- patch/patches/patch-2.6.1-CVE-2010-4651.patch | 164 ------------------- patch/patches/patch-2.6.1-backup-if-mismatch.patch | 31 ---- patch/patches/patch-2.6.1-get-arg.patch | 12 -- patch/patches/patch-selinux.patch | 171 -------------------- 6 files changed, 5 insertions(+), 423 deletions(-) delete mode 100644 patch/patches/patch-2.5.4-sigsegv.patch delete mode 100644 patch/patches/patch-2.6.1-CVE-2010-4651.patch delete mode 100644 patch/patches/patch-2.6.1-backup-if-mismatch.patch delete mode 100644 patch/patches/patch-2.6.1-get-arg.patch delete mode 100644 patch/patches/patch-selinux.patch
Difference in files: diff --git a/patch/patch.nm b/patch/patch.nm index 1dfa927..48b6687 100644 --- a/patch/patch.nm +++ b/patch/patch.nm @@ -4,8 +4,8 @@ ###############################################################################
name = patch -version = 2.6.1 -release = 3 +version = 2.7 +release = 1
groups = Development/Tools url = http://www.gnu.org/software/patch/patch.html @@ -20,10 +20,12 @@ description diff file to add the changes to their original file. end
-source_dl = +source_dl = ftp://ftp.gnu.org/gnu/patch/ +sources = %{thisapp}.tar.xz
build requires + attr-devel ed libselinux-devel pkg-config diff --git a/patch/patches/patch-2.5.4-sigsegv.patch b/patch/patches/patch-2.5.4-sigsegv.patch deleted file mode 100644 index c018153..0000000 --- a/patch/patches/patch-2.5.4-sigsegv.patch +++ /dev/null @@ -1,42 +0,0 @@ -diff -up patch-2.6/src/inp.c.sigsegv patch-2.6/src/inp.c ---- patch-2.6/src/inp.c.sigsegv 2009-11-02 19:09:57.000000000 +0000 -+++ patch-2.6/src/inp.c 2009-11-16 09:31:52.305022200 +0000 -@@ -77,6 +77,14 @@ re_input (void) - } - } - -+void -+reset_scan_input_vars() -+{ -+ using_plan_a = 1; -+ i_buffer = NULL; -+ i_ptr = NULL; -+} -+ - /* Construct the line index, somehow or other. */ - - void -diff -up patch-2.6/src/inp.h.sigsegv patch-2.6/src/inp.h ---- patch-2.6/src/inp.h.sigsegv 2009-11-02 19:09:57.000000000 +0000 -+++ patch-2.6/src/inp.h 2009-11-16 09:32:24.440021838 +0000 -@@ -24,4 +24,5 @@ XTERN LINENUM input_lines; /* how long - char const *ifetch (LINENUM, bool, size_t *); - void get_input_file (char const *, char const *); - void re_input (void); -+void reset_scan_input_vars (void); - void scan_input (char *); -diff -up patch-2.6/src/patch.c.sigsegv patch-2.6/src/patch.c ---- patch-2.6/src/patch.c.sigsegv 2009-11-02 19:09:57.000000000 +0000 -+++ patch-2.6/src/patch.c 2009-11-16 09:31:52.306021801 +0000 -@@ -210,7 +210,10 @@ main (int argc, char **argv) - - /* find out where all the lines are */ - if (!skip_rest_of_patch) -- scan_input (inname); -+ scan_input (inname); -+ else -+ reset_scan_input_vars (); -+ - - /* from here on, open no standard i/o files, because malloc */ - /* might misfire and we can't catch it easily */ diff --git a/patch/patches/patch-2.6.1-CVE-2010-4651.patch b/patch/patches/patch-2.6.1-CVE-2010-4651.patch deleted file mode 100644 index 3f2de6a..0000000 --- a/patch/patches/patch-2.6.1-CVE-2010-4651.patch +++ /dev/null @@ -1,164 +0,0 @@ -diff -up patch-2.6.1/Makefile.in.CVE-2010-4651 patch-2.6.1/Makefile.in ---- patch-2.6.1/Makefile.in.CVE-2010-4651 2009-12-30 12:56:30.000000000 +0000 -+++ patch-2.6.1/Makefile.in 2011-02-10 12:29:32.926361705 +0000 -@@ -192,6 +192,7 @@ installcheck:: - TESTS = \ - tests/asymmetric-hunks \ - tests/backup-prefix-suffix \ -+ tests/bad-filenames \ - tests/corrupt-reject-files \ - tests/create-delete \ - tests/crlf-handling \ -diff -up patch-2.6.1/src/common.h.CVE-2010-4651 patch-2.6.1/src/common.h ---- patch-2.6.1/src/common.h.CVE-2010-4651 2011-02-10 12:30:29.142797627 +0000 -+++ patch-2.6.1/src/common.h 2011-02-10 12:30:33.566989729 +0000 -@@ -169,6 +169,7 @@ XTERN char *revision; /* prerequisite - #endif - - void fatal_exit (int) __attribute__ ((noreturn)); -+void validate_target_name (char const *n); - - #include <errno.h> - #if !STDC_HEADERS && !defined errno -diff -up patch-2.6.1/src/patch.c.CVE-2010-4651 patch-2.6.1/src/patch.c ---- patch-2.6.1/src/patch.c.CVE-2010-4651 2011-02-10 12:30:20.721432124 +0000 -+++ patch-2.6.1/src/patch.c 2011-02-10 12:30:33.567989772 +0000 -@@ -34,6 +34,7 @@ - #include <util.h> - #include <version.h> - #include <xalloc.h> -+#include <dirname.h> - - /* procedures */ - -@@ -916,6 +917,26 @@ numeric_string (char const *string, - return value; - } - -+void -+validate_target_name (char const *n) -+{ -+ char const *p = n; -+ if (explicit_inname) -+ return; -+ if (IS_ABSOLUTE_FILE_NAME (p)) -+ fatal ("rejecting absolute target file name: %s", quotearg (p)); -+ while (*p) -+ { -+ if (*p == '.' && *++p == '.' && ( ! *++p || ISSLASH (*p))) -+ fatal ("rejecting target file name with ".." component: %s", -+ quotearg (n)); -+ while (*p && ! ISSLASH (*p)) -+ p++; -+ while (ISSLASH (*p)) -+ p++; -+ } -+} -+ - /* Attempt to find the right place to apply this hunk of patch. */ - - static LINENUM -diff -up patch-2.6.1/src/pch.c.CVE-2010-4651 patch-2.6.1/src/pch.c ---- patch-2.6.1/src/pch.c.CVE-2010-4651 2009-12-30 12:56:30.000000000 +0000 -+++ patch-2.6.1/src/pch.c 2011-02-10 12:30:33.573990033 +0000 -@@ -3,7 +3,7 @@ - /* Copyright (C) 1986, 1987, 1988 Larry Wall - - Copyright (C) 1990, 1991, 1992, 1993, 1997, 1998, 1999, 2000, 2001, -- 2002, 2003, 2006, 2009 Free Software Foundation, Inc. -+ 2002, 2003, 2006, 2009, 2011 Free Software Foundation, Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by -@@ -199,6 +199,8 @@ maybe_reverse (char const *name, bool no - { - bool looks_reversed = (! is_empty) < p_says_nonexistent[reverse ^ is_empty]; - -+ validate_target_name (name); -+ - if (looks_reversed) - reverse ^= - ok_to_reverse ("The next patch%s would %s the file %s,\nwhich %s!", -@@ -725,6 +727,7 @@ intuit_diff_type (bool need_header) - inerrno = stat_errno[i]; - invc = version_controlled[i]; - instat = st[i]; -+ validate_target_name (inname); - } - - return retval; -diff -up patch-2.6.1/tests/bad-filenames.CVE-2010-4651 patch-2.6.1/tests/bad-filenames ---- patch-2.6.1/tests/bad-filenames.CVE-2010-4651 2011-02-10 12:29:32.931361921 +0000 -+++ patch-2.6.1/tests/bad-filenames 2011-02-10 12:30:33.576990163 +0000 -@@ -0,0 +1,71 @@ -+# Copyright (C) 2011 Free Software Foundation, Inc. -+# -+# Copying and distribution of this file, with or without modification, -+# in any medium, are permitted without royalty provided the copyright -+# notice and this notice are preserved. -+ -+. $srcdir/test-lib.sh -+ -+use_local_patch -+use_tmpdir -+ -+# ================================================================ -+ -+emit_2() -+{ -+cat <<EOF -+--- $1 -++++ $2 -+@@ -0,0 +1 @@ -++x -+EOF -+} -+ -+emit_patch() { emit_2 /dev/null "$1"; } -+ -+# Ensure that patch rejects an output file name that is absolute -+# or that contains a ".." component. -+ -+check 'emit_patch /absolute/path | patch -p0; echo status: $?' <<EOF -+$PATCH: **** rejecting absolute target file name: /absolute/path -+status: 2 -+EOF -+ -+check 'emit_patch a/../z | patch -p0; echo status: $?' <<EOF -+$PATCH: **** rejecting target file name with ".." component: a/../z -+status: 2 -+EOF -+ -+check 'emit_patch a/../z | patch -p1; echo status: $?' <<EOF -+$PATCH: **** rejecting target file name with ".." component: ../z -+status: 2 -+EOF -+ -+check 'emit_patch a/.. | patch -p0; echo status: $?' <<EOF -+$PATCH: **** rejecting target file name with ".." component: a/.. -+status: 2 -+EOF -+ -+check 'emit_patch ../z | patch -p0; echo status: $?' <<EOF -+$PATCH: **** rejecting target file name with ".." component: ../z -+status: 2 -+EOF -+ -+check 'emit_2 /abs/path target | patch -p0; echo status: $?' <<EOF -+patching file target -+status: 0 -+EOF -+ -+echo x > target -+check 'emit_2 /abs/path target | patch -R -p0; echo status: $?' <<EOF -+patching file target -+status: 0 -+EOF -+ -+# Do not validate any file name from the input when the target -+# is specified on the command line: -+touch abs -+check 'emit_patch /absolute/path | patch `pwd`/abs; echo status: $?' <<EOF -+patching file `pwd`/abs -+status: 0 -+EOF diff --git a/patch/patches/patch-2.6.1-backup-if-mismatch.patch b/patch/patches/patch-2.6.1-backup-if-mismatch.patch deleted file mode 100644 index 0ad0986..0000000 --- a/patch/patches/patch-2.6.1-backup-if-mismatch.patch +++ /dev/null @@ -1,31 +0,0 @@ -diff -up patch-2.6.1/src/patch.c.backup-if-mismatch patch-2.6.1/src/patch.c ---- patch-2.6.1/src/patch.c.backup-if-mismatch 2011-02-16 16:43:54.575850844 +0000 -+++ patch-2.6.1/src/patch.c 2011-02-16 16:44:56.907995789 +0000 -@@ -106,6 +106,7 @@ main (int argc, char **argv) - char numbuf[LINENUM_LENGTH_BOUND + 1]; - bool written_to_rejname = false; - bool apply_empty_patch = false; -+ bool posixly_correct_set; - - exit_failure = 2; - program_name = argv[0]; -@@ -125,7 +126,7 @@ main (int argc, char **argv) - i < 0 ? shell_quoting_style : (enum quoting_style) i); - } - -- posixly_correct = getenv ("POSIXLY_CORRECT") != 0; -+ posixly_correct_set = posixly_correct = getenv ("POSIXLY_CORRECT") != 0; - backup_if_mismatch = ! posixly_correct; - patch_get = ((val = getenv ("PATCH_GET")) - ? numeric_string (val, true, "PATCH_GET value") -@@ -151,6 +152,10 @@ main (int argc, char **argv) - Argv = argv; - get_some_switches(); - -+ /* Let --posix cause --no-backup-if-mismatch. */ -+ if (! posixly_correct_set && posixly_correct && backup_if_mismatch) -+ backup_if_mismatch = false; -+ - if (make_backups | backup_if_mismatch) - backup_type = get_version (version_control_context, version_control); - diff --git a/patch/patches/patch-2.6.1-get-arg.patch b/patch/patches/patch-2.6.1-get-arg.patch deleted file mode 100644 index 45f3bc8..0000000 --- a/patch/patches/patch-2.6.1-get-arg.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up patch-2.6.1/src/patch.c.get-arg patch-2.6.1/src/patch.c ---- patch-2.6.1/src/patch.c.get-arg 2010-07-27 18:05:26.217150510 +0100 -+++ patch-2.6.1/src/patch.c 2010-07-27 18:05:47.464150892 +0100 -@@ -558,7 +558,7 @@ static struct option const longopts[] = - {"remove-empty-files", no_argument, NULL, 'E'}, - {"force", no_argument, NULL, 'f'}, - {"fuzz", required_argument, NULL, 'F'}, -- {"get", no_argument, NULL, 'g'}, -+ {"get", required_argument, NULL, 'g'}, - {"input", required_argument, NULL, 'i'}, - {"ignore-whitespace", no_argument, NULL, 'l'}, - #ifdef ENABLE_MERGE diff --git a/patch/patches/patch-selinux.patch b/patch/patches/patch-selinux.patch deleted file mode 100644 index 904539c..0000000 --- a/patch/patches/patch-selinux.patch +++ /dev/null @@ -1,171 +0,0 @@ -diff -up patch-2.6.1/Makefile.in.selinux patch-2.6.1/Makefile.in ---- patch-2.6.1/Makefile.in.selinux 2011-02-08 11:29:34.590271489 +0000 -+++ patch-2.6.1/Makefile.in 2011-02-08 11:29:34.602271607 +0000 -@@ -40,7 +40,7 @@ EXEEXT = @EXEEXT@ - LDFLAGS = @LDFLAGS@ - LIBOBJDIR = gl/lib/ - LIBOBJS = @LIBOBJS@ ${LIBOBJDIR}full-write$U.o --LIBS = @LIBS@ -+LIBS = @LIBS@ -lselinux - OBJEXT = @OBJEXT@ - PACKAGE_NAME = @PACKAGE_NAME@ - PACKAGE_VERSION = @PACKAGE_VERSION@ -diff -up patch-2.6.1/src/common.h.selinux patch-2.6.1/src/common.h ---- patch-2.6.1/src/common.h.selinux 2009-12-30 12:56:30.000000000 +0000 -+++ patch-2.6.1/src/common.h 2011-02-08 11:29:34.602271607 +0000 -@@ -32,6 +32,8 @@ - #include <sys/types.h> - #include <time.h> - -+#include <selinux/selinux.h> -+ - #include <sys/stat.h> - #if ! defined S_ISDIR && defined S_IFDIR - # define S_ISDIR(m) (((m) & S_IFMT) == S_IFDIR) -@@ -118,6 +120,7 @@ XTERN char *outfile; - XTERN int inerrno; - XTERN int invc; - XTERN struct stat instat; -+XTERN security_context_t incontext; - XTERN bool dry_run; - XTERN bool posixly_correct; - -diff -up patch-2.6.1/src/inp.c.selinux patch-2.6.1/src/inp.c ---- patch-2.6.1/src/inp.c.selinux 2011-02-08 11:29:34.576271352 +0000 -+++ patch-2.6.1/src/inp.c 2011-02-08 11:29:34.604271627 +0000 -@@ -152,8 +152,18 @@ get_input_file (char const *filename, ch - char *diffbuf; - char *getbuf; - -- if (inerrno == -1) -- inerrno = stat (filename, &instat) == 0 ? 0 : errno; -+ inerrno = stat (filename, &instat) == 0 ? 0 : errno; -+ if (inerrno == 0) -+ { -+ inerrno = getfilecon (inname, &incontext) == -1 ? errno : 0; -+ if (inerrno == ENODATA || inerrno == ENOTSUP) -+ { -+ inerrno = 0; -+ incontext = NULL; -+ } -+ } -+ else -+ incontext = NULL; - - /* Perhaps look for RCS or SCCS versions. */ - if (patch_get -@@ -197,7 +207,7 @@ get_input_file (char const *filename, ch - } - - if (cs && version_get (filename, cs, ! inerrno, elsewhere, getbuf, -- &instat)) -+ &instat, &incontext)) - inerrno = 0; - - free (getbuf); -@@ -209,6 +219,7 @@ get_input_file (char const *filename, ch - { - instat.st_mode = S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH; - instat.st_size = 0; -+ incontext = NULL; - } - else if (! S_ISREG (instat.st_mode)) - fatal ("File %s is not a regular file -- can't patch", -diff -up patch-2.6.1/src/patch.c.selinux patch-2.6.1/src/patch.c ---- patch-2.6.1/src/patch.c.selinux 2011-02-08 11:29:34.586271450 +0000 -+++ patch-2.6.1/src/patch.c 2011-02-08 11:29:34.606271646 +0000 -@@ -421,6 +421,21 @@ main (int argc, char **argv) - /* Fails if we are not in group instat.st_gid. */ - chown (outname, -1, instat.st_gid); - } -+ -+ if (! inerrno && incontext) -+ { -+ security_context_t outcontext; -+ if (getfilecon (outname, &outcontext) != -1 && -+ outcontext && -+ strcmp(outcontext, incontext) && -+ setfilecon (outname, incontext) != 0) -+ { -+ if (errno != ENOTSUP && errno != EPERM) -+ pfatal ("Can't set security context " -+ "on file %s", quotearg (outname)); -+ } -+ } -+ - /* FIXME: There may be other attributes to preserve. */ - } - } -diff -up patch-2.6.1/src/pch.c.selinux patch-2.6.1/src/pch.c ---- patch-2.6.1/src/pch.c.selinux 2011-02-08 11:29:34.591271499 +0000 -+++ patch-2.6.1/src/pch.c 2011-02-08 11:30:08.810621570 +0000 -@@ -307,7 +307,12 @@ there_is_another_patch (bool need_header - inname[t - buf - 1] = 0; - if (stat (inname, &instat) == 0) - { -- inerrno = 0; -+ inerrno = getfilecon (inname, &incontext) == -1 ? errno : 0; -+ if (inerrno == ENODATA || inerrno == ENOTSUP) -+ { -+ inerrno = 0; -+ incontext = NULL; -+ } - invc = -1; - } - else -@@ -681,7 +686,7 @@ intuit_diff_type (bool need_header) - if (cs) - { - if (version_get (p_name[i], cs, false, readonly, -- getbuf, &st[i])) -+ getbuf, &st[i], NULL)) - stat_errno[i] = 0; - else - version_controlled[i] = 0; -@@ -746,6 +751,7 @@ intuit_diff_type (bool need_header) - invc = version_controlled[i]; - instat = st[i]; - validate_target_name (inname); -+ getfilecon (inname, &incontext); - } - - return retval; -diff -up patch-2.6.1/src/util.c.selinux patch-2.6.1/src/util.c ---- patch-2.6.1/src/util.c.selinux 2009-11-02 19:09:57.000000000 +0000 -+++ patch-2.6.1/src/util.c 2011-02-08 11:29:34.613271715 +0000 -@@ -574,7 +574,8 @@ version_controller (char const *filename - Return true if successful. */ - bool - version_get (char const *filename, char const *cs, bool exists, bool readonly, -- char const *getbuf, struct stat *filestat) -+ char const *getbuf, struct stat *filestat, -+ security_context_t *filecontext) - { - if (patch_get < 0) - { -@@ -599,6 +600,13 @@ version_get (char const *filename, char - fatal ("Can't get file %s from %s", quotearg (filename), cs); - if (stat (filename, filestat) != 0) - pfatal ("%s", quotearg (filename)); -+ if (filecontext && getfilecon (filename, filecontext) == -1) -+ { -+ if (errno == ENODATA || errno == ENOTSUP) -+ *filecontext = NULL; -+ else -+ pfatal ("%s", quotearg (filename)); -+ } - } - - return 1; -diff -up patch-2.6.1/src/util.h.selinux patch-2.6.1/src/util.h ---- patch-2.6.1/src/util.h.selinux 2009-11-02 19:09:57.000000000 +0000 -+++ patch-2.6.1/src/util.h 2011-02-08 11:29:34.614271726 +0000 -@@ -51,7 +51,7 @@ char *fetchname (char *, int, char **, t - char *savebuf (char const *, size_t); - char *savestr (char const *); - char const *version_controller (char const *, bool, struct stat const *, char **, char **); --bool version_get (char const *, char const *, bool, bool, char const *, struct stat *); -+bool version_get (char const *, char const *, bool, bool, char const *, struct stat *, security_context_t *); - int create_file (char const *, int, mode_t, bool); - int systemic (char const *); - char *format_linenum (char[LINENUM_LENGTH_BOUND + 1], LINENUM);
hooks/post-receive -- IPFire 3.x development tree