Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package cpio for openSUSE:Factory checked in at 2023-07-12 17:26:43 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/cpio (Old) and /work/SRC/openSUSE:Factory/.cpio.new.8922 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cpio" Wed Jul 12 17:26:43 2023 rev:65 rq:1097980 version:2.14 Changes: -------- --- /work/SRC/openSUSE:Factory/cpio/cpio.changes 2023-01-07 17:15:48.512757867 +0100 +++ /work/SRC/openSUSE:Factory/.cpio.new.8922/cpio.changes 2023-07-12 17:26:56.614351760 +0200 @@ -1,0 +2,34 @@ +Mon Jul 10 14:52:48 UTC 2023 - Danilo Spinella <[email protected]> + +- Backport upstream fix for --no-absolute-filenames --make-directories + * fix-operation-no-absolute-filenames.patch + +------------------------------------------------------------------- +Fri Jun 23 13:02:55 UTC 2023 - Danilo Spinella <[email protected]> + +- Update to 2.14: + * New option --ignore-dirnlink + Valid in copy-out mode, it instructs cpio to ignore the actual number of + links reported for each directory member and always store 2 instead. + * Changes in --reproducible option + The --reproducible option implies --ignore-dirlink. In other words, it is + equivalent to --ignore-devno --ignore-dirnlink --renumber-inodes. + * Use GNU ls algorithm for deciding timestamp format in -tv mode + * Fix cpio header verification. + * Fix handling of device numbers on copy out. + * Fix calculation of CRC in copy-out mode. + * Rewrite the fix for CVE-2015-1197. + * Fix combination of --create --append --directory. + * Fix appending to archives bigger than 2G. +- Refresh patches: + * cpio-open_nonblock.patch + * cpio-dev_number.patch + * cpio-default_tape_dev.patch + * cpio-pattern-file-sigsegv.patch +- Remove patches: + * cpio-revert-CVE-2015-1197-fix.patch + * fix-CVE-2021-38185.patch + * fix-CVE-2021-38185_2.patch + * fix-CVE-2021-38185_3.patch + +------------------------------------------------------------------- Old: ---- cpio-2.13.tar.bz2 cpio-2.13.tar.bz2.sig cpio-revert-CVE-2015-1197-fix.patch fix-CVE-2021-38185.patch fix-CVE-2021-38185_2.patch fix-CVE-2021-38185_3.patch New: ---- cpio-2.14.tar.bz2 cpio-2.14.tar.bz2.sig fix-operation-no-absolute-filenames.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cpio.spec ++++++ --- /var/tmp/diff_new_pack.DMY3DS/_old 2023-07-12 17:26:57.822358803 +0200 +++ /var/tmp/diff_new_pack.DMY3DS/_new 2023-07-12 17:26:57.826358826 +0200 @@ -17,7 +17,7 @@ Name: cpio -Version: 2.13 +Version: 2.14 Release: 0 Summary: A Backup and Archiving Utility License: GPL-3.0-only @@ -40,15 +40,10 @@ Patch20: cpio-close_files_after_copy.patch Patch21: cpio-pattern-file-sigsegv.patch Patch23: paxutils-rtapelib_mtget.patch -# see https://lists.gnu.org/archive/html/bug-cpio/2019-11/msg00016.html -Patch24: cpio-revert-CVE-2015-1197-fix.patch Patch25: cpio-fix_truncation_check.patch -# PATCH-FIX-UPSTREAM [email protected] bsc#1189206 -# Remote code execution caused by an integer overflow in ds_fgetstr -Patch26: fix-CVE-2021-38185.patch -Patch27: fix-CVE-2021-38185_2.patch -Patch28: fix-CVE-2021-38185_3.patch -BuildRequires: autoconf +# PATCH-FIX-UPSTREAM +Patch26: fix-operation-no-absolute-filenames.patch +BuildRequires: autoconf >= 2.71 BuildRequires: automake #Requires(post): %{xinstall_info_prereq} #Requires(preun): %{xinstall_info_prereq} @@ -87,11 +82,8 @@ ### %patch21 -p1 %patch23 -p1 -%patch24 -p1 %patch25 -p1 %patch26 -p1 -%patch27 -p1 -%patch28 -p1 %build gettextize -f --no-changelog ++++++ cpio-2.13.tar.bz2 -> cpio-2.14.tar.bz2 ++++++ ++++ 226391 lines of diff (skipped) ++++++ cpio-close_files_after_copy.patch ++++++ --- /var/tmp/diff_new_pack.DMY3DS/_old 2023-07-12 17:26:59.314367500 +0200 +++ /var/tmp/diff_new_pack.DMY3DS/_new 2023-07-12 17:26:59.314367500 +0200 @@ -5,7 +5,7 @@ @@ -1420,6 +1420,19 @@ process_copy_in () cpio_file_stat_free (&file_hdr); - + + if (tty_in) + { + fclose(tty_in); ++++++ cpio-default_tape_dev.patch ++++++ --- /var/tmp/diff_new_pack.DMY3DS/_old 2023-07-12 17:26:59.326367570 +0200 +++ /var/tmp/diff_new_pack.DMY3DS/_new 2023-07-12 17:26:59.330367593 +0200 @@ -2,7 +2,7 @@ =================================================================== --- src/mt.c.orig +++ src/mt.c -@@ -225,11 +225,18 @@ parse_opt (int key, char *arg, struct ar +@@ -224,11 +224,18 @@ parse_opt (int key, char *arg, struct ar { tapedev = getenv ("TAPE"); if (tapedev == NULL) @@ -25,5 +25,5 @@ + tapedev = DEFSUSETAPE; } break; - + ++++++ cpio-dev_number.patch ++++++ --- /var/tmp/diff_new_pack.DMY3DS/_old 2023-07-12 17:26:59.342367663 +0200 +++ /var/tmp/diff_new_pack.DMY3DS/_new 2023-07-12 17:26:59.346367687 +0200 @@ -2,7 +2,7 @@ =================================================================== --- src/copyin.c.orig +++ src/copyin.c -@@ -1123,15 +1123,15 @@ read_in_binary (struct cpio_file_stat *f +@@ -1287,15 +1287,15 @@ read_in_binary (struct cpio_file_stat *f swab_array ((char *) short_hdr, 13); } @@ -20,6 +20,6 @@ + file_hdr->c_rdev_maj = major ((unsigned short)short_hdr->c_rdev); + file_hdr->c_rdev_min = minor ((unsigned short)short_hdr->c_rdev); file_hdr->c_mtime = (unsigned long) short_hdr->c_mtimes[0] << 16 - | short_hdr->c_mtimes[1]; + | short_hdr->c_mtimes[1]; file_hdr->c_filesize = (unsigned long) short_hdr->c_filesizes[0] << 16 ++++++ cpio-open_nonblock.patch ++++++ --- /var/tmp/diff_new_pack.DMY3DS/_old 2023-07-12 17:26:59.358367756 +0200 +++ /var/tmp/diff_new_pack.DMY3DS/_new 2023-07-12 17:26:59.362367779 +0200 @@ -30,7 +30,7 @@ =================================================================== --- src/mt.c.orig +++ src/mt.c -@@ -333,11 +333,11 @@ main (int argc, char **argv) +@@ -332,11 +332,11 @@ main (int argc, char **argv) #ifdef MTERASE case MTERASE: #endif @@ -42,13 +42,13 @@ - tapedesc = rmtopen (tapedev, O_RDONLY, 0, rsh_command_option); + tapedesc = rmtopen (tapedev, O_RDONLY | O_NONBLOCK, 0, rsh_command_option); } - + if (tapedesc == -1) Index: src/util.c =================================================================== --- src/util.c.orig +++ src/util.c -@@ -801,14 +801,14 @@ open_archive (char *file) +@@ -799,14 +799,14 @@ open_archive (char *file) copy_in = process_copy_in; if (copy_function == copy_in) ++++++ cpio-pattern-file-sigsegv.patch ++++++ --- /var/tmp/diff_new_pack.DMY3DS/_old 2023-07-12 17:26:59.374367850 +0200 +++ /var/tmp/diff_new_pack.DMY3DS/_new 2023-07-12 17:26:59.378367873 +0200 @@ -1,8 +1,8 @@ -Index: cpio-2.13/src/copyin.c +Index: cpio-2.14/src/copyin.c =================================================================== ---- cpio-2.13.orig/src/copyin.c -+++ cpio-2.13/src/copyin.c -@@ -798,6 +798,8 @@ read_pattern_file () +--- cpio-2.14.orig/src/copyin.c ++++ cpio-2.14/src/copyin.c +@@ -949,6 +949,8 @@ read_pattern_file (void) pattern_fp = fopen (pattern_file_name, "r"); if (pattern_fp == NULL) open_fatal (pattern_file_name); @@ -10,9 +10,9 @@ + { while (ds_fgetstr (pattern_fp, &pattern_name, '\n') != NULL) { - if (new_num_patterns >= max_new_patterns) -@@ -812,6 +814,7 @@ read_pattern_file () - } + if (new_num_patterns == max_new_patterns) +@@ -963,6 +965,7 @@ read_pattern_file (void) + if (ferror (pattern_fp) || fclose (pattern_fp) == EOF) close_error (pattern_file_name); + } ++++++ fix-operation-no-absolute-filenames.patch ++++++ >From e3cc782c610729de7622a274e532817c18262a9d Mon Sep 17 00:00:00 2001 From: Sergey Poznyakoff <[email protected]> Date: Thu, 18 May 2023 09:00:12 +0300 Subject: Fix operation of --no-absolute-filenames --make-directories * src/copyin.c (symlink_placeholder): Try to create leading directories if unable to create placeholder. --- src/copyin.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/copyin.c b/src/copyin.c index 1e4921f..08df12c 100644 --- a/src/copyin.c +++ b/src/copyin.c @@ -668,6 +668,12 @@ symlink_placeholder (char *oldpath, char *newpath, struct cpio_file_stat *file_s struct delayed_link *p; size_t newlen = strlen (newpath); + if (fd < 0 && create_dir_flag) + { + create_all_directories (newpath); + fd = open (newpath, O_WRONLY | O_CREAT | O_EXCL, 0); + } + if (fd < 0) { open_error (newpath); -- cgit v1.1
