Hello community, here is the log from the commit of package tar for openSUSE:Factory checked in at 2019-03-27 16:13:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/tar (Old) and /work/SRC/openSUSE:Factory/.tar.new.25356 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tar" Wed Mar 27 16:13:23 2019 rev:65 rq:688152 version:1.31 Changes: -------- --- /work/SRC/openSUSE:Factory/tar/tar.changes 2018-05-16 11:21:17.300590630 +0200 +++ /work/SRC/openSUSE:Factory/.tar.new.25356/tar.changes 2019-03-27 16:13:25.399636637 +0100 @@ -1,0 +2,36 @@ +Fri Mar 15 13:47:43 UTC 2019 - Cristian RodrÃguez <[email protected]> + +- Remove libattr-devel from buildrequires, tar no longer uses + it but finds xattr functions in libc. + +------------------------------------------------------------------- +Thu Feb 14 12:20:29 UTC 2019 - [email protected] + +- update to version 1.31 + * Fix heap-buffer-overrun with --one-top-level, bug introduced + with the addition of that option in 1.28 + * Support for zstd compression + * New option '--zstd' instructs tar to use zstd as compression + program. When listing, extractng and comparing, zstd compressed + archives are recognized automatically. When '-a' option is in + effect, zstd compression is selected if the destination archive + name ends in '.zst' or '.tzst'. + * The -K option interacts properly with member names given in the + command line. Names of members to extract can be specified along + with the "-K NAME" option. In this case, tar will extract NAME + and those of named members that appear in the archive after it, + which is consistent with the semantics of the option. Previous + versions of tar extracted NAME, those of named members that + appeared before it, and everything after it. + * Fix CVE-2018-20482 - When creating archives with the --sparse + option, previous versions of tar would loop endlessly if a + sparse file had been truncated while being archived. +- remove the following patches (upstreamed) + * tar-1.30-tests-difflink.patch + * tar-1.30-tests_dirrem_race.patch +- refresh add_readme-tests.patch +- add tar-1.31-tests_dirrem.patch to fix expected output in dirrem + tests +- add tar-1.31-racy_compress_tests.patch to fix compression tests + +------------------------------------------------------------------- Old: ---- tar-1.30-tests-difflink.patch tar-1.30-tests_dirrem_race.patch tar-1.30.tar.bz2 tar-1.30.tar.bz2.sig New: ---- tar-1.31-racy_compress_tests.patch tar-1.31-tests_dirrem.patch tar-1.31.tar.bz2 tar-1.31.tar.bz2.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tar.spec ++++++ --- /var/tmp/diff_new_pack.z4w4mK/_old 2019-03-27 16:13:27.627636069 +0100 +++ /var/tmp/diff_new_pack.z4w4mK/_new 2019-03-27 16:13:27.659636061 +0100 @@ -1,7 +1,7 @@ # # spec file for package tar # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,14 +12,14 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # # For correct subpackages docs installation into tar doc directory %global _docdir_fmt %{name} Name: tar -Version: 1.30 +Version: 1.31 Release: 0 Summary: GNU implementation of ((t)ape (ar)chiver) License: GPL-3.0-or-later @@ -40,13 +40,10 @@ #https://bugzilla.opensuse.org/show_bug.cgi?id=918487 Patch4: %{name}-recursive--files-from.patch Patch5: add_readme-tests.patch -# PATCH-FIX-UPSTREAM [email protected] -- fix difflink.at test -Patch6: tar-1.30-tests-difflink.patch -# PATCH-FIX-UPSTREAM [email protected] -- fix race in dirrem01 and dirrem02 tests -Patch7: tar-1.30-tests_dirrem_race.patch +Patch6: tar-1.31-tests_dirrem.patch +Patch7: tar-1.31-racy_compress_tests.patch BuildRequires: automake BuildRequires: libacl-devel -BuildRequires: libattr-devel BuildRequires: libselinux-devel Requires(pre): info Recommends: %{name}-lang = %{version} ++++++ add_readme-tests.patch ++++++ --- /var/tmp/diff_new_pack.z4w4mK/_old 2019-03-27 16:13:27.951635986 +0100 +++ /var/tmp/diff_new_pack.z4w4mK/_new 2019-03-27 16:13:27.979635979 +0100 @@ -1,18 +1,20 @@ -diff -ruN a/Makefile.in b/Makefile.in ---- a/Makefile.in 2017-12-22 20:14:53.900579664 -0500 -+++ b/Makefile.in 2017-12-22 20:21:21.363943130 -0500 -@@ -122,7 +122,7 @@ - POST_UNINSTALL = : - build_triplet = @build@ - host_triplet = @host@ --DIST_COMMON = $(srcdir)/Make.rules INSTALL NEWS README AUTHORS \ -+DIST_COMMON = $(srcdir)/Make.rules INSTALL NEWS README README-tests AUTHORS \ - ChangeLog THANKS $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ - $(top_srcdir)/configure $(am__configure_deps) \ - $(srcdir)/config.h.in ABOUT-NLS COPYING TODO build-aux/ar-lib \ -diff -ruN a/README-tests b/README-tests ---- a/README-tests 1969-12-31 19:00:00.000000000 -0500 -+++ b/README-tests 2017-12-22 20:21:59.706691355 -0500 +Index: tar-1.31/Makefile.in +=================================================================== +--- tar-1.31.orig/Makefile.in ++++ tar-1.31/Makefile.in +@@ -341,7 +341,7 @@ am__DIST_COMMON = $(srcdir)/Make.rules $ + $(top_srcdir)/build-aux/config.sub \ + $(top_srcdir)/build-aux/install-sh \ + $(top_srcdir)/build-aux/missing ABOUT-NLS AUTHORS COPYING \ +- ChangeLog INSTALL NEWS README THANKS TODO build-aux/compile \ ++ ChangeLog INSTALL NEWS README README-tests THANKS TODO build-aux/compile \ + build-aux/config.guess build-aux/config.rpath \ + build-aux/config.sub build-aux/depcomp build-aux/install-sh \ + build-aux/mdate-sh build-aux/missing build-aux/texinfo.tex \ +Index: tar-1.31/README-tests +=================================================================== +--- /dev/null ++++ tar-1.31/README-tests @@ -0,0 +1,22 @@ +Subpackage tar-tests +==================== ++++++ tar-1.31-racy_compress_tests.patch ++++++ >From 9af3ae33108e5a1d281d75d29938fe8c6ffcd218 Mon Sep 17 00:00:00 2001 From: Sergey Poznyakoff <[email protected]> Date: Mon, 14 Jan 2019 18:08:21 +0200 Subject: [PATCH] Fix compression tests Existing compression tests used tar with compiled-in defaults. However, some of the defaults are sure to create archives that are not byte-to-byte reproducible (e.g. DEFAULT_ARCHIVE_FORMAT=POSIX, because the name field in posix extended headers uses PID of the creating process by default). Moreover, some compressors (e.g. gzip) store current timestamp in the file header when compressing from stdin, so that using cmp on the two created archives as the tests did is error-prone. Another problem is that the tests implicitly assumed that tar uses archive suffix to recognize its format when extracting, which isn't the case. Finally, there's hardly any reason in using sed to create m4 sources, when everything can be achieved by m4 itself. * tests/Makefile.am: Remove generation of compress-*.at files. * tests/compress.at.in: Remove. * tests/compress.m4: New file. * tests/testsuite.at: Include compress.m4, use TAR_CHECK_COMPRESS to check compression options. --- tests/Makefile.am | 45 ++--------------------------- tests/compress.at.in | 67 -------------------------------------------- tests/compress.m4 | 56 ++++++++++++++++++++++++++++++++++++ tests/testsuite.at | 13 +++++---- 4 files changed, 65 insertions(+), 116 deletions(-) delete mode 100644 tests/compress.at.in create mode 100644 tests/compress.m4 diff --git a/tests/Makefile.am b/tests/Makefile.am index 4750acb..a29f626 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -19,7 +19,7 @@ EXTRA_DIST = $(TESTSUITE_AT) \ testsuite package.m4 star/README star/quicktest.sh \ - compress.at.in + compress.m4 DISTCLEANFILES = atconfig $(check_SCRIPTS) MAINTAINERCLEANFILES = Makefile.in $(TESTSUITE) @@ -47,6 +47,7 @@ $(srcdir)/package.m4: $(top_srcdir)/configure.ac TESTSUITE_AT = \ testsuite.at\ + compress.m4\ T-cd.at\ T-dir00.at\ T-dir01.at\ @@ -70,12 +71,6 @@ TESTSUITE_AT = \ chtype.at\ comprec.at\ comperr.at\ - compress-zstd.at\ - compress-xz.at\ - compress-bzip2.at\ - compress-gzip.at\ - compress-lzip.at\ - compress-lzop.at\ delete01.at\ delete02.at\ delete03.at\ @@ -277,42 +272,6 @@ TESTSUITE_AT = \ selacl01.at\ capabs_raw01.at -CLEANFILES += compress-zstd.at -compress-zstd.at: compress.at.in - $(AM_V_GEN)rm -rf $@ $@-t - $(AM_V_at)sed 's/@tool@/zstd/g;s/@suff@/zst/g;s/@suff2@/tzst/g;' \ - $(srcdir)/compress.at.in > $@-t && chmod a-w $@-t && mv $@-t $@ - -CLEANFILES += compress-gzip.at -compress-gzip.at: compress.at.in - $(AM_V_GEN)rm -rf $@ $@-t - $(AM_V_at)sed 's/@tool@/gzip/g;s/@suff@/gz/g;s/@suff2@/tgz/g;' \ - $(srcdir)/compress.at.in > $@-t && chmod a-w $@-t && mv $@-t $@ - -CLEANFILES += compress-xz.at -compress-xz.at: compress.at.in - $(AM_V_GEN)rm -rf $@ $@-t - $(AM_V_at)sed 's/@tool@/xz/g;s/@suff@/xz/g;s/@suff2@/txz/g;' \ - $(srcdir)/compress.at.in > $@-t && chmod a-w $@-t && mv $@-t $@ - -CLEANFILES += compress-bzip2.at -compress-bzip2.at: compress.at.in - $(AM_V_GEN)rm -rf $@ $@-t - $(AM_V_at)sed 's/@tool@/bzip2/g;s/@suff@/bz2/g;s/@suff2@/tbz2/g;' \ - $(srcdir)/compress.at.in > $@-t && chmod a-w $@-t && mv $@-t $@ - -CLEANFILES += compress-lzip.at -compress-lzip.at: compress.at.in - $(AM_V_GEN)rm -rf $@ $@-t - $(AM_V_at)sed 's/@tool@/lzip/g;s/@suff@/lz/g;s/@suff2@//g;' \ - $(srcdir)/compress.at.in > $@-t && chmod a-w $@-t && mv $@-t $@ - -CLEANFILES += compress-lzop.at -compress-lzop.at: compress.at.in - $(AM_V_GEN)rm -rf $@ $@-t - $(AM_V_at)sed 's/@tool@/lzop/g;s/@suff@/lzo/g;s/@suff2@//g;' \ - $(srcdir)/compress.at.in > $@-t && chmod a-w $@-t && mv $@-t $@ - distclean-local: -rm -rf download diff --git a/tests/compress.at.in b/tests/compress.at.in deleted file mode 100644 index 91a6af2..0000000 --- a/tests/compress.at.in +++ /dev/null @@ -1,67 +0,0 @@ -# Process this file with autom4te to create testsuite. -*- Autotest -*- - -# Test suite for GNU tar. -# Copyright 2018-2019 Free Software Foundation, Inc. - -# This file is part of GNU tar. - -# GNU tar is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 3 of the License, or -# (at your option) any later version. - -# GNU tar is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. - -# tar can create/decompress @tool@-compressed tarballs - -AT_SETUP([compress: @tool@]) -AT_KEYWORDS([compression @tool@]) - -unset TAR_OPTIONS - -AT_CHECK([ -AT_GZIP_PREREQ([@tool@]) - -touch empty -# Create with --@tool@: -tar --@tool@ -cf - empty 2>err > k.tar.@suff@ || exit 1 -test -s err && exit 1 -tar tf k.tar.@suff@ 2>err > out || exit 1 -test "$(cat out)" = empty || exit 1 -test -s err && exit 1 - -# Ensure -ac works with an -f-specified .@suff@-suffixed name. -tar -acf k2.tar.@suff@ empty 2>err > out || exit 1 -cmp k2.tar.@suff@ k.tar.@suff@ || exit 1 -test -s err && exit 1 - -# Extraction: ensure the .@suff@ suffix is recognized. -rm -f empty || exit 1 -tar xf k.tar.@suff@ 2>err > out || exit 1 -test -s err && exit 1 -test -f empty || exit 1 - -if test -n '@suff2@'; then - # Extraction: ensure the .@suff2@ suffix is also recognized. - mv k.tar.@suff@ k.@suff2@ || exit 1 - rm -f empty - tar xf k.@suff2@ 2>err > out || exit 1 - test -s err && exit 1 - test -f empty || exit 1 -else - : -fi - -], -[0], -[], -[], -[],[]) - -AT_CLEANUP diff --git a/tests/compress.m4 b/tests/compress.m4 new file mode 100644 index 0000000..1f22632 --- /dev/null +++ b/tests/compress.m4 @@ -0,0 +1,56 @@ +# This file is part of GNU tar testsuite. -*- Autotest -*- +# Copyright 2018-2019 Free Software Foundation, Inc. +# +# GNU tar is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# GNU tar is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +dnl TAR_CHECK_COMPRESS(TOOL, SUF[, SUF2]) +dnl Tests whether tar can create archives using TOOL (i.e. using the --TOOL +dnl command line option). SUF and optional SUF2 are suffixes for created +dnl archives (without leading dot). Tar should be able to use TOOL to +dnl automatically decompress archives with names ending on these suffixes. +m4_define([TAR_CHECK_COMPRESS], +[AT_SETUP([compress: $1]) +AT_KEYWORDS([compression compress-$1 $1]) + +AT_CHECK([ +AT_GZIP_PREREQ($1) +unset TAR_OPTIONS + +touch empty +set -e +: create with --$1 +tar --$1 -cf k.tar.$2 empty +tar tf k.tar.$2 + +m4_foreach([SUF], m4_quote(m4_shift($@)), +[ +echo testing .SUF +tar -acf k2.tar.SUF empty +cat k2.tar.SUF | $1 -d > k.SUF.tar +tar tf k.SUF.tar +]) + +# Extraction: ensure compressed format is correctly recognized +rm -f empty +tar xf k.tar.$2 +test -f empty +], +[0], +[empty +m4_foreach([SUF],m4_quote(m4_shift($@)),[testing .SUF +empty +])]) + +AT_CLEANUP +]) diff --git a/tests/testsuite.at b/tests/testsuite.at index f751bcf..ce25c96 100644 --- a/tests/testsuite.at +++ b/tests/testsuite.at @@ -217,13 +217,14 @@ m4_include([opcomp05.at]) m4_include([opcomp06.at]) AT_BANNER([Compression]) -m4_include([compress-gzip.at]) -m4_include([compress-bzip2.at]) -m4_include([compress-xz.at]) +m4_include([compress.m4]) +TAR_CHECK_COMPRESS(gzip, gz, tgz) +TAR_CHECK_COMPRESS(bzip2, bz2, tbz2) +TAR_CHECK_COMPRESS(xz, xz, txz) dnl: omit lzma, because it would fail due to magic number mismatch -m4_include([compress-lzip.at]) -m4_include([compress-lzop.at]) -m4_include([compress-zstd.at]) +TAR_CHECK_COMPRESS(lzip, lz) +TAR_CHECK_COMPRESS(lzop, lzo) +TAR_CHECK_COMPRESS(zstd, zst, tzst) AT_BANNER([Positional options]) m4_include([positional01.at]) -- 2.20.1 ++++++ tar-1.30-tests_dirrem_race.patch -> tar-1.31-tests_dirrem.patch ++++++ --- /work/SRC/openSUSE:Factory/tar/tar-1.30-tests_dirrem_race.patch 2018-05-16 11:21:17.136596585 +0200 +++ /work/SRC/openSUSE:Factory/.tar.new.25356/tar-1.31-tests_dirrem.patch 2019-03-27 16:13:24.631636833 +0100 @@ -1,90 +1,81 @@ -From 64b43fdf70d82c39eb2ca900cd4f8e49b86c2020 Mon Sep 17 00:00:00 2001 -From: Pavel Raiskup <[email protected]> -Date: Thu, 4 Jan 2018 18:55:12 +0100 -Subject: tests: fix race in dirrem01 and dirrem02 +From f86722c34c92f265bc9a20cb171d2fcfeab7d341 Mon Sep 17 00:00:00 2001 +From: Sergey Poznyakoff <[email protected]> +Date: Mon, 14 Jan 2019 12:26:59 +0200 +Subject: [PATCH] Fix expected output in dirrem tests. + +In both tests, the "file changed as we read it" warning might be +produced for dir/sub, depending on the ctime resolution and timing. +The problem was fixed by 64b43fdf70d82c39eb2ca900cd4f8e49, but regressed +after e7cd377f7801d42aa8e07addff93d2150666c237, which removed 1 second +delays between each pair of checkpoints. Since the presense or absense +of this warning is irrelevant for the test, it is now suppressed. -Previously the '--checkpoint-action=echo' was triggered after -'--checkpoint-action=sleep=1' - so the order of events *usually* -was (for --format='gnu'): - - ... - 1. checkpoint handler before write of 'dir/sub' member - 2. one-second delay - 3. stderr write: 'tar: Write checkpoint 3' - 4. write the member 'dir/sub' into the archive - 5. check that the member's ctime has not been changed - 6. genfile's detecting 'Write checkpoint', doing unlink - ... - -But sometimes, the genfile was fast enough to win the race and -unlinked the directory before the member was written into the -archive (IOW, the order was 1-2-3-6-4-5). This led to the -occasional warning 'tar: dir/sub: file changed as we read it'. - -Swap the order of 'sleep=1' and 'echo' actions so the genfile -utility has (hopefully) enough time to do the unlink before -writing the file into the archive (enforce 1-2-3-6-4-5 order). - -* tests/dirrem01.at: Swap 'sleep=1' and 'echo' actions. +* tests/dirrem01.at: Suppress the file-changed warning. * tests/dirrem02.at: Likewise. --- - tests/dirrem01.at | 5 +++-- - tests/dirrem02.at | 7 ++++--- - 2 files changed, 7 insertions(+), 5 deletions(-) + tests/dirrem01.at | 15 ++++++++++----- + tests/dirrem02.at | 5 +++-- + 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/tests/dirrem01.at b/tests/dirrem01.at -index 40344dc..dabc206 100644 +index 0a9c9e5..24bf392 100644 --- a/tests/dirrem01.at +++ b/tests/dirrem01.at -@@ -47,14 +47,15 @@ gnu) CPT=3;; - esac +@@ -27,9 +27,13 @@ + # it prints a warning and exits with TAREXIT_DIFFERS. + # + # This test checks whether this behaviour is mimicked for directories, too. +- +-# Remark: This file is based on 'filerem01.at', which is the test-case for +-# a vanishing file. ++# ++# Notes: ++# 1. This file is based on 'filerem01.at', which is the test-case for ++# a vanishing file. ++# 2. Depending on the stat.st_ctime resolution, the "file changed as we ++# read it" warning might be issued for dir/sub. The test takes care to ++# suppress it. + + AT_SETUP([directory removed before reading]) + AT_KEYWORDS([create incremental listed dirchange dirrem dirrem01]) +@@ -48,13 +52,14 @@ esac genfile --run --checkpoint=$CPT --unlink dir/sub/file2 --unlink dir/sub -- \ -- tar --blocking-factor=1 --checkpoint=1 --checkpoint-action='sleep=1' \ -- --checkpoint-action='echo' -c -f archive.tar \ -+ tar --blocking-factor=1 --checkpoint=1 --checkpoint-action='echo' \ -+ --checkpoint-action='sleep=1' -c -f archive.tar \ - --listed-incremental db -v dir >/dev/null + tar --blocking-factor=1 -c -f archive.tar \ +- --listed-incremental db -v dir >/dev/null ++ --listed-incremental db \ ++ --warning=no-file-changed \ ++ -v dir >/dev/null ], [1], [ignore], [tar: dir: Directory is new tar: dir/sub: Directory is new -+tar: dir/sub: file changed as we read it +-tar: dir/sub: file changed as we read it tar: dir/sub: File removed before we read it ],[],[],[gnu,posix]) diff --git a/tests/dirrem02.at b/tests/dirrem02.at -index e1cf9ef..924454f 100644 +index c314484..3c63bbe 100644 --- a/tests/dirrem02.at +++ b/tests/dirrem02.at -@@ -20,7 +20,7 @@ - - # Description: - # --# When an explicitley named directory disappears during creation -+# When an explicitly named directory disappears during creation - # of incremental dump, tar should still exit with TAREXIT_FAILURE (2). - # - # For further details see dirrem01.at -@@ -44,14 +44,15 @@ gnu) CPT=3;; - esac +@@ -45,13 +45,14 @@ esac genfile --run --checkpoint=$CPT --unlink dir/sub/file2 --unlink dir/sub -- \ -- tar --blocking-factor=1 --checkpoint=1 --checkpoint-action='sleep=1' \ -- --checkpoint-action='echo' -c -f archive.tar \ -+ tar --blocking-factor=1 --checkpoint=1 --checkpoint-action='echo' \ -+ --checkpoint-action='sleep=1' -c -f archive.tar \ - --listed-incremental db -v dir dir/sub >/dev/null + tar --blocking-factor=1 -c -f archive.tar \ +- --listed-incremental db -v dir dir/sub >/dev/null ++ --listed-incremental db \ ++ --warning=no-file-changed \ ++ -v dir dir/sub >/dev/null ], [2], [ignore], [tar: dir: Directory is new tar: dir/sub: Directory is new -+tar: dir/sub: file changed as we read it +-tar: dir/sub: file changed as we read it tar: dir/sub: Cannot open: No such file or directory tar: Exiting with failure status due to previous errors ],[],[],[gnu,posix]) -- -cgit v1.0-41-gc330 +2.20.1 ++++++ tar-1.30.tar.bz2 -> tar-1.31.tar.bz2 ++++++ ++++ 156049 lines of diff (skipped)
