Hello community,

here is the log from the commit of package bzip2 for openSUSE:Factory checked 
in at 2019-07-02 10:37:05
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/bzip2 (Old)
 and      /work/SRC/openSUSE:Factory/.bzip2.new.4615 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "bzip2"

Tue Jul  2 10:37:05 2019 rev:64 rq:712352 version:1.0.7

Changes:
--------
--- /work/SRC/openSUSE:Factory/bzip2/bzip2.changes      2019-04-26 
22:41:17.513740283 +0200
+++ /work/SRC/openSUSE:Factory/.bzip2.new.4615/bzip2.changes    2019-07-02 
10:37:07.882466364 +0200
@@ -1,0 +2,23 @@
+Fri Jun 28 07:42:24 UTC 2019 - Martin Pluskal <mplus...@suse.com>
+
+- Update bug reference
+- Fix downloaded patches
+
+-------------------------------------------------------------------
+Thu Jun 27 21:01:36 UTC 2019 - Bjørn Lie <bjorn....@gmail.com>
+
+- Update to version 1.0.7:
+  * Fix undefined behavior in the macros SET_BH, CLEAR_BH, &
+    ISSET_BH.
+  * bzip2: Fix return value when combining --test,-t and -q.
+  * bzip2recover: Fix buffer overflow for large argv[0].
+  * bzip2recover: Fix use after free issue with outFile
+    (CVE-2016-3189).
+  * Make sure nSelectors is not out of range (CVE-2019-12900
+    bsc#1139083)
+- Drop patches fixed upstream:
+  * bzip2-unsafe_strcpy.patch.
+  * bzip2-1.0.6-CVE-2016-3189.patch.
+- Refresh patches with quilt.
+
+-------------------------------------------------------------------

Old:
----
  bzip2-1.0.6-CVE-2016-3189.patch
  bzip2-1.0.6.tar.gz
  bzip2-unsafe_strcpy.patch

New:
----
  bzip2-1.0.7.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ bzip2.spec ++++++
--- /var/tmp/diff_new_pack.lePdUM/_old  2019-07-02 10:37:08.830467806 +0200
+++ /var/tmp/diff_new_pack.lePdUM/_new  2019-07-02 10:37:08.834467812 +0200
@@ -12,13 +12,13 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 
 
 %define libname libbz2-1
 Name:           bzip2
-Version:        1.0.6
+Version:        1.0.7
 Release:        0
 Summary:        A Program for Compressing Files
 License:        BSD-3-Clause
@@ -32,12 +32,10 @@
 # PATCH-FEATURE-OPENSUSE bzip2-1.0.6-autoconfiscated.patch sbra...@suse.cz -- 
Convert to a standard autoconf based package.
 Patch0:         
ftp://ftp.suse.com/pub/people/sbrabec/bzip2/for_downstream/bzip2-1.0.6.2-autoconfiscated.patch
 Patch1:         bzip2-1.0.6-fix-bashisms.patch
-Patch2:         bzip2-unsafe_strcpy.patch
 Patch3:         bzip2-point-to-doc-pkg.patch
 Patch4:         bzip2-ocloexec.patch
 # PATCH-FIX-UPSTREAM bnc#970260 kstreit...@suse.com -- fix a wrong exit code 
when grepping multiple archives
 Patch5:         bzip2-1.0.6-bzgrep_return_value.patch
-Patch6:         bzip2-1.0.6-CVE-2016-3189.patch
 BuildRequires:  autoconf >= 2.57
 BuildRequires:  libtool
 BuildRequires:  pkgconfig
@@ -77,11 +75,9 @@
 %setup -q
 %patch0
 %patch1 -p1
-%patch2
 %patch3 -p1
-%patch4
+%patch4 -p1
 %patch5 -p1
-%patch6 -p1
 
 %build
 autoreconf -fiv
@@ -91,7 +87,7 @@
 %if 0%{?do_profiling}
   make %{?_smp_mflags} CFLAGS="%{optflags} %{cflags_profile_generate}"
   make %{?_smp_mflags} CFLAGS="%{optflags} %{cflags_profile_generate}" test
-  make clean
+  make %{?_smp_mflags} clean
   make %{?_smp_mflags} CFLAGS="%{optflags} %{cflags_profile_feedback}"
 %else
   make %{?_smp_mflags} CFLAGS="%{optflags}"

++++++ bzip2-1.0.6-bzgrep_return_value.patch ++++++
--- /var/tmp/diff_new_pack.lePdUM/_old  2019-07-02 10:37:08.878467880 +0200
+++ /var/tmp/diff_new_pack.lePdUM/_new  2019-07-02 10:37:08.878467880 +0200
@@ -1,7 +1,7 @@
-Index: bzip2-1.0.6/bzgrep
+Index: bzip2-1.0.7/bzgrep
 ===================================================================
---- bzip2-1.0.6.orig/bzgrep
-+++ bzip2-1.0.6/bzgrep
+--- bzip2-1.0.7.orig/bzgrep    2019-06-27 23:10:21.375272508 +0200
++++ bzip2-1.0.7/bzgrep 2019-06-27 23:10:21.415272635 +0200
 @@ -65,8 +65,20 @@ for i do
    else
      j=$(echo "$i" | sed 's/\\/&&/g;s/|/\\&/g;s/&/\\&/g')

++++++ bzip2-1.0.6-fix-bashisms.patch ++++++
--- /var/tmp/diff_new_pack.lePdUM/_old  2019-07-02 10:37:08.890467898 +0200
+++ /var/tmp/diff_new_pack.lePdUM/_new  2019-07-02 10:37:08.890467898 +0200
@@ -1,6 +1,7 @@
-diff -Ndurp bzip2-1.0.6/bzgrep bzip2-1.0.6-fix-bashisms/bzgrep
---- bzip2-1.0.6/bzgrep 2007-01-03 04:00:55.000000000 +0200
-+++ bzip2-1.0.6-fix-bashisms/bzgrep    2014-10-19 02:07:30.036033876 +0300
+Index: bzip2-1.0.7/bzgrep
+===================================================================
+--- bzip2-1.0.7.orig/bzgrep    2019-06-27 20:15:39.000000000 +0200
++++ bzip2-1.0.7/bzgrep 2019-06-27 23:12:37.027916706 +0200
 @@ -63,9 +63,7 @@ for i do
      bzip2 -cdfq "$i" | $grep $opt "$pat"
      r=$?

++++++ bzip2-1.0.6.tar.gz -> bzip2-1.0.7.tar.gz ++++++
++++ 229142 lines of diff (skipped)

++++++ bzip2-ocloexec.patch ++++++
--- /var/tmp/diff_new_pack.lePdUM/_old  2019-07-02 10:37:09.306468531 +0200
+++ /var/tmp/diff_new_pack.lePdUM/_new  2019-07-02 10:37:09.306468531 +0200
@@ -1,5 +1,7 @@
---- bzlib.c.orig
-+++ bzlib.c
+Index: bzip2-1.0.7/bzlib.c
+===================================================================
+--- bzip2-1.0.7.orig/bzlib.c   2019-06-27 20:15:39.000000000 +0200
++++ bzip2-1.0.7/bzlib.c        2019-06-27 23:10:21.399272583 +0200
 @@ -1414,7 +1414,15 @@ BZFILE * bzopen_or_bzdopen
        }
        mode++;

++++++ bzip2-point-to-doc-pkg.patch ++++++
--- /var/tmp/diff_new_pack.lePdUM/_old  2019-07-02 10:37:09.314468543 +0200
+++ /var/tmp/diff_new_pack.lePdUM/_new  2019-07-02 10:37:09.314468543 +0200
@@ -1,7 +1,7 @@
-Index: bzip2-1.0.6/README
+Index: bzip2-1.0.7/README
 ===================================================================
---- bzip2-1.0.6.orig/README
-+++ bzip2-1.0.6/README
+--- bzip2-1.0.7.orig/README    2019-06-27 20:15:39.000000000 +0200
++++ bzip2-1.0.7/README 2019-06-27 23:10:21.387272546 +0200
 @@ -17,7 +17,8 @@ in the file LICENSE.
  
  Complete documentation is available in Postscript form (manual.ps),




Reply via email to