Hello community,
here is the log from the commit of package emacs for openSUSE:Factory checked
in at 2012-02-10 17:13:11
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/emacs (Old)
and /work/SRC/openSUSE:Factory/.emacs.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "emacs", Maintainer is "wer...@suse.com"
Changes:
--------
--- /work/SRC/openSUSE:Factory/emacs/emacs.changes 2011-12-27
18:34:59.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.emacs.new/emacs.changes 2012-02-10
17:13:16.000000000 +0100
@@ -1,0 +2,12 @@
+Tue Jan 10 14:53:41 UTC 2012 - wer...@suse.de
+
+- Port fix for CVE-2012-0035 to CEDET used for emacs 23.3 (bnc#740447)
+- Yet an other change of the tar ball to avoid intrinsic emacs GPL
+ violoation
+
+-------------------------------------------------------------------
+Tue Jan 3 18:01:19 CET 2012 - dmuel...@suse.de
+
+- rebuild for ppc64 and ia64 (bnc#726769)
+
+-------------------------------------------------------------------
Old:
----
emacs-23.3a.tar.bz2
New:
----
emacs-23.3-bnc740447.patch
emacs-23.3b.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ emacs.spec ++++++
--- /var/tmp/diff_new_pack.Cc0BwQ/_old 2012-02-10 17:13:28.000000000 +0100
+++ /var/tmp/diff_new_pack.Cc0BwQ/_new 2012-02-10 17:13:28.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package emacs
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -15,7 +15,6 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
-
Name: emacs
BuildRequires: alsa-devel
BuildRequires: autoconf
@@ -58,7 +57,7 @@
Summary: GNU Emacs Base Package
License: GPL-2.0+
Group: Productivity/Editors/Emacs
-Source: ftp://ftp.gnu.org/gnu/emacs/emacs-23.3a.tar.bz2
+Source: ftp://ftp.gnu.org/gnu/emacs/emacs-23.3b.tar.bz2
Source1: app-defaults.Emacs
Source2: site-lisp.tar.bz2
Source3: dot.gnu-emacs
@@ -82,6 +81,7 @@
Patch16: emacs-23.1-flyspell.patch
Patch18: emacs-sparc.diff
Patch22: emacs-23.1-bnc628268.patch
+Patch23: emacs-23.3-bnc740447.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%global bug_345669 0
%{expand: %%global _exec_prefix %(type -p pkg-config &>/dev/null && pkg-config
--variable prefix x11 || echo /usr/X11R6)}
@@ -110,6 +110,7 @@
Requires: emacs = %{version}-%{release}
Provides: emacs_program = %{version}-%{release}, emac_nox
Summary: GNU Emacs-nox: An Emacs Binary without X Window System Support
+Group: Productivity/Editors/Emacs
%description -n emacs-nox
Eight Megabytes And Constantly Swapping. Call it
@@ -126,6 +127,7 @@
Provides: emacs_program = %{version}-%{release} emacsbin
Provides: emacs:/usr/bin/emacs ge_exec:/usr/bin/emacs
Summary: GNU Emacs: Emacs binary with X Window System Support
+Group: Productivity/Editors/Emacs
%description -n emacs-x11
Call it
@@ -140,6 +142,7 @@
Requires: emacs = %{version}-%{release}
Provides: ge_lisp
Summary: Several Lisp Files for GNU Emacs
+Group: Productivity/Editors/Emacs
%if 0%{?suse_version} >= 1120
BuildArch: noarch
%endif
@@ -152,6 +155,7 @@
Obsoletes: ge_info elispman elisp-manual elispint emacs-lisp-intro
Provides: elispman elisp-manual elispint emacs-lisp-intro ge_info
Summary: Info files for GNU Emacs
+Group: Productivity/Editors/Emacs
PreReq: %install_info_prereq
%if 0%{?suse_version} >= 1120
BuildArch: noarch
@@ -185,6 +189,17 @@
install-mh -auto < /dev/null
fi
%patch22
+%patch23
+
+# make sure that the binaries work (pagesize on build must be the same as on
target, bnc#726769)
+%if %suse_version >= 1110
+%ifarch ppc ppc64 ia64
+%if %(getconf PAGESIZE) != 65536
+%error "Error: wrong build host, PAGESIZE must be 65536"
+exit 1
+%endif
+%endif
+%endif
%build
cflags ()
@@ -750,12 +765,13 @@
%doc %{_datadir}/emacs/%{version}/etc/grammars/README
%{_datadir}/emacs/%{version}/etc/grammars/bovine-grammar.el
%{_datadir}/emacs/%{version}/etc/grammars/c.by
-%{_datadir}/emacs/%{version}/etc/grammars/fixes.patch
+%{_datadir}/emacs/%{version}/etc/grammars/grammar.wy
%{_datadir}/emacs/%{version}/etc/grammars/java-tags.wy
%{_datadir}/emacs/%{version}/etc/grammars/js.wy
%{_datadir}/emacs/%{version}/etc/grammars/make.by
%{_datadir}/emacs/%{version}/etc/grammars/python.wy
%{_datadir}/emacs/%{version}/etc/grammars/scheme.by
+%{_datadir}/emacs/%{version}/etc/grammars/srecode-template.wy
%{_datadir}/emacs/%{version}/etc/grammars/wisent-grammar.el
%doc %{_datadir}/emacs/%{version}/etc/grep.txt
%dir %{_datadir}/emacs/%{version}/etc/images/
++++++ check-build.sh ++++++
--- /var/tmp/diff_new_pack.Cc0BwQ/_old 2012-02-10 17:13:28.000000000 +0100
+++ /var/tmp/diff_new_pack.Cc0BwQ/_new 2012-02-10 17:13:28.000000000 +0100
@@ -1,21 +1,20 @@
#!/bin/bash
-#
-# Avoid SLES10 systems using kernel 2.6.16
-#
-
-case "$(uname -i)" in
-*ppc*)
- read -t 10 name dummy version rest < /proc/version
- if test -z "$version" ; then
- echo "FATAL: can not read /proc/version" 1>&2
- exit 1
- fi
- OIFS="$IFS"
- IFS='.-'
- version=($version)
- IFS="$OIFS"
- if test ${version[0]} -lt 2 -o ${version[1]} -lt 6 -o ${version[2]} -lt 32
; then
- echo "FATAL: kernel too old, need kernel >= 2.6.32 for this package"
1>&2
- exit 1
- fi
+case $BUILD_BASENAME in
+ *ppc*)
+ if test $(getconf PAGESIZE) -ne 65536; then
+ echo "Error: wrong build host, PAGESIZE must be 65536"
+ exit 1
+ fi
+ ;;
+ *ia64*)
+ if test $(getconf PAGESIZE) -ne 65536; then
+ echo "Error: wrong build host, PAGESIZE must be 65536"
+ exit 1
+ fi
+ ;;
+ *)
+ ;;
esac
+
+exit 0
+
++++++ emacs-23.3-bnc740447.patch ++++++
BNC#740447 - VUL-0: CEDET/Emacs global-ede-mode file loading vulnerability
--- lisp/cedet/ede/auto.el
+++ lisp/cedet/ede/auto.el 2012-01-10 11:31:40.027645193 +0000
@@ -58,6 +58,13 @@ associated with a single object class, b
:initform t
:documentation
"Non-nil if this is an option when a user creates a project.")
+ (safe-p :initarg :safe-p
+ :initform t
+ :documentation
+ "Non-nil if the project load files are \"safe\".
+An unsafe project is one that loads project variables via Emacs
+Lisp code. A safe project is one that loads project variables by
+scanning files without loading Lisp code from them.")
)
"Class representing minimal knowledge set to run preliminary EDE functions.
When more advanced functionality is needed from a project type, that projects
@@ -69,13 +76,15 @@ type is required and the load function u
:name "Make" :file 'ede/proj
:proj-file "Project.ede"
:load-type 'ede-proj-load
- :class-sym 'ede-proj-project)
+ :class-sym 'ede-proj-project
+ :safe-p nil)
(ede-project-autoload "edeproject-automake"
:name "Automake" :file 'ede/proj
:proj-file "Project.ede"
:initializers '(:makefile-type Makefile.am)
:load-type 'ede-proj-load
- :class-sym 'ede-proj-project)
+ :class-sym 'ede-proj-project
+ :safe-p nil)
(ede-project-autoload "automake"
:name "automake" :file 'ede/project-am
:proj-file "Makefile.am"
@@ -84,6 +93,8 @@ type is required and the load function u
:new-p nil))
"List of vectors defining how to determine what type of projects exist.")
+(put 'ede-project-class-files 'risky-local-variable t)
+
;;; EDE project-autoload methods
;;
(defmethod ede-project-root ((this ede-project-autoload))
@@ -122,6 +133,19 @@ Return nil if the project file does not
(when (and f (file-exists-p f))
f)))
+(defmethod ede-auto-load-project ((this ede-project-autoload) dir)
+ "Load in the project associated with THIS project autoload description.
+THIS project description should be valid for DIR, where the project will
+be loaded."
+ ;; Last line of defense: don't load unsafe projects.
+ (when (not (or (oref this :safe-p)
+ (ede-directory-safe-p dir)))
+ (error "Attempt to load an unsafe project (bug elsewhere in EDE)"))
+ ;; Things are good - so load the project.
+ (let ((o (funcall (oref this load-type) dir)))
+ (when (not o)
+ (error "Project type error: :load-type failed to create a project"))
+ (ede-add-project-to-global-list o)))
(provide 'ede/auto)
--- lisp/cedet/ede/simple.el
+++ lisp/cedet/ede/simple.el 2012-01-10 11:28:14.131146968 +0000
@@ -50,7 +50,8 @@
:name "Simple" :file 'ede/simple
:proj-file 'ede-simple-projectfile-for-dir
:load-type 'ede-simple-load
- :class-sym 'ede-simple-project)
+ :class-sym 'ede-simple-project
+ :safe-p nil)
t)
(defcustom ede-simple-save-directory "~/.ede"
--- lisp/cedet/ede.el
+++ lisp/cedet/ede.el 2012-01-10 11:28:24.623644845 +0000
@@ -94,6 +94,42 @@ target willing to take the file. 'never
:group 'ede
:type 'sexp) ; make this be a list of options some day
+(defcustom ede-project-directories nil
+ "Directories in which EDE may search for project files.
+If the value is t, EDE may search in any directory.
+
+If the value is a function, EDE calls that function with one
+argument, the directory name; the function should return t iff
+EDE should look for project files in the directory.
+
+Otherwise, the value should be a list of fully-expanded directory
+names. EDE searches for project files only in those directories.
+If you invoke the commands \\[ede] or \\[ede-new] on a directory
+that is not listed, Emacs will offer to add it to the list.
+
+Any other value disables searching for EDE project files."
+ :group 'ede
+ :type '(choice (const :tag "Any directory" t)
+ (repeat :tag "List of directories"
+ (directory))
+ (function :tag "Predicate"))
+ :version "23.3"
+ :risky t)
+
+(defun ede-directory-safe-p (dir)
+ "Return non-nil if DIR is a safe directory to load projects from.
+Projects that do not load a project definition as Emacs Lisp code
+are safe, and can be loaded automatically. Other project types,
+such as those created with Project.ede files, are safe only if
+specified by `ede-project-directories'."
+ (setq dir (directory-file-name (expand-file-name dir)))
+ ;; Load only if allowed by `ede-project-directories'.
+ (or (eq ede-project-directories t)
+ (and (functionp ede-project-directories)
+ (funcall ede-project-directories dir))
+ (and (listp ede-project-directories)
+ (member dir ede-project-directories))))
+
�
;;; Management variables
@@ -419,24 +455,42 @@ provided `global-ede-mode' is enabled."
Sets buffer local variables for EDE."
(let* ((ROOT nil)
(proj (ede-directory-get-open-project default-directory
- 'ROOT)))
+ 'ROOT))
+ (projauto nil))
+
(when (or proj ROOT
- (ede-directory-project-p default-directory t))
+ ;; If there is no open project, look up the project
+ ;; autoloader to see if we should initialize.
+ (setq projauto (ede-directory-project-p default-directory t)))
+
+ (when (and (not proj) projauto)
+
+ ;; No project was loaded, but we have a project description
+ ;; object. This means that we can check if it is a safe
+ ;; project to load before requesting it to be loaded.
+
+ (when (or (oref projauto safe-p)
+ ;; The project style is not safe, so check if it is
+ ;; in `ede-project-directories'.
+ (let ((top (ede-toplevel-project default-directory)))
+ (ede-directory-safe-p top)))
- (when (not proj)
- ;; @todo - this could be wasteful.
- (setq proj (ede-load-project-file default-directory 'ROOT)))
+ ;; The project is safe, so load it in.
+ (setq proj (ede-load-project-file default-directory 'ROOT))))
- (setq ede-object (ede-buffer-object (current-buffer)
+ ;; Only initialize EDE state in this buffer if we found a project.
+ (when proj
+
+ (setq ede-object (ede-buffer-object (current-buffer)
'ede-object-project))
- (setq ede-object-root-project
- (or ROOT (ede-project-root ede-object-project)))
+ (setq ede-object-root-project
+ (or ROOT (ede-project-root ede-object-project)))
- (if (and (not ede-object) ede-object-project)
- (ede-auto-add-to-target))
+ (if (and (not ede-object) ede-object-project)
+ (ede-auto-add-to-target))
- (ede-apply-target-options))))
+ (ede-apply-target-options)))))
(defun ede-reset-all-buffers (onoff)
"Reset all the buffers due to change in EDE.
@@ -555,13 +609,73 @@ of objects with the `ede-want-file-p' me
�
;;; Interactive method invocations
;;
-(defun ede (file)
- "Start up EDE on something.
-Argument FILE is the file or directory to load a project from."
- (interactive "fProject File: ")
- (if (not (file-exists-p file))
- (ede-new file)
- (ede-load-project-file (file-name-directory file))))
+(defun ede (dir)
+ "Start up EDE for directory DIR.
+If DIR has an existing project file, load it.
+Otherwise, create a new project for DIR."
+ (interactive
+ ;; When choosing a directory to turn on, and we see some directory here,
+ ;; provide that as the default.
+ (let* ((top (ede-toplevel-project default-directory))
+ (promptdflt (or top default-directory)))
+ (list (read-directory-name "Project directory: "
+ promptdflt promptdflt t))))
+ (unless (file-directory-p dir)
+ (error "%s is not a directory" dir))
+ (when (ede-directory-get-open-project dir)
+ (error "%s already has an open project associated with it" dir))
+
+ ;; Check if the directory has been added to the list of safe
+ ;; directories. It can also add the directory to the safe list if
+ ;; the user chooses.
+ (if (ede-check-project-directory dir)
+ (progn
+ ;; If there is a project in DIR, load it, otherwise do
+ ;; nothing.
+ (ede-load-project-file dir)
+
+ ;; Check if we loaded anything on the previous line.
+ (if (ede-current-project dir)
+
+ ;; We successfully opened an existing project. Some open
+ ;; buffers may also be referring to this project.
+ ;; Resetting all the buffers will get them to also point
+ ;; at this new open project.
+ (ede-reset-all-buffers 1)
+
+ ;; ELSE
+ ;; There was no project, so switch to `ede-new' which is how
+ ;; a user can select a new kind of project to create.
+ (let ((default-directory (expand-file-name dir)))
+ (call-interactively 'ede-new))))
+
+ ;; If the proposed directory isn't safe, then say so.
+ (error "%s is not an allowed project directory in
`ede-project-directories'"
+ dir)))
+
+(defun ede-check-project-directory (dir)
+ "Check if DIR should be in `ede-project-directories'.
+If it is not, try asking the user if it should be added; if so,
+add it and save `ede-project-directories' via Customize.
+Return nil iff DIR should not be in `ede-project-directories'."
+ (setq dir (directory-file-name (expand-file-name dir))) ; strip trailing /
+ (or (eq ede-project-directories t)
+ (and (functionp ede-project-directories)
+ (funcall ede-project-directories dir))
+ ;; If `ede-project-directories' is a list, maybe add it.
+ (when (listp ede-project-directories)
+ (or (member dir ede-project-directories)
+ (when (y-or-n-p (format "`%s' is not listed in
`ede-project-directories'.
+Add it to the list of allowed project directories? "
+ dir))
+ (push dir ede-project-directories)
+ ;; If possible, save `ede-project-directories'.
+ (if (or custom-file user-init-file)
+ (let ((coding-system-for-read nil))
+ (customize-save-variable
+ 'ede-project-directories
+ ede-project-directories)))
+ t)))))
(defun ede-new (type &optional name)
"Create a new project starting of project type TYPE.
@@ -596,6 +710,11 @@ Optional argument NAME is the name to gi
(error "Cannot create project in non-existent directory %s"
default-directory))
(when (not (file-writable-p default-directory))
(error "No write permissions for %s" default-directory))
+ (unless (ede-check-project-directory default-directory)
+ (error "%s is not an allowed project directory in
`ede-project-directories'"
+ default-directory))
+ ;; Make sure the project directory is loadable in the future.
+ (ede-check-project-directory default-directory)
;; Create the project
(let* ((obj (object-assoc type 'name ede-project-class-files))
(nobj (let ((f (oref obj file))
@@ -629,6 +748,10 @@ Optional argument NAME is the name to gi
(ede-add-subproject pp nobj)
(ede-commit-project pp)))
(ede-commit-project nobj))
+ ;; Once the project is created, load it again. This used to happen
+ ;; lazily, but with project loading occurring less often and with
+ ;; security in mind, this is now the safe time to reload.
+ (ede-load-project-file default-directory)
;; Have the menu appear
(setq ede-minor-mode t)
;; Allert the user
@@ -651,11 +774,16 @@ ARGS are additional arguments to pass to
(defun ede-rescan-toplevel ()
"Rescan all project files."
(interactive)
- (let ((toppath (ede-toplevel-project default-directory))
- (ede-deep-rescan t))
- (project-rescan (ede-load-project-file toppath))
- (ede-reset-all-buffers 1)
- ))
+ (if (not (ede-directory-get-open-project default-directory))
+ ;; This directory isn't open. Can't rescan.
+ (error "Attempt to rescan a project that isn't open")
+
+ ;; Continue
+ (let ((toppath (ede-toplevel-project default-directory))
+ (ede-deep-rescan t))
+
+ (project-rescan (ede-load-project-file toppath))
+ (ede-reset-all-buffers 1))))
(defun ede-new-target (&rest args)
"Create a new target specific to this type of project file.
@@ -891,7 +1019,7 @@ Optional ROOTRETURN will return the root
;; Do the load
;;(message "EDE LOAD : %S" file)
(let* ((file dir)
- (path (expand-file-name (file-name-directory file)))
+ (path (file-name-as-directory (expand-file-name dir)))
(pfc (ede-directory-project-p path))
(toppath nil)
(o nil))
@@ -920,13 +1048,11 @@ Optional ROOTRETURN will return the root
;; See if it's been loaded before
(setq o (object-assoc (ede-dir-to-projectfile pfc toppath) 'file
ede-projects))
- (if (not o)
- ;; If not, get it now.
- (let ((ede-constructing pfc))
- (setq o (funcall (oref pfc load-type) toppath))
- (when (not o)
- (error "Project type error: :load-type failed to create a
project"))
- (ede-add-project-to-global-list o)))
+
+ ;; If not open yet, load it.
+ (unless o
+ (let ((ede-constructing pfc))
+ (setq o (ede-auto-load-project pfc toppath))))
;; Return the found root project.
(when rootreturn (set rootreturn o))
@@ -980,13 +1106,7 @@ Optional argument OBJ is an object to fi
(and root
(ede-find-subproject-for-directory root updir))
;; Try the all structure based search.
- (ede-directory-get-open-project updir)
- ;; Load up the project file as a last resort.
- ;; Last resort since it uses file-truename, and other
- ;; slow features.
- (and (ede-directory-project-p updir)
- (ede-load-project-file
- (file-name-as-directory updir))))))))))
+ (ede-directory-get-open-project updir))))))))
(defun ede-current-project (&optional dir)
"Return the current project file.
@@ -1000,11 +1120,7 @@ If optional DIR is provided, get the pro
;; No current project.
(when (not ans)
(let* ((ldir (or dir default-directory)))
- (setq ans (ede-directory-get-open-project ldir))
- (or ans
- ;; No open project, if this dir pass project-p, then load.
- (when (ede-directory-project-p ldir)
- (setq ans (ede-load-project-file ldir))))))
+ (setq ans (ede-directory-get-open-project ldir))))
;; Return what we found.
ans))
@@ -1059,12 +1175,13 @@ If TARGET belongs to a subproject, retur
"Return the project which is the parent of TARGET.
It is recommended you track the project a different way as this function
could become slow in time."
- ;; @todo - use ede-object-project as a starting point.
- (let ((ans nil) (projs ede-projects))
- (while (and (not ans) projs)
- (setq ans (ede-target-in-project-p (car projs) target)
- projs (cdr projs)))
- ans))
+ (or ede-object-project
+ ;; If not cached, derive it from the current directory of the target.
+ (let ((ans nil) (projs ede-projects))
+ (while (and (not ans) projs)
+ (setq ans (ede-target-in-project-p (car projs) target)
+ projs (cdr projs)))
+ ans)))
(defmethod ede-find-target ((proj ede-project) buffer)
"Fetch the target in PROJ belonging to BUFFER or nil."
++++++ emacs-23.3a.tar.bz2 -> emacs-23.3b.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/emacs/emacs-23.3a.tar.bz2
/work/SRC/openSUSE:Factory/.emacs.new/emacs-23.3b.tar.bz2 differ: char 11, line
1
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
