Hello community, here is the log from the commit of package popt for openSUSE:Factory checked in at 2020-08-21 19:02:14 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/popt (Old) and /work/SRC/openSUSE:Factory/.popt.new.3399 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "popt" Fri Aug 21 19:02:14 2020 rev:37 rq:826912 version:1.18 Changes: -------- --- /work/SRC/openSUSE:Factory/popt/popt.changes 2020-02-21 16:40:23.593797500 +0100 +++ /work/SRC/openSUSE:Factory/.popt.new.3399/popt.changes 2020-08-21 19:02:34.824299284 +0200 @@ -1,0 +2,15 @@ +Fri Jun 26 15:22:02 UTC 2020 - Callum Farmer <[email protected]> + +- Update to version 1.18: + * fix an ugly and ancient security issue with popt failing to drop privileges on alias exec from a SUID/SGID program + * perform rudimentary sanity checks when reading in popt config files + * collect accumulated misc fixes (memleaks etc) from distros + * convert translations to utf-8 encoding + * convert old postscript documentation to pdf + * dust off ten years worth of autotools sediment + * reorganize and clean up the source tree for clarity + * remove the obnoxious splint annotations from the sources +- popt-alignment-checks.patch removed: contained in upstream +- popt-libc-updates.patch changed: to be compatible with new version. + +------------------------------------------------------------------- Old: ---- popt-1.16.tar.gz popt-alignment-checks.patch New: ---- popt-1.18.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ popt.spec ++++++ --- /var/tmp/diff_new_pack.sD9Y1W/_old 2020-08-21 19:02:36.324300175 +0200 +++ /var/tmp/diff_new_pack.sD9Y1W/_new 2020-08-21 19:02:36.328300177 +0200 @@ -17,7 +17,7 @@ Name: popt -Version: 1.16 +Version: 1.18 Release: 0 #!BuildIgnore: rpmlint-Factory Summary: A C library for parsing command line parameters @@ -26,13 +26,12 @@ URL: http://www.rpm.org/ #CVS-Clone: -d :pserver:[email protected]:/cvs co popt -Source: http://ftp.rpm.org/mirror/popt/popt-%{version}.tar.gz +Source: http://ftp.rpm.org/popt/releases/popt-1.x/popt-%{version}.tar.gz Source2: baselibs.conf +Patch: popt-libc-updates.patch BuildRequires: libtool BuildRequires: pkgconfig BuildRoot: %{_tmppath}/%{name}-%{version}-build -Patch0: popt-libc-updates.patch -Patch1: popt-alignment-checks.patch %description Popt is a C library for parsing command line parameters. Popt was @@ -70,23 +69,17 @@ API documentation of the popt library, too. %prep -%setup -q -%patch0 -%patch1 -p1 +%autosetup -p1 %build autoreconf -fiv %configure --disable-static -make %{?_smp_mflags} +%make_build %install -make install DESTDIR="%buildroot" +%make_install rm %{buildroot}%{_libdir}/libpopt.la -%if "%{_libdir}" != "%{_prefix}/lib" -install -d -m755 %{buildroot}/%{_libdir}/pkgconfig -mv %{buildroot}%{_prefix}/lib/pkgconfig/%{name}.pc %{buildroot}/%{_libdir}/pkgconfig/%{name}.pc -%endif %find_lang %{name} ++++++ popt-1.16.tar.gz -> popt-1.18.tar.gz ++++++ ++++ 95562 lines of diff (skipped) ++++++ popt-libc-updates.patch ++++++ --- /var/tmp/diff_new_pack.sD9Y1W/_old 2020-08-21 19:02:36.580300327 +0200 +++ /var/tmp/diff_new_pack.sD9Y1W/_new 2020-08-21 19:02:36.584300330 +0200 @@ -1,114 +1,43 @@ Index: configure.ac =================================================================== ---- configure.ac.orig -+++ configure.ac -@@ -21,7 +21,7 @@ AC_SUBST(LT_AGE, 8) - ALL_LINGUAS="cs da de eo es fi fr ga gl hu id is it ja ko lv nb nl pl pt ro ru sk sl sv th tr uk vi wa zh_TW zh_CN" - +--- a/configure.ac ++++ b/configure.ac +@@ -9,7 +9,6 @@ + AM_INIT_AUTOMAKE([1.10 foreign -Wall]) + AC_PROG_CC_STDC -AC_PROG_CC -+AC_USE_SYSTEM_EXTENSIONS - - AC_PROG_INSTALL - AC_PROG_LIBTOOL -@@ -40,13 +40,12 @@ else - fi - AC_SUBST(TARGET) - --CFLAGS="$CFLAGS -D_GNU_SOURCE -D_REENTRANT" -+CFLAGS="$CFLAGS -D_REENTRANT" - - AC_GCC_TRADITIONAL - AC_SYS_LARGEFILE - - AC_ISC_POSIX --AM_C_PROTOTYPES - - AC_CHECK_HEADERS(float.h fnmatch.h glob.h langinfo.h libintl.h mcheck.h unistd.h) - -@@ -82,7 +81,7 @@ AC_ARG_ENABLE(build-gcov, - AC_CHECK_FUNC(setreuid, [], [ - AC_CHECK_LIB(ucb, setreuid, [if echo $LIBS | grep -- -lucb >/dev/null ;then :; else LIBS="$LIBS -lc -lucb" USEUCB=y;fi]) - ]) --AC_CHECK_FUNCS(getuid geteuid iconv mtrace __secure_getenv setregid stpcpy strerror vasprintf srandom) -+AC_CHECK_FUNCS(getuid geteuid iconv mtrace __secure_getenv secure_getenv setregid stpcpy strerror vasprintf srandom) - - AM_GNU_GETTEXT([external]) - AM_ICONV_LINK -Index: system.h -=================================================================== ---- system.h.orig -+++ system.h -@@ -1,10 +1,9 @@ - /** + AC_USE_SYSTEM_EXTENSIONS + AM_PROG_AR + +Index: src/system.h +=================================================================== +--- a/src/system.h ++++ b/src/system.h +@@ -2,9 +2,7 @@ * \file popt/system.h */ -+#pragma once - + -#ifdef HAVE_CONFIG_H #include "config.h" -#endif - - #if defined (__GLIBC__) && defined(__LCLINT__) - /*@-declundef@*/ -@@ -42,6 +41,7 @@ extern __const __int32_t *__ctype_touppe - #include <libc.h> - #endif - -+#pragma GCC visibility push(hidden) - /*@-incondefs@*/ - /*@mayexit@*/ /*@only@*/ /*@out@*/ /*@unused@*/ - void * xmalloc (size_t size) -@@ -77,6 +77,8 @@ static inline char * stpcpy (char *dest, - } + + #include <ctype.h> + +@@ -57,6 +55,8 @@ + #define getenv(_s) secure_getenv(_s) + #elif defined(HAVE___SECURE_GETENV) + #define getenv(_s) __secure_getenv(_s) ++#else ++#error neither secure_getenv nor __secure_getenv is available #endif - -+#pragma GCC visibility pop -+ - /* Memory allocation via macro defs to get meaningful locations from mtrace() */ - #if defined(HAVE_MCHECK_H) && defined(__GNUC__) - #define vmefail() (fprintf(stderr, "virtual memory exhausted.\n"), exit(EXIT_FAILURE), NULL) -@@ -91,8 +93,12 @@ static inline char * stpcpy (char *dest, - #define xstrdup(_str) strdup(_str) - #endif /* defined(HAVE_MCHECK_H) && defined(__GNUC__) */ - --#if defined(HAVE___SECURE_GETENV) && !defined(__LCLINT__) --#define getenv(_s) __secure_getenv(_s) -+#ifndef HAVE_SECURE_GETENV -+# ifdef HAVE___SECURE_GETENV -+# define secure_getenv __secure_getenv -+# else -+# error neither secure_getenv nor __secure_getenv is available -+# endif - #endif - + #if !defined(__GNUC__) && !defined(__attribute__) -Index: Makefile.am -=================================================================== ---- Makefile.am.orig -+++ Makefile.am -@@ -14,7 +14,7 @@ EXTRA_DIST = config.rpath lookup3.c auto - - SUBDIRS = po . auto - --AM_CPPFLAGS = -I. -I$(top_srcdir) -+AM_CPPFLAGS = -include $(top_srcdir)/system.h -I. -I$(top_srcdir) - - noinst_HEADERS = poptint.h system.h - -@@ -37,7 +37,7 @@ noinst_SCRIPTS = testit.sh - TESTS_ENVIRONMENT = \ - test1="$(top_builddir)/test1" - --TESTS = $(top_srcdir)/testit.sh -+TESTS = testit.sh - - include_HEADERS = popt.h - -Index: popt.c + +Index: src/popt.c =================================================================== ---- popt.c.orig -+++ popt.c +--- a/src/popt.c ++++ b/src/popt.c @@ -197,7 +197,7 @@ poptContext poptGetContext(const char * con->execAbsolute = 1; con->arg_strip = NULL; @@ -144,10 +73,10 @@ default: return POPT_("unknown error"); } -Index: poptconfig.c +Index: src/poptconfig.c =================================================================== ---- poptconfig.c.orig -+++ poptconfig.c +--- a/src/poptconfig.c ++++ b/src/poptconfig.c @@ -540,7 +540,7 @@ int poptReadDefaultConfig(poptContext co if (rc) goto exit; #endif @@ -157,43 +86,3 @@ char * fn = malloc(strlen(home) + 20); if (fn != NULL) { (void) stpcpy(stpcpy(fn, home), "/.popt"); -Index: poptint.h -=================================================================== ---- poptint.h.orig -+++ poptint.h -@@ -11,6 +11,8 @@ - - #include <stdint.h> - -+#pragma GCC visibility push(hidden) -+ - /** - * Wrapper to free(3), hides const compilation noise, permit NULL, return NULL. - * @param p memory to free -@@ -149,6 +151,8 @@ struct poptContext_s { - pbm_set * arg_strip; - }; - -+#pragma GCC visibility pop -+ - #if defined(POPT_fprintf) - #define POPT_dgettext dgettext - #else -@@ -182,6 +186,8 @@ extern char *nl_langinfo (nl_item __item - #endif - #endif - -+#pragma GCC visibility push(hidden) -+ - #if defined(HAVE_DCGETTEXT) && !defined(__LCLINT__) - char *POPT_dgettext(const char * dom, const char * str) - /*@*/; -@@ -200,6 +206,8 @@ const char *POPT_next_char (/*@returned@ - - #endif - -+#pragma GCC visibility pop -+ - #if defined(ENABLE_NLS) && defined(HAVE_LIBINTL_H) - #include <libintl.h> - #endif
