Hello community, here is the log from the commit of package patch.1479 for openSUSE:12.1:Update checked in at 2013-04-03 16:20:36 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.1:Update/patch.1479 (Old) and /work/SRC/openSUSE:12.1:Update/.patch.1479.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patch.1479", Maintainer is "" Changes: -------- New Changes file: --- /dev/null 2013-02-26 18:15:11.936010755 +0100 +++ /work/SRC/openSUSE:12.1:Update/.patch.1479.new/patch.changes 2013-04-03 16:20:37.000000000 +0200 @@ -0,0 +1,396 @@ +------------------------------------------------------------------- +Thu Mar 21 17:30:54 CET 2013 - [email protected] + +- patch-warn-on-read-only-files.patch: Only warn when trying to + modify read-only files, instead of failing. This restores + compatibility with older versions of GNU patch (bnc#794658). +- patch-revert-e0f70752.patch: Revert broken upstream commit + (bnc#755136). + +------------------------------------------------------------------- +Wed Oct 5 12:33:53 UTC 2011 - [email protected] + +- cross-build fix: use %configure macro + +------------------------------------------------------------------- +Mon Apr 4 15:11:04 CEST 2011 - [email protected] + +- Version 2.6.1.116: + + Patch now ignores destination file names that are absolute or + that contain a component of ".." (CVE-2010-4651, bnc#662957). +- Drop unified-reject-files-compat.diff. Compatibility has been + provided for the past 18 months, hopefully nobody is relying on + it any longer. + +------------------------------------------------------------------- +Fri Jul 2 06:57:49 UTC 2010 - [email protected] + +- Use %_smp_mflags + +------------------------------------------------------------------- +Wed May 5 01:28:12 CEST 2010 - [email protected] + +- Version 2.6.1.81: + + Fix backup file detection for deleted files + + Allow to create and delete empty files + + Stick to the best name in the reversed-patch check + + Various portability improvements + +------------------------------------------------------------------- +Sun May 2 15:57:54 CEST 2010 - [email protected] + +- Fix the linker library order. + +------------------------------------------------------------------- +Sun May 2 14:40:09 CEST 2010 - [email protected] + +- Be more verbose when %verbose is defined. + +------------------------------------------------------------------- +Sun May 2 14:01:47 CEST 2010 - [email protected] + +- Version 2.6.1.64: + + Support for most features of the "diff --git" format: renames + and copies, permission changes, symlink diffs. (Binary diffs + are not supported yet; patch will complain and skip them.) + + Support for double-quoted filenames: when a filename in a + context diff starts with a double quote, it is interpreted as + a C string literal. The escape sequences \\, \", \a, \b, \f, \n, + \r, \t, \v, and \ooo (a three-digit octal number between 0 and + 255) are recognized. + + Refuse to patch read-only files by default, or at least warn + when patching such files with --force or --batch. + + Refuse to apply a normal patch to a symlink. (Previous + versions of patch were wrongly replacing the symlink with a + regular file.) + + When a timestamp specifies a time zone, honor that instead of + assuming the local time zone (--set-date) or Universal + Coordinated Time (--set-utc). + + Support for nanosecond precision timestamps. + + Many portability and bug fixes. + +------------------------------------------------------------------- +Sun Jan 31 16:22:05 CET 2010 - [email protected] + +- Version 2.6.1.9: + + Skip another ed-dependent test when ed isn't installed. + + More portability fixes. +------------------------------------------------------------------- +Wed Dec 30 17:14:24 CET 2009 - [email protected] + +- Version 2.6.1: + + Support for diff3(1) style merges which show the old, original, + and new lines of a conflict has been added (--merge=diff3). + The default still is the merge(1) format (--merge or + --merge=merge). + + Bug and portability fixes. + +------------------------------------------------------------------- +Sun Dec 6 17:32:57 CET 2009 - jengelh + +- enable parallel building + +------------------------------------------------------------------- +Fri Nov 13 15:45:06 CET 2009 - [email protected] + +- Version 2.6. + +------------------------------------------------------------------- +Mon Sep 7 13:30:46 CEST 2009 - [email protected] + +- Version 2.5.9.122: + + Try to preserve the owning group of patched files. +- Add --unified-reject-files backwards-compatibility patch to + older SUSE versions of patch. + +------------------------------------------------------------------- +Mon Jul 20 10:12:48 CEST 2009 - [email protected] + +- Version 2.5.9.120: + + When copying files, use full_write() from gnulib instead of + write(). + + The -m option hasn't been officially allocated yet. Use only + the long form for now (--merge). + +------------------------------------------------------------------- +Fri Jun 19 08:33:32 CEST 2009 - [email protected] + +- Version 2.5.9.118: + + Change the default value of PATCH_GET to 0. + + When merging, make sure that hunks will not end up "out of order" + + When the file to patch is specified on the command line, + apply all patches to that file + + Some portability fixes/improvements + + Don't fail when removing nonexistent files in move_file + +------------------------------------------------------------------- +Wed Apr 8 16:47:49 CEST 2009 - [email protected] + +- Version 2.5.9.109: + + Preserve timestamps in reject files. + + Add support for sending output to standard output. + + Allow special characters in filenames read interactively. + + Don't forget to NUL terminate ptimestr in fetchname(). + +------------------------------------------------------------------- +Tue Apr 7 14:29:16 CEST 2009 - [email protected] + +- Version 2.5.9.104: timestamp parsing fix, 64-bit fix. + +------------------------------------------------------------------- +Mon Apr 6 18:59:55 CEST 2009 - [email protected] + +- Version 2.5.9.97: Another bugfix. + +------------------------------------------------------------------- +Mon Apr 6 15:04:50 CEST 2009 - [email protected] + +- Version 2.5.9.95: Gnulib update, bug fixes. + +------------------------------------------------------------------- +Fri Apr 3 22:35:33 CEST 2009 - [email protected] + +- Update to version patch-2.5.9.77: updated manpage and NEWS, no + strict depenency on ed in the test suite anymore, and slightly + improved handling of asymmetric hunks. + +------------------------------------------------------------------- +Thu Apr 2 16:21:14 CEST 2009 - [email protected] + +- Update to version patch-2.5.9.69 which has all our patches + merged in one form or anther, along with many other fixes and + improvements (see NEWS). + +------------------------------------------------------------------- +Tue Feb 24 12:56:06 CET 2009 - [email protected] + +- Include patch headers in reject files so that they form proper + patches themselves. +- Rewrite the unified reject files patch; this is much cleaner + now. +- Add an improved strategy for locating merges. + +------------------------------------------------------------------- +Tue Feb 3 06:10:49 CET 2009 - [email protected] + +- Implement diff3-style merges (including several fixes and + improvements). + +------------------------------------------------------------------- +Wed Apr 23 10:53:19 CEST 2008 - [email protected] + +- remember-backup-files.diff: Fix bug when a file is touched by + the same patch more than twice. Move the test cases from the + patch header into separate files. +- patch-2.5.9-cat_if_device.diff: No need to remember the device + we write to as a backup file. + +------------------------------------------------------------------- +Fri Nov 2 01:57:03 CET 2007 - [email protected] + +- Patch fails to apply hunks with asymmetric context correctly. + +------------------------------------------------------------------- +Wed Jan 25 21:30:47 CET 2006 - [email protected] + +- converted neededforbuild to BuildRequires + ++++ 199 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:12.1:Update/.patch.1479.new/patch.changes New: ---- patch-2.6.1.116-33c4.tar.bz2 patch-revert-e0f70752.patch patch-warn-on-read-only-files.patch patch.changes patch.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ patch.spec ++++++ # # spec file for package patch # # Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Url: ftp://alpha.gnu.org/gnu/diffutils/ %define hash -33c4 Name: patch # See bnc#662957. The fix for CVE-2010-4651 breaks the way interdiff was # invoking patch, so interdiff had to be fixed too. Conflicts: patchutils < 0.3.2 Version: 2.6.1.116 Release: 0 Summary: GNU patch License: GPL-3.0+ Group: Productivity/Text/Utilities Source: ftp://alpha.gnu.org/gnu/patch/patch-%version%hash.tar.bz2 Patch1: patch-revert-e0f70752.patch Patch2: patch-warn-on-read-only-files.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description The GNU patch program is used to apply diffs between original and changed files (generated by the diff command) to the original files. Authors: -------- Larry Wall Paul Eggert %prep %setup -q -n patch-%version%hash %patch1 -p1 %patch2 -p1 %build export CFLAGS="$RPM_OPT_FLAGS -Wall -O2 -pipe" %configure --prefix=%{_prefix} make %{?_smp_mflags} %{verbose:V=1}; %check make check %{verbose:V=1} %install make install DESTDIR=$RPM_BUILD_ROOT %{verbose:V=1} %files %defattr(-,root,root) %doc NEWS README /usr/bin/patch %doc %{_mandir}/man1/patch.1.gz %changelog ++++++ patch-revert-e0f70752.patch ++++++ References: bnc#755136 Revert upstream commit e0f707523cab26f74ec23f4a20a27add8702ed5b. --- patch-2.6.1.136-31a7.orig/src/pch.c +++ patch-2.6.1.136-31a7/src/pch.c @@ -379,18 +379,11 @@ skip_hex_digits (char const *str) static bool name_is_valid (char const *name) { - static char const *bad[2]; - char const *n; - - if (bad[0] && ! strcmp (bad[0], name)) - return false; - if (bad[1] && ! strcmp (bad[1], name)) - return false; + const char *n = name; if (IS_ABSOLUTE_FILE_NAME (name)) { say ("Ignoring potentially dangerous file name %s\n", quotearg (name)); - bad[!! bad[0]] = name; return false; } for (n = name; *n; ) @@ -398,7 +391,6 @@ name_is_valid (char const *name) if (*n == '.' && *++n == '.' && ( ! *++n || ISSLASH (*n))) { say ("Ignoring potentially dangerous file name %s\n", quotearg (name)); - bad[!! bad[0]] = name; return false; } while (*n && ! ISSLASH (*n)) --- patch-2.6.1.136-31a7.orig/tests/bad-filenames +++ patch-2.6.1.136-31a7/tests/bad-filenames @@ -114,27 +114,3 @@ echo 1 > g check 'patch -f -p1 --dry-run < d.diff || echo status: $?' <<EOF patching file g EOF - -mkdir d -cd d -cat > d.diff <<EOF ---- ../h -+++ ../h -@@ -0,0 +1 @@ -+x -EOF - -touch ../h -check 'patch -f -p0 < d.diff || echo status: $?' <<EOF -Ignoring potentially dangerous file name ../h -can't find file to patch at input line 3 -Perhaps you used the wrong -p or --strip option? -The text leading up to this was: --------------------------- -|--- ../h -|+++ ../h --------------------------- -No file to patch. Skipping patch. -1 out of 1 hunk ignored -status: 1 -EOF ++++++ patch-warn-on-read-only-files.patch ++++++ From: Andreas Gruenbacher <[email protected]> Date: Tue, 17 Apr 2012 16:13:08 +0200 Subject: Only warn when trying to modify read-only files Git-commit: 9a26fde226660a628d58ed7d987a71b9a4123244 Upstream: v2.7 References: bnc#794658 Failing when trying to patch read-only files causes various users of patch to break. Instead, warn by default and introduce a command line option for choosing a different behavior. * patch.man: Describe the new behavior and command-line option. * src/patch.c (read_only_behavior): New variable. (main): Implement the new behavior. (longopts): Add the new --read-only option. (option_help): Describe the new behavior. (get_some_switches): Recognize the new --read-only option. --- patch.man | 8 ++++++-- src/patch.c | 19 +++++++++++++++++-- tests/read-only-files | 13 +++++++++++-- 3 files changed, 34 insertions(+), 6 deletions(-) --- a/patch.man +++ b/patch.man @@ -314,6 +314,10 @@ and patches should be generated by .B "diff\ \*=binary" when line endings are significant.) .TP +\fB\*=read\-only=\fP\fIbehavior\fP +Behave as requested when trying to modify a read-only file: \fBignore\fP the +potential problem, \fBwarn\fP about it (the default), or \fBfail\fP. +.TP \fB\-c\fP or \fB\*=context\fP Interpret the patch file as a ordinary context diff. .TP @@ -356,8 +360,8 @@ removes a file, it also attempts to remo \fB\-f\fP or \fB\*=force\fP Assume that the user knows exactly what he or she is doing, and do not ask any questions. Skip patches whose headers -do not say which file is to be patched; patch files even though they are -read-only or have the wrong version for the +do not say which file is to be patched; patch files even though they have the +wrong version for the .B Prereq:\& line in the patch; and assume that patches are not reversed even if they look like they are. --- a/src/patch.c +++ b/src/patch.c @@ -66,6 +66,7 @@ static char const *version_control; static char const *version_control_context; static bool remove_empty_files; static bool explicit_inname; +static enum { RO_IGNORE, RO_WARN, RO_FAIL } read_only_behavior = RO_WARN; /* true if -R was specified on command line. */ static bool reverse_flag_specified; @@ -224,11 +225,12 @@ main (int argc, char **argv) } } - if (! inerrno && ! S_ISLNK (instat.st_mode) + if (read_only_behavior != RO_IGNORE + && ! inerrno && ! S_ISLNK (instat.st_mode) && access (inname, W_OK) != 0) { say ("File %s is read-only; ", quotearg (inname)); - if (force || batch) + if (read_only_behavior == RO_WARN) say ("trying to patch anyway\n"); else { @@ -664,6 +666,7 @@ static struct option const longopts[] = {"posix", no_argument, NULL, CHAR_MAX + 7}, {"quoting-style", required_argument, NULL, CHAR_MAX + 8}, {"reject-format", required_argument, NULL, CHAR_MAX + 9}, + {"read-only", required_argument, NULL, CHAR_MAX + 10}, {NULL, no_argument, NULL, 0} }; @@ -729,6 +732,8 @@ static char const *const option_help[] = " -d DIR --directory=DIR Change the working directory to DIR first.", " --reject-format=FORMAT Create 'context' or 'unified' rejects.", " --binary Read and write data in binary mode.", +" --read-only=BEHAVIOR How to handle read-only input files: 'ignore' that they", +" are read-only, 'warn' (default), or 'fail'.", "", " -v --version Output version info.", " --help Output this help.", @@ -945,6 +950,16 @@ get_some_switches (void) else usage (stderr, 2); break; + case CHAR_MAX + 10: + if (strcmp (optarg, "ignore") == 0) + read_only_behavior = RO_IGNORE; + else if (strcmp (optarg, "warn") == 0) + read_only_behavior = RO_WARN; + else if (strcmp (optarg, "fail") == 0) + read_only_behavior = RO_FAIL; + else + usage (stderr, 2); + break; default: usage (stderr, 2); } --- a/tests/read-only-files +++ b/tests/read-only-files @@ -41,7 +41,7 @@ EOF echo one > f chmod a=r f -check 'patch -p0 < f.diff || echo "Status: $?"' <<EOF +check 'patch -p0 --read-only=fail < f.diff || echo "Status: $?"' <<EOF File f is read-only; refusing to patch 1 out of 1 hunk ignored -- saving rejects to file f.rej File f is read-only; refusing to patch @@ -51,9 +51,18 @@ EOF rm -f f.rej -check 'patch -f -p0 < f.diff || echo "Status: $?"' <<EOF +check 'patch -f -p0 --read-only=warn < f.diff || echo "Status: $?"' <<EOF File f is read-only; trying to patch anyway patching file f File f is read-only; trying to patch anyway patching file f EOF + +rm -f f +echo one > f +chmod a=r f + +check 'patch -f -p0 --read-only=ignore < f.diff || echo "Status: $?"' <<EOF +patching file f +patching file f +EOF -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
