Hello community,
here is the log from the commit of package bzip2 for openSUSE:Factory checked in at 2019-07-02 10:37:05
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/bzip2 (Old)
and /work/SRC/openSUSE:Factory/.bzip2.new.4615 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "bzip2"
Tue Jul 2 10:37:05 2019 rev:64 rq:712352 version:1.0.7
Changes:
--------
--- /work/SRC/openSUSE:Factory/bzip2/bzip2.changes 2019-04-26 22:41:17.513740283 +0200
+++ /work/SRC/openSUSE:Factory/.bzip2.new.4615/bzip2.changes 2019-07-02 10:37:07.882466364 +0200
@@ -1,0 +2,23 @@
+Fri Jun 28 07:42:24 UTC 2019 - Martin Pluskal
+
+- Update bug reference
+- Fix downloaded patches
+
+-------------------------------------------------------------------
+Thu Jun 27 21:01:36 UTC 2019 - Bjørn Lie
+
+- Update to version 1.0.7:
+ * Fix undefined behavior in the macros SET_BH, CLEAR_BH, &
+ ISSET_BH.
+ * bzip2: Fix return value when combining --test,-t and -q.
+ * bzip2recover: Fix buffer overflow for large argv[0].
+ * bzip2recover: Fix use after free issue with outFile
+ (CVE-2016-3189).
+ * Make sure nSelectors is not out of range (CVE-2019-12900
+ bsc#1139083)
+- Drop patches fixed upstream:
+ * bzip2-unsafe_strcpy.patch.
+ * bzip2-1.0.6-CVE-2016-3189.patch.
+- Refresh patches with quilt.
+
+-------------------------------------------------------------------
Old:
----
bzip2-1.0.6-CVE-2016-3189.patch
bzip2-1.0.6.tar.gz
bzip2-unsafe_strcpy.patch
New:
----
bzip2-1.0.7.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ bzip2.spec ++++++
--- /var/tmp/diff_new_pack.lePdUM/_old 2019-07-02 10:37:08.830467806 +0200
+++ /var/tmp/diff_new_pack.lePdUM/_new 2019-07-02 10:37:08.834467812 +0200
@@ -12,13 +12,13 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define libname libbz2-1
Name: bzip2
-Version: 1.0.6
+Version: 1.0.7
Release: 0
Summary: A Program for Compressing Files
License: BSD-3-Clause
@@ -32,12 +32,10 @@
# PATCH-FEATURE-OPENSUSE bzip2-1.0.6-autoconfiscated.patch sbrabec@suse.cz -- Convert to a standard autoconf based package.
Patch0: ftp://ftp.suse.com/pub/people/sbrabec/bzip2/for_downstream/bzip2-1.0.6.2-autoconfiscated.patch
Patch1: bzip2-1.0.6-fix-bashisms.patch
-Patch2: bzip2-unsafe_strcpy.patch
Patch3: bzip2-point-to-doc-pkg.patch
Patch4: bzip2-ocloexec.patch
# PATCH-FIX-UPSTREAM bnc#970260 kstreitova@suse.com -- fix a wrong exit code when grepping multiple archives
Patch5: bzip2-1.0.6-bzgrep_return_value.patch
-Patch6: bzip2-1.0.6-CVE-2016-3189.patch
BuildRequires: autoconf >= 2.57
BuildRequires: libtool
BuildRequires: pkgconfig
@@ -77,11 +75,9 @@
%setup -q
%patch0
%patch1 -p1
-%patch2
%patch3 -p1
-%patch4
+%patch4 -p1
%patch5 -p1
-%patch6 -p1
%build
autoreconf -fiv
@@ -91,7 +87,7 @@
%if 0%{?do_profiling}
make %{?_smp_mflags} CFLAGS="%{optflags} %{cflags_profile_generate}"
make %{?_smp_mflags} CFLAGS="%{optflags} %{cflags_profile_generate}" test
- make clean
+ make %{?_smp_mflags} clean
make %{?_smp_mflags} CFLAGS="%{optflags} %{cflags_profile_feedback}"
%else
make %{?_smp_mflags} CFLAGS="%{optflags}"
++++++ bzip2-1.0.6-bzgrep_return_value.patch ++++++
--- /var/tmp/diff_new_pack.lePdUM/_old 2019-07-02 10:37:08.878467880 +0200
+++ /var/tmp/diff_new_pack.lePdUM/_new 2019-07-02 10:37:08.878467880 +0200
@@ -1,7 +1,7 @@
-Index: bzip2-1.0.6/bzgrep
+Index: bzip2-1.0.7/bzgrep
===================================================================
---- bzip2-1.0.6.orig/bzgrep
-+++ bzip2-1.0.6/bzgrep
+--- bzip2-1.0.7.orig/bzgrep 2019-06-27 23:10:21.375272508 +0200
++++ bzip2-1.0.7/bzgrep 2019-06-27 23:10:21.415272635 +0200
@@ -65,8 +65,20 @@ for i do
else
j=$(echo "$i" | sed 's/\\/&&/g;s/|/\\&/g;s/&/\\&/g')
++++++ bzip2-1.0.6-fix-bashisms.patch ++++++
--- /var/tmp/diff_new_pack.lePdUM/_old 2019-07-02 10:37:08.890467898 +0200
+++ /var/tmp/diff_new_pack.lePdUM/_new 2019-07-02 10:37:08.890467898 +0200
@@ -1,6 +1,7 @@
-diff -Ndurp bzip2-1.0.6/bzgrep bzip2-1.0.6-fix-bashisms/bzgrep
---- bzip2-1.0.6/bzgrep 2007-01-03 04:00:55.000000000 +0200
-+++ bzip2-1.0.6-fix-bashisms/bzgrep 2014-10-19 02:07:30.036033876 +0300
+Index: bzip2-1.0.7/bzgrep
+===================================================================
+--- bzip2-1.0.7.orig/bzgrep 2019-06-27 20:15:39.000000000 +0200
++++ bzip2-1.0.7/bzgrep 2019-06-27 23:12:37.027916706 +0200
@@ -63,9 +63,7 @@ for i do
bzip2 -cdfq "$i" | $grep $opt "$pat"
r=$?
++++++ bzip2-1.0.6.tar.gz -> bzip2-1.0.7.tar.gz ++++++
++++ 229142 lines of diff (skipped)
++++++ bzip2-ocloexec.patch ++++++
--- /var/tmp/diff_new_pack.lePdUM/_old 2019-07-02 10:37:09.306468531 +0200
+++ /var/tmp/diff_new_pack.lePdUM/_new 2019-07-02 10:37:09.306468531 +0200
@@ -1,5 +1,7 @@
---- bzlib.c.orig
-+++ bzlib.c
+Index: bzip2-1.0.7/bzlib.c
+===================================================================
+--- bzip2-1.0.7.orig/bzlib.c 2019-06-27 20:15:39.000000000 +0200
++++ bzip2-1.0.7/bzlib.c 2019-06-27 23:10:21.399272583 +0200
@@ -1414,7 +1414,15 @@ BZFILE * bzopen_or_bzdopen
}
mode++;
++++++ bzip2-point-to-doc-pkg.patch ++++++
--- /var/tmp/diff_new_pack.lePdUM/_old 2019-07-02 10:37:09.314468543 +0200
+++ /var/tmp/diff_new_pack.lePdUM/_new 2019-07-02 10:37:09.314468543 +0200
@@ -1,7 +1,7 @@
-Index: bzip2-1.0.6/README
+Index: bzip2-1.0.7/README
===================================================================
---- bzip2-1.0.6.orig/README
-+++ bzip2-1.0.6/README
+--- bzip2-1.0.7.orig/README 2019-06-27 20:15:39.000000000 +0200
++++ bzip2-1.0.7/README 2019-06-27 23:10:21.387272546 +0200
@@ -17,7 +17,8 @@ in the file LICENSE.
Complete documentation is available in Postscript form (manual.ps),