From 1a287038b0f92772fffced3f82a192efa894204f Mon Sep 17 00:00:00 2001
From: Peter Lemenkov <lemenkov@gmail.com>
Date: Aug 13 2017 13:38:27 +0000
Subject: PSPP ver. 0.11.0


Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>

---

diff --git a/.gitignore b/.gitignore
index 94ee44d..a589071 100644
--- a/.gitignore
+++ b/.gitignore
@@ -11,3 +11,4 @@ pspp-0.6.2.tar.gz
 /pspp-0.8.5.tar.gz
 /pspp-0.10.1.tar.gz
 /pspp-0.10.2.tar.gz
+/pspp-0.11.0.tar.gz
diff --git a/pspp-0.10.2.tar.gz.sig b/pspp-0.10.2.tar.gz.sig
deleted file mode 100644
index e449a54..0000000
--- a/pspp-0.10.2.tar.gz.sig
+++ /dev/null
@@ -1,17 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1
-
-iQIcBAABCAAGBQJXk6G/AAoJEIUZnejGZI6Qbu0P/0UiHkIhhWDQ316uegWqvnOZ
-oCk41HPHyxM5ZN5XXVmnGuC9bmO5quRRw/aQll7tksfzPJ0Mog/5TOvemyuKDsSi
-fvuNYQGtrD/4kKlUP82nIr7A34y5M+94wgr1CnI4BJ0XMgbNKBq78aRXDp3pPETx
-x7Nr33sMduXymZov9UUi8gPzIhY+357HkCoIT7YMEhZ0S06+9AMvurJFQ5OUO20R
-A4OvF176xPRG459XfHyPIuW1w04ZmMseKBUzfztNefX9yyRSAS5h+TIkTK9PPNMk
-hv91maZMIBLAnziQRj3WjnV1NGBdJRY7vBrr8ecQt5mLdJvySIwEbQ0HlxNSYqRx
-mXUQWWCcx2+81gYmlMbivu74mXDny5euozpnB4LNNhW3pUomOtGPxws2rpb5WtlC
-QUCt1jtbqyhvUO+KMZKvfYvWxwIwALiaW3vl+oVaYtlwLEcHJKncl0ybRZEtfTnE
-OmYSls9thLoneRaUlCGZcRUuGh559gQUGD3nZ6Z1z0H/k8NlceHnBGi9HyxJ2jr0
-ZevAG+XiR4TYjkwiMUV7vW4b4S3lzWPrpYdMCen0TRWW0PUd3nZ7fWLKP5LZHF7f
-Fp+R1Mp9+17kee6EDrcDcCvBXh7Zllfyiq5UdEo9R45rtZhN2WFxwvS2aCfAs1SU
-khRt8+rFg/MKKn4ivBbJ
-=KbPs
------END PGP SIGNATURE-----
diff --git a/pspp-0.11.0.tar.gz.sig b/pspp-0.11.0.tar.gz.sig
new file mode 100644
index 0000000..8ccea9e
--- /dev/null
+++ b/pspp-0.11.0.tar.gz.sig
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1
+
+iQIcBAABCAAGBQJZj0fnAAoJEIUZnejGZI6Qtg8P/1CkoZxpBzGOBc6T0VaFdL1T
+bmVtj+CD36xA39h4f5xq4h8kQHECesr6R/NIygjApRVGLtz3mHtSpyvLeePsRVm8
+Uh6wopY30nlrku7Qrutf19rpAt6HoJ9oW/8n5P6bBKg97hrAZD+M+sDcSfaBu0P1
+3OhyY/hSlWlV+/trZHtNgJT67dMrS1t7vhgZSEagq9d3nY2o1bQM2JxAsazZI2ku
+tdoMd38Kmlf6TE0cEw6BYy9JlQVbrhGlOm/fhy76VvANWGkxfyC038QcI+bYitXl
+kePoDdycEq214iNp9UYdSv4ek4N1s8JkaEuqF47X8Ew2Ykw5pO+JzfMR5Ztca324
+FsQFX5zid8q/7RnP+UaSX9mpB24cMH11sIiLcCubobEqpSx1hTGS2vMHEp/oKYOE
+2eY+2cvSEPyNfNZ4gjFSeres49nOqnR2eLVNYnxW7jjZ4nXCBjl9Ojayzy5siaKw
+B9f2W8QEDmLFE2tfoV+oUsQEGCXtisdqO3yhGC4am54DuXWUn1UU85Y07vDaSl6u
+CvIWmDwHiCt39hWCLeP0kBK6Tp1tltR202hXosCo890J+6d8m4RR/xa/IT6wEtQs
+YcYFmIKehO2ytn+/yGoJlDUVRfr/fVTU0WCsna9rhGjnL1CvvYas5WyARCwjFa5m
+wqFPWyq7CSY4ygqtfVrF
+=xbYm
+-----END PGP SIGNATURE-----
diff --git a/pspp-0001-sys-file-reader-Avoid-null-dereference-skipping-bad-.patch b/pspp-0001-sys-file-reader-Avoid-null-dereference-skipping-bad-.patch
deleted file mode 100644
index c0e1359..0000000
--- a/pspp-0001-sys-file-reader-Avoid-null-dereference-skipping-bad-.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From: Ben Pfaff <blp@cs.stanford.edu>
-Date: Tue, 4 Jul 2017 12:54:47 -0400
-Subject: [PATCH] sys-file-reader: Avoid null dereference skipping bad
- extension record 18.
-
-read_record() assumed that read_extension_record() never set its output
-argument to NULL when it returned true, but this is possible in an error
-case.
-
-CVE-2017-10792.
-See also https://bugzilla.redhat.com/show_bug.cgi?id=1467005.
-See also https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866890.
-See also https://security-tracker.debian.org/tracker/CVE-2017-10792.
-Reported by team OWL337, with fuzzer collAFL.
-
-diff --git a/src/data/sys-file-reader.c b/src/data/sys-file-reader.c
-index 57e1dc82..70a7411f 100644
---- a/src/data/sys-file-reader.c
-+++ b/src/data/sys-file-reader.c
-@@ -524,7 +524,7 @@ read_record (struct sfm_reader *r, int type,
-              18.  I'm surprised that SPSS puts up with this. */
-           struct sfm_extension_record *ext;
-           bool ok = read_extension_record (r, subtype, &ext);
--          if (ok)
-+          if (ok && ext)
-             ll_push_tail (&r->var_attrs, &ext->ll);
-           return ok;
-         }
diff --git a/pspp-0002-sys-file-reader-Fix-integer-overflows-in-parse_long_.patch b/pspp-0002-sys-file-reader-Fix-integer-overflows-in-parse_long_.patch
deleted file mode 100644
index 5fec7d6..0000000
--- a/pspp-0002-sys-file-reader-Fix-integer-overflows-in-parse_long_.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From: Ben Pfaff <blp@cs.stanford.edu>
-Date: Tue, 4 Jul 2017 12:58:55 -0400
-Subject: [PATCH] sys-file-reader: Fix integer overflows in
- parse_long_string_missing_values().
-
-Crafted system files caused integer overflow errors that in turn caused
-aborts.  This fixes the problem.
-
-CVE-2017-10791.
-See also https://bugzilla.redhat.com/show_bug.cgi?id=1467004.
-See also https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866890.
-See also https://security-tracker.debian.org/tracker/CVE-2017-10791.
-Found by team OWL337, using the collAFL fuzzer.
-
-diff --git a/src/data/sys-file-reader.c b/src/data/sys-file-reader.c
-index 70a7411f..8ab130c0 100644
---- a/src/data/sys-file-reader.c
-+++ b/src/data/sys-file-reader.c
-@@ -2464,7 +2464,8 @@ parse_long_string_value_labels (struct sfm_reader *r,
-       ofs += 4;
- 
-       /* Parse variable name, width, and number of labels. */
--      if (!check_overflow (r, record, ofs, var_name_len + 8))
-+      if (!check_overflow (r, record, ofs, var_name_len)
-+          || !check_overflow (r, record, ofs, var_name_len + 8))
-         return;
-       var_name = recode_string_pool ("UTF-8", dict_encoding,
-                                      (const char *) record->data + ofs,
-@@ -2582,7 +2583,8 @@ parse_long_string_missing_values (struct sfm_reader *r,
-       ofs += 4;
- 
-       /* Parse variable name. */
--      if (!check_overflow (r, record, ofs, var_name_len + 1))
-+      if (!check_overflow (r, record, ofs, var_name_len)
-+          || !check_overflow (r, record, ofs, var_name_len + 1))
-         return;
-       var_name = recode_string_pool ("UTF-8", dict_encoding,
-                                      (const char *) record->data + ofs,
diff --git a/pspp-0003-perl-added-current-directory-path-to-calls.patch b/pspp-0003-perl-added-current-directory-path-to-calls.patch
deleted file mode 100644
index ad85da6..0000000
--- a/pspp-0003-perl-added-current-directory-path-to-calls.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-From: Friedrich Beckmann <friedrich.beckmann@gmx.de>
-Date: Mon, 10 Oct 2016 12:55:01 +0200
-Subject: [PATCH] perl - added current directory path to calls
-
-The perl INC path in debian does not include the current directory
-anymore. Therefore I added the current directory path at the places
-where a module is called and it is assumed that . is part of INC.
-
-See: https://lwn.net/Articles/698853/
-
-diff --git a/perl-module/Makefile.PL b/perl-module/Makefile.PL
-index a315abbe..7efaa57b 100644
---- a/perl-module/Makefile.PL
-+++ b/perl-module/Makefile.PL
-@@ -4,7 +4,7 @@ use ExtUtils::MakeMaker;
- # the contents of the Makefile that is written.
- 
- 
--do 'pspp-module-config' || do {
-+do './pspp-module-config' || do {
-     my $build = prompt ("Enter the location of the build directory of the configured pspp source:", "" );
-     my $src = $top_srcdir;
- 
-diff --git a/tests/data/data-in.at b/tests/data/data-in.at
-index cfe965c5..0c3a1837 100644
---- a/tests/data/data-in.at
-+++ b/tests/data/data-in.at
-@@ -25,7 +25,7 @@ EOF
- #! /usr/bin/perl
- use strict;
- use warnings;
--do 'my-rand.pl';
-+do './my-rand.pl';
- my_rand (1) foreach 1...10000;
- our $seed;
- die $seed if $seed != 1043618065;
-@@ -39,7 +39,7 @@ date_in () {
- use strict;
- use warnings;
- 
--do 'my-rand.pl';
-+do './my-rand.pl';
- 
- my ($fmt_name, @templates) = @ARGV;
- 
-@@ -198,7 +198,7 @@ time_in () {
- use strict;
- use warnings;
- 
--do 'my-rand.pl';
-+do './my-rand.pl';
- 
- my ($skip, $fmt_name, @templates) = @ARGV;
- 
-@@ -287,7 +287,7 @@ use POSIX;
- use strict;
- use warnings;
- 
--do 'my-rand.pl';
-+do './my-rand.pl';
- 
- for my $number (0, 1, .5, .015625, 123) {
-     my ($base_exp) = floor ($number ? log10 ($number) : 0);
diff --git a/pspp.spec b/pspp.spec
index 06eaee0..5427a28 100644
--- a/pspp.spec
+++ b/pspp.spec
@@ -1,6 +1,6 @@
 Name:           pspp
-Version:        0.10.2
-Release:        6%{?dist}
+Version:        0.11.0
+Release:        1%{?dist}
 Summary:        A program for statistical analysis of sampled data
 Group:          Applications/Engineering
 License:        GPLv3+
@@ -9,9 +9,6 @@ VCS:            scm:git:git://git.savannah.gnu.org/pspp.git
 Source0:        https://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.gz
 Source1:        https://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.gz.sig
 Source2:        pspp-Smake
-Patch1:         pspp-0001-sys-file-reader-Avoid-null-dereference-skipping-bad-.patch
-Patch2:         pspp-0002-sys-file-reader-Fix-integer-overflows-in-parse_long_.patch
-Patch3:         pspp-0003-perl-added-current-directory-path-to-calls.patch
 BuildRequires:  plotutils-devel, ncurses-devel, readline-devel
 BuildRequires:  gsl-devel >= 1.11-2
 BuildRequires:  postgresql-devel
@@ -124,6 +121,9 @@ fi
 
 
 %changelog
+* Sun Aug 13 2017 Peter Lemenkov <lemenkov@gmail.com> - 0.11.0-1
+- Ver. 0.11.0
+
 * Sun Jul 30 2017 Peter Lemenkov <lemenkov@gmail.com> - 0.10.2-6
 - Perl no longer contains cwd in INC.
 
diff --git a/sources b/sources
index 0e52856..631a40f 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (pspp-0.10.2.tar.gz) = 7d6656c03da46b088e87cba7a947d1e56031ff50d704be8201a38563515cf5cf324a05f1d4999ba8aec7b2269a8fdbd09374a11374c9c1b9dd6d78d34fda4b76
+SHA512 (pspp-0.11.0.tar.gz) = 90d58b654fb2a764085ee0281aeb34710573856ce63c5d5e01dac4961fa6a865fa0137d5204064b900a52237f8e16496b83210827f435850e790b79500c6220c