From d3545960899257041a9c954bd1f9cceaac5fdf51 Mon Sep 17 00:00:00 2001 From: Lukas Javorsky Date: Jul 25 2023 08:19:53 +0000 Subject: Rebase to version 1.35 Patches `tar-1.30-CVE-2022-48303.patch` and `tar-configure-c99.patch` were upstreamed Resolves: #2223565 --- diff --git a/sources b/sources index 11074b9..7e91fce 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (tar-1.34.tar.xz) = 5e77c4a7b49983ad7d15238c2bce28be7a8aa437b4b1815fc00abd13096da308b6bba196cc6e3ed79d85e62823d520ae0d8fcda2d93873842cf84dc3369fc902 -SHA512 (tar-1.34.tar.xz.sig) = 55297f41549deee511f5b14c6b5dc7bb3d9282dad52bcc85f9dddfad24b677f989ba86387ad9b133c3698feedbd6b6cd7e9f005e8e4c89f72c80543eeceb78f7 +SHA512 (tar-1.35.tar.xz) = 8b84ed661e6c878fa33eb5c1808d20351e6f40551ac63f96014fb0d0b9c72d5d94d8865d39e36bcb184fd250f84778a3b271bbd8bd2ceb69eece0c3568577510 +SHA512 (tar-1.35.tar.xz.sig) = 00e5c95bf8015f75f59556a82ed7f50bddefe89754c7ff3c19411aee2f37626a5d65c33e18b87f7f8f96388d3f175fd095917419a3ad1c0fc9d6188088bac944 diff --git a/tar-1.28-atime-rofs.patch b/tar-1.28-atime-rofs.patch index f32114a..9b8a93d 100644 --- a/tar-1.28-atime-rofs.patch +++ b/tar-1.28-atime-rofs.patch @@ -1,6 +1,6 @@ -From 71769b9ea3c12b7fbb39fee2e9f4a4c1c36c0d0b Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Mon, 28 Jul 2014 08:13:31 +0200 +From c4d06365aef1539853e1dd41c539173809760cd0 Mon Sep 17 00:00:00 2001 +From: Lukas Javorsky +Date: Tue, 18 Jul 2023 12:27:38 +0000 Subject: [PATCH 4/9] utime & read-only FS Ignore errors from setting utime() for source file on read-only @@ -16,13 +16,13 @@ http://lists.gnu.org/archive/html/bug-tar/2009-06/msg00016.html 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/create.c b/src/create.c -index e2f4ede..f644f23 100644 +index d20178c..b31fbe5 100644 --- a/src/create.c +++ b/src/create.c -@@ -1824,7 +1824,8 @@ dump_file0 (struct tar_stat_info *st, char const *name, char const *p) +@@ -1851,7 +1851,8 @@ dump_file0 (struct tar_stat_info *st, char const *name, char const *p) } else if (atime_preserve_option == replace_atime_preserve - && fd && (is_dir || original_size != 0) + && timespec_cmp (st->atime, get_stat_atime (&st2)) != 0 - && set_file_atime (fd, parentfd, name, st->atime) != 0) + && set_file_atime (fd, parentfd, name, st->atime) != 0 + && errno != EROFS ) @@ -30,5 +30,5 @@ index e2f4ede..f644f23 100644 } -- -1.9.3 +2.41.0 diff --git a/tar-1.30-CVE-2022-48303.patch b/tar-1.30-CVE-2022-48303.patch deleted file mode 100644 index 1b6c8db..0000000 --- a/tar-1.30-CVE-2022-48303.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 3da78400eafcccb97e2f2fd4b227ea40d794ede8 Mon Sep 17 00:00:00 2001 -From: Sergey Poznyakoff -Date: Sat, 11 Feb 2023 11:57:39 +0200 -Subject: [PATCH] Fix boundary checking in base-256 decoder - -* src/list.c (from_header): Base-256 encoding is at least 2 bytes -long. ---- - src/list.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/src/list.c b/src/list.c -index 9fafc425..86bcfdd1 100644 ---- a/src/list.c -+++ b/src/list.c -@@ -881,8 +881,9 @@ from_header (char const *where0, size_t digs, char const *type, - where++; - } - } -- else if (*where == '\200' /* positive base-256 */ -- || *where == '\377' /* negative base-256 */) -+ else if (where <= lim - 2 -+ && (*where == '\200' /* positive base-256 */ -+ || *where == '\377' /* negative base-256 */)) - { - /* Parse base-256 output. A nonnegative number N is - represented as (256**DIGS)/2 + N; a negative number -N is --- -2.38.1 - diff --git a/tar-configure-c99.patch b/tar-configure-c99.patch deleted file mode 100644 index 49ba1b2..0000000 --- a/tar-configure-c99.patch +++ /dev/null @@ -1,45 +0,0 @@ -Avoid an implicit declaration of utime in the configure script. This -ensures that the package continues to build with future compilers -which do not support such implicit declarations by default. - -This is a downstream-only patch. Upstream, the configure file is -generated correctly since the following gnulib commit: - -commit c20ba6929e5ac4a9cc72cd2b1f2d938e219adb01 -Author: Bruno Haible -Date: Sat Jan 23 22:10:25 2021 +0100 - - utime: Fix configure test (regression 2020-12-04). - - Reported by Ryan Schmidt via Tim Rühsen in - . - - * m4/utime.m4 (gl_FUNC_UTIME): In the test program, include , - not . - -diff --git a/configure b/configure -index 129500e018d38aa5..7ed132239c78d2ac 100755 ---- a/configure -+++ b/configure -@@ -36685,7 +36685,7 @@ else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext - /* end confdefs.h. */ - #include -- #include -+#include - - int - main () -diff --git a/m4/utime.m4 b/m4/utime.m4 -index 03df7b7282500c73..bdff29d85982cd68 100644 ---- a/m4/utime.m4 -+++ b/m4/utime.m4 -@@ -34,7 +34,7 @@ AC_DEFUN([gl_FUNC_UTIME], - AC_RUN_IFELSE( - [AC_LANG_PROGRAM( - [[#include -- #include -+ #include - ]], - [[int result = 0; - if (!utime ("conftest.tmp/", NULL)) diff --git a/tar.spec b/tar.spec index 4daeecb..6d5345b 100644 --- a/tar.spec +++ b/tar.spec @@ -9,8 +9,8 @@ Summary: GNU file archiving program Name: tar Epoch: 2 -Version: 1.34 -Release: 9%{?dist} +Version: 1.35 +Release: 1%{?dist} License: GPL-3.0-or-later URL: https://www.gnu.org/software/tar/ @@ -24,8 +24,6 @@ Patch3: tar-1.29-wildcards.patch Patch4: tar-1.28-atime-rofs.patch Patch9: tar-1.28-document-exclude-mistakes.patch Patch10: tar-1.33-fix-capabilities-test.patch -Patch11: tar-configure-c99.patch -Patch12: tar-1.30-CVE-2022-48303.patch BuildRequires: autoconf BuildRequires: automake @@ -124,6 +122,9 @@ make check || ( %changelog +* Tue Jul 18 2023 Lukas Javorsky - 2:1.35-1 +- Rebase to version 1.35 + * Sat Jul 22 2023 Fedora Release Engineering - 2:1.34-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild