patch-2.7.6-2

p/patch/patch-vl.spec

@@ -2,12 +2,35 @@ Summary: Utility for modifying/upgrading files
 Summary(ja): ファイルを修正/更新するためのユーティリティ
 Name: patch
 Version: 2.7.6
-Release: 1%{?_dist_release}
+Release: 2%{?_dist_release}
 License: GPLv2+
 URL: http://www.gnu.org/software/patch/patch.html
 Group: Development/Tools
 Source: ftp://ftp.gnu.org/gnu/patch/patch-%{version}.tar.xz
-Patch1000: CVE-2018-6952.patch
+Patch0: patch-2.7.6-avoid-set_file_attributes-sign-conversion-warnings.patch
+Patch1: patch-2.7.6-test-suite-compatibility-fixes.patch
+Patch2: patch-2.7.6-fix-korn-shell-incompatibility.patch
+Patch3: patch-2.7.6-fix-segfault-with-mangled-rename-patch.patch
+Patch4: patch-2.7.6-allow-input-files-to-be-missing-for-ed-style-patches.patch
+Patch5: patch-CVE-2018-1000156.patch
+Patch6: patch-2.7.6-CVE-2019-13638-invoked-ed-directly-instead-of-using-the-shell.patch
+Patch7: patch-2.7.6-switch-from-fork-execlp-to-execute.patch
+Patch8: patch-2.7.6-cleanups-in-do_ed_script.patch
+Patch9: patch-2.7.6-avoid-warnings-gcc8.patch
+Patch10: patch-2.7.6-check-of-return-value-of-fwrite.patch
+Patch11: patch-2.7.6-fix-ed-style-test-failure.patch
+Patch12: patch-2.7.6-dont-leak-temporary-file-on-failed-ed-style-patch.patch
+Patch13: patch-2.7.6-dont-leak-temporary-file-on-failed-multi-file-ed-style-patch.patch
+Patch14: patch-2.7.6-make-debug-output-more-useful.patch
+Patch15: patch-2.7.6-CVE-2018-6952-fix-swapping-fake-lines-in-pch_swap.patch
+Patch16: patch-2.7.6-improve_support_for_memory_leak_detection.patch
+Patch17: patch-2.7.6-skip-ed-test-when-the-ed-utility-is-not-installed.patch
+Patch18: patch-2.7.6-abort_when_cleaning_up_fails.patch
+Patch19: patch-2.7.6-crash-RLIMIT_NOFILE.patch
+Patch20: patch-2.7.6-CVE-2019-13636-symlinks.patch
+Patch21: patch-2.7.6-avoid-invalid-memory-access-in-context-format-diffs.patch
+Patch22: patch-2.7.6-CVE-2018-17942.patch
+Patch23: patch-2.7.6-failed_assertion.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-root
 BuildRequires: ed
@@ -39,11 +62,39 @@ patch は，アプリケーションをアップグレードする際に良く
 
 %prep
 %setup -q
-%patch1000 -p1 -b .CVE-2018-6952
+%patch0 -p1 -b .avoid-set_file_attributes-sign-conversion-warnings
+%patch1 -p1 -b .test-suite-compatibility-fixes
+%patch2 -p1 -b .fix-korn-shell-incompatibility
+%patch3 -p1 -b .fix-segfault-with-mangled-rename-patch
+%patch4 -p1 -b .allow-input-files-to-be-missing-for-ed-style-patches
+# CVE-2018-1000156, Malicious patch files cause ed to execute arbitrary commands
+
+%patch5 -p1 -b .CVE-2018-1000156
+%patch6 -p1 -b .CVE-2019-13638-invoked-ed-directly-instead-of-using-the-shell
+%patch7 -p1 -b .switch-from-fork-execlp-to-execute
+%patch8 -p1 -b .cleanups-in-do_ed_script
+%patch9 -p1 -b .avoid-warnings-gcc8
+%patch10 -p1 -b .check-of-return-value-of-fwrite
+%patch11 -p1 -b .fix-ed-style-test-failure
+%patch12 -p1 -b .dont-leak-temporary-file-on-failed-ed-style-patch
+%patch13 -p1 -b .dont-leak-temporary-file-on-failed-multi-file-ed-style-patch
+%patch14 -p1 -b .make-debug-output-more-useful
+%patch15 -p1 -b .CVE-2018-6952-fix-swapping-fake-lines-in-pch_swap
+%patch16 -p1 -b .improve_support_for_memory_leak_detection
+%patch17 -p1 -b .skip-ed-test-when-the-ed-utility-is-not-installed
+%patch18 -p1 -b .abort_when_cleaning_up_fails
+%patch19 -p1 -b .crash-RLIMIT_NOFILE
+%patch20 -p1 -b .CVE-2019-13636-symlinks
+%patch21 -p1 -b .avoid-invalid-memory-access-in-context-format-diffs
+# CVE-2018-17942 gnulib: heap-based buffer overflow
+%patch22 -p1 -b .CVE-2018-17942-gnulib_buffer_overflow
+%patch23 -p1 -b .failed_assertion
 
 %build
 CFLAGS="$RPM_OPT_FLAGS -D_GNU_SOURCE"
-%configure
+autoreconf
+
+%configure --disable-silent-rules
 
 # XXX unset CPPFLAGS on (ultra?)sparc to avoid large file system support
 %ifarch sparc sparc64
@@ -69,6 +120,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/*/*
 
 %changelog
+* Thu Aug 29 2019 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.7.6-2
+- replaced all patches with rawhide's.
+
 * Tue Mar 13 2018 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.7.6-1
 - new upstream release.
 - dropped all patches.