Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

patch-2.7.6-150000.5.3.1 RPM for x86_64

From OpenSuSE Leap 15.5 for x86_64

Name: patch Distribution: SUSE Linux Enterprise 15
Version: 2.7.6 Vendor: SUSE LLC <https://www.suse.com/>
Release: 150000.5.3.1 Build date: Thu May 12 16:26:46 2022
Group: Productivity/Text/Utilities Build host: goat10
Size: 249960 Source RPM: patch-2.7.6-150000.5.3.1.src.rpm
Packager: https://www.suse.com/
Url: http://ftp.gnu.org/gnu/patch/
Summary: GNU patch
The GNU patch program is used to apply diffs between original and
changed files (generated by the diff command) to the original files.

Provides

Requires

License

GPL-3.0+

Changelog

* Tue May 10 2022 jdelvare@suse.de
  - fix-swapping-fake-lines-in-pch_swap.patch: Fix swapping fake
    lines in pch_swap. This bug was causing a double free leading to
    a crash (boo#1080985 CVE-2018-6952).
  - abort-when-cleaning-up-fails.patch: Abort when cleaning up fails.
    This bug could cause an infinite loop when a patch wouldn't
    apply, leading to a segmentation fault (boo#1111572).
  - dont-follow-symlinks-unless-asked.patch: Don't follow symlinks
    unless --follow-symlinks is given. This increases the security
    against malicious patches (boo#1142041 CVE-2019-13636).
  - pass-the-correct-stat-to-backup-files.patch: Pass the correct
    stat to backup files. This bug would occasionally cause backup
    files to be missing when all hunks failed to apply (boo#1198106).
* Wed May 09 2018 jdelvare@suse.de
  - ed-style-07-dont-leak-tmp-file.patch,
    ed-style-08-dont-leak-tmp-file-multi.patch: Fix temporary file
    leak when applying ed-style patches (bsc#1092500,
    savannah#53820).
* Wed Apr 18 2018 jdelvare@suse.de
  - Add ed as BuildRequires so ed-style patches can be checked by
    the test suite.
* Wed Apr 18 2018 jdelvare@suse.de
  Fix CVE-2018-1000156 (bsc#1088420, savannah#53566).
  - ed-style-01-missing-input-files.patch: Allow input files to be
    missing for ed-style patches.
  - ed-style-02-fix-arbitrary-command-execution.patch,
    ed-style-03-update-test-Makefile.patch: Fix arbitrary command
    execution in ed-style patches.
  - ed-style-04-invoke-ed-directly.patch: Invoke ed directly instead
    of using the shell.
  - ed-style-05-minor-cleanups.patch: Minor cleanups in do_ed_script.
  - ed-style-06-fix-test-failure.patch: Fix 'ed-style' test failure.
* Thu Mar 22 2018 jdelvare@suse.de
  - Move COPYING from %doc to %license.
* Wed Mar 21 2018 jdelvare@suse.de
  - Add AUTHORS and COPYING to %doc.
  - fix-segfault-mangled-rename.patch: Fix segfault with mangled
    rename patch (bsc#1080951, CVE-2018-6951, savannah#53132).
* Wed Feb 07 2018 astieger@suse.com
  - patch 2.7.6:
    * Files specified on the command line are no longer verified to
      be inside the current working directory, so commands like
      "patch -i foo.diff ../foo" will work again
    * Fixes CVE-2016-10713 (Out-of-bounds access within
      pch_write_line() in pch.c could possibly lead to DoS via a
      crafted input file; bsc#1080918)
    * Various fixes
* Sat Mar 07 2015 jdelvare@suse.de
  - patch 2.7.5
    Fixes a functional regression introduced by the previous update.
    + Patching through symbolic links works again, as long as the
      target is within the working tree.
* Mon Feb 16 2015 jdelvare@suse.de
  - patch 2.7.4
    Fixes a functional regression introduced by the previous security
    fix. The security fix would forbid legitimate use cases of
    relative symbolic links.
    [boo#918058]
    + Allow arbitrary symlink targets again.
    + Do not change permissions if there isn't an explicit mode
      change.
    + Fix indentation heuristic for context diffs.
  - Please also note that the previous update fixed security bugs
    boo#915328 and boo#915329 even though it did not say so.
* Fri Jan 23 2015 andreas.stieger@gmx.de
  - patch 2.7.3
    Contains a security fix for a directory traversal flaw when
    handling git-style patches. This could allow an attacker to
    overwrite arbitrary files by applying a specially crafted patch.
    [boo#913678] [CVE-2015-1196]
    + With git-style patches, symlinks that point outside the working
      directory will no longer be created (CVE-2015-1196).
    + When a file isn't being deleted because the file contents don't
      match the patch, the resulting message is now "Not deleting
      file ... as content differs from patch" instead of "File ...
      is not empty after patch; not deleting".
    + Function names in hunks (from diff -p) are now preserved in
      reject files
      This change was previously added as a patch. [boo#904519]
  - Version 2.7.2 differed from the above only slightly.
  - packaging changes:
    + Verify source signatures
    + Removed patches now upstream:
    * error-report-crash.patch
    * reject-print-function-01-drop-useless-test.patch
    * reject-print-function-02-handle-unified-format.patch
    + run spec-cleaner
* Mon Nov 10 2014 jdelvare@suse.de
  - reject-print-function-01-drop-useless-test.patch: Drop useless
    test in another_hunk().
  - reject-print-function-02-handle-unified-format.patch: Preserve C
    function name in unified rejects (bnc#904519).

Files

/usr/bin/patch
/usr/share/doc/packages/patch
/usr/share/doc/packages/patch/AUTHORS
/usr/share/doc/packages/patch/NEWS
/usr/share/doc/packages/patch/README
/usr/share/licenses/patch
/usr/share/licenses/patch/COPYING
/usr/share/man/man1/patch.1.gz


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 9 18:11:13 2024