rpms
/
dpkg
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

real merge

Browse Source
epel9
Sérgio Basto 10 years ago
parent e52f386bfd
commit 14facc711a
8 changed files with 337 additions and 581 deletions
Show Stats Download Patch File Download Diff File

5
.gitignore vendored
Unescape View File

@ -1,2 +1,7 @@
dpkg_1.15.5.6.tar.bz2
/dpkg_1.15.5.6.tar.bz2
/dpkg_1.16.10.tar.xz
/dpkg_1.16.12.tar.xz
/dpkg_1.16.14.tar.xz
/dpkg_1.16.15.tar.xz
/dpkg_1.16.16.tar.xz

268
dpkg-change-libdir-path.patch
Unescape View File

@ -1,268 +0,0 @@
diff -ruN dpkg-1.15.5.6.orig/dselect/Makefile.in dpkg-1.15.5.6/dselect/Makefile.in
--- dpkg-1.15.5.6.orig/dselect/Makefile.in 2010-01-08 20:02:49.000000000 +0200
+++ dpkg-1.15.5.6/dselect/Makefile.in 2010-02-14 10:11:43.052023614 +0200
@@ -276,7 +276,7 @@
AM_CPPFLAGS = \
-DLOCALEDIR=\"$(localedir)\" \
-DADMINDIR=\"$(admindir)\" -DLIBDIR=\"$(pkglibdir)\" \
- -DLOCALLIBDIR=\"/usr/local/lib/dpkg\" \
+ -DLOCALLIBDIR=\"/usr/local/share/dpkg\" \
-idirafter $(top_srcdir)/lib/compat \
-iquote $(builddir) \
-I$(top_builddir) \
diff -ruN dpkg-1.15.5.6.orig/dselect/methods/Debian/Dselect/Ftp.pm dpkg-1.15.5.6/dselect/methods/Debian/Dselect/Ftp.pm
--- dpkg-1.15.5.6.orig/dselect/methods/Debian/Dselect/Ftp.pm 2010-01-08 10:00:34.000000000 +0200
+++ dpkg-1.15.5.6/dselect/methods/Debian/Dselect/Ftp.pm 2010-02-14 09:16:24.669895188 +0200
@@ -57,12 +57,12 @@
}
sub view_mirrors {
- if (-f '/usr/lib/dpkg/methods/ftp/README.mirrors.txt') {
- system('/usr/bin/pager', '/usr/lib/dpkg/methods/ftp/README.mirrors.txt');
- } elsif (-f '/usr/lib/dpkg/methods/ftp/README.mirrors.txt.gz') {
- system('gzip -dc /usr/lib/dpkg/methods/ftp/README.mirrors.txt.gz | pager');
+ if (-f '/usr/share/dpkg/methods/ftp/README.mirrors.txt') {
+ system('/usr/bin/pager', '/usr/share/dpkg/methods/ftp/README.mirrors.txt');
+ } elsif (-f '/usr/share/dpkg/methods/ftp/README.mirrors.txt.gz') {
+ system('gzip -dc /usr/share/dpkg/methods/ftp/README.mirrors.txt.gz | pager');
} else {
- print "/usr/lib/dpkg/methods/ftp/README.mirrors.txt(.gz): file not found.\n";
+ print "/usr/share/dpkg/methods/ftp/README.mirrors.txt(.gz): file not found.\n";
}
}
diff -ruN dpkg-1.15.5.6.orig/man/de/dpkg-parsechangelog.1 dpkg-1.15.5.6/man/de/dpkg-parsechangelog.1
--- dpkg-1.15.5.6.orig/man/de/dpkg-parsechangelog.1 2010-01-08 20:05:23.000000000 +0200
+++ dpkg-1.15.5.6/man/de/dpkg-parsechangelog.1 2010-02-14 09:22:07.409881825 +0200
@@ -30,8 +30,8 @@
\fB\-L\fP\fIlibverzeichnis\fP
Spezifiziere ein zusätzliches Verzeichnis, dass nach Parser\-Skripten
durchsucht werden soll. Diese Verzeichnis wird vor den
-Standardverzeichnissen (derzeit \fB/usr/local/lib/dpkg/parsechangelog\fP und
-\fB/usr/lib/dpkg/parsechangelog\fP) durchsucht.
+Standardverzeichnissen (derzeit \fB/usr/local/share/dpkg/parsechangelog\fP und
+\fB/usr/share/dpkg/parsechangelog\fP) durchsucht.
.TP
\fB\-h\fP, \fB\-\-help\fP
Zeige den Bedienungshinweis und beende.
diff -ruN dpkg-1.15.5.6.orig/man/dpkg-parsechangelog.1 dpkg-1.15.5.6/man/dpkg-parsechangelog.1
--- dpkg-1.15.5.6.orig/man/dpkg-parsechangelog.1 2010-01-08 10:00:34.000000000 +0200
+++ dpkg-1.15.5.6/man/dpkg-parsechangelog.1 2010-02-14 09:17:34.013861295 +0200
@@ -28,8 +28,8 @@
Specify an additional directory to search for parser scripts.
This directory is searched before the default directories
which are currently
-.BR /usr/local/lib/dpkg/parsechangelog " and "
-.BR /usr/lib/dpkg/parsechangelog .
+.BR /usr/share/dpkg/parsechangelog " and "
+.BR /usr/local/share/dpkg/parsechangelog .
.TP
.BR \-h ", " \-\-help
Show the usage message and exit.
diff -ruN dpkg-1.15.5.6.orig/man/fr/dpkg-parsechangelog.1 dpkg-1.15.5.6/man/fr/dpkg-parsechangelog.1
--- dpkg-1.15.5.6.orig/man/fr/dpkg-parsechangelog.1 2010-01-08 20:05:23.000000000 +0200
+++ dpkg-1.15.5.6/man/fr/dpkg-parsechangelog.1 2010-02-14 09:22:29.321880079 +0200
@@ -29,8 +29,8 @@
\fB\-L\fP\fIrep_lib\fP
Spécifie un répertoire supplémentaire pour la recherche de scripts
d'analyse. Ce répertoire est examiné avant les répertoires par défaut qui
-sont \fB/usr/local/lib/dpkg/parsechangelog\fP et
-\fB/usr/lib/dpkg/parsechangelog\fP.
+sont \fB/usr/local/share/dpkg/parsechangelog\fP et
+\fB/usr/share/dpkg/parsechangelog\fP.
.TP
\fB\-h\fP, \fB\-\-help\fP
Affiche un message d'aide puis quitte.
diff -ruN dpkg-1.15.5.6.orig/man/pl/dpkg-parsechangelog.1 dpkg-1.15.5.6/man/pl/dpkg-parsechangelog.1
--- dpkg-1.15.5.6.orig/man/pl/dpkg-parsechangelog.1 2010-01-08 20:05:23.000000000 +0200
+++ dpkg-1.15.5.6/man/pl/dpkg-parsechangelog.1 2010-02-14 09:21:02.338880496 +0200
@@ -29,8 +29,8 @@
\fB\-L\fP\fIkatalog\-lib\fP
Okre¶la dodatkowy katalog, w którym bêd± wyszukiwane skrypty
parsera. Katalog ten jest przeszukiwany przed domy¶lnymi katalogami, którymi
-obecnie s± \fB/usr/local/lib/dpkg/parsechangelog\fP oraz
-\fB/usr/lib/dpkg/parsechangelog\fP.
+obecnie s± \fB/usr/local/share/dpkg/parsechangelog\fP oraz
+\fB/usr/share/dpkg/parsechangelog\fP.
.TP
\fB\-h\fP, \fB\-\-help\fP
Wy¶wietla informacjê o u¿ytkowaniu i koñczy dzia³anie.
diff -ruN dpkg-1.15.5.6.orig/man/po/de.po dpkg-1.15.5.6/man/po/de.po
--- dpkg-1.15.5.6.orig/man/po/de.po 2010-01-08 20:05:23.000000000 +0200
+++ dpkg-1.15.5.6/man/po/de.po 2010-02-14 09:26:20.671868793 +0200
@@ -7747,12 +7747,12 @@
msgid ""
"Specify an additional directory to search for parser scripts. This "
"directory is searched before the default directories which are currently B</"
-"usr/local/lib/dpkg/parsechangelog> and B</usr/lib/dpkg/parsechangelog>."
+"usr/local/share/dpkg/parsechangelog> and B</usr/share/dpkg/parsechangelog>."
msgstr ""
"Spezifiziere ein zusätzliches Verzeichnis, dass nach Parser-Skripten "
"durchsucht werden soll. Diese Verzeichnis wird vor den "
-"Standardverzeichnissen (derzeit B</usr/local/lib/dpkg/parsechangelog> und B</"
-"usr/lib/dpkg/parsechangelog>) durchsucht."
+"Standardverzeichnissen (derzeit B</usr/local/share/dpkg/parsechangelog> und B</"
+"usr/share/dpkg/parsechangelog>) durchsucht."
#. type: SS
#: dpkg-parsechangelog.1:39
diff -ruN dpkg-1.15.5.6.orig/man/po/dpkg-man.pot dpkg-1.15.5.6/man/po/dpkg-man.pot
--- dpkg-1.15.5.6.orig/man/po/dpkg-man.pot 2010-01-08 19:23:01.000000000 +0200
+++ dpkg-1.15.5.6/man/po/dpkg-man.pot 2010-02-14 09:30:59.909878930 +0200
@@ -6216,7 +6216,7 @@
msgid ""
"Specify an additional directory to search for parser scripts. This "
"directory is searched before the default directories which are currently "
-"B</usr/local/lib/dpkg/parsechangelog> and B</usr/lib/dpkg/parsechangelog>."
+"B</usr/local/share/dpkg/parsechangelog> and B</usr/share/dpkg/parsechangelog>."
msgstr ""
#. type: SS
diff -ruN dpkg-1.15.5.6.orig/man/po/es.po dpkg-1.15.5.6/man/po/es.po
--- dpkg-1.15.5.6.orig/man/po/es.po 2010-01-08 20:05:23.000000000 +0200
+++ dpkg-1.15.5.6/man/po/es.po 2010-02-14 09:30:16.053872999 +0200
@@ -7517,7 +7517,7 @@
msgid ""
"Specify an additional directory to search for parser scripts. This "
"directory is searched before the default directories which are currently B</"
-"usr/local/lib/dpkg/parsechangelog> and B</usr/lib/dpkg/parsechangelog>."
+"usr/local/share/dpkg/parsechangelog> and B</usr/share/dpkg/parsechangelog>."
msgstr ""
#. type: SS
diff -ruN dpkg-1.15.5.6.orig/man/po/fr.po dpkg-1.15.5.6/man/po/fr.po
--- dpkg-1.15.5.6.orig/man/po/fr.po 2010-01-08 20:05:23.000000000 +0200
+++ dpkg-1.15.5.6/man/po/fr.po 2010-02-14 09:24:19.351874142 +0200
@@ -7737,11 +7737,11 @@
msgid ""
"Specify an additional directory to search for parser scripts. This "
"directory is searched before the default directories which are currently B</"
-"usr/local/lib/dpkg/parsechangelog> and B</usr/lib/dpkg/parsechangelog>."
+"usr/local/share/dpkg/parsechangelog> and B</usr/share/dpkg/parsechangelog>."
msgstr ""
"Spécifie un répertoire supplémentaire pour la recherche de scripts "
"d'analyse. Ce répertoire est examiné avant les répertoires par défaut qui "
-"sont B</usr/local/lib/dpkg/parsechangelog> et B</usr/lib/dpkg/"
+"sont B</usr/local/share/dpkg/parsechangelog> et B</usr/share/dpkg/"
"parsechangelog>."
#. type: SS
diff -ruN dpkg-1.15.5.6.orig/man/po/hu.po dpkg-1.15.5.6/man/po/hu.po
--- dpkg-1.15.5.6.orig/man/po/hu.po 2010-01-08 20:05:23.000000000 +0200
+++ dpkg-1.15.5.6/man/po/hu.po 2010-02-14 09:26:50.311874455 +0200
@@ -6542,7 +6542,7 @@
msgid ""
"Specify an additional directory to search for parser scripts. This "
"directory is searched before the default directories which are currently B</"
-"usr/local/lib/dpkg/parsechangelog> and B</usr/lib/dpkg/parsechangelog>."
+"usr/local/share/dpkg/parsechangelog> and B</usr/share/dpkg/parsechangelog>."
msgstr ""
#. type: SS
diff -ruN dpkg-1.15.5.6.orig/man/po/ja.po dpkg-1.15.5.6/man/po/ja.po
--- dpkg-1.15.5.6.orig/man/po/ja.po 2010-01-08 20:05:23.000000000 +0200
+++ dpkg-1.15.5.6/man/po/ja.po 2010-02-14 09:28:46.064874305 +0200
@@ -7055,7 +7055,7 @@
msgid ""
"Specify an additional directory to search for parser scripts. This "
"directory is searched before the default directories which are currently B</"
-"usr/local/lib/dpkg/parsechangelog> and B</usr/lib/dpkg/parsechangelog>."
+"usr/local/share/dpkg/parsechangelog> and B</usr/share/dpkg/parsechangelog>."
msgstr ""
#. type: SS
diff -ruN dpkg-1.15.5.6.orig/man/po/pl.po dpkg-1.15.5.6/man/po/pl.po
--- dpkg-1.15.5.6.orig/man/po/pl.po 2010-01-08 20:05:23.000000000 +0200
+++ dpkg-1.15.5.6/man/po/pl.po 2010-02-14 09:27:38.024873694 +0200
@@ -7819,11 +7819,11 @@
msgid ""
"Specify an additional directory to search for parser scripts. This "
"directory is searched before the default directories which are currently B</"
-"usr/local/lib/dpkg/parsechangelog> and B</usr/lib/dpkg/parsechangelog>."
+"usr/local/share/dpkg/parsechangelog> and B</usr/share/dpkg/parsechangelog>."
msgstr ""
"OkreÅla dodatkowy katalog, w którym bÄ™dÄ… wyszukiwane skrypty parsera. "
"Katalog ten jest przeszukiwany przed domyÅlnymi katalogami, którymi obecnie "
-"sÄ… B</usr/local/lib/dpkg/parsechangelog> oraz B</usr/lib/dpkg/"
+"sÄ… B</usr/local/share/dpkg/parsechangelog> oraz B</usr/share/dpkg/"
"parsechangelog>."
#. type: SS
diff -ruN dpkg-1.15.5.6.orig/man/po/pt_BR.po dpkg-1.15.5.6/man/po/pt_BR.po
--- dpkg-1.15.5.6.orig/man/po/pt_BR.po 2010-01-08 20:05:23.000000000 +0200
+++ dpkg-1.15.5.6/man/po/pt_BR.po 2010-02-14 09:28:12.583874117 +0200
@@ -6687,7 +6687,7 @@
msgid ""
"Specify an additional directory to search for parser scripts. This "
"directory is searched before the default directories which are currently B</"
-"usr/local/lib/dpkg/parsechangelog> and B</usr/lib/dpkg/parsechangelog>."
+"usr/local/share/dpkg/parsechangelog> and B</usr/share/dpkg/parsechangelog>."
msgstr ""
#. type: SS
diff -ruN dpkg-1.15.5.6.orig/man/po/ru.po dpkg-1.15.5.6/man/po/ru.po
--- dpkg-1.15.5.6.orig/man/po/ru.po 2010-01-08 20:05:23.000000000 +0200
+++ dpkg-1.15.5.6/man/po/ru.po 2010-02-14 09:25:17.556873843 +0200
@@ -6823,7 +6823,7 @@
msgid ""
"Specify an additional directory to search for parser scripts. This "
"directory is searched before the default directories which are currently B</"
-"usr/local/lib/dpkg/parsechangelog> and B</usr/lib/dpkg/parsechangelog>."
+"usr/local/share/dpkg/parsechangelog> and B</usr/share/dpkg/parsechangelog>."
msgstr ""
#. type: SS
diff -ruN dpkg-1.15.5.6.orig/man/po/sv.po dpkg-1.15.5.6/man/po/sv.po
--- dpkg-1.15.5.6.orig/man/po/sv.po 2010-01-08 20:05:23.000000000 +0200
+++ dpkg-1.15.5.6/man/po/sv.po 2010-02-14 09:29:32.735874132 +0200
@@ -7552,11 +7552,11 @@
msgid ""
"Specify an additional directory to search for parser scripts. This "
"directory is searched before the default directories which are currently B</"
-"usr/local/lib/dpkg/parsechangelog> and B</usr/lib/dpkg/parsechangelog>."
+"usr/local/share/dpkg/parsechangelog> and B</usr/share/dpkg/parsechangelog>."
msgstr ""
"Ange en ytterligare katalog att söka i efter parserskript. Katalogen söks "
-"genom innan standardkatalogerna, vilka för närvarande är B</usr/local/lib/"
-"dpkg/parsechangelog> och B</usr/lib/dpkg/parsechangelog>."
+"genom innan standardkatalogerna, vilka för närvarande är B</usr/local/share/"
+"dpkg/parsechangelog> och B</usr/share/dpkg/parsechangelog>."
#. type: SS
#: dpkg-parsechangelog.1:39
diff -ruN dpkg-1.15.5.6.orig/man/sv/dpkg-parsechangelog.1 dpkg-1.15.5.6/man/sv/dpkg-parsechangelog.1
--- dpkg-1.15.5.6.orig/man/sv/dpkg-parsechangelog.1 2010-01-08 20:05:23.000000000 +0200
+++ dpkg-1.15.5.6/man/sv/dpkg-parsechangelog.1 2010-02-14 09:22:54.488880085 +0200
@@ -29,7 +29,7 @@
\fB\-L\fP\fIbibliotekskatalog\fP
Ange en ytterligare katalog att söka i efter parserskript. Katalogen söks
genom innan standardkatalogerna, vilka för närvarande är
-\fB/usr/local/lib/dpkg/parsechangelog\fP och \fB/usr/lib/dpkg/parsechangelog\fP.
+\fB/usr/local/share/dpkg/parsechangelog\fP och \fB/usr/share/dpkg/parsechangelog\fP.
.TP
\fB\-h\fP, \fB\-\-help\fP
Visar hjälpskärm och avslutar.
diff -ruN dpkg-1.15.5.6.orig/scripts/Dpkg/Changelog/Parse.pm dpkg-1.15.5.6/scripts/Dpkg/Changelog/Parse.pm
--- dpkg-1.15.5.6.orig/scripts/Dpkg/Changelog/Parse.pm 2010-01-08 10:00:34.000000000 +0200
+++ dpkg-1.15.5.6/scripts/Dpkg/Changelog/Parse.pm 2010-02-14 09:14:27.550879827 +0200
@@ -50,7 +50,7 @@
The parsing itself is done by an external program (searched in the
following list of directories: $opt{libdir},
-/usr/local/lib/dpkg/parsechangelog, /usr/lib/dpkg/parsechangelog) That
+/usr/local/share/dpkg/parsechangelogusr) That
program is named according to the format that it's able to parse. By
default it's either "debian" or the format name lookep up in the 40 last
lines of the changelog itself (extracted with this perl regular expression
@@ -70,9 +70,8 @@
sub changelog_parse {
my (%options) = @_;
- my @parserpath = ("/usr/local/lib/dpkg/parsechangelog",
- "$dpkglibdir/parsechangelog",
- "/usr/lib/dpkg/parsechangelog");
+ my @parserpath = ( "$dpkglibdir/parsechangelog",
+ "/usr/local/share/dpkg/parsechangelog");
my $format = "debian";
my $changelogfile = "debian/changelog";
my $force = 0;

398
dpkg.spec
Unescape View File

@ -1,6 +1,9 @@
%global pkgconfdir %{_sysconfdir}/dpkg
%global pkgdatadir %{_datadir}/dpkg
Name: dpkg
Version: 1.15.5.6
Release: 6%{?dist}
Version: 1.16.16
Release: 2%{?dist}
Summary: Package maintenance system for Debian Linux
Group: System Environment/Base
# The entire source code is GPLv2+ with exception of the following
@ -11,19 +14,20 @@ Group: System Environment/Base
# lib/compat/obstack.h, lib/compat/gettext.h,lib/compat/obstack.c - LGPLv2+
License: GPLv2 and GPLv2+ and LGPLv2+ and Public Domain and BSD
URL: http://packages.debian.org/unstable/admin/dpkg
Source0: http://ftp.debian.org/debian/pool/main/d/dpkg/%{name}_%{version}.tar.bz2
# obtained from dpkg-source -x dpkg_1.15.5.6.dsc
Source1: dpkg.archtable
# Fedora specific patch to store files under /usr/share/dpkg, not these are not binary
# libs. and set user search path to /usr/local/share/dpkg
Patch1: dpkg-change-libdir-path.patch
# Fixes CVE-2010-0396 bugzilla #572522
Patch2: fedora-fix-CVE-2010-0396-00.patch
Patch3: fedora-fix-CVE-2010-0396-01.patch
Patch4: fedora-bug642160-empty-argv.patch
Patch5: fedora-fix-CVE-2010-1679_CVE-2011-0402.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: zlib-devel, bzip2-devel, libselinux-devel, gettext, ncurses-devel
Source0: http://ftp.debian.org/debian/pool/main/d/dpkg/%{name}_%{version}.tar.xz
Patch1: dpkg-fix-logrotate.patch
BuildRequires: zlib-devel bzip2-devel libselinux-devel gettext ncurses-devel
BuildRequires: autoconf automake gettext-devel
BuildRequires: doxygen flex xz-devel po4a
%if 0%{?rhel} != 5 && 0%{?rhel} != 6
BuildRequires: dotconf-devel
%endif
# for /usr/bin/pod2man
%if 0%{?fedora} > 18
BuildRequires: perl-podlators
%else
BuildRequires: perl
%endif
%description
@ -40,16 +44,57 @@ dpkg and dselect will certainly be non-functional on a rpm-based system
because packages dependencies will likely be unmet.
%package devel
Summary: Debian package management static library
Group: Development/System
Provides: dpkg-static = %{version}-%{release}
%description devel
This package provides the header files and static library necessary to
develop software using dpkg, the same library used internally by dpkg.
Note though, that the API is to be considered volatile, and might change
at any time, use at your own risk.
%package dev
Summary: Debian package development tools
Group: Development/System
Requires: %{name} = %{version}-%{release}
Requires: perl, patch, make, binutils, bzip2, lzma
Requires: dpkg-perl = %{version}-%{release}
Requires: patch, make, binutils, bzip2, lzma, xz
Obsoletes: dpkg-devel < 1.16
BuildArch: noarch
%description devel
%description dev
This package provides the development tools (including dpkg-source).
Required to unpack, build and upload Debian source packages
%package perl
Summary: Dpkg perl modules
Group: System Environment/Base
Requires: dpkg = %{version}-%{release}
Requires: perl, perl-TimeDate
BuildArch: noarch
%description perl
This package provides the perl modules used by the scripts
in dpkg-dev. They cover a wide range of functionalities. Among them
there are the following modules:
- Dpkg::Arch: manipulate Debian architecture information
- Dpkg::BuildOptions: parse and manipulate DEB_BUILD_OPTIONS
- Dpkg::Changelog: parse Debian changelogs
- Dpkg::Checksums: generate and parse checksums
- Dpkg::Compression::Process: wrapper around compression tools
- Dpkg::Compression::FileHandle: transparently (de)compress files
- Dpkg::Control: parse and manipulate Debian control information
(.dsc, .changes, Packages/Sources entries, etc.)
- Dpkg::Deps: parse and manipulate dependencies
- Dpkg::ErrorHandling: common error functions
- Dpkg::Index: collections of Dpkg::Control (Packages/Sources files for
example)
- Dpkg::IPC: spawn sub-processes and feed/retrieve data
- Dpkg::Substvars: substitute variables in strings
- Dpkg::Vendor: identify current distribution vendor
- Dpkg::Version: parse and manipulate Debian package versions
%package -n dselect
Summary: Debian package management front-end
@ -61,12 +106,7 @@ dselect is a high-level interface for the installation/removal of debs .
%prep
%setup -q
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
# Filter unwanted Requires:
cat << \EOF > %{name}-req
@ -79,79 +119,159 @@ EOF
chmod +x %{__perl_requires}
%build
%configure --without-start-stop-daemon \
%if 0%{?rhel} != 5 && 0%{?rhel} != 6
autoreconf -fiv
%endif
%configure --disable-start-stop-daemon \
--disable-linker-optimisations \
--with-admindir=%{_localstatedir}/lib/dpkg \
--libdir=%{_datadir} \
--with-selinux \
--with-zlib \
--with-bz2 \
--disable-silent-rules
--with-bz2
make %{?_smp_mflags}
%install
rm -rf $RPM_BUILD_ROOT
make install DESTDIR=$RPM_BUILD_ROOT
install -pm0644 %SOURCE1 $RPM_BUILD_ROOT/%{_datadir}/dpkg/archtable
make install DESTDIR=%{buildroot}
mkdir -p %{buildroot}/%{pkgconfdir}/dpkg.cfg.d
mkdir -p %{buildroot}/%{pkgconfdir}/dselect.cfg.d
mkdir -p %{buildroot}/%{pkgconfdir}/origins
# Prepare "vendor" files for dpkg-vendor
cat <<EOF > %{buildroot}/%{pkgconfdir}/origins/fedora
Vendor: Fedora
Vendor-URL: http://www.fedoraproject.org/
Bugs: https://bugzilla.redhat.com
EOF
%if 0%{?fedora}
ln -sf fedora %{buildroot}/%{pkgconfdir}/origins/default
%endif
# from debian/dpkg.install
install -pm0644 debian/archtable %{buildroot}/%{pkgdatadir}/archtable
install -pm0644 debian/dpkg.cfg %{buildroot}/%{pkgconfdir}
install -pm0644 debian/shlibs.default %{buildroot}/%{pkgconfdir}
install -pm0644 debian/shlibs.override %{buildroot}/%{pkgconfdir}
# patched debian/dpkg.logrotate
mkdir -p %{buildroot}/%{_sysconfdir}/logrotate.d
install -pm0644 debian/dpkg.logrotate %{buildroot}/%{_sysconfdir}/logrotate.d/%{name}
%find_lang dpkg
%find_lang dpkg-dev
%find_lang dselect
# fedora has its own implementation
rm -rf $RPM_BUILD_ROOT%{_bindir}/update-alternatives
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/alternatives/
rm %{buildroot}%{_bindir}/update-alternatives
rm %{buildroot}%{_mandir}/man8/update-alternatives.8
rm -rf %{buildroot}%{_mandir}/*/man8/update-alternatives.8
rm -rf %{buildroot}%{_sysconfdir}/alternatives/
%clean
rm -rf $RPM_BUILD_ROOT
#fedora has own implemenation
#FIXME should we remove this ?
rm -rf %{buildroot}%{_sbindir}/install-info
mkdir -p %{buildroot}/var/lib/dpkg/alternatives %{buildroot}/var/lib/dpkg/info \
%{buildroot}/var/lib/dpkg/parts %{buildroot}/var/lib/dpkg/updates \
%{buildroot}/var/lib/dpkg/methods
%post
# from dpkg.postinst
# Create the database files if they don't already exist
create_database() {
admindir=${DPKG_ADMINDIR:-/var/lib/dpkg}
for file in diversions statoverride status; do
if [ ! -f "$admindir/$file" ]; then
touch "$admindir/$file"
fi
done
}
# Create log file and set default permissions if possible
create_logfile() {
logfile=/var/log/dpkg.log
touch $logfile
chmod 644 $logfile
chown root:root $logfile 2>/dev/null || chown 0:0 $logfile
}
create_database
create_logfile
%files -f dpkg.lang
%defattr(-,root,root,-)
%doc debian/changelog README AUTHORS COPYING THANKS TODO
%dir %{_sysconfdir}/dpkg
%doc debian/changelog README AUTHORS THANKS TODO
%doc debian/copyright debian/usertags
%doc doc/README.feature-removal-schedule doc/triggers.txt
%dir %{pkgconfdir}
%dir %{pkgconfdir}/dpkg.cfg.d
%dir %{pkgconfdir}/origins
%config(noreplace) %{pkgconfdir}/dpkg.cfg
%config(noreplace) %{pkgconfdir}/origins/*
%config(noreplace) %{_sysconfdir}/logrotate.d/dpkg
%{_bindir}/dpkg
%{_bindir}/dpkg-deb
%{_bindir}/dpkg-maintscript-helper
%{_bindir}/dpkg-query
%{_bindir}/dpkg-split
%{_bindir}/dpkg-trigger
%{_bindir}/dpkg-divert
%{_bindir}/dpkg-statoverride
%{_sbindir}/*
%dir %{_datadir}/dpkg
%{_datadir}/dpkg/mksplit
%{_datadir}/dpkg/archtable
%{_datadir}/dpkg/cputable
%{_datadir}/dpkg/ostable
%{_datadir}/dpkg/triplettable
%{perl_vendorlib}/Dpkg.pm
%dir %{perl_vendorlib}/Dpkg
%{perl_vendorlib}/Dpkg/Gettext.pm
%{_libdir}/dpkg/parsechangelog
%dir %{pkgdatadir}
%{pkgdatadir}/abitable
%{pkgdatadir}/archtable
%{pkgdatadir}/cputable
%{pkgdatadir}/ostable
%{pkgdatadir}/triplettable
%dir /var/lib/dpkg/alternatives
%dir /var/lib/dpkg/info
%dir /var/lib/dpkg/parts
%dir /var/lib/dpkg/updates
%{_mandir}/man1/dpkg.1.gz
%{_mandir}/man1/dpkg-deb.1.gz
%{_mandir}/man1/dpkg-maintscript-helper.1.gz
%{_mandir}/man1/dpkg-query.1.gz
%{_mandir}/man1/dpkg-split.1.gz
%{_mandir}/man1/dpkg-trigger.1.gz
%{_mandir}/man1/dpkg.1.gz
%{_mandir}/man5/dpkg.cfg.5.gz
%{_mandir}/man8/dpkg-divert.8.gz
%{_mandir}/man8/dpkg-statoverride.8.gz
#fedora has own implemenation
%exclude %{_sbindir}/install-info
#fedora has own implemenation
%exclude %{_mandir}/man8/update-alternatives.8.gz
%{_mandir}/*/man1/dpkg.1.gz
%{_mandir}/*/man1/dpkg-deb.1.gz
%{_mandir}/*/man1/dpkg-maintscript-helper.1.gz
%{_mandir}/*/man1/dpkg-query.1.gz
%{_mandir}/*/man1/dpkg-split.1.gz
%{_mandir}/*/man1/dpkg-trigger.1.gz
%{_mandir}/*/man5/dpkg.cfg.5.gz
%{_mandir}/*/man8/dpkg-divert.8.gz
%{_mandir}/*/man8/dpkg-statoverride.8.gz
%files devel
%defattr(-,root,root,-)
%{_libdir}/libdpkg.a
%{_libdir}/pkgconfig/libdpkg.pc
%{_includedir}/dpkg/*.h
%files devel -f dpkg-dev.lang
%files dev
%defattr(-,root,root,-)
%doc doc/README.api
%doc doc/README.api doc/coding-style.txt doc/frontend.txt
%config(noreplace) %{pkgconfdir}/shlibs.default
%config(noreplace) %{pkgconfdir}/shlibs.override
%{_bindir}/dpkg-architecture
%{_bindir}/dpkg-buildpackage
%{_bindir}/dpkg-buildflags
%{_bindir}/dpkg-checkbuilddeps
%{_bindir}/dpkg-distaddfile
%{_bindir}/dpkg-genchanges
%{_bindir}/dpkg-gencontrol
%{_bindir}/dpkg-gensymbols
%{_bindir}/dpkg-mergechangelogs
%{_bindir}/dpkg-name
%{_bindir}/dpkg-parsechangelog
%{_bindir}/dpkg-scanpackages
@ -159,22 +279,16 @@ rm -rf $RPM_BUILD_ROOT
%{_bindir}/dpkg-shlibdeps
%{_bindir}/dpkg-source
%{_bindir}/dpkg-vendor
%dir %{_datadir}/dpkg/parsechangelog
%{_datadir}/dpkg/parsechangelog/*
%exclude %{perl_vendorlib}/Dpkg/Gettext.pm
%{perl_vendorlib}/Dpkg/*.pm
%{perl_vendorlib}/Dpkg/Changelog
%{perl_vendorlib}/Dpkg/Shlibs
%{perl_vendorlib}/Dpkg/Source
%{perl_vendorlib}/Dpkg/Vendor
%{perl_vendorlib}/Dpkg/Control
%{pkgdatadir}/*.mk
%{_mandir}/man1/dpkg-architecture.1.gz
%{_mandir}/man1/dpkg-buildflags.1.gz
%{_mandir}/man1/dpkg-buildpackage.1.gz
%{_mandir}/man1/dpkg-checkbuilddeps.1.gz
%{_mandir}/man1/dpkg-distaddfile.1.gz
%{_mandir}/man1/dpkg-genchanges.1.gz
%{_mandir}/man1/dpkg-gencontrol.1.gz
%{_mandir}/man1/dpkg-gensymbols.1.gz
%{_mandir}/man1/dpkg-mergechangelogs.1.gz
%{_mandir}/man1/dpkg-name.1.gz
%{_mandir}/man1/dpkg-parsechangelog.1.gz
%{_mandir}/man1/dpkg-scanpackages.1.gz
@ -183,28 +297,178 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man1/dpkg-source.1.gz
%{_mandir}/man1/dpkg-vendor.1.gz
%{_mandir}/man5/deb-control.5.gz
%{_mandir}/man5/deb-extra-override.5.gz
%{_mandir}/man5/deb-old.5.gz
%{_mandir}/man5/deb-origin.5.gz
%{_mandir}/man5/deb-override.5.gz
%{_mandir}/man5/deb-extra-override.5.gz
%{_mandir}/man5/deb-shlibs.5.gz
%{_mandir}/man5/deb-split.5.gz
%{_mandir}/man5/deb-src-control.5.gz
%{_mandir}/man5/deb-substvars.5.gz
%{_mandir}/man5/deb-symbols.5.gz
%{_mandir}/man5/deb-triggers.5.gz
%{_mandir}/man5/deb-version.5.gz
%{_mandir}/man5/deb.5.gz
%{_mandir}/*/man1/dpkg-architecture.1.gz
%{_mandir}/*/man1/dpkg-buildpackage.1.gz
%{_mandir}/*/man1/dpkg-buildflags.1.gz
%{_mandir}/*/man1/dpkg-checkbuilddeps.1.gz
%{_mandir}/*/man1/dpkg-distaddfile.1.gz
%{_mandir}/*/man1/dpkg-genchanges.1.gz
%{_mandir}/*/man1/dpkg-gencontrol.1.gz
%{_mandir}/*/man1/dpkg-gensymbols.1.gz
%{_mandir}/*/man1/dpkg-mergechangelogs.1.gz
%{_mandir}/*/man1/dpkg-name.1.gz
%{_mandir}/*/man1/dpkg-parsechangelog.1.gz
%{_mandir}/*/man1/dpkg-scanpackages.1.gz
%{_mandir}/*/man1/dpkg-scansources.1.gz
%{_mandir}/*/man1/dpkg-shlibdeps.1.gz
%{_mandir}/*/man1/dpkg-source.1.gz
%{_mandir}/*/man1/dpkg-vendor.1.gz
%{_mandir}/*/man5/deb-control.5.gz
%{_mandir}/*/man5/deb-extra-override.5.gz
%{_mandir}/*/man5/deb-old.5.gz
%{_mandir}/*/man5/deb-origin.5.gz
%{_mandir}/*/man5/deb-override.5.gz
%{_mandir}/*/man5/deb-shlibs.5.gz
%{_mandir}/*/man5/deb-split.5.gz
%{_mandir}/*/man5/deb-src-control.5.gz
%{_mandir}/*/man5/deb-substvars.5.gz
%{_mandir}/*/man5/deb-symbols.5.gz
%{_mandir}/*/man5/deb-triggers.5.gz
%{_mandir}/*/man5/deb-version.5.gz
%{_mandir}/*/man5/deb.5.gz
%files perl -f dpkg-dev.lang
%defattr(-,root,root,-)
%{perl_vendorlib}/Dpkg*
%{_mandir}/man3/Dpkg*.3*
%files -n dselect -f dselect.lang
%defattr(-,root,root,-)
%doc dselect/methods/multicd/README.multicd dselect/methods/ftp/README.mirrors.txt
%{_bindir}/dselect
%{perl_vendorlib}/Debian
%{_datadir}/dpkg/methods
%{_mandir}/man*/dselect*.gz
%{_libdir}/dpkg/methods
%{_mandir}/man1/dselect.1.gz
%{_mandir}/*/man1/dselect.1.gz
%{_mandir}/man5/dselect.cfg.5.gz
%{_mandir}/*/man5/dselect.cfg.5.gz
%dir %{pkgconfdir}/dselect.cfg.d
/var/lib/dpkg/methods
%changelog
* Tue Apr 21 2015 Sérgio Basto <sergio@serjux.com> - 1.16.16-2
- some fixes and support for epel-6
* Sun Apr 19 2015 Sérgio Basto <sergio@serjux.com> - 1.16.16-1
- Security update to 1.16.16
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.16.15-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Mon Jun 23 2014 Sérgio Basto <sergio@serjux.com> - 1.16.15-1
- Update to 1.16.15, fixes: CVE-2014-3864, CVE-2014-3865 , rhbz #1103026
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.16.14-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat May 10 2014 Sérgio Basto <sergio@serjux.com> - 1.16.14-1
- Update to 1.16.14, fixes CVE-2014-0471, rhbz #1092210 .
* Wed Oct 16 2013 Sérgio Basto <sergio@serjux.com> - 1.16.12-1
- Update to 1.16.12
- added /etc/dpkg/origins/... , by Oron Peled, rhbz #973832
- fix few files listed twice.
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.16.10-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Jul 17 2013 Petr Pisar <ppisar@redhat.com> - 1.16.10-7
- Perl 5.18 rebuild
* Mon Jul 01 2013 Sérgio Basto <sergio@serjux.com> - 1.16.10-6
- add support to logrotate, by Oron Peled, rhbz #979378
- added some new %doc and debian/copyright, by Oron Peled, rhbz #979378
- rpmlint cleanups, by Oron Peled, rhbz #979378
* Sun Jun 30 2013 Sérgio Basto <sergio@serjux.com> - 1.16.10-5
- rhbz #979378
- Obsolete the old dpkg-devel.noarch (replaced by dpkg-dev)
(Obsoletes: dpkg-devel < 1.16)
- Readd to dpkg-perl: Requires: dpkg = <version>-<release>
- Patchset Signed-off-by: Oron Peled
- [PATCH 1/4] move dpkg.cfg from /etc to /etc/dpkg
- [PATCH 2/4] fix some pkgdatadir, pkgconfdir file locations
- [PATCH 3/4] move "dpkg-dev.mo" files to dpkg-perl
- [PATCH 4/4] minor fix to dpkg-perl ownerships
- move from dpkg to dpkg-dev, rhbz #979378
- dpkg-mergechangelogs and its man-pages
- dpkg-buildflags and its man-pages
- remove man pages dups, also rhbz #979378
dpkg-architecture.1.gz
dpkg-buildflags.1.gz
dpkg-buildpackage.1.gz
dpkg-checkbuilddeps.1.gz
dpkg-distaddfile.1.gz
dpkg-genchanges.1.gz
dpkg-gencontrol.1.gz
dpkg-gensymbols.1.gz
dpkg-mergechangelogs.1.gz
dpkg-name.1.gz
dpkg-parsechangelog.1.gz
dpkg-scanpackages.1.gz
dpkg-scansources.1.gz
dpkg-shlibdeps.1.gz
dpkg-source.1.gz
dpkg-vendor.1.gz
* Sun Jun 02 2013 Sérgio Basto <sergio@serjux.com> - 1.16.10-4
- provided virtual -static package rhbz #967215
* Tue May 21 2013 Sérgio Basto <sergio@serjux.com> - 1.16.10-3
- Copied from dpkg-1.16.10/debian/dpkg.postinst, on post install, runs create_database, create_logfile.
- Based on dpkg.install and dselect.install
created some missing directories in /var/lib/dpkg and in /etc/dpkg .
- Drop Requirement dpkg of dpkg-perl.
- Fix a FIXME , all perls moved to dpkg-perl.
- TODO: set logrotates, see debian/dpkg.logrotate.
* Fri May 17 2013 Sérgio Basto <sergio@serjux.com> - 1.16.10-2
- apply fix by Oron Peled bug #648384, adds dpkg-perl as noarch
* Thu May 16 2013 Sérgio Basto <sergio@serjux.com> - 1.16.10-1
- Add BR perl-podlators for pod2man in F19 development or just BR perl
- Add some other importants BR: doxygen flex xz-devel po4a dotconf-devel
- Fix packages names which are debianized, so packages will be: dpkg-perl
and dpkg-dev (and dpkg-devel for headers of dpkg).
- Some clean ups.
- dpkg-perl must be arched.
* Sat May 4 2013 Oron Peled <oron@actcom.co.il>
- Bump version to Debian/wheezy
- Call autoreconf: make sure we don't reuse Debian packaged
stuff (config.guess, etc.)
- CVE patches not needed -- is already fixed upstream
- Removed dpkg-change-libdir.patch:
- Patching Makefile.in is wrong (can patch Makefile.am with autoreconf)
- Less patch churn for non-critical paths
- Accept /usr/lib/dpkg/parsechangelog
- Accept /usr/lib/dpkg/methods
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.15.5.6-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.15.5.6-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.15.5.6-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.15.5.6-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Jan 12 2011 Andrew Colin Kissa <andrew@topdog.za.net> - 1.15.5.6-6
- Fix CVE-2010-1679
- Fix CVE-2011-0402

15
fedora-bug642160-empty-argv.patch
Unescape View File

@ -1,15 +0,0 @@
diff -ur dpkg-1.15.5.6.orig/scripts/Dpkg/Arch.pm dpkg-1.15.5.6/scripts/Dpkg/Arch.pm
--- dpkg-1.15.5.6.orig/scripts/Dpkg/Arch.pm 2010-01-08 08:00:34.000000000 +0000
+++ dpkg-1.15.5.6/scripts/Dpkg/Arch.pm 2010-10-17 12:29:46.916000478 +0100
@@ -47,8 +47,9 @@
return $build_arch if defined $build_arch;
my $build_arch = `dpkg --print-architecture`;
- # FIXME: Handle bootstrapping
- syserr("dpkg --print-architecture failed") if $? >> 8;
+ if ($? >> 8 || $build_arch =~ /^\s*$/) {
+ $build_arch = get_raw_host_arch();
+ }
chomp $build_arch;
return $build_arch;

43
fedora-fix-CVE-2010-0396-00.patch
Unescape View File

@ -1,43 +0,0 @@
diff --git a/scripts/Dpkg/Source/Patch.pm b/scripts/Dpkg/Source/Patch.pm
--- a/scripts/Dpkg/Source/Patch.pm
+++ b/scripts/Dpkg/Source/Patch.pm
@@ -322,8 +322,9 @@ sub analyze {
error(_g("expected ^--- in line %d of diff `%s'"), $., $diff);
}
$_ = strip_ts($_);
- if ($_ eq '/dev/null' or s{^(\./)?[^/]+/}{$destdir/}) {
+ if ($_ eq '/dev/null' or s{^[^/]+/}{$destdir/}) {
$fn = $_;
+ error(_g("%s contains an insecure path: %s"), $diff, $_) if m{/\.\./};
}
if (/\.dpkg-orig$/) {
error(_g("diff `%s' patches file with name ending .dpkg-orig"), $diff);
@@ -336,8 +337,9 @@ sub analyze {
error(_g("line after --- isn't as expected in diff `%s' (line %d)"), $diff, $.);
}
$_ = strip_ts($_);
- if ($_ eq '/dev/null' or s{^(\./)?[^/]+/}{$destdir/}) {
+ if ($_ eq '/dev/null' or s{^[^/]+/}{$destdir/}) {
$fn2 = $_;
+ error(_g("%s contains an insecure path: %s"), $diff, $_) if m{/\.\./};
} else {
unless (defined $fn) {
error(_g("none of the filenames in ---/+++ are relative in diff `%s' (line %d)"),
@@ -363,6 +365,17 @@ sub analyze {
if ($dirname =~ s{/[^/]+$}{} && not -d $dirname) {
$dirtocreate{$dirname} = 1;
}
+
+ # Sanity check, refuse to patch through a symlink
+ $dirname = $fn;
+ while (1) {
+ if (-l $dirname) {
+ error(_g("diff %s modifies file %s through a symlink: %s"),
+ $diff, $fn, $dirname);
+ }
+ last unless $dirname =~ s{/[^/]+$}{};
+ }
+
if (-e $fn and not -f _) {
error(_g("diff `%s' patches something which is not a plain file"), $diff);
}

11
fedora-fix-CVE-2010-0396-01.patch
Unescape View File

@ -1,11 +0,0 @@
diff --git a/scripts/Dpkg/Source/Package/V3/quilt.pm b/scripts/Dpkg/Source/Package/V3/quilt.pm
--- a/scripts/Dpkg/Source/Package/V3/quilt.pm
+++ b/scripts/Dpkg/Source/Package/V3/quilt.pm
@@ -123,6 +123,7 @@ sub read_patch_list {
}
}
next if $opts{"skip_auto"} and $_ eq $auto_patch;
+ error(_g("%s contains an insecure path: %s"), $file, $_) if m{(^|/)\.\./};
push @patches, $_;
}
close(SERIES);

176
fedora-fix-CVE-2010-1679_CVE-2011-0402.patch
Unescape View File

@ -1,176 +0,0 @@
diff -ruN dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Archive.pm dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Archive.pm
--- dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Archive.pm 2010-04-15 13:38:58.000000000 +0200
+++ dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Archive.pm 2011-01-06 21:08:30.000000000 +0200
@@ -119,7 +119,7 @@
# Call tar extraction process
$fork_opts{"delete_env"} = [ "TAR_OPTIONS" ];
$fork_opts{'exec'} = [ 'tar', '--no-same-owner', '--no-same-permissions',
- @{$opts{"options"}}, '-xkf', '-' ];
+ @{$opts{"options"}}, '-xf', '-' ];
fork_and_exec(%fork_opts);
$self->cleanup_after_open();
@@ -142,7 +142,7 @@
closedir(D);
my $done = 0;
erasedir($dest);
- if (scalar(@entries) == 1 && -d "$tmp/$entries[0]") {
+ if (scalar(@entries) == 1 && ! -l "$tmp/$entries[0]" && -d _) {
rename("$tmp/$entries[0]", $dest) ||
syserr(_g("Unable to rename %s to %s"),
"$tmp/$entries[0]", $dest);
diff -ruN dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Package/V2.pm dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Package/V2.pm
--- dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Package/V2.pm 2010-04-15 13:38:58.000000000 +0200
+++ dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Package/V2.pm 2011-01-06 21:08:30.000000000 +0200
@@ -115,7 +115,12 @@
# Extract main tarball
info(_g("unpacking %s"), $tarfile);
my $tar = Dpkg::Source::Archive->new(filename => "$dscdir$tarfile");
- $tar->extract($newdirectory, no_fixperms => 1);
+ $tar->extract($newdirectory, no_fixperms => 1,
+ options => [ "--anchored", "--no-wildcards-match-slash",
+ "--exclude", "*/.pc", "--exclude", ".pc" ]);
+ # The .pc exclusion is only needed for 3.0 (quilt) and to avoid
+ # having an upstream tarball provide a directory with symlinks
+ # that would be blindly followed when applying the patches
# Extract additional orig tarballs
foreach my $subdir (keys %origtar) {
diff -ruN dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Patch.pm dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Patch.pm
--- dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Patch.pm 2010-04-15 13:38:58.000000000 +0200
+++ dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Patch.pm 2011-01-06 21:08:30.000000000 +0200
@@ -313,11 +313,42 @@
$header =~ s/\s.*// unless ($header =~ s/\t.*//);
return $header;
}
+
+ sub intuit_file_patched {
+ my ($old, $new) = @_;
+ return $new unless defined $old;
+ return $old unless defined $new;
+ return $new if -e $new and not -e $old;
+ return $old if -e $old and not -e $new;
+ # We don't consider the case where both files are non-existent and
+ # where patch picks the one with the fewest directories to create
+ # since dpkg-source will pre-create the required directories
+ #
+ # Precalculate metrics used by patch
+ my ($tmp_o, $tmp_n) = ($old, $new);
+ my ($len_o, $len_n) = (length($old), length($new));
+ $tmp_o =~ s{[/\\]+}{/}g;
+ $tmp_n =~ s{[/\\]+}{/}g;
+ my $nb_comp_o = ($tmp_o =~ tr{/}{/});
+ my $nb_comp_n = ($tmp_n =~ tr{/}{/});
+ $tmp_o =~ s{^.*/}{};
+ $tmp_n =~ s{^.*/}{};
+ my ($blen_o, $blen_n) = (length($tmp_o), length($tmp_n));
+ # Decide like patch would
+ if ($nb_comp_o != $nb_comp_n) {
+ return ($nb_comp_o < $nb_comp_n) ? $old : $new;
+ } elsif ($blen_o != $blen_n) {
+ return ($blen_o < $blen_n) ? $old : $new;
+ } elsif ($len_o != $len_n) {
+ return ($len_o < $len_n) ? $old : $new;
+ }
+ return $old;
+ }
$_ = getline($diff_handle);
HUNK:
while (defined($_) || not eof($diff_handle)) {
- my ($fn, $fn2);
+ my (%path, %fn);
# skip comments leading up to patch (if any)
until (/^--- /) {
last HUNK if not defined($_ = getline($diff_handle));
@@ -327,11 +358,8 @@
unless(s/^--- //) {
error(_g("expected ^--- in line %d of diff `%s'"), $., $diff);
}
- $_ = strip_ts($_);
- if ($_ eq '/dev/null' or s{^[^/]+/}{$destdir/}) {
- $fn = $_;
- error(_g("%s contains an insecure path: %s"), $diff, $_) if m{/\.\./};
- }
+ $path{'old'} = $_ = strip_ts($_);
+ $fn{'old'} = $_ if $_ ne '/dev/null' and s{^[^/]*/+}{$destdir/};
if (/\.dpkg-orig$/) {
error(_g("diff `%s' patches file with name ending .dpkg-orig"), $diff);
}
@@ -342,46 +370,47 @@
unless (s/^\+\+\+ //) {
error(_g("line after --- isn't as expected in diff `%s' (line %d)"), $diff, $.);
}
- $_ = strip_ts($_);
- if ($_ eq '/dev/null' or s{^[^/]+/}{$destdir/}) {
- $fn2 = $_;
- error(_g("%s contains an insecure path: %s"), $diff, $_) if m{/\.\./};
- } else {
- unless (defined $fn) {
- error(_g("none of the filenames in ---/+++ are relative in diff `%s' (line %d)"),
- $diff, $.);
- }
- }
+ $path{'new'} = $_ = strip_ts($_);
+ $fn{'new'} = $_ if $_ ne '/dev/null' and s{^[^/]*/+}{$destdir/};
+
+ unless (defined $fn{'old'} or defined $fn{'new'}) {
+ error(_g("none of the filenames in ---/+++ are valid in diff '%s' (line %d)"),
+ $diff, $.);
+ }
- if (defined($fn) and $fn eq '/dev/null') {
+ # Safety checks on both filenames that patch could use
+ foreach my $key ("old", "new") {
+ next unless defined $fn{$key};
+ if ($path{$key} =~ m{/\.\./}) {
+ error(_g("%s contains an insecure path: %s"), $diff, $path{$key});
+ }
+ my $path = $fn{$key};
+ while (1) {
+ if (-l $path) {
+ error(_g("diff %s modifies file %s through a symlink: %s"),
+ $diff, $fn{$key}, $path);
+ }
+ last unless $path =~ s{/+[^/]*$}{};
+ last if length($path) <= length($destdir); # $destdir is assumed safe
+ }
+ }
+
+ if ($path{'old'} eq '/dev/null' and $path{'new'} eq '/dev/null') {
error(_g("original and modified files are /dev/null in diff `%s' (line %d)"),
- $diff, $.) if (defined($fn2) and $fn2 eq '/dev/null');
- $fn = $fn2;
- } elsif (defined($fn2) and $fn2 ne '/dev/null') {
- $fn = $fn2 unless defined $fn;
- $fn = $fn2 if ((not -e $fn) and -e $fn2);
- } elsif (defined($fn2) and $fn2 eq '/dev/null') {
+ $diff, $.);
+ } elsif ($path{'new'} eq '/dev/null') {
error(_g("file removal without proper filename in diff `%s' (line %d)"),
- $diff, $. - 1) unless defined $fn;
+ $diff, $. - 1) unless defined $fn{'old'};
warning(_g("diff %s removes a non-existing file %s (line %d)"),
- $diff, $fn, $.) unless -e $fn;
+ $diff, $fn{'old'}, $.) unless -e $fn{'old'};
}
+ my $fn = intuit_file_patched($fn{'old'}, $fn{'new'});
my $dirname = $fn;
if ($dirname =~ s{/[^/]+$}{} && not -d $dirname) {
$dirtocreate{$dirname} = 1;
}
- # Sanity check, refuse to patch through a symlink
- $dirname = $fn;
- while (1) {
- if (-l $dirname) {
- error(_g("diff %s modifies file %s through a symlink: %s"),
- $diff, $fn, $dirname);
- }
- last unless $dirname =~ s{/[^/]+$}{};
- }
-
if (-e $fn and not -f _) {
error(_g("diff `%s' patches something which is not a plain file"), $diff);
}

2
sources
Unescape View File

@ -1 +1 @@
4dcb0de9af234d16a62272bcc61b8873 dpkg_1.15.5.6.tar.bz2
88d0e4c98ecb8afe6dee896a2aa9665d dpkg_1.16.16.tar.xz

Write Preview
Loading…
Cancel
Save