13 changed files with 253 additions and 9419 deletions
--- a/.emacs.metadata
+++ b/.emacs.metadata
@ -1 +1,2 @@
-8d18e2bfb6e28cf060ce7587290954e9c582aa25 SOURCES/emacs-27.2.tar.xz
+53c01d987b2613701f42d9f941c2d5225a5874c4 SOURCES/emacs-26.1.tar.xz
+c962aff1571d9fb346775ec4329877dbb63307d6 SOURCES/package-keyring.gpg
--- a/.gitignore
+++ b/.gitignore
@ -1 +1,2 @@
-SOURCES/emacs-27.2.tar.xz
+SOURCES/emacs-26.1.tar.xz
+SOURCES/package-keyring.gpg
--- a/SOURCES/emacs-27.2.tar.xz.sig
+++ b/SOURCES/emacs-27.2.tar.xz.sig
@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-Version: GnuPG v1
-
-iQEcBAABAgAGBQJgXHmkAAoJEJHBJi8B6405d2EIAIPafSj+sV3Hemu9CSPL+F38
-KutOo7nUF1AO0tgdijPGZ4BTBsWnsum0dLQ/JLtor7/NQuqrZTMJQbrorLluwCR7
-p1aVtwQ+enWn3G0Aq/4uWo0xaMCvJlEPOQuYE8Dtt12PFZzmfAE1r4KZa4cL073h
-suugT/tz7awq7QS6GbjI88mkJXVMuEwVYPPS2tzBUTkA2152dikFSyqBhUnIo3Ni
-eDN6NvSYBpL1I9HgNYuiBJp9xv8CzGtwm/7Nidntzl9SPVQlZkZIHNj8tRbE67Ge
-R0EXBgnDsSKlRUM51R7PejnSG6134VcLCaItMF6dIiVBu6BwQXw1t+zdqnzG6v8=
-=L6J6
-----END PGP SIGNATURE-----
--- a/SOURCES/emacs-64KB-page-size-for-pdump.patch
+++ b/SOURCES/emacs-64KB-page-size-for-pdump.patch
@ -1,31 +0,0 @@
-From 216c65b135c2b0be7e048cdc6683873b03b99b9a Mon Sep 17 00:00:00 2001
-From: Lars Ingebrigtsen <larsi@gnus.org>
-Date: Sun, 28 Mar 2021 19:13:00 +0200
-Subject: [PATCH] Use a 64KB page size for pdump
-
-* src/pdumper.c (dump_get_page_size): Use a 64KB page size on all
-architectures, as this many vary between systems (bug#47125).
---
- src/pdumper.c | 6 +-----
- 1 file changed, 1 insertion(+), 5 deletions(-)
-
-diff --git a/src/pdumper.c b/src/pdumper.c
-index 337742fda4..fdd9b3bacb 100644
--- a/src/pdumper.c
-+++ b/src/pdumper.c
-@@ -162,11 +162,7 @@ ptrdiff_t_to_dump_off (ptrdiff_t value)
- static int
- dump_get_page_size (void)
- {
-#if defined (WINDOWSNT) || defined (CYGWIN)
-  return 64 * 1024;  /* Worst-case allocation granularity.  */
-#else
-  return getpagesize ();
-#endif
-+  return 64 * 1024;
- }
- 
- #define dump_offsetof(type, member)                             \
-- 
-2.36.1
-
--- a/SOURCES/emacs-consider-org-file-contents-unsafe.patch
+++ b/SOURCES/emacs-consider-org-file-contents-unsafe.patch
@ -0,0 +1,36 @@
+From 2bc865ace050ff118db43f01457f95f95112b877 Mon Sep 17 00:00:00 2001
+From: Ihor Radchenko <yantar92@posteo.net>
+Date: Tue, 20 Feb 2024 14:59:20 +0300
+Subject: org-file-contents: Consider all remote files unsafe
+
+* lisp/org/org.el (org-file-contents): When loading files, consider all
+remote files (like TRAMP-fetched files) unsafe, in addition to URLs.
+---
+ lisp/org/org.el | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/lisp/org/org.el b/lisp/org/org.el
+index 0f5d17d..76559c9 100644
+--- a/lisp/org/org.el
+++ b/lisp/org/org.el
+@@ -4576,12 +4576,16 @@ from file or URL, and return nil.
+ If NOCACHE is non-nil, do a fresh fetch of FILE even if cached version
+ is available.  This option applies only if FILE is a URL."
+   (let* ((is-url (org-file-url-p file))
+         (is-remote (condition-case nil
+                        (file-remote-p file)
+                      ;; In case of error, be safe.
+                      (t t)))
+          (cache (and is-url
+                      (not nocache)
+                      (gethash file org--file-cache))))
+     (cond
+      (cache)
+-     (is-url
+     ((or is-url is-remote)
+       (with-current-buffer (url-retrieve-synchronously file)
+ 	(goto-char (point-min))
+ 	;; Move point to after the url-retrieve header.
+-- 
+cgit v1.1
+
--- a/SOURCES/emacs-ctags-local-command-execute-vulnerability.patch
+++ b/SOURCES/emacs-ctags-local-command-execute-vulnerability.patch
--- a/SOURCES/emacs-glibc-2.34.patch
+++ b/SOURCES/emacs-glibc-2.34.patch
@ -1,40 +0,0 @@
-From f97e07ea807cc6d38774a3888a15091b20645ac6 Mon Sep 17 00:00:00 2001
-From: Paul Eggert <eggert@cs.ucla.edu>
-Date: Tue, 9 Mar 2021 11:22:59 -0800
-Subject: [PATCH] Port alternate signal stack to upcoming glibc 2.34
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* src/sysdep.c (sigsegv_stack): Increase size to 64 KiB and align
-it to max_align_t.  This copies from Gnulib’s c-stack.c, and works
-around a portability bug in draft glibc 2.34, which no longer
-defines SIGSTKSZ when _GNU_SOURCE is defined.
---
- src/sysdep.c | 10 +++++++++-
- 1 file changed, 9 insertions(+), 1 deletion(-)
-
-diff --git a/src/sysdep.c b/src/sysdep.c
-index 941b4e2fa2..24d8832b2f 100644
--- a/src/sysdep.c
-+++ b/src/sysdep.c
-@@ -1785,7 +1785,15 @@ handle_arith_signal (int sig)
- 
- /* Alternate stack used by SIGSEGV handler below.  */
- 
-static unsigned char sigsegv_stack[SIGSTKSZ];
-+/* Storage for the alternate signal stack.
-+   64 KiB is not too large for Emacs, and is large enough
-+   for all known platforms.  Smaller sizes may run into trouble.
-+   For example, libsigsegv 2.6 through 2.8 have a bug where some
-+   architectures use more than the Linux default of an 8 KiB alternate
-+   stack when deciding if a fault was caused by stack overflow.  */
-+static max_align_t sigsegv_stack[(64 * 1024
-+				  + sizeof (max_align_t) - 1)
-+				 / sizeof (max_align_t)];
- 
- 
- /* Return true if SIGINFO indicates a stack overflow.  */
-- 
-2.29.2
-
--- a/SOURCES/emacs-mark-contents-untrusted.patch
+++ b/SOURCES/emacs-mark-contents-untrusted.patch
@ -0,0 +1,25 @@
+From 937b9042ad7426acdcca33e3d931d8f495bdd804 Mon Sep 17 00:00:00 2001
+From: Ihor Radchenko <yantar92@posteo.net>
+Date: Tue, 20 Feb 2024 12:44:30 +0300
+Subject: * lisp/gnus/mm-view.el (mm-display-inline-fontify): Mark contents
+ untrusted.
+
+---
+ lisp/gnus/mm-view.el | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/lisp/gnus/mm-view.el b/lisp/gnus/mm-view.el
+index 2e1261c..5f234e5 100644
+--- a/lisp/gnus/mm-view.el
+++ b/lisp/gnus/mm-view.el
+@@ -504,6 +504,7 @@ If MODE is not set, try to find mode automatically."
+ 	  (setq coding-system (mm-find-buffer-file-coding-system)))
+ 	(setq text (buffer-string))))
+     (with-temp-buffer
+      (setq untrusted-content t)
+       (buffer-disable-undo)
+       (mm-enable-multibyte)
+       (insert (cond ((eq charset 'gnus-decoded)
+-- 
+cgit v1.1
+
--- a/SOURCES/emacs-mh-rmail-nonempty-dir.patch
+++ b/SOURCES/emacs-mh-rmail-nonempty-dir.patch
@ -0,0 +1,31 @@
+From b73cde5e2815c531df7f5fd13e214a7d92f78239 Mon Sep 17 00:00:00 2001
+From: Mike Kupfer <mkupfer@alum.berkeley.edu>
+Date: Wed, 4 Jul 2018 15:43:04 -0700
+Subject: [PATCH] Fix MH-E mail composition with GNU Mailutils (SF#485)
+
+* lisp/mh-e/mh-comp.el (mh-bare-components): Recursively delete
+the temporary folder.
+---
+ lisp/mh-e/mh-comp.el | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/lisp/mh-e/mh-comp.el b/lisp/mh-e/mh-comp.el
+index a9f809cfa1..aa22df8b18 100644
+--- a/lisp/mh-e/mh-comp.el
+++ b/lisp/mh-e/mh-comp.el
+@@ -925,8 +925,10 @@ mh-bare-components
+                      (list "-form" mh-comp-formfile)))
+     (setq new (make-temp-file "comp."))
+     (rename-file (concat temp-folder "/" "1") new t)
+-    (delete-file (concat temp-folder "/" ".mh_sequences"))
+-    (delete-directory temp-folder)
+    ;; The temp folder could contain various metadata files.  Rather
+    ;; than trying to enumerate all the known files, just do a
+    ;; recursive delete on the directory.
+    (delete-directory temp-folder t)
+     new))
+ 
+ (defun mh-read-draft (use initial-contents delete-contents-file)
+-- 
+2.36.1
+
--- a/SOURCES/emacs-org-link-expand-abbrev-unsafe-elisp.patch
+++ b/SOURCES/emacs-org-link-expand-abbrev-unsafe-elisp.patch
@ -3,34 +3,44 @@ From: Ihor Radchenko <yantar92@posteo.net>
 Date: Tue, 18 Jun 2024 13:06:44 +0200
 Subject: org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code

-* lisp/org/ol.el (org-link-expand-abbrev): Refuse expanding %(...) link
+* lisp/org/org.el (org-link-expand-abbrev): Refuse expanding %(...) link
 abbrevs that specify unsafe function.  Instead, display a warning, and
 do not expand the abbrev.  Clear all the text properties from the
 returned link, to avoid any potential vulnerabilities caused by
 properties that may contain arbitrary Elisp.
 ---
- lisp/org/ol.el | 40 +++++++++++++++++++++++++++++-----------
+ lisp/org/org.el | 40 +++++++++++++++++++++++++++++-----------
 1 file changed, 29 insertions(+), 11 deletions(-)

-diff --git a/lisp/org/ol.el b/lisp/org/ol.el
+diff --git a/lisp/org/org.el b/lisp/org/org.el
 index 7a7f4f5..8a556c7 100644
--- a/lisp/org/ol.el
-+++ b/lisp/org/ol.el
-@@ -1152,17 +1152,35 @@ Abbreviations are defined in `org-link-abbrev-alist'."
-       (if (not as)
- 	  link
- 	(setq rpl (cdr as))
-	(cond
-	 ((symbolp rpl) (funcall rpl tag))
-	 ((string-match "%(\\([^)]+\\))" rpl)
-	  (replace-match
-	   (save-match-data
-	     (funcall (intern-soft (match-string 1 rpl)) tag))
-	   t t rpl))
-	 ((string-match "%s" rpl) (replace-match (or tag "") t t rpl))
-	 ((string-match "%h" rpl)
-	  (replace-match (url-hexify-string (or tag "")) t t rpl))
-	 (t (concat rpl tag)))))))
+--- a/lisp/org/org.el
+++ b/lisp/org/org.el
+@@ -1152,26 +1152,44 @@ Abbreviations are defined in `org-link-abbrev-alist'."
+ 
+ (defun org-link-expand-abbrev (link)
+   "Apply replacements as defined in `org-link-abbrev-alist'."
+-  (if (string-match "^\\([^:]*\\)\\(::?\\(.*\\)\\)?$" link)
+  (if (not (string-match "^\\([^:]*\\)\\(::?\\(.*\\)\\)?$" link)) link
+       (let* ((key (match-string 1 link))
+ 	     (as (or (assoc key org-link-abbrev-alist-local)
+ 		     (assoc key org-link-abbrev-alist)))
+ 	     (tag (and (match-end 2) (match-string 3 link)))
+ 	     rpl)
+ 	(if (not as)
+ 	    link
+ 	  (setq rpl (cdr as))
+-	  (cond
+-	   ((symbolp rpl) (funcall rpl tag))
+-	   ((string-match "%(\\([^)]+\\))" rpl)
+-	    (replace-match
+-	     (save-match-data
+-	       (funcall (intern-soft (match-string 1 rpl)) tag)) t t rpl))
+-	   ((string-match "%s" rpl) (replace-match (or tag "") t t rpl))
+-	   ((string-match "%h" rpl)
+-	    (replace-match (url-hexify-string (or tag "")) t t rpl))
+-	   (t (concat rpl tag)))))
+-    link))
 +        ;; Drop any potentially dangerous text properties like
 +        ;; `modification-hooks' that may be used as an attack vector.
 +        (substring-no-properties
@ -61,8 +71,8 @@ index 7a7f4f5..8a556c7 100644
 +	   (replace-match (url-hexify-string (or tag "")) t t rpl))
 +	  (t (concat rpl tag))))))))
 
- (defun org-link-open (link &optional arg)
-   "Open a link object LINK.
+ ;;; Storing and inserting links
+ 
 -- 
 cgit v1.1

--- a/SOURCES/emacs-ruby-mode-local-command-injection-vulnerability.patch
+++ b/SOURCES/emacs-ruby-mode-local-command-injection-vulnerability.patch
@ -1,28 +0,0 @@
-From 9a3b08061feea14d6f37685ca1ab8801758bfd1c Mon Sep 17 00:00:00 2001
-From: Xi Lu <lx@shellcodes.org>
-Date: Fri, 23 Dec 2022 12:52:48 +0800
-Subject: [PATCH] Fix ruby-mode.el local command injection vulnerability
- (bug#60268)
-
-* lisp/progmodes/ruby-mode.el
-(ruby-find-library-file): Fix local command injection vulnerability.
---
- lisp/progmodes/ruby-mode.el | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/lisp/progmodes/ruby-mode.el b/lisp/progmodes/ruby-mode.el
-index 1f3e9b6ae7b..a4aa61905e4 100644
--- a/lisp/progmodes/ruby-mode.el
-+++ b/lisp/progmodes/ruby-mode.el
-@@ -1820,7 +1820,7 @@ ruby-find-library-file
-       (setq feature-name (read-string "Feature name: " init))))
-   (let ((out
-          (substring
-          (shell-command-to-string (concat "gem which " feature-name))
-+          (shell-command-to-string (concat "gem which " (shell-quote-argument feature-name)))
-           0 -1)))
-     (if (string-match-p "\\`ERROR" out)
-         (user-error "%s" out)
-- 
-2.36.1
-
--- a/SOURCES/gpgkey-E6C9029C363AD41D787A8EBB91C1262F01EB8D39.gpg
+++ b/SOURCES/gpgkey-E6C9029C363AD41D787A8EBB91C1262F01EB8D39.gpg
@ -1,29 +0,0 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
-
-mQENBF+pf4UBCAC6vjkWLSAsQpe8YIGKLQzNOJx/IjGtCdFF8uzmO5jmME+SD8RO
-uJN+t5KXVw58uzu75EFD0vHTY9e+udJ2gkpuy0NnzkFcbumdLLo2ERKCoSctZZRh
-zKXI5z5cHxCqW0B2ygHRrRLtoNlGID7bAgcgSViT1ptGqTXO7zGVu4Airok7dNzc
-PtHgns8GlR5YAFX0TvE6oGd0l2VPghNeVJKJOjrbfhoDxl3ucFpqbqMH8z9HTLDO
-Fpz8UaYYUdJMi3xX6vwTZxI2sM2RRVLUpZyllAkSMI4lln1OOgazM/62DJUs/rKI
-HKBnF6h3/qsJUjUYXaAHbrXY26mWllAd536lABEBAAG0I0VsaSBaYXJldHNraWkg
-KGVsaXopIDxlbGl6QGdudS5vcmc+iQE4BBMBAgAiBQJfqX+FAhsDBgsJCAcDAgYV
-CAIJCgsEFgIDAQIeAQIXgAAKCRCRwSYvAeuNOYUQB/4/iIKKOG45ijNaRoTvmJJZ
-Mvj1S07WQxEm7c5SHEeEQbLOAxB9vESOV7sLueuN3oqEndtzyYt4x1WTSBmHFF7h
-5fcCMjBs41siOIp5Sj/xD0Bvaa0IKGCRSZ7PAo8Mq3wgajXpTpn9vxE2PmtzA8Kd
-EE0K1+f9pVAfOpUIcCl44rIxLUW352XG0y7iz6c/O6LB1deOKMiKFctKO7pBti1d
-JEm1ImewLH3H8uTbwspLOs3EB8xhsESxmTidnze68HX2jt+2EeMgCdkiNU+LWbex
-QZPfIS7+ZmE06ll0v6+Jy7ZdTkCCRypKWTnW7pIFsq/p4kybV8O/kHSV6B4vvQBf
-uQENBF+pf4UBCACvFrdx/m22lgObypSmSS4TNlNvQnMUorrMmp0U32hv5adt6CKX
-eMjk05F+GcIfVMrpxqMBn4sEUIXWhhogQJa9ZbWEP/HbS8XjMMbz0Q0Siaty9+DS
-spK/9u2GWKsz3uQzLCexIJtzmXvjAVmvoMCAU/F2t038ggygjYLRgyLRNLgbbart
-u2dMkvrfxRjheip60S4S3utOcwUf/qdoa1grNannCFluHr/ftXCeeuGB4H8iO0BX
-WNby6NZPizxJttx9gdcH8/OmDOJkXyRMTT/3sSem76CSOjfXcz7saJlg680NQhG5
-TmuYERjJD4+U02K5RuqTsEnOuWeFy4p+/mslABEBAAGJAR8EGAECAAkFAl+pf4UC
-GwwACgkQkcEmLwHrjTno7Af/a1XoLHxAUkS43nmF8iazn3ZnuwWKWLEAsNrxk56y
-UxhUPRzNs0/fsABDQR1o0DyTqbScKOcOMSG2YMCctLiDd7FdfMWwkUsV9GUpPBiR
-tD60Ewmn9sbNJKrEoZ5L6sqOUEslJRVABu5taOzVIRfeUPPaMRjvCcr0d+epKjW8
-1J9Aqj8SskuNkHwvHchTYFYVT22aemjjZ1MGOUm7QiybWQgYL6aSPV2gR+NQQ7pE
-hOBoEi6GLEiBkoYOIXvmxsqQLBrUPbsJq8lItYEaw4HGt8BaPxtK2yZ9mSqC2xhW
-Yr1j1YAIHffzubC0jxc5znXERsRANoJOwNUXmiddD7UM9A==
-=g4R7
-----END PGP PUBLIC KEY BLOCK-----
--- a/SPECS/emacs.spec
+++ b/SPECS/emacs.spec
@ -4,38 +4,35 @@
 Summary:       GNU Emacs text editor
 Name:          emacs
 Epoch:         1
-Version:       27.2
-Release:       10%{?dist}
+Version:       26.1
+Release:       12%{?dist}
 License:       GPLv3+ and CC0-1.0
 URL:           http://www.gnu.org/software/emacs/
+Group:         Applications/Editors
 Source0:       https://ftp.gnu.org/gnu/emacs/emacs-%{version}.tar.xz
-Source1:       https://ftp.gnu.org/gnu/emacs/emacs-%{version}.tar.xz.sig
-# generate the keyring via:
-# wget https://ftp.gnu.org/gnu/gnu-keyring.gpg
-# gpg2 --keyring ./gnu-keyring.gpg --armor --export E6C9029C363AD41D787A8EBB91C1262F01EB8D39 > gpgkey-E6C9029C363AD41D787A8EBB91C1262F01EB8D39.gpg
-Source2:       gpgkey-E6C9029C363AD41D787A8EBB91C1262F01EB8D39.gpg
-Source3:       emacs.desktop
-Source4:       dotemacs.el
-Source5:       site-start.el
-Source6:       default.el
+Source1:       emacs.desktop
+Source3:       dotemacs.el
+Source4:       site-start.el
+Source5:       default.el
 # Emacs Terminal Mode, #551949, #617355
-Source7:       emacs-terminal.desktop
-Source8:       emacs-terminal.sh
-Source9:       emacs.service
-Source10:      %{name}.appdata.xml
+Source6:       emacs-terminal.desktop
+Source7:       emacs-terminal.sh
+Source8:       emacs.service
+Source9:       %{name}.appdata.xml
+# rhbz#1810729
+Source10:      package-keyring.gpg
 # rhbz#713600
 Patch1:        emacs-spellchecker.patch
 Patch2:        emacs-system-crypto-policies.patch
-Patch3:        emacs-glibc-2.34.patch
-Patch4:        emacs-ctags-local-command-execute-vulnerability.patch
-Patch5:        emacs-64KB-page-size-for-pdump.patch
-Patch6:        emacs-etags-local-command-injection-vulnerability.patch
-Patch7:        emacs-htmlfontify-command-injection-vulnerability.patch
-Patch8:        emacs-ruby-mode-local-command-injection-vulnerability.patch
-Patch9:        emacs-ob-latex-command-injection-vulnerability.patch
-Patch10:       emacs-org-link-expand-abbrev-unsafe-elisp.patch
-
-BuildRequires: gcc
+Patch3:        emacs-ctags-local-command-execute-vulnerability.patch
+Patch4:        emacs-mh-rmail-nonempty-dir.patch
+Patch5:        emacs-etags-local-command-injection-vulnerability.patch
+Patch6:        emacs-htmlfontify-command-injection-vulnerability.patch
+Patch7:        emacs-ob-latex-command-injection-vulnerability.patch
+Patch8:        emacs-consider-org-file-contents-unsafe.patch
+Patch9:        emacs-org-link-expand-abbrev-unsafe-elisp.patch
+Patch10:       emacs-mark-contents-untrusted.patch
+
 BuildRequires: atk-devel
 BuildRequires: cairo-devel
 BuildRequires: freetype-devel
@ -61,33 +58,26 @@ BuildRequires: librsvg2-devel
 BuildRequires: m17n-lib-devel
 BuildRequires: libotf-devel
 BuildRequires: libselinux-devel
+BuildRequires: GConf2-devel
 BuildRequires: alsa-lib-devel
 BuildRequires: gpm-devel
 BuildRequires: liblockfile-devel
 BuildRequires: libxml2-devel
-BuildRequires: autoconf
 BuildRequires: bzip2
 BuildRequires: cairo
 BuildRequires: texinfo
 BuildRequires: gzip
 BuildRequires: desktop-file-utils
 BuildRequires: libacl-devel
-BuildRequires: harfbuzz-devel
-BuildRequires: jansson-devel
-BuildRequires: systemd-devel

 BuildRequires: gtk3-devel

-BuildRequires: gnupg2
-
 # For lucid
 BuildRequires: Xaw3d-devel

 %ifarch %{ix86}
 BuildRequires: util-linux
 %endif
-BuildRequires: make
-

 # Emacs doesn't run without dejavu-sans-mono-fonts, rhbz#732422
 Requires:      desktop-file-utils
@ -113,6 +103,7 @@ This package provides an emacs binary with support for X windows.

 %package lucid
 Summary:       GNU Emacs text editor with LUCID toolkit X support
+Group:         Applications/Editors
 Requires(preun): %{_sbindir}/alternatives
 Requires(posttrans): %{_sbindir}/alternatives
 Requires:      emacs-common = %{epoch}:%{version}-%{release}
@ -129,6 +120,7 @@ using LUCID toolkit.

 %package nox
 Summary:       GNU Emacs text editor without X support
+Group:         Applications/Editors
 Requires(preun): %{_sbindir}/alternatives
 Requires(posttrans): %{_sbindir}/alternatives
 Requires:      emacs-common = %{epoch}:%{version}-%{release}
@ -148,8 +140,11 @@ Summary:       Emacs common files
 # The entire source code is GPLv3+ except lib-src/etags.c which is
 # also BSD.  Manual (info) is GFDL.
 License:       GPLv3+ and GFDL and BSD
+Group:         Applications/Editors
+Requires(preun): /sbin/install-info
 Requires(preun): %{_sbindir}/alternatives
 Requires(posttrans): %{_sbindir}/alternatives
+Requires(post): /sbin/install-info
 Requires:      %{name}-filesystem = %{epoch}:%{version}-%{release}
 Provides:      %{name}-el = %{epoch}:%{version}-%{release}
 Obsoletes:     emacs-el < 1:24.3-29
@ -165,6 +160,7 @@ or emacs-nox.

 %package terminal
 Summary:       A desktop menu item for GNU Emacs terminal.
+Group:         Applications/Editors
 Requires:      emacs = %{epoch}:%{version}-%{release}
 BuildArch:     noarch

@ -177,36 +173,33 @@ removed when another terminal becomes capable of handling Malayalam.

 %package filesystem
 Summary:       Emacs filesystem layout
+Group:         Applications/Editors
 BuildArch:     noarch

 %description filesystem
 This package provides some directories which are required by other
 packages that add functionality to Emacs.

-%package devel
-Summary: Development header files for Emacs
-
-%description devel
-Development header files for Emacs.
-
 %prep
-%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'
 %setup -q

 %patch1 -p1 -b .spellchecker
 %patch2 -p1 -b .system-crypto-policies
-%patch3 -p1 -b .glibc2.34
-%patch4 -p1 -b .ctags-local-command-execute-vulnerability
-%patch5 -p1 -b .64KB-page-size-for-pdump
-%patch6 -p1 -b .etags-local-command-injection-vulnerability
-%patch7 -p1 -b .htmlfontify-command-injection-vulnerability
-%patch8 -p1 -b .ruby-mode-local-command-injection-vulnerability
-%patch9 -p1 -b .ob-latex-command-injection-vulnerability
-%patch10 -p1 -b .org-link-expand-abbrev-unsafe-elisp
+%patch3 -p1 -b .ctags-local-command-execute-vulnerability
+%patch4 -p1 -b .mh-rmail-nonempty-dir.patch
+%patch5 -p1 -b .etags-local-command-injection-vulnerability
+%patch6 -p1 -b .htmlfontify-command-injection-vulnerability
+%patch7 -p1 -b .ob-latex-command-injection-vulnerability
+%patch8 -p1 -b .consider-org-file-contents-unsafe
+%patch9 -p1 -b .org-link-expand-abbrev-unsafe-elisp
+%patch10 -p1 -b .mark-contents-untrusted
 autoconf

 # We prefer our emacs.desktop file
-cp %SOURCE3 etc/emacs.desktop
+cp %SOURCE1 etc/emacs.desktop
+
+# GPG key for GNU ELPA packages backported from Emacs 26.3 (#1810729)
+cp %SOURCE10 etc/package-keyring.gpg

 grep -v "tetris.elc" lisp/Makefile.in > lisp/Makefile.in.new \
   && mv lisp/Makefile.in.new lisp/Makefile.in
@ -246,8 +239,8 @@ ln -s ../../%{name}/%{version}/etc/NEWS doc


 %build
-export CFLAGS="-DMAIL_USE_LOCKF %{build_cflags}"
-%set_build_flags
+export CFLAGS="-DMAIL_USE_LOCKF $RPM_OPT_FLAGS"
+export LDFLAGS="$LDFLAGS -Wl,-z,relro,-z,now -fpie"

 # Build GTK+ binary
 mkdir build-gtk && cd build-gtk
@ -255,9 +248,9 @@ ln -s ../configure .

 %configure --with-dbus --with-gif --with-jpeg --with-png --with-rsvg \
           --with-tiff --with-xft --with-xpm --with-x-toolkit=gtk3 --with-gpm=no \
-           --with-modules --with-harfbuzz --with-cairo --with-json
+           --with-modules
 make bootstrap
-%{setarch} %make_build
+%{setarch} make %{?_smp_mflags}
 cd ..

 # Build Lucid binary
@ -266,16 +259,16 @@ ln -s ../configure .

 %configure --with-dbus --with-gif --with-jpeg --with-png --with-rsvg \
           --with-tiff --with-xft --with-xpm --with-x-toolkit=lucid --with-gpm=no \
-           --with-modules --with-harfbuzz --with-cairo --with-json
+           --with-modules
 make bootstrap
-%{setarch} %make_build
+%{setarch} make %{?_smp_mflags}
 cd ..

 # Build binary without X support
 mkdir build-nox && cd build-nox
 ln -s ../configure .
-%configure --with-x=no --with-modules --with-json
-%{setarch} %make_build
+%configure --with-x=no --with-modules
+%{setarch} make %{?_smp_mflags}
 cd ..

 # Remove versioned file so that we end up with .1 suffix and only one DOC file
@ -303,37 +296,29 @@ EOF

 %install
 cd build-gtk
-%make_install
+make install INSTALL="%{__install} -p" DESTDIR=%{buildroot}
 cd ..

 # Let alternatives manage the symlink
 rm %{buildroot}%{_bindir}/emacs
 touch %{buildroot}%{_bindir}/emacs

-# Remove emacs.pdmp from common
-rm %{buildroot}%{emacs_libexecdir}/emacs.pdmp
-
 # Do not compress the files which implement compression itself (#484830)
 gunzip %{buildroot}%{_datadir}/emacs/%{version}/lisp/jka-compr.el.gz
 gunzip %{buildroot}%{_datadir}/emacs/%{version}/lisp/jka-cmpr-hook.el.gz

-# Install emacs.pdmp of the emacs with GTK+
-install -p -m 0644 build-gtk/src/emacs.pdmp %{buildroot}%{_bindir}/emacs-%{version}.pdmp
-
 # Install the emacs with LUCID toolkit
 install -p -m 0755 build-lucid/src/emacs %{buildroot}%{_bindir}/emacs-%{version}-lucid
-install -p -m 0644 build-lucid/src/emacs.pdmp %{buildroot}%{_bindir}/emacs-%{version}-lucid.pdmp

 # Install the emacs without X
 install -p -m 0755 build-nox/src/emacs %{buildroot}%{_bindir}/emacs-%{version}-nox
-install -p -m 0644 build-nox/src/emacs.pdmp %{buildroot}%{_bindir}/emacs-%{version}-nox.pdmp

 # Make sure movemail isn't setgid
 chmod 755 %{buildroot}%{emacs_libexecdir}/movemail

 mkdir -p %{buildroot}%{site_lisp}
-install -p -m 0644 %SOURCE5 %{buildroot}%{site_lisp}/site-start.el
-install -p -m 0644 %SOURCE6 %{buildroot}%{site_lisp}
+install -p -m 0644 %SOURCE4 %{buildroot}%{site_lisp}/site-start.el
+install -p -m 0644 %SOURCE5 %{buildroot}%{site_lisp}

 # This solves bz#474958, "update-directory-autoloads" now finally
 # works the path is different each version, so we'll generate it here
@ -351,7 +336,7 @@ mkdir -p %{buildroot}%{site_lisp}/site-start.d

 # Default initialization file
 mkdir -p %{buildroot}%{_sysconfdir}/skel
-install -p -m 0644 %SOURCE4 %{buildroot}%{_sysconfdir}/skel/.emacs
+install -p -m 0644 %SOURCE3 %{buildroot}%{_sysconfdir}/skel/.emacs

 # Install pkgconfig file
 mkdir -p %{buildroot}/%{pkgconfig}
@ -359,32 +344,30 @@ install -p -m 0644 emacs.pc %{buildroot}/%{pkgconfig}

 # Install app data
 mkdir -p %{buildroot}/%{_datadir}/appdata
-cp -a %SOURCE10 %{buildroot}/%{_datadir}/appdata
-# Upstream ships its own appdata file, but it's quite terse.
-rm %{buildroot}/%{_datadir}/metainfo/emacs.appdata.xml
+cp -a %SOURCE9 %{buildroot}/%{_datadir}/appdata

 # Install rpm macro definition file
 mkdir -p %{buildroot}%{_rpmconfigdir}/macros.d
 install -p -m 0644 macros.emacs %{buildroot}%{_rpmconfigdir}/macros.d/

 # Installing emacs-terminal binary
-install -p -m 755 %SOURCE8 %{buildroot}%{_bindir}/emacs-terminal
+install -p -m 755 %SOURCE7 %{buildroot}%{_bindir}/emacs-terminal

 # After everything is installed, remove info dir
 rm -f %{buildroot}%{_infodir}/dir

 # Installing service file
 mkdir -p %{buildroot}%{_userunitdir}
-install -p -m 0644 %SOURCE9 %{buildroot}%{_userunitdir}/emacs.service
+install -p -m 0644 %SOURCE8 %{buildroot}%{_userunitdir}/emacs.service
 # Emacs 26.1 installs the upstream unit file to /usr/lib64 on 64bit archs, we don't want that
 rm -f %{buildroot}/usr/lib64/systemd/user/emacs.service

 # Install desktop files
 mkdir -p %{buildroot}%{_datadir}/applications
 desktop-file-install --dir=%{buildroot}%{_datadir}/applications \
-                     %SOURCE3
+                     %SOURCE1
 desktop-file-install --dir=%{buildroot}%{_datadir}/applications \
-                     %SOURCE7
+                     %SOURCE6

 #
 # Create file lists
@ -430,8 +413,18 @@ rm %{buildroot}%{_datadir}/icons/hicolor/scalable/mimetypes/emacs-document23.svg
 %{_sbindir}/alternatives --install %{_bindir}/emacs emacs %{_bindir}/emacs-%{version}-nox 70
 %{_sbindir}/alternatives --install %{_bindir}/emacs-nox emacs-nox %{_bindir}/emacs-%{version}-nox 60

+%post common
+for f in %{info_files}; do
+  /sbin/install-info %{_infodir}/$f.info.gz %{_infodir}/dir 2> /dev/null || :
+done
+
 %preun common
 %{_sbindir}/alternatives --remove emacs.etags %{_bindir}/etags.emacs
+if [ "$1" = 0 ]; then
+  for f in %{info_files}; do
+    /sbin/install-info --delete %{_infodir}/$f.info.gz %{_infodir}/dir 2> /dev/null || :
+  done
+fi

 %posttrans common
 %{_sbindir}/alternatives --install %{_bindir}/etags emacs.etags %{_bindir}/etags.emacs 80 \
@ -439,24 +432,20 @@ rm %{buildroot}%{_datadir}/icons/hicolor/scalable/mimetypes/emacs-document23.svg

 %files
 %{_bindir}/emacs-%{version}
-%{_bindir}/emacs-%{version}.pdmp
 %attr(0755,-,-) %ghost %{_bindir}/emacs
 %{_datadir}/applications/emacs.desktop
 %{_datadir}/appdata/%{name}.appdata.xml
 %{_datadir}/icons/hicolor/*/apps/emacs.png
 %{_datadir}/icons/hicolor/scalable/apps/emacs.svg
-%{_datadir}/icons/hicolor/scalable/apps/emacs.ico
 %{_datadir}/icons/hicolor/scalable/mimetypes/emacs-document.svg

 %files lucid
 %{_bindir}/emacs-%{version}-lucid
-%{_bindir}/emacs-%{version}-lucid.pdmp
 %attr(0755,-,-) %ghost %{_bindir}/emacs
 %attr(0755,-,-) %ghost %{_bindir}/emacs-lucid

 %files nox
 %{_bindir}/emacs-%{version}-nox
-%{_bindir}/emacs-%{version}-nox.pdmp
 %attr(0755,-,-) %ghost %{_bindir}/emacs
 %attr(0755,-,-) %ghost %{_bindir}/emacs-nox

@ -489,97 +478,47 @@ rm %{buildroot}%{_datadir}/icons/hicolor/scalable/mimetypes/emacs-document23.svg
 %dir %{_datadir}/emacs/site-lisp
 %dir %{_datadir}/emacs/site-lisp/site-start.d

-%files devel
-%{_includedir}/emacs-module.h
-
 %changelog
-* Fri Aug 23 2024 Jacek Migacz <jmigacz@redhat.com> - 1:27.2-10
+* Fri Aug 23 2024 Jacek Migacz <jmigacz@redhat.com> - 1:26.1-12
+- org-file-contents: Consider all remote files unsafe (CVE-2024-30205)
 - org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code (CVE-2024-39331)
- Disable xwidgets (RHEL-33447)
-
-* Sun Apr 02 2023 Jacek Migacz <jmigacz@redhat.com> - 1:27.2-9
- Fix etags local command injection vulnerability (#2175190)
- Fix htmlfontify.el command injection vulnerability (#2175179)
- Fix ruby-mode.el local command injection vulnerability (#2175142)
- Fix ob-latex.el command injection vulnerability (#2180590)
-
-* Tue Jan 10 2023 Jacek Migacz <jmigacz@redhat.com> - 1:27.2-8
- Use a 64KB page size for pdump (#1979804)
+- Make Gnus treats inline MIME contents as untrusted (CVE-2024-30203)
+- Disable xwidgets (RHEL-14549)

-* Wed Jan 04 2023 Jacek Migacz <jmigacz@redhat.com> - 1:27.2-7
- Fix ctags local command execute vulnerability (#2149387)
+* Tue Jul 25 2023 MSVSphere Packaging Team <packager@msvsphere.ru> - 1:26.1-11
+- Rebuilt for MSVSphere 8.8

-* Wed Sep 22 2021 Jacek Migacz <jmigacz@redhat.com> - 1:27.2-6
- Adapt hardening options from _hardened_build macro (#2006856)
+* Wed Apr 12 2023 Jacek Migacz <jmigacz@redhat.com> - 1:26.1-11
+- Bump version

-* Wed Aug 18 2021 Jacek Migacz <jmigacz@redhat.com> - 1:27.2-5
- Provide gating.yaml for CI (#1975151)
+* Fri Apr 7 2023 Jacek Migacz <jmigacz@redhat.com> - 1:26.1-10
+- Fix etags local command injection vulnerability (#2175189)
+- Fix htmlfontify.el command injection vulnerability (#2175178)
+- Fix ob-latex.el command injection vulnerability (#2180587)

-* Tue Aug 10 2021 Jacek Migacz <jmigacz@redhat.com> - 1:27.2-4
- Fix FTBFS with glibc 2.34 (#1975151)
+* Tue Jan 10 2023 Jacek Migacz <jmigacz@redhat.com> - 1:26.1-9
+- Fix MH-E mail composition with GNU Mailutils (#1991156)

-* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1:27.2-3
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
-  Related: rhbz#1991688
+* Thu Jan 05 2023 Jacek Migacz <jmigacz@redhat.com> - 1:26.1-8
+- Fix ctags local command execute vulnerability (#2149386)

-* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 1:27.2-2
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+* Thu Aug 5 2021 Jacek Migacz <jmigacz@redhat.com> - 1:26.1-7
+- provide gating.yaml for CI

-* Sat Mar 27 2021 Bhavin Gandhi <bhavin7392@gmail.com> - 1:27.2-1
- emacs-27.2 is available
+* Mon Jul 19 2021 Jacek Migacz <jmigacz@redhat.com> - 1:26.1-6
+- a new GPG key for GNU ELPA packages (#1810729)

-* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1:27.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+* Mon Sep 10 2018 Jan Synáček <jsynacek@redhat.com> - 1:26.1-5
+- review annocheck distro flag failures (#1624109)

-* Tue Aug 18 2020 Jan Synáček <jsynacek@redhat.com> - 1:27.1-2
- use make macros (original patch provided by Tom Stellard)
- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
+* Tue Aug 14 2018 Jan Synáček <jsynacek@redhat.com> - 1:26.1-4
+- remove ImageMagick dependency (#1564992)

-* Tue Aug 11 2020 Bhavin Gandhi <bhavin7392@gmail.com> - 1:27.1-1
- emacs-27.1 is available (#1867841)
- Add systemd-devel to support Type=notify in unit file
- Build with Cairo and Jansson support
- Remove ImageMagick dependency as it's no longer used
-
-* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1:26.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
-
-* Thu Apr 16 2020 Dan Čermák <dan.cermak@cgc-instruments.com> - 1:26.3-3
- Drop dependency on GConf2
-
-* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1:26.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
-
-* Sun Sep 08 2019 Maximiliano Sandoval <msandoval@protonmail.com> - 1:26.3-1
- emacs-26.3 is available (#1747101)
-
-* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1:26.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
-
-* Wed Apr 17 2019 Jan Synáček <jsynacek@redhat.com> - 1:26.2-1
- emacs-26.2 is available (#1699434)
-
-* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1:26.1-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
-
-* Tue Aug 28 2018 Michael Cronenworth <mike@cchtml.com> - 1:26.1-7
- Rebuild for new ImageMagick 6.9.10
-
-* Mon Aug 13 2018 Jan Synáček <jsynacek@redhat.com> - 1:26.1-6
+* Mon Aug 13 2018 Jan Synáček <jsynacek@redhat.com> - 1:26.1-3
 - remove python dependencies, emacs*.py have not been there for a while

-* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1:26.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
-
-* Mon Jul 02 2018 Miro Hrončok <mhroncok@redhat.com> - 1:26.1-4
- Rebuilt for Python 3.7
-
-* Tue Jun 26 2018 Jan Synáček <jsynacek@redhat.com> - 1:26.1-3
- Refix: Emacs crashes when loading color fonts (#1519038)
-  + emacs SIGABRT after XProtocolError on displaying an email in Gnus (#1591223)
-
-* Tue Jun 19 2018 Miro Hrončok <mhroncok@redhat.com> - 1:26.1-2
- Rebuilt for Python 3.7
+* Mon Jun 18 2018 Jan Synáček <jsynacek@redhat.com> - 1:26.1-2
+- remove build dependency on python2 (#1591707)

 * Wed May 30 2018 Jan Synáček <jsynacek@redhat.com> - 1:26.1-1
 - emacs-26.1 is available (#1583433)