diff --git a/.gitignore b/.gitignore
index e818a85..2f8a22a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/rpm-4.14.2.tar.bz2
+SOURCES/rpm-4.14.3.tar.bz2
diff --git a/.rpm.metadata b/.rpm.metadata
index a860a67..4c84542 100644
--- a/.rpm.metadata
+++ b/.rpm.metadata
@@ -1 +1 @@
-1ca664af796ab8d05ea3fccabe2b2e4767a97c74 SOURCES/rpm-4.14.2.tar.bz2
+3f8c3ef08f93eaeef12008055a43f6872306f8a2 SOURCES/rpm-4.14.3.tar.bz2
diff --git a/SOURCES/0001-Add-flag-to-use-strip-g-instead-of-full-strip-on-DSO.patch b/SOURCES/0001-Add-flag-to-use-strip-g-instead-of-full-strip-on-DSO.patch
index 43dfe47..5601c58 100644
--- a/SOURCES/0001-Add-flag-to-use-strip-g-instead-of-full-strip-on-DSO.patch
+++ b/SOURCES/0001-Add-flag-to-use-strip-g-instead-of-full-strip-on-DSO.patch
@@ -77,7 +77,7 @@ Adjusted for rpm-4.14.2 in RHEL
eu-strip --remove-comment $r $g ${keep_remove_args} -f "$1" "$2" || exit
chmod 444 "$1" || exit
}
-@@ -409,8 +426,12 @@
+@@ -430,8 +430,12 @@
# libraries. Other executable ELF files (like kernel modules) don't need it.
if [ "$include_minidebug" = "true" -a "$strip_g" = "false" ]; then
skip_mini=true
@@ -89,5 +89,5 @@ Adjusted for rpm-4.14.2 in RHEL
case "$(file -bi "$f")" in
- application/x-sharedlib*) skip_mini=false ;;
application/x-executable*) skip_mini=false ;;
+ application/x-pie-executable*) skip_mini=false ;;
esac
- $skip_mini || add_minidebug "${debugfn}" "$f"
diff --git a/SOURCES/0001-Add-step-to-find-debuginfo.sh-script-to-compress-ann.patch b/SOURCES/0001-Add-step-to-find-debuginfo.sh-script-to-compress-ann.patch
deleted file mode 100644
index 9ef48f7..0000000
--- a/SOURCES/0001-Add-step-to-find-debuginfo.sh-script-to-compress-ann.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From cc1965ce3acaa7d9356b7671050a15e2cda2f424 Mon Sep 17 00:00:00 2001
-Message-Id: <cc1965ce3acaa7d9356b7671050a15e2cda2f424.1571917336.git.pmatilai@redhat.com>
-From: nickclifton <31441682+nickclifton@users.noreply.github.com>
-Date: Wed, 19 Jun 2019 12:45:09 +0100
-Subject: [PATCH] Add step to find-debuginfo.sh script to compress annobin
- notes.
-
-With the introduction of the annobin gcc plugin to the build process,
-built binary files have become larger. Sometimes significantly so.
-This is a patch that adds a new step to the post-link process performed
-by rpmbuild, to run the objcopy program with the --merge-notes option
-specified. This will reduce the size of the annobin notes in binary
-files, thus alleviating the size growth.
----
- scripts/find-debuginfo.sh | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/scripts/find-debuginfo.sh b/scripts/find-debuginfo.sh
-index d75da1108..2e9d76531 100755
---- a/scripts/find-debuginfo.sh
-+++ b/scripts/find-debuginfo.sh
-@@ -405,6 +405,10 @@ do_file()
- fi
- fi
-
-+ # Compress any annobin notes in the original binary.
-+ # Ignore any errors, since older objcopy don't support --merge-notes.
-+ objcopy --merge-notes "$f" 2>/dev/null || true
-+
- # A binary already copied into /usr/lib/debug doesn't get stripped,
- # just has its file names collected and adjusted.
- case "$dn" in
---
-2.21.0
-
diff --git a/SOURCES/0001-Consolidate-allowed-version-release-evr-allowed-char.patch b/SOURCES/0001-Consolidate-allowed-version-release-evr-allowed-char.patch
deleted file mode 100644
index 2e16742..0000000
--- a/SOURCES/0001-Consolidate-allowed-version-release-evr-allowed-char.patch
+++ /dev/null
@@ -1,57 +0,0 @@
-From e8fce62467a421132f4ebb6ca9c0926b623ec00e Mon Sep 17 00:00:00 2001
-Message-Id: <e8fce62467a421132f4ebb6ca9c0926b623ec00e.1574338687.git.pmatilai@redhat.com>
-From: Panu Matilainen <pmatilai@redhat.com>
-Date: Tue, 27 Nov 2018 13:40:21 +0200
-Subject: [PATCH 1/2] Consolidate allowed version/release/evr allowed
- characters to macros
-
-Maintaining multiple variants of the same thing, that always worked
-soooooo well... No functional changes here. Unless I truly messed up.
----
- build/parsePreamble.c | 2 +-
- build/parseReqs.c | 2 +-
- build/rpmbuild_internal.h | 2 ++
- 3 files changed, 4 insertions(+), 2 deletions(-)
-
-diff --git a/build/parsePreamble.c b/build/parsePreamble.c
-index 2d54abeee..f5e06bac8 100644
---- a/build/parsePreamble.c
-+++ b/build/parsePreamble.c
-@@ -772,7 +772,7 @@ static rpmRC handlePreambleTag(rpmSpec spec, Package pkg, rpmTagVal tag,
- case RPMTAG_VERSION:
- case RPMTAG_RELEASE:
- SINGLE_TOKEN_ONLY;
-- if (rpmCharCheck(spec, field, "._+%{}~"))
-+ if (rpmCharCheck(spec, field, WHITELIST_VERREL))
- goto exit;
- headerPutString(pkg->header, tag, field);
- break;
-diff --git a/build/parseReqs.c b/build/parseReqs.c
-index 2201eebf1..9b081a5ff 100644
---- a/build/parseReqs.c
-+++ b/build/parseReqs.c
-@@ -57,7 +57,7 @@ static rpmRC checkDep(rpmSpec spec, char *N, char *EVR, char **emsg)
- rasprintf(emsg, _("Versioned file name not permitted"));
- return RPMRC_FAIL;
- }
-- if (rpmCharCheck(spec, EVR, ".-_+:%{}~"))
-+ if (rpmCharCheck(spec, EVR, WHITELIST_EVR))
- return RPMRC_FAIL;
- if (checkSep(EVR, '-', emsg) != RPMRC_OK ||
- checkSep(EVR, ':', emsg) != RPMRC_OK ||
-diff --git a/build/rpmbuild_internal.h b/build/rpmbuild_internal.h
-index 86cc549a7..f758e6620 100644
---- a/build/rpmbuild_internal.h
-+++ b/build/rpmbuild_internal.h
-@@ -18,6 +18,8 @@
- #undef HTDATATYPE
-
- #define WHITELIST_NAME ".-_+%{}"
-+#define WHITELIST_VERREL "._+%{}~"
-+#define WHITELIST_EVR WHITELIST_VERREL "-:"
-
- struct TriggerFileEntry {
- int index;
---
-2.23.0
-
diff --git a/SOURCES/0001-Correct-rpm-ql-exit-value-when-optional-p-is-omitted.patch b/SOURCES/0001-Correct-rpm-ql-exit-value-when-optional-p-is-omitted.patch
deleted file mode 100644
index 9f123ba..0000000
--- a/SOURCES/0001-Correct-rpm-ql-exit-value-when-optional-p-is-omitted.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From ce11f04ed529cd84de8981b82c1185c0a30dfdcf Mon Sep 17 00:00:00 2001
-From: Pavlina Moravcova Varekova <pmoravco@redhat.com>
-Date: Thu, 14 Mar 2019 13:23:13 +0100
-Subject: [PATCH] Correct rpm -ql exit value when optional -p is omitted
- (RhBug:1680610)
-
----
- lib/query.c | 6 ++++--
- 1 file changed, 4 insertions(+), 2 deletions(-)
-
-diff --git a/lib/query.c b/lib/query.c
-index e47189ed0..e5408e211 100644
---- a/lib/query.c
-+++ b/lib/query.c
-@@ -568,16 +568,18 @@ int rpmcliArgIter(rpmts ts, QVA_t qva, ARGV_const_t argv)
- break;
- default:
- for (ARGV_const_t arg = argv; arg && *arg; arg++) {
-+ int ecLocal;
- rpmdbMatchIterator mi = initQueryIterator(qva, ts, *arg);
-- ec += rpmcliShowMatches(qva, ts, mi);
-+ ecLocal = rpmcliShowMatches(qva, ts, mi);
- if (mi == NULL && qva->qva_source == RPMQV_PACKAGE) {
- size_t l = strlen(*arg);
- if (l > 4 && !strcmp(*arg + l - 4, ".rpm")) {
- rpmgi gi = rpmgiNew(ts, giFlags, argv);
-- ec += rpmgiShowMatches(qva, ts, gi);
-+ ecLocal = rpmgiShowMatches(qva, ts, gi);
- rpmgiFree(gi);
- }
- }
-+ ec += ecLocal;
- rpmdbFreeIterator(mi);
- }
- break;
---
-2.17.2
-
diff --git a/SOURCES/0001-Detect-kernel-modules-by-.modinfo-section-presence-f.patch b/SOURCES/0001-Detect-kernel-modules-by-.modinfo-section-presence-f.patch
deleted file mode 100644
index e169443..0000000
--- a/SOURCES/0001-Detect-kernel-modules-by-.modinfo-section-presence-f.patch
+++ /dev/null
@@ -1,69 +0,0 @@
-From 68d383c39cef8d58b80940b13dd132d3f41a03f0 Mon Sep 17 00:00:00 2001
-Message-Id: <68d383c39cef8d58b80940b13dd132d3f41a03f0.1571917458.git.pmatilai@redhat.com>
-From: Panu Matilainen <pmatilai@redhat.com>
-Date: Tue, 2 Apr 2019 15:22:07 +0300
-Subject: [PATCH 1/2] Detect kernel modules by .modinfo section presence for
- build-id generation
-
-File extension based heuristics only work so far at best, and break
-completely on compressed files with arbitrary .gz/.xz etc extension.
-This isn't supposed to change any behavior as such, only provide more
-reliable detection of kernel modules.
----
- build/files.c | 27 ++++++++++++++++++++++++---
- 1 file changed, 24 insertions(+), 3 deletions(-)
-
-diff --git a/build/files.c b/build/files.c
-index dbad9a7f3..3822be3d3 100644
---- a/build/files.c
-+++ b/build/files.c
-@@ -1739,6 +1739,28 @@ static int addNewIDSymlink(ARGV_t *files,
- return rc;
- }
-
-+static int haveModinfo(Elf *elf)
-+{
-+ Elf_Scn * scn = NULL;
-+ size_t shstrndx;
-+ int have_modinfo = 0;
-+ const char *sname;
-+
-+ if (elf_getshdrstrndx(elf, &shstrndx) == 0) {
-+ while ((scn = elf_nextscn(elf, scn)) != NULL) {
-+ GElf_Shdr shdr_mem, *shdr = gelf_getshdr(scn, &shdr_mem);
-+ if (shdr == NULL)
-+ continue;
-+ sname = elf_strptr(elf, shstrndx, shdr->sh_name);
-+ if (sname && rstreq(sname, ".modinfo")) {
-+ have_modinfo = 1;
-+ break;
-+ }
-+ }
-+ }
-+ return have_modinfo;
-+}
-+
- static int generateBuildIDs(FileList fl, ARGV_t *files)
- {
- int rc = 0;
-@@ -1803,15 +1825,14 @@ static int generateBuildIDs(FileList fl, ARGV_t *files)
- int fd = open (flp->diskPath, O_RDONLY);
- if (fd >= 0) {
- /* Only real ELF files, that are ET_EXEC, ET_DYN or
-- kernel modules (ET_REL files with names ending in .ko)
-+ kernel modules (ET_REL files with .modinfo section)
- should have build-ids. */
- GElf_Ehdr ehdr;
- Elf *elf = elf_begin (fd, ELF_C_READ, NULL);
- if (elf != NULL && elf_kind(elf) == ELF_K_ELF
- && gelf_getehdr(elf, &ehdr) != NULL
- && (ehdr.e_type == ET_EXEC || ehdr.e_type == ET_DYN
-- || (ehdr.e_type == ET_REL
-- && rpmFileHasSuffix (flp->diskPath, ".ko")))) {
-+ || (ehdr.e_type == ET_REL && haveModinfo(elf)))) {
- const void *build_id;
- ssize_t len = dwelf_elf_gnu_build_id (elf, &build_id);
- /* len == -1 means error. Zero means no
---
-2.21.0
-
diff --git a/SOURCES/0001-Fix-a-blindingly-obvious-memleak-in-package-verify-s.patch b/SOURCES/0001-Fix-a-blindingly-obvious-memleak-in-package-verify-s.patch
deleted file mode 100644
index 0dc7f30..0000000
--- a/SOURCES/0001-Fix-a-blindingly-obvious-memleak-in-package-verify-s.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From 788935c9ea9d2f469f24be10a9fa998594046731 Mon Sep 17 00:00:00 2001
-From: Panu Matilainen <pmatilai@redhat.com>
-Date: Fri, 7 Sep 2018 11:52:33 +0300
-Subject: [PATCH] Fix a blindingly obvious memleak in package verify step
-
-Erm. Introduced in commit 765e2c72ae8be369ada41d4747b8999519a0e327,
-but how on earth did this go unnoticed... *blush*
----
- lib/transaction.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/lib/transaction.c b/lib/transaction.c
-index 205c3f388..3969ad3fc 100644
---- a/lib/transaction.c
-+++ b/lib/transaction.c
-@@ -1261,6 +1261,7 @@ static int verifyPackageFiles(rpmts ts, rpm_loff_t total)
- rpmteAddProblem(p, RPMPROB_VERIFY, NULL, vd.msg, 0);
-
- vd.msg = _free(vd.msg);
-+ rpmvsFree(vs);
- }
- rpmtsNotify(ts, NULL, RPMCALLBACK_VERIFY_STOP, total, total);
-
---
-2.21.0
-
diff --git a/SOURCES/0001-Fix-ancient-python-GIL-locking-bug-on-callback-RhBug.patch b/SOURCES/0001-Fix-ancient-python-GIL-locking-bug-on-callback-RhBug.patch
deleted file mode 100644
index 494634d..0000000
--- a/SOURCES/0001-Fix-ancient-python-GIL-locking-bug-on-callback-RhBug.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From 531dc8495cd3aabd3f659ecab604106fdbacbe98 Mon Sep 17 00:00:00 2001
-Message-Id: <531dc8495cd3aabd3f659ecab604106fdbacbe98.1554974459.git.pmatilai@redhat.com>
-From: Panu Matilainen <pmatilai@redhat.com>
-Date: Wed, 3 Oct 2018 11:51:38 +0300
-Subject: [PATCH] Fix ancient python GIL locking bug on callback
- (RhBug:1632488)
-
-Introduced in commit c7881d801745b4c156a8aa2afc17b95f97481e34 back in 2002,
-synthesizing a python object for the callback occurs before retaking
-the GIL lock, which is not allowed. Somehow this has managed to stay
-latent all these years, and even now requires fairly specific conditions:
-when the callback gets called without an associated key, such as erasures
-or file trigger script start/stop events (in the case of RhBug:1632488),
-when Python 3 is running in PYTHONMALLOC=debug mode,
-it crashes with "Python memory allocator called without holding the GIL".
-
-Simply retake the lock before any Python operations take place to fix.
----
- python/rpmts-py.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/python/rpmts-py.c b/python/rpmts-py.c
-index e4c5e1250..1ddfc9a1e 100644
---- a/python/rpmts-py.c
-+++ b/python/rpmts-py.c
-@@ -495,6 +495,8 @@ rpmtsCallback(const void * hd, const rpmCallbackType what,
-
- if (cbInfo->cb == Py_None) return NULL;
-
-+ PyEval_RestoreThread(cbInfo->_save);
-+
- /* Synthesize a python object for callback (if necessary). */
- if (pkgObj == NULL) {
- if (h) {
-@@ -506,8 +508,6 @@ rpmtsCallback(const void * hd, const rpmCallbackType what,
- } else
- Py_INCREF(pkgObj);
-
-- PyEval_RestoreThread(cbInfo->_save);
--
- args = Py_BuildValue("(iLLOO)", what, amount, total, pkgObj, cbInfo->data);
- result = PyEval_CallObject(cbInfo->cb, args);
- Py_DECREF(args);
---
-2.20.1
-
diff --git a/SOURCES/0001-Fix-memleak-during-transaction-verify-step-in-the-NO.patch b/SOURCES/0001-Fix-memleak-during-transaction-verify-step-in-the-NO.patch
deleted file mode 100644
index d1bb187..0000000
--- a/SOURCES/0001-Fix-memleak-during-transaction-verify-step-in-the-NO.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From 5188a7b35eb3672c9b15e96433e033ee36f8e6a8 Mon Sep 17 00:00:00 2001
-From: Panu Matilainen <pmatilai@redhat.com>
-Date: Tue, 6 Aug 2019 13:06:16 +0300
-Subject: [PATCH] Fix memleak during transaction verify step in the NOKEY case.
-
-Found during RhBug:1714657 QA testing.
-In addition, add a comment to clarify the fallthrough as intentional.
----
- lib/transaction.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/lib/transaction.c b/lib/transaction.c
-index 6e4d4be65..e51cff25a 100644
---- a/lib/transaction.c
-+++ b/lib/transaction.c
-@@ -1226,8 +1226,10 @@ static int vfyCb(struct rpmsinfo_s *sinfo, void *cbdata)
- */
- if (!(vd->vfylevel & RPMSIG_SIGNATURE_TYPE))
- sinfo->rc = RPMRC_OK;
-+ /* fallthrough */
- default:
-- vd->msg = rpmsinfoMsg(sinfo);
-+ if (sinfo->rc)
-+ vd->msg = rpmsinfoMsg(sinfo);
- break;
- }
- return (sinfo->rc == 0);
---
-2.21.0
-
diff --git a/SOURCES/0001-Fix-nasty-setperms-setugids-regression-in-4.14.2-RhB.patch b/SOURCES/0001-Fix-nasty-setperms-setugids-regression-in-4.14.2-RhB.patch
deleted file mode 100644
index a5c45e7..0000000
--- a/SOURCES/0001-Fix-nasty-setperms-setugids-regression-in-4.14.2-RhB.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-From 0d83637769b8a122b1e80f2e960ea1bbae8b4f10 Mon Sep 17 00:00:00 2001
-Message-Id: <0d83637769b8a122b1e80f2e960ea1bbae8b4f10.1540199566.git.pmatilai@redhat.com>
-From: Panu Matilainen <pmatilai@redhat.com>
-Date: Mon, 22 Oct 2018 10:52:39 +0300
-Subject: [PATCH] Fix nasty --setperms/--setugids regression in 4.14.2 (RhBug:
- 1640470)
-
-Commit 38c2f6e160d5ed3e9c3a266139c7eb2632724c15 causes --setperms and
---setugids follow symlinks instead of skipping them.
-
-In case of --setperms, all encountered symlinks will have their
-target file/directory permissions set to the 0777 of the link itself
-(so world writable etc but suid/sgid stripped), temporarily or permanently,
-depending on whether the symlink occurs before or after it's target in the
-package file list. When the link occurs before its target, there's a short
-window where the target is world writable before having it's permissions
-reset to original, making it particularly bad for suid/sgid binaries.
-
---setugids is similarly affected with link targets owner/group changing
-to that of the symlink.
-
-Add missing parentheses to the conditions introduced in commit
-38c2f6e160d5ed3e9c3a266139c7eb2632724c15 to fix.
-Reported by Karel Srot, patch by Pavlina Moravcova Varekova.
----
- rpmpopt.in | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/rpmpopt.in b/rpmpopt.in
-index 8aaa91f11..42d3416a3 100644
---- a/rpmpopt.in
-+++ b/rpmpopt.in
-@@ -44,14 +44,14 @@ rpm alias --scripts --qf '\
- --POPTdesc=$"list install/erase scriptlets from package(s)"
-
- rpm alias --setperms -q --qf '[\[ -L %{FILENAMES:shescape} \] || \
-- \[ $((%{FILEFLAGS} & 2#1001000)) != 0 \] && \[ ! -e %{FILENAMES:shescape} \] || \
-+ ( \[ $((%{FILEFLAGS} & 2#1001000)) != 0 \] && \[ ! -e %{FILENAMES:shescape} \] ) || \
- chmod %7{FILEMODES:octal} %{FILENAMES:shescape}\n]' \
- --pipe "grep -v \(none\) | grep '^. -L ' | sed 's/chmod .../chmod /' | sh" \
- --POPTdesc=$"set permissions of files in a package"
-
- rpm alias --setugids -q --qf \
- '[ch %{FILEUSERNAME:shescape} %{FILEGROUPNAME:shescape} %{FILENAMES:shescape} %{FILEFLAGS}\n]' \
-- --pipe "(echo 'ch() { \[ $(($4 & 2#1001000)) != 0 \] && \[ ! -e \"$3\" \] || \
-+ --pipe "(echo 'ch() { ( \[ $(($4 & 2#1001000)) != 0 \] && \[ ! -e \"$3\" \] ) || \
- (chown -h -- \"$1\" \"$3\";chgrp -h -- \"$2\" \"$3\";) }'; \
- grep '^ch '|grep -v \(none\))|sh" \
- --POPTdesc=$"set user/group ownership of files in a package"
---
-2.17.2
-
diff --git a/SOURCES/0001-Fix-off-by-one-in-hdrblobGet-making-last-entry-unrea.patch b/SOURCES/0001-Fix-off-by-one-in-hdrblobGet-making-last-entry-unrea.patch
deleted file mode 100644
index 14d4b1e..0000000
--- a/SOURCES/0001-Fix-off-by-one-in-hdrblobGet-making-last-entry-unrea.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From e219c9548d16a3c18dd261f7043bb8d221b87c77 Mon Sep 17 00:00:00 2001
-From: Panu Matilainen <pmatilai@redhat.com>
-Date: Wed, 31 Jul 2019 11:56:26 +0300
-Subject: [PATCH] Fix off-by-one in hdrblobGet() making last entry unreachable
- (RhBug:1722921)
-
-hdrblobGet() introduced in commits acfde0d0e812e9f8e153ab6be8c9f2682bdd4763
-and 9821de18811db97238c34a564221e315f5f35b44 has an off-by-one thinko
-(perhaps the idea was to skip the first, region tag) which causes
-the last entry to be unreachable. In typical packages, that is
-RPMSIG_PAYLOADSIZE which is not used at all in this context so it doesn't
-matter, but in large packages use RPMSIG_LONGARCHIVESIZE which has a lower
-tag number and leaves either RPMSIGTAG_MD5 or RPMSIGTAG_GPG last,
-unreachable and thus unverifiable. Oops.
-
-This fixes the regression introduced in rpm 4.14, affecting verification
-of large packages (ie having RPMSIG_LONGARCHIVESIZE)
----
- lib/header.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/lib/header.c b/lib/header.c
-index 33623884a..9ec7ed0e4 100644
---- a/lib/header.c
-+++ b/lib/header.c
-@@ -2015,7 +2015,7 @@ rpmRC hdrblobGet(hdrblob blob, uint32_t tag, rpmtd td)
- memset(&einfo, 0, sizeof(einfo));
- rpmtdReset(td);
-
-- for (int i = 1; i < blob->il; i++, pe++) {
-+ for (int i = 0; i < blob->il; i++, pe++) {
- if (pe->tag != ntag)
- continue;
- ei2h(pe, &einfo);
---
-2.21.0
-
diff --git a/SOURCES/0001-Fix-packages-getting-erased-on-failed-update-with-dn.patch b/SOURCES/0001-Fix-packages-getting-erased-on-failed-update-with-dn.patch
deleted file mode 100644
index c1dfffe..0000000
--- a/SOURCES/0001-Fix-packages-getting-erased-on-failed-update-with-dn.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From a144c29831a39ed303d6ea8d2ae91e1c36d64c84 Mon Sep 17 00:00:00 2001
-Message-Id: <a144c29831a39ed303d6ea8d2ae91e1c36d64c84.1559799452.git.pmatilai@redhat.com>
-From: Panu Matilainen <pmatilai@redhat.com>
-Date: Wed, 15 May 2019 13:51:19 +0300
-Subject: [PATCH] Fix packages getting erased on failed update with dnf
- (RhBug:1620275)
-
-When adding update elements, we set the erase element to depend on the
-install element, but if an API user adds the same erasure manually
-after adding the update, we know its a duplicate erasure and filter
-it out, BUT we zero out the dependent element in the process. And
-if installing the update now fails, we end up removing the whole package
-due to that missing dependent element.
-
-This never happens with rpm itself so we can't easily test it, but is
-100% reproducable with dnf (at least dnf 3-4). Apparently it adds all
-erasures by itself (which is kind of understandable I guess, perhaps
-we should better allow this in the API)
----
- lib/depends.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/lib/depends.c b/lib/depends.c
-index 6e9866eae..f8a6084ab 100644
---- a/lib/depends.c
-+++ b/lib/depends.c
-@@ -121,7 +121,8 @@ static int removePackage(rpmts ts, Header h, rpmte depends)
-
- /* Filter out duplicate erasures. */
- if (packageHashGetEntry(tsmem->removedPackages, dboffset, &pp, NULL, NULL)) {
-- rpmteSetDependsOn(pp[0], depends);
-+ if (depends)
-+ rpmteSetDependsOn(pp[0], depends);
- return 0;
- }
-
---
-2.21.0
-
diff --git a/SOURCES/0001-Fix-rpmfiles-memory-leak-on-postuntrans-file-trigger.patch b/SOURCES/0001-Fix-rpmfiles-memory-leak-on-postuntrans-file-trigger.patch
deleted file mode 100644
index ff18186..0000000
--- a/SOURCES/0001-Fix-rpmfiles-memory-leak-on-postuntrans-file-trigger.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 475af64f64cbc210c87588d425fa9a14cd9760b6 Mon Sep 17 00:00:00 2001
-From: Panu Matilainen <pmatilai@redhat.com>
-Date: Wed, 29 May 2019 11:38:53 +0300
-Subject: [PATCH] Fix rpmfiles memory leak on %postuntrans file trigger
- preparation
-
----
- lib/rpmtriggers.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/lib/rpmtriggers.c b/lib/rpmtriggers.c
-index cb2441c5a..b7c76e7fc 100644
---- a/lib/rpmtriggers.c
-+++ b/lib/rpmtriggers.c
-@@ -154,6 +154,7 @@ void rpmtriggersPrepPostUnTransFileTrigs(rpmts ts, rpmte te)
- }
- }
- rpmdbFreeIterator(mi);
-+ rpmfilesFree(files);
- }
-
- int runPostUnTransFileTrigs(rpmts ts)
---
-2.21.0
-
diff --git a/SOURCES/0001-Fix-segfault-on-fingerprinting-symlink-round-RhBug-1.patch b/SOURCES/0001-Fix-segfault-on-fingerprinting-symlink-round-RhBug-1.patch
deleted file mode 100644
index a3faebb..0000000
--- a/SOURCES/0001-Fix-segfault-on-fingerprinting-symlink-round-RhBug-1.patch
+++ /dev/null
@@ -1,60 +0,0 @@
-From 050b392f8c11d111379e0d2bac52762beb97b3ae Mon Sep 17 00:00:00 2001
-Message-Id: <050b392f8c11d111379e0d2bac52762beb97b3ae.1559645935.git.pmatilai@redhat.com>
-From: Panu Matilainen <pmatilai@redhat.com>
-Date: Tue, 2 Apr 2019 12:57:11 +0300
-Subject: [PATCH] Fix segfault on fingerprinting symlink round (RhBug:1660232)
-
-Both yum and dnf perform a test-transaction before the real thing,
-and both neglet to check for an error code from the test-transaction
-when there are no problem objects to return. Which can happen in
-some special cases, such a using different vsflags between initial
-package read and transaction (which is what both yum and dnf do),
-which can cause the in-transaction package open fail on corrupt packages.
-And when this failed transaction is fed back to rpmtsRun(), it
-segfaults in fingerprinting as the second loop of symlink checking
-doesn't check for NULL's element files like the first loop does.
-
-Add the missing NULL check and remove bogus "can't happen" comment to fix.
-
-FWIW, the scenario with different vsflags and corrupted packages doesn't
-happen by default in rpm >= 4.14.2, the corrupt package gets caught
-in the verify stage which does create problem objects and thus both
-yum and dnf abort as they should.
----
- lib/fprint.c | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/lib/fprint.c b/lib/fprint.c
-index b810e4d2b..ab1891961 100644
---- a/lib/fprint.c
-+++ b/lib/fprint.c
-@@ -488,7 +488,7 @@ void fpCachePopulate(fingerPrintCache fpc, rpmts ts, int fileCount)
- (void) rpmsqPoll();
-
- if ((fi = rpmteFiles(p)) == NULL)
-- continue; /* XXX can't happen */
-+ continue;
-
- (void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_FINGERPRINT), 0);
- rpmfilesFpLookup(fi, fpc);
-@@ -522,6 +522,9 @@ void fpCachePopulate(fingerPrintCache fpc, rpmts ts, int fileCount)
- while ((p = rpmtsiNext(pi, 0)) != NULL) {
- (void) rpmsqPoll();
-
-+ if ((fi = rpmteFiles(p)) == NULL)
-+ continue;
-+
- fs = rpmteGetFileStates(p);
- fc = rpmfsFC(fs);
- (void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_FINGERPRINT), 0);
-@@ -531,6 +534,7 @@ void fpCachePopulate(fingerPrintCache fpc, rpmts ts, int fileCount)
- fpLookupSubdir(symlinks, fpc, p, i);
- }
- (void) rpmswExit(rpmtsOp(ts, RPMTS_OP_FINGERPRINT), 0);
-+ rpmfilesFree(fi);
- }
- rpmtsiFree(pi);
-
---
-2.21.0
-
diff --git a/SOURCES/0001-Fix-testing-for-wrong-variable-in-selinux-plugin-deb.patch b/SOURCES/0001-Fix-testing-for-wrong-variable-in-selinux-plugin-deb.patch
deleted file mode 100644
index 7d99a49..0000000
--- a/SOURCES/0001-Fix-testing-for-wrong-variable-in-selinux-plugin-deb.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From 66e0c929b203d684a4f58135f42435fcc29cdd51 Mon Sep 17 00:00:00 2001
-Message-Id: <66e0c929b203d684a4f58135f42435fcc29cdd51.1554982695.git.pmatilai@redhat.com>
-From: Panu Matilainen <pmatilai@redhat.com>
-Date: Wed, 10 Oct 2018 12:00:19 +0300
-Subject: [PATCH] Fix testing for wrong variable in selinux plugin debug log
-
-The strerror() case couldn't be reached as we were testing for the
-wrong rc, spotted by covscan.
----
- plugins/selinux.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/plugins/selinux.c b/plugins/selinux.c
-index 3c9d9e4ab..accd47416 100644
---- a/plugins/selinux.c
-+++ b/plugins/selinux.c
-@@ -169,7 +169,7 @@ static rpmRC selinux_fsm_file_prepare(rpmPlugin plugin, rpmfi fi,
-
- if (rpmIsDebug()) {
- rpmlog(RPMLOG_DEBUG, "lsetfilecon: (%s, %s) %s\n",
-- path, scon, (rc < 0 ? strerror(errno) : ""));
-+ path, scon, (conrc < 0 ? strerror(errno) : ""));
- }
-
- if (conrc == 0 || (conrc < 0 && errno == EOPNOTSUPP))
---
-2.20.1
-
diff --git a/SOURCES/0001-Handle-unsupported-digests-the-same-as-disabled-ones.patch b/SOURCES/0001-Handle-unsupported-digests-the-same-as-disabled-ones.patch
deleted file mode 100644
index 39f84d4..0000000
--- a/SOURCES/0001-Handle-unsupported-digests-the-same-as-disabled-ones.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From 74766d30b95f1575df8a42d185f2643caa235a8b Mon Sep 17 00:00:00 2001
-Message-Id: <74766d30b95f1575df8a42d185f2643caa235a8b.1543835412.git.pmatilai@redhat.com>
-From: Panu Matilainen <pmatilai@redhat.com>
-Date: Fri, 23 Nov 2018 12:47:27 +0200
-Subject: [PATCH] Handle unsupported digests the same as disabled ones
- (RhBug:1652529)
-
-A digest type unsupported by the underlying crypto library (whether
-technically or by configuration) does not mean the digest is invalid,
-it just cannot be used. Which for the purposes of verification is the
-same as if that digest didn't exist at all, and that's exactly how we
-handle digests and signatures disabled by configuration.
-
-One particular case is FIPS mode which globally disables the use of MD5,
-which we mishandled prior to this by showing it as OK in verification
-despite actually not verifying it at all.
-
-The exact place for handling this case is a bit subtle: the "obvious"
-place for checking for supported type is in rpmvsInitRange() but this
-doesn't work because of rpmDigestBundleAddID() return code semantics.
-The other "obvious" place would be rpmvsVerify(), but by that point
-we have even more funny cases to consider. So for now, it's actually
-easiest to check for this in rpmvsFiniRange() even if it's not the
-most obvious place for doing so. Might want to change the
-rpmDigestBundleAddID() semantics later, but this makes for a nicer
-backport (we'll need this in 4.14.x too).
----
- lib/rpmvs.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/lib/rpmvs.c b/lib/rpmvs.c
-index 7b5b86f8e..622e48011 100644
---- a/lib/rpmvs.c
-+++ b/lib/rpmvs.c
-@@ -388,6 +388,9 @@ void rpmvsFiniRange(struct rpmvs_s *sis, int range)
-
- if (sinfo->range == range && sinfo->rc == RPMRC_OK) {
- sinfo->ctx = rpmDigestBundleDupCtx(sis->bundle, sinfo->id);
-+ /* Handle unsupported digests the same as disabled ones */
-+ if (sinfo->ctx == NULL)
-+ sinfo->rc = RPMRC_NOTFOUND;
- rpmDigestBundleFinal(sis->bundle, sinfo->id, NULL, NULL, 0);
- }
- }
---
-2.19.2
-
diff --git a/SOURCES/0001-Honor-PYTHON-from-configure-when-running-tests.patch b/SOURCES/0001-Honor-PYTHON-from-configure-when-running-tests.patch
index b44441e..b39c52b 100644
--- a/SOURCES/0001-Honor-PYTHON-from-configure-when-running-tests.patch
+++ b/SOURCES/0001-Honor-PYTHON-from-configure-when-running-tests.patch
@@ -28,31 +28,26 @@ index eaf817cc2..21ca216a8 100644
EXTRA_DIST += atlocal.in
diff --git a/tests/atlocal.in b/tests/atlocal.in
index d7d837f45..3b1474b56 100644
---- a/tests/atlocal.in
-+++ b/tests/atlocal.in
-@@ -3,7 +3,8 @@ export LD_LIBRARY_PATH
+--- rpm-4.14.3/tests/atlocal.in.orig 2020-04-28 14:19:26.866602968 +0200
++++ rpm-4.14.3/tests/atlocal.in 2020-04-28 14:21:07.977910054 +0200
+@@ -3,7 +3,8 @@
PATH="${abs_builddir}/testing@rpmbindir@:${abs_builddir}/testing@usrbindir@:$PATH"
export PATH
--PYLIBDIR=`python -c "from distutils.sysconfig import get_python_lib; import sys; sys.stdout.write(get_python_lib(1,0,'@execprefix@'))"`
+-PYLIBDIR=`python2 -c "from distutils.sysconfig import get_python_lib; import sys; sys.stdout.write(get_python_lib(1,0,'@execprefix@'))"`
+PYTHON=@PYTHON@
+PYLIBDIR=$(${PYTHON} -c "from distutils.sysconfig import get_python_lib; import sys; sys.stdout.write(get_python_lib(1,0,'@execprefix@'))")
PYTHONPATH="${abs_builddir}/testing${PYLIBDIR}"
export PYTHONPATH
-diff --git a/tests/local.at b/tests/local.at
-index 48c5d3f96..4952b9d61 100644
---- a/tests/local.at
-+++ b/tests/local.at
-@@ -17,7 +17,7 @@ def myprint(msg = ''):
+--- rpm-4.14.3/tests/local.at.orig 2020-04-28 14:28:33.106664317 +0200
++++ rpm-4.14.3/tests/local.at 2020-04-28 14:29:02.064038653 +0200
+@@ -18,7 +18,7 @@
sys.stdout.write('%s\n' % msg)
$1
EOF
--python test.py
-+${PYTHON} test.py
+-python2 test.py
++${PYTHON} test.py test.py
]])
m4_define([RPMPY_CHECK],[
---
-2.21.0
-
diff --git a/SOURCES/0001-Log-RPMLOG_ERR-level-messages-on-actual-errors-in-se.patch b/SOURCES/0001-Log-RPMLOG_ERR-level-messages-on-actual-errors-in-se.patch
deleted file mode 100644
index 312d9cc..0000000
--- a/SOURCES/0001-Log-RPMLOG_ERR-level-messages-on-actual-errors-in-se.patch
+++ /dev/null
@@ -1,86 +0,0 @@
-From 8cbe8baf9c3ff4754369bcd29441df14ecc6889d Mon Sep 17 00:00:00 2001
-Message-Id: <8cbe8baf9c3ff4754369bcd29441df14ecc6889d.1554982512.git.pmatilai@redhat.com>
-From: Panu Matilainen <pmatilai@redhat.com>
-Date: Thu, 14 Feb 2019 13:12:49 +0200
-Subject: [PATCH] Log RPMLOG_ERR level messages on actual errors in selinux
- plugin, doh.
-
-When there's an actual error, people will want to know without having
-to rerun in verbose mode. Such as in RhBug:1641631 where configured
-selinux policy differs from what is installed - the former message
-
- error: Plugin selinux: hook tsm_pre failed
-
-...is not particularly helpful to anybody, whereas this actually provides
-some clues now:
-
- error: selabel_open: (/etc/selinux/ponies/contexts/files/file_contexts) No such file or directory
- error: Plugin selinux: hook tsm_pre failed
----
- plugins/selinux.c | 19 +++++++++----------
- 1 file changed, 9 insertions(+), 10 deletions(-)
-
-diff --git a/plugins/selinux.c b/plugins/selinux.c
-index accd47416..f1caf257c 100644
---- a/plugins/selinux.c
-+++ b/plugins/selinux.c
-@@ -12,6 +12,11 @@
-
- static struct selabel_handle * sehandle = NULL;
-
-+static inline rpmlogLvl loglvl(int iserror)
-+{
-+ return iserror ? RPMLOG_ERR : RPMLOG_DEBUG;
-+}
-+
- static void sehandle_fini(int close_status)
- {
- if (sehandle) {
-@@ -47,7 +52,7 @@ static rpmRC sehandle_init(int open_status)
-
- sehandle = selabel_open(SELABEL_CTX_FILE, opts, 1);
-
-- rpmlog(RPMLOG_DEBUG, "selabel_open: (%s) %s\n",
-+ rpmlog(loglvl(sehandle == NULL), "selabel_open: (%s) %s\n",
- path, (sehandle == NULL ? strerror(errno) : ""));
-
- return (sehandle != NULL) ? RPMRC_OK : RPMRC_FAIL;
-@@ -125,10 +130,8 @@ static rpmRC selinux_scriptlet_fork_post(rpmPlugin plugin,
- if ((xx = setexeccon(newcon)) == 0)
- rc = RPMRC_OK;
-
-- if (rpmIsDebug()) {
-- rpmlog(RPMLOG_DEBUG, "setexeccon: (%s, %s) %s\n",
-+ rpmlog(loglvl(xx < 0), "setexeccon: (%s, %s) %s\n",
- path, newcon, (xx < 0 ? strerror(errno) : ""));
-- }
-
- exit:
- context_free(con);
-@@ -143,10 +146,8 @@ exit:
- if ((xx = setexecfilecon(path, "rpm_script_t") == 0))
- rc = RPMRC_OK;
-
-- if (rpmIsDebug()) {
-- rpmlog(RPMLOG_DEBUG, "setexecfilecon: (%s) %s\n",
-+ rpmlog(loglvl(xx < 0), "setexecfilecon: (%s) %s\n",
- path, (xx < 0 ? strerror(errno) : ""));
-- }
- #endif
- /* If selinux is not enforcing, we don't care either */
- if (rc && security_getenforce() < 1)
-@@ -167,10 +168,8 @@ static rpmRC selinux_fsm_file_prepare(rpmPlugin plugin, rpmfi fi,
- if (selabel_lookup_raw(sehandle, &scon, dest, file_mode) == 0) {
- int conrc = lsetfilecon(path, scon);
-
-- if (rpmIsDebug()) {
-- rpmlog(RPMLOG_DEBUG, "lsetfilecon: (%s, %s) %s\n",
-+ rpmlog(loglvl(conrc < 0), "lsetfilecon: (%s, %s) %s\n",
- path, scon, (conrc < 0 ? strerror(errno) : ""));
-- }
-
- if (conrc == 0 || (conrc < 0 && errno == EOPNOTSUPP))
- rc = RPMRC_OK;
---
-2.20.1
-
diff --git a/SOURCES/0001-Make-rpmsign-exit-values-more-consistent-with-our-ot.patch b/SOURCES/0001-Make-rpmsign-exit-values-more-consistent-with-our-ot.patch
deleted file mode 100644
index c186017..0000000
--- a/SOURCES/0001-Make-rpmsign-exit-values-more-consistent-with-our-ot.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From 2ec0832287bd1443ebf336f8a98293f30bfa2036 Mon Sep 17 00:00:00 2001
-Message-Id: <2ec0832287bd1443ebf336f8a98293f30bfa2036.1554983205.git.pmatilai@redhat.com>
-From: Panu Matilainen <pmatilai@redhat.com>
-Date: Mon, 18 Mar 2019 15:24:54 +0200
-Subject: [PATCH 1/3] Make rpmsign exit values more consistent with our other
- tools
-
-rpmPkgSign*() return -1 for failure, which is not that helpful when
-returned to shell and the way it was counted could easily wrap around
-when signing multiple packages. Return number of failures similarly to
-how rpm -q and frieds does, avoid overflows and xargs special value 255.
----
- rpmsign.c | 8 +++++---
- 1 file changed, 5 insertions(+), 3 deletions(-)
-
-diff --git a/rpmsign.c b/rpmsign.c
-index ae86f666d..1a5cd59c2 100644
---- a/rpmsign.c
-+++ b/rpmsign.c
-@@ -134,7 +134,8 @@ static int doSign(poptContext optCon, struct rpmSignArgs *sargs)
- const char *arg;
- rc = 0;
- while ((arg = poptGetArg(optCon)) != NULL) {
-- rc += rpmPkgSign(arg, sargs);
-+ if (rpmPkgSign(arg, sargs) < 0)
-+ rc++;
- }
-
- exit:
-@@ -175,7 +176,8 @@ int main(int argc, char *argv[])
- case MODE_DELSIGN:
- ec = 0;
- while ((arg = poptGetArg(optCon)) != NULL) {
-- ec += rpmPkgDelSign(arg, &sargs);
-+ if (rpmPkgDelSign(arg, &sargs) < 0)
-+ ec++;
- }
- break;
- case MODE_NONE:
-@@ -188,5 +190,5 @@ int main(int argc, char *argv[])
-
- exit:
- rpmcliFini(optCon);
-- return ec;
-+ return RETVAL(ec);
- }
---
-2.20.1
-
diff --git a/SOURCES/0001-Only-read-through-payload-on-verify-if-actually-need.patch b/SOURCES/0001-Only-read-through-payload-on-verify-if-actually-need.patch
index 6da9775..f77c039 100644
--- a/SOURCES/0001-Only-read-through-payload-on-verify-if-actually-need.patch
+++ b/SOURCES/0001-Only-read-through-payload-on-verify-if-actually-need.patch
@@ -61,20 +61,16 @@ index 622e48011..0d475af86 100644
static int sinfoCmp(const void *a, const void *b)
{
const struct rpmsinfo_s *sa = a;
-diff --git a/lib/rpmvs.h b/lib/rpmvs.h
-index b27d9a612..a836d5c94 100644
---- a/lib/rpmvs.h
-+++ b/lib/rpmvs.h
-@@ -75,6 +75,9 @@ void rpmvsInitRange(struct rpmvs_s *sis, int range);
- RPM_GNUC_INTERNAL
+--- rpm-4.14.3/lib/rpmvs.h.orig 2020-04-28 10:57:19.727347211 +0200
++++ rpm-4.14.3/lib/rpmvs.h 2020-04-28 10:57:43.622612015 +0200
+@@ -66,6 +66,8 @@
+
void rpmvsFiniRange(struct rpmvs_s *sis, int range);
-+RPM_GNUC_INTERNAL
-+int rpmvsRange(struct rpmvs_s *vs);
++int rpmvsRange(struct rpmvs_s *vs);
+
- RPM_GNUC_INTERNAL
int rpmvsVerify(struct rpmvs_s *sis, int type,
rpmsinfoCb cb, void *cbdata);
+
--
2.20.1
-
diff --git a/SOURCES/0001-Remove-capabilities-instead-of-setting-empty-caps-vi.patch b/SOURCES/0001-Remove-capabilities-instead-of-setting-empty-caps-vi.patch
deleted file mode 100644
index 23ddb28..0000000
--- a/SOURCES/0001-Remove-capabilities-instead-of-setting-empty-caps-vi.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From b4178c979fff344a1c5142a305f274dd9aff8f45 Mon Sep 17 00:00:00 2001
-From: Markus Linnala <markus.linnala@gmail.com>
-Date: Sun, 28 Oct 2018 14:59:52 +0200
-Subject: [PATCH] Remove capabilities instead of setting empty caps via.
- --setcaps
-
-If a file in a package does not have any capabilities rpm --setcaps should
-remove capabilities of the file. Prior to this patch capabilities of the file
-were set as empty.
-
-Empty capabilities mean more than no capabilities. A file with no capabilities
-can inherit capabilities, but file with empty capabilities can not.
-
-When ever package does not have any capabilities set %|FILECAPS? is false.
-If some files have capabilities, %|FILECAPS? is true but %{FILECAPS} is ''
-when the file does not have capabilities and '= <capstring>' when there is some.
-
-Reported and patch created by Markus Linnala
-Commit message edited by Pavlina Moravcova Varekova and Florian Festi.
-
-Fixes #585
-Fixes #586
----
- rpmpopt.in | 9 +++++++--
- 1 file changed, 7 insertions(+), 2 deletions(-)
-
-diff --git a/rpmpopt.in b/rpmpopt.in
-index 42d3416a3..557050a24 100644
---- a/rpmpopt.in
-+++ b/rpmpopt.in
-@@ -57,8 +57,13 @@ rpm alias --setugids -q --qf \
- --POPTdesc=$"set user/group ownership of files in a package"
-
- rpm alias --setcaps -q --qf \
-- "[\[ -f %{FILENAMES:shescape} -a ! -L %{FILENAMES:shescape} \] \
-- && setcap %|FILECAPS?{%{FILECAPS:shescape}}:{''}| %{FILENAMES:shescape}\n]" \
-+ "[if \[ -f %{FILENAMES:shescape} -a ! -L %{FILENAMES:shescape} \]; then\n\
-+%|FILECAPS?{ if \[ -n %{FILECAPS:shescape} \]; then\n\
-+ setcap %{FILECAPS:shescape} %{FILENAMES:shescape}\n\
-+ el}:{ }|if \[ -n \"\$(getcap %{FILENAMES:shescape})\" \]; then\n\
-+ setcap -r %{FILENAMES:shescape}\n\
-+ fi\n\
-+fi\n]" \
- --pipe "sh" \
- --POPTdesc=$"set capabilities of files in a package"
-
---
-2.21.0
-
diff --git a/SOURCES/0001-Show-list-of-files-only-once-when-use-rpm-ql-and-mul.patch b/SOURCES/0001-Show-list-of-files-only-once-when-use-rpm-ql-and-mul.patch
deleted file mode 100644
index 863ac43..0000000
--- a/SOURCES/0001-Show-list-of-files-only-once-when-use-rpm-ql-and-mul.patch
+++ /dev/null
@@ -1,57 +0,0 @@
-From 8dd8e37acc79da1ce0a36c3f86650defa474a6a9 Mon Sep 17 00:00:00 2001
-From: Pavlina Moravcova Varekova <pmoravco@redhat.com>
-Date: Thu, 14 Mar 2019 13:56:26 +0100
-Subject: [PATCH] Show list of files only once when use rpm -ql and multiple
- rpm files
-
----
- lib/query.c | 3 ++-
- tests/rpmquery.at | 18 ++++++++++++++++++
- 2 files changed, 20 insertions(+), 1 deletion(-)
-
-diff --git a/lib/query.c b/lib/query.c
-index e5408e211..7568f67aa 100644
---- a/lib/query.c
-+++ b/lib/query.c
-@@ -574,7 +574,8 @@ int rpmcliArgIter(rpmts ts, QVA_t qva, ARGV_const_t argv)
- if (mi == NULL && qva->qva_source == RPMQV_PACKAGE) {
- size_t l = strlen(*arg);
- if (l > 4 && !strcmp(*arg + l - 4, ".rpm")) {
-- rpmgi gi = rpmgiNew(ts, giFlags, argv);
-+ char * const argFirst[2] = { arg[0], NULL };
-+ rpmgi gi = rpmgiNew(ts, giFlags, argFirst);
- ecLocal = rpmgiShowMatches(qva, ts, gi);
- rpmgiFree(gi);
- }
-diff --git a/tests/rpmquery.at b/tests/rpmquery.at
-index ab7bb3c46..0dc6d78b6 100644
---- a/tests/rpmquery.at
-+++ b/tests/rpmquery.at
-@@ -61,6 +61,24 @@ hello.spec
- [ignore])
- AT_CLEANUP
-
-+# ------------------------------
-+AT_SETUP([rpm -ql multiple *.rpm])
-+AT_KEYWORDS([query])
-+AT_CHECK([
-+runroot rpm \
-+ -ql \
-+ /data/SRPMS/hello-1.0-1.src.rpm /data/RPMS/hello-1.0-1.i386.rpm
-+],
-+[0],
-+[hello-1.0.tar.gz
-+hello.spec
-+/usr/local/bin/hello
-+/usr/share/doc/hello-1.0
-+/usr/share/doc/hello-1.0/FAQ
-+],
-+[ignore])
-+AT_CLEANUP
-+
- # ------------------------------
- AT_SETUP([rpmspec -q])
- AT_KEYWORDS([query])
---
-2.17.2
-
diff --git a/SOURCES/0001-Sort-list-of-hard-linked-files-in-find-debuginfo.sh-.patch b/SOURCES/0001-Sort-list-of-hard-linked-files-in-find-debuginfo.sh-.patch
deleted file mode 100644
index ae7d4e0..0000000
--- a/SOURCES/0001-Sort-list-of-hard-linked-files-in-find-debuginfo.sh-.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From 35b09eed946a7e2f2f327531b692c9f768bf9e3b Mon Sep 17 00:00:00 2001
-From: Pavlina Moravcova Varekova <pmoravco@redhat.com>
-Date: Sun, 7 Apr 2019 07:23:47 +0200
-Subject: [PATCH] Sort list of hard linked files in find-debuginfo.sh
- (RhBug:1421272)
-
-It helps to make build results reproducible. Based on Mark Wielaard's idea.
----
- scripts/find-debuginfo.sh | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/scripts/find-debuginfo.sh b/scripts/find-debuginfo.sh
-index c75d176ac..23286139e 100755
---- a/scripts/find-debuginfo.sh
-+++ b/scripts/find-debuginfo.sh
-@@ -350,7 +350,7 @@ trap 'rm -rf "$temp"' EXIT
- touch "$temp/primary"
- find "$RPM_BUILD_ROOT" ! -path "${debugdir}/*.debug" -type f \
- \( -perm -0100 -or -perm -0010 -or -perm -0001 \) \
-- -print |
-+ -print | LC_ALL=C sort |
- file -N -f - | sed -n -e 's/^\(.*\):[ ]*.*ELF.*, not stripped.*/\1/p' |
- xargs --no-run-if-empty stat -c '%h %D_%i %n' |
- while read nlinks inum f; do
---
-2.17.2
-
diff --git a/SOURCES/0001-Use-dpbath-only-with-full-path-RhBug-1696408.patch b/SOURCES/0001-Use-dpbath-only-with-full-path-RhBug-1696408.patch
deleted file mode 100644
index f753e38..0000000
--- a/SOURCES/0001-Use-dpbath-only-with-full-path-RhBug-1696408.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From d313baf1d3a4756447e398ee55f8c6760f942d50 Mon Sep 17 00:00:00 2001
-From: Pavlina Moravcova Varekova <pmoravco@redhat.com>
-Date: Wed, 24 Apr 2019 10:29:14 +0200
-Subject: [PATCH] Use --dpbath only with full path (RhBug:1696408)
-
-Before the patch rpm treats the relative path as a full path.
-The new behavior is similar to the "--root" option.
----
- lib/poptALL.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/lib/poptALL.c b/lib/poptALL.c
-index 9983c1e62..69fd49846 100644
---- a/lib/poptALL.c
-+++ b/lib/poptALL.c
-@@ -147,6 +147,10 @@ static void rpmcliAllArgCallback( poptContext con,
- break;
- case POPT_DBPATH:
- rpmcliConfigured();
-+ if (arg && arg[0] != '/') {
-+ fprintf(stderr, _("arguments to --dbpath must begin with '/'\n"));
-+ exit(EXIT_FAILURE);
-+ }
- rpmPushMacro(NULL, "_dbpath", NULL, arg, RMIL_CMDLINE);
- break;
- case POPT_SHOWVERSION:
---
-2.21.0
-
diff --git a/SOURCES/0001-rpmpgp-Handle-EOF-without-EOL-better-at-END-PGP.patch b/SOURCES/0001-rpmpgp-Handle-EOF-without-EOL-better-at-END-PGP.patch
deleted file mode 100644
index f40418f..0000000
--- a/SOURCES/0001-rpmpgp-Handle-EOF-without-EOL-better-at-END-PGP.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From 655c4c72a3467037abd51aab29f0300e97caf54c Mon Sep 17 00:00:00 2001
-Message-Id: <655c4c72a3467037abd51aab29f0300e97caf54c.1571919390.git.pmatilai@redhat.com>
-From: Stepan Broz <sbroz@redhat.com>
-Date: Thu, 25 Jul 2019 11:00:47 +0200
-Subject: [PATCH] rpmpgp: Handle EOF without EOL better at END PGP
-
----
- rpmio/rpmpgp.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c
-index 061751a4d..46cd0f31a 100644
---- a/rpmio/rpmpgp.c
-+++ b/rpmio/rpmpgp.c
-@@ -1289,9 +1289,10 @@ static pgpArmor decodePkts(uint8_t *b, uint8_t **pkt, size_t *pktlen)
- goto exit;
- }
- t += (sizeof("-----")-1);
-- if (t >= te) continue;
-+ /* Handle EOF without EOL here, *t == '\0' at EOF */
-+ if (*t && (t >= te)) continue;
- /* XXX permitting \r here is not RFC-2440 compliant <shrug> */
-- if (!(*t == '\n' || *t == '\r')) continue;
-+ if (!(*t == '\n' || *t == '\r' || *t == '\0')) continue;
-
- crcdec = NULL;
- crclen = 0;
---
-2.21.0
-
diff --git a/SOURCES/0001-rpmsign-man-page-Add-line-about-rpmsign-requiring-a-.patch b/SOURCES/0001-rpmsign-man-page-Add-line-about-rpmsign-requiring-a-.patch
deleted file mode 100644
index 8ddd2a3..0000000
--- a/SOURCES/0001-rpmsign-man-page-Add-line-about-rpmsign-requiring-a-.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From be3347b5bff6142e86e533174fe0ec352405d159 Mon Sep 17 00:00:00 2001
-From: Florian Festi <ffesti@redhat.com>
-Date: Thu, 18 Jul 2019 07:45:53 +0200
-Subject: [PATCH] rpmsign man page: Add line about rpmsign requiring a valid
- checksum
-
-and the limitations in FIPS mode
----
- doc/rpmsign.8 | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/doc/rpmsign.8 b/doc/rpmsign.8
-index 80ffb6a32..d895a3b8c 100644
---- a/doc/rpmsign.8
-+++ b/doc/rpmsign.8
-@@ -21,6 +21,9 @@ options generate and insert new signatures for each package
- existing signatures. There are two options for historical reasons,
- there is no difference in behavior currently.
-
-+To create a signature rpm needs to verify the package's checksum. As a result
-+packages with a MD5/SHA1 checksums cannot be signed in FIPS mode.
-+
- \fBrpm\fR \fB--delsign\fR \fB\fIPACKAGE_FILE\fB\fR\fI ...\fR
-
- .PP
---
-2.21.0
-
diff --git a/SOURCES/0002-Actually-permit-caret-in-version-release-and-evr-str.patch b/SOURCES/0002-Actually-permit-caret-in-version-release-and-evr-str.patch
deleted file mode 100644
index f5da7c0..0000000
--- a/SOURCES/0002-Actually-permit-caret-in-version-release-and-evr-str.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 15b296c324794d288750136b3b4f3350c3d0b8c7 Mon Sep 17 00:00:00 2001
-Message-Id: <15b296c324794d288750136b3b4f3350c3d0b8c7.1574338687.git.pmatilai@redhat.com>
-In-Reply-To: <e8fce62467a421132f4ebb6ca9c0926b623ec00e.1574338687.git.pmatilai@redhat.com>
-References: <e8fce62467a421132f4ebb6ca9c0926b623ec00e.1574338687.git.pmatilai@redhat.com>
-From: Panu Matilainen <pmatilai@redhat.com>
-Date: Tue, 27 Nov 2018 13:50:14 +0200
-Subject: [PATCH 2/2] Actually permit caret in version, release and evr strings
-
-Should've been in commit c7e711bba58374f03347c795a567441cbef3de58 really.
----
- build/rpmbuild_internal.h | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/build/rpmbuild_internal.h b/build/rpmbuild_internal.h
-index f758e6620..948632a16 100644
---- a/build/rpmbuild_internal.h
-+++ b/build/rpmbuild_internal.h
-@@ -18,7 +18,7 @@
- #undef HTDATATYPE
-
- #define WHITELIST_NAME ".-_+%{}"
--#define WHITELIST_VERREL "._+%{}~"
-+#define WHITELIST_VERREL "._+%{}~^"
- #define WHITELIST_EVR WHITELIST_VERREL "-:"
-
- struct TriggerFileEntry {
---
-2.23.0
-
diff --git a/SOURCES/0002-Drop-internal-only-visibility-on-rpmvs-related-API.patch b/SOURCES/0002-Drop-internal-only-visibility-on-rpmvs-related-API.patch
deleted file mode 100644
index e2212eb..0000000
--- a/SOURCES/0002-Drop-internal-only-visibility-on-rpmvs-related-API.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-From 3fd79a5564df97d512be283c5c8a4da2e7ef8bce Mon Sep 17 00:00:00 2001
-Message-Id: <3fd79a5564df97d512be283c5c8a4da2e7ef8bce.1554983206.git.pmatilai@redhat.com>
-In-Reply-To: <2ec0832287bd1443ebf336f8a98293f30bfa2036.1554983205.git.pmatilai@redhat.com>
-References: <2ec0832287bd1443ebf336f8a98293f30bfa2036.1554983205.git.pmatilai@redhat.com>
-From: Panu Matilainen <pmatilai@redhat.com>
-Date: Mon, 18 Mar 2019 15:29:18 +0200
-Subject: [PATCH 2/3] Drop internal-only visibility on rpmvs-related API
-
-Makes it possible to use rpmvs API from eg librpmsign which we'll
-need in the next commit. We need to make select parts of this
-actually public eventually but for now...
----
- lib/rpmvs.h | 12 ------------
- 1 file changed, 12 deletions(-)
-
-diff --git a/lib/rpmvs.h b/lib/rpmvs.h
-index a836d5c94..025895500 100644
---- a/lib/rpmvs.h
-+++ b/lib/rpmvs.h
-@@ -48,41 +48,29 @@ typedef int (*rpmsinfoCb)(struct rpmsinfo_s *sinfo, void *cbdata);
- extern "C" {
- #endif
-
--RPM_GNUC_INTERNAL
- const char *rpmsinfoDescr(struct rpmsinfo_s *sinfo);
-
--RPM_GNUC_INTERNAL
- char *rpmsinfoMsg(struct rpmsinfo_s *sinfo);
-
--RPM_GNUC_INTERNAL
- struct rpmvs_s *rpmvsCreate(int vfylevel, rpmVSFlags vsflags, rpmKeyring keyring);
-
--RPM_GNUC_INTERNAL
- void rpmvsInit(struct rpmvs_s *vs, hdrblob blob, rpmDigestBundle bundle);
-
--RPM_GNUC_INTERNAL
- rpmVSFlags rpmvsFlags(struct rpmvs_s *vs);
-
--RPM_GNUC_INTERNAL
- struct rpmvs_s *rpmvsFree(struct rpmvs_s *sis);
-
--RPM_GNUC_INTERNAL
- void rpmvsAppendTag(struct rpmvs_s *sis, hdrblob blob, rpmTagVal tag);
-
--RPM_GNUC_INTERNAL
- void rpmvsInitRange(struct rpmvs_s *sis, int range);
-
--RPM_GNUC_INTERNAL
- void rpmvsFiniRange(struct rpmvs_s *sis, int range);
-
--RPM_GNUC_INTERNAL
- int rpmvsRange(struct rpmvs_s *vs);
-
--RPM_GNUC_INTERNAL
- int rpmvsVerify(struct rpmvs_s *sis, int type,
- rpmsinfoCb cb, void *cbdata);
-
--RPM_GNUC_INTERNAL
- rpmRC rpmpkgRead(struct rpmvs_s *vs, FD_t fd,
- hdrblob *sigblobp, hdrblob *blobp, char **emsg);
-
---
-2.20.1
-
diff --git a/SOURCES/0002-Support-build-id-generation-from-compressed-ELF-file.patch b/SOURCES/0002-Support-build-id-generation-from-compressed-ELF-file.patch
deleted file mode 100644
index 1a7eb83..0000000
--- a/SOURCES/0002-Support-build-id-generation-from-compressed-ELF-file.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-From d48981ad7e36abb3500161d823acf92345c94f5d Mon Sep 17 00:00:00 2001
-Message-Id: <d48981ad7e36abb3500161d823acf92345c94f5d.1571917458.git.pmatilai@redhat.com>
-In-Reply-To: <68d383c39cef8d58b80940b13dd132d3f41a03f0.1571917458.git.pmatilai@redhat.com>
-References: <68d383c39cef8d58b80940b13dd132d3f41a03f0.1571917458.git.pmatilai@redhat.com>
-From: Panu Matilainen <pmatilai@redhat.com>
-Date: Tue, 2 Apr 2019 16:07:56 +0300
-Subject: [PATCH 2/2] Support build-id generation from compressed ELF files
- (elfutils >= 0.175)
-
-Use dwelf_elf_begin() for reading ELF files for build-id generation on
-versions that have it to support compressed ELF files such as kernel
-modules (RhBug:1650072,1650074). Note that debugedit still cannot handle
-compressed files, this is only for build-id generation.
----
- build/files.c | 4 ++++
- configure.ac | 4 ++++
- 2 files changed, 8 insertions(+)
-
-diff --git a/build/files.c b/build/files.c
-index 3822be3d3..f72a7c866 100644
---- a/build/files.c
-+++ b/build/files.c
-@@ -1828,7 +1828,11 @@ static int generateBuildIDs(FileList fl, ARGV_t *files)
- kernel modules (ET_REL files with .modinfo section)
- should have build-ids. */
- GElf_Ehdr ehdr;
-+#if HAVE_DWELF_ELF_BEGIN
-+ Elf *elf = dwelf_elf_begin(fd);
-+#else
- Elf *elf = elf_begin (fd, ELF_C_READ, NULL);
-+#endif
- if (elf != NULL && elf_kind(elf) == ELF_K_ELF
- && gelf_getehdr(elf, &ehdr) != NULL
- && (ehdr.e_type == ET_EXEC || ehdr.e_type == ET_DYN
-diff --git a/configure.ac b/configure.ac
-index 99ce7df32..b2d7ed806 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -487,6 +487,10 @@ AS_IF([test "$WITH_LIBELF" = yes],[
- # If possible we also want the strtab functions from elfutils 0.167.
- # But we can fall back on the (unsupported) ebl alternatives if not.
- AC_CHECK_LIB(dw, dwelf_strtab_init, [HAVE_LIBDW_STRTAB=yes])
-+ # whether libdw supports compressed ELF objects
-+ AC_CHECK_LIB(dw, dwelf_elf_begin, [
-+ AC_DEFINE(HAVE_DWELF_ELF_BEGIN, 1, [Have dwelf_elf_begin?])
-+ ])
- ])
- ])
- ])
---
-2.21.0
-
diff --git a/SOURCES/0002-build-check-rich-dependencies-for-special-characters.patch b/SOURCES/0002-build-check-rich-dependencies-for-special-characters.patch
deleted file mode 100644
index c589020..0000000
--- a/SOURCES/0002-build-check-rich-dependencies-for-special-characters.patch
+++ /dev/null
@@ -1,69 +0,0 @@
-From e7fa1f1c1c4a6161c2254c761e857fdf04fba5ef Mon Sep 17 00:00:00 2001
-Message-Id: <e7fa1f1c1c4a6161c2254c761e857fdf04fba5ef.1574338784.git.pmatilai@redhat.com>
-In-Reply-To: <871065ddd493c76d80345d2e80b38b9ce4c7acdd.1574338784.git.pmatilai@redhat.com>
-References: <871065ddd493c76d80345d2e80b38b9ce4c7acdd.1574338784.git.pmatilai@redhat.com>
-From: Igor Gnatenko <i.gnatenko.brain@gmail.com>
-Date: Wed, 21 Nov 2018 15:36:35 +0100
-Subject: [PATCH 2/3] build: check rich dependencies for special characters
-
-Reported-by: Michael Schroeder <mls@suse.de
-Signed-off-by: Igor Gnatenko <i.gnatenko.brain@gmail.com>
----
- build/pack.c | 30 +++++++++++++++++++++++++++---
- 1 file changed, 27 insertions(+), 3 deletions(-)
-
-diff --git a/build/pack.c b/build/pack.c
-index daf878c76..c94964be2 100644
---- a/build/pack.c
-+++ b/build/pack.c
-@@ -228,12 +228,36 @@ exit:
- return rc;
- }
-
--static int haveTildeDep(Package pkg)
-+struct charInDepData {
-+ char c;
-+ int present;
-+};
-+
-+static rpmRC charInDepCb(void *cbdata, rpmrichParseType type,
-+ const char *n, int nl, const char *e, int el, rpmsenseFlags sense,
-+ rpmrichOp op, char **emsg) {
-+ struct charInDepData *data = cbdata;
-+ if (memchr(e, data->c, el))
-+ data->present = 1;
-+
-+ return RPMRC_OK;
-+}
-+
-+static int haveCharInDep(Package pkg, char c)
- {
-+ struct charInDepData data = {c, 0};
- for (int i = 0; i < PACKAGE_NUM_DEPS; i++) {
- rpmds ds = rpmdsInit(pkg->dependencies[i]);
- while (rpmdsNext(ds) >= 0) {
-- if (strchr(rpmdsEVR(ds), '~'))
-+ if (rpmdsIsRich(ds)) {
-+ const char *depstr = rpmdsN(ds);
-+ rpmrichParse(&depstr, NULL, charInDepCb, &data);
-+ } else {
-+ const char *evr = rpmdsEVR(ds);
-+ if (strchr(evr, c))
-+ data.present = 1;
-+ }
-+ if (data.present)
- return 1;
- }
- }
-@@ -327,7 +351,7 @@ exit:
- static void finalizeDeps(Package pkg)
- {
- /* check if the package has a dependency with a '~' */
-- if (haveTildeDep(pkg))
-+ if (haveCharInDep(pkg, '~'))
- (void) rpmlibNeedsFeature(pkg, "TildeInVersions", "4.10.0-1");
-
- /* check if the package has a rich dependency */
---
-2.23.0
-
diff --git a/SOURCES/0003-Add-support-for-sorting-caret-higher-than-base-versi.patch b/SOURCES/0003-Add-support-for-sorting-caret-higher-than-base-versi.patch
deleted file mode 100644
index 0bb7be4..0000000
--- a/SOURCES/0003-Add-support-for-sorting-caret-higher-than-base-versi.patch
+++ /dev/null
@@ -1,131 +0,0 @@
-From c7e711bba58374f03347c795a567441cbef3de58 Mon Sep 17 00:00:00 2001
-Message-Id: <c7e711bba58374f03347c795a567441cbef3de58.1574338784.git.pmatilai@redhat.com>
-In-Reply-To: <871065ddd493c76d80345d2e80b38b9ce4c7acdd.1574338784.git.pmatilai@redhat.com>
-References: <871065ddd493c76d80345d2e80b38b9ce4c7acdd.1574338784.git.pmatilai@redhat.com>
-From: Igor Gnatenko <i.gnatenko.brain@gmail.com>
-Date: Sat, 10 Sep 2016 11:39:23 +0200
-Subject: [PATCH 3/3] Add support for sorting caret ('^') higher than base
- version
-
-1.1^20160101 means 1.1 version (base) and patches which were applied at
-that date on top of it.
-
-* 1.1^201601 > 1.1
-* 1.1^201601 < 1.1.1
-
-Having symmetry is also good.
-
-Signed-off-by: Igor Gnatenko <i.gnatenko.brain@gmail.com>
----
- build/pack.c | 4 ++++
- lib/rpmds.c | 3 +++
- lib/rpmvercmp.c | 19 +++++++++++++++++--
- tests/rpmvercmp.at | 26 ++++++++++++++++++++++++++
- 4 files changed, 50 insertions(+), 2 deletions(-)
-
-diff --git a/build/pack.c b/build/pack.c
-index c94964be2..d7adcb0e2 100644
---- a/build/pack.c
-+++ b/build/pack.c
-@@ -354,6 +354,10 @@ static void finalizeDeps(Package pkg)
- if (haveCharInDep(pkg, '~'))
- (void) rpmlibNeedsFeature(pkg, "TildeInVersions", "4.10.0-1");
-
-+ /* check if the package has a dependency with a '^' */
-+ if (haveCharInDep(pkg, '^'))
-+ (void) rpmlibNeedsFeature(pkg, "CaretInVersions", "4.15.0-1");
-+
- /* check if the package has a rich dependency */
- if (haveRichDep(pkg))
- (void) rpmlibNeedsFeature(pkg, "RichDependencies", "4.12.0-1");
-diff --git a/lib/rpmds.c b/lib/rpmds.c
-index 01aa1022b..730a58c35 100644
---- a/lib/rpmds.c
-+++ b/lib/rpmds.c
-@@ -1240,6 +1240,9 @@ static const struct rpmlibProvides_s rpmlibProvides[] = {
- { "rpmlib(TildeInVersions)", "4.10.0-1",
- ( RPMSENSE_EQUAL),
- N_("dependency comparison supports versions with tilde.") },
-+ { "rpmlib(CaretInVersions)", "4.15.0-1",
-+ ( RPMSENSE_EQUAL),
-+ N_("dependency comparison supports versions with caret.") },
- { "rpmlib(LargeFiles)", "4.12.0-1",
- ( RPMSENSE_EQUAL),
- N_("support files larger than 4GB") },
-diff --git a/lib/rpmvercmp.c b/lib/rpmvercmp.c
-index b3d08faa4..13857e151 100644
---- a/lib/rpmvercmp.c
-+++ b/lib/rpmvercmp.c
-@@ -33,8 +33,8 @@ int rpmvercmp(const char * a, const char * b)
-
- /* loop through each version segment of str1 and str2 and compare them */
- while (*one || *two) {
-- while (*one && !risalnum(*one) && *one != '~') one++;
-- while (*two && !risalnum(*two) && *two != '~') two++;
-+ while (*one && !risalnum(*one) && *one != '~' && *one != '^') one++;
-+ while (*two && !risalnum(*two) && *two != '~' && *two != '^') two++;
-
- /* handle the tilde separator, it sorts before everything else */
- if (*one == '~' || *two == '~') {
-@@ -45,6 +45,21 @@ int rpmvercmp(const char * a, const char * b)
- continue;
- }
-
-+ /*
-+ * Handle caret separator. Concept is the same as tilde,
-+ * except that if one of the strings ends (base version),
-+ * the other is considered as higher version.
-+ */
-+ if (*one == '^' || *two == '^') {
-+ if (!*one) return -1;
-+ if (!*two) return 1;
-+ if (*one != '^') return 1;
-+ if (*two != '^') return -1;
-+ one++;
-+ two++;
-+ continue;
-+ }
-+
- /* If we ran to the end of either, we are finished with the loop */
- if (!(*one && *two)) break;
-
-diff --git a/tests/rpmvercmp.at b/tests/rpmvercmp.at
-index 8b32209aa..1e7c960ea 100644
---- a/tests/rpmvercmp.at
-+++ b/tests/rpmvercmp.at
-@@ -102,6 +102,32 @@ RPMVERCMP(1.0~rc1~git123, 1.0~rc1~git123, 0)
- RPMVERCMP(1.0~rc1~git123, 1.0~rc1, -1)
- RPMVERCMP(1.0~rc1, 1.0~rc1~git123, 1)
-
-+dnl Basic testcases for caret sorting
-+RPMVERCMP(1.0^, 1.0^, 0)
-+RPMVERCMP(1.0^, 1.0, 1)
-+RPMVERCMP(1.0, 1.0^, -1)
-+RPMVERCMP(1.0^git1, 1.0^git1, 0)
-+RPMVERCMP(1.0^git1, 1.0, 1)
-+RPMVERCMP(1.0, 1.0^git1, -1)
-+RPMVERCMP(1.0^git1, 1.0^git2, -1)
-+RPMVERCMP(1.0^git2, 1.0^git1, 1)
-+RPMVERCMP(1.0^git1, 1.01, -1)
-+RPMVERCMP(1.01, 1.0^git1, 1)
-+RPMVERCMP(1.0^20160101, 1.0^20160101, 0)
-+RPMVERCMP(1.0^20160101, 1.0.1, -1)
-+RPMVERCMP(1.0.1, 1.0^20160101, 1)
-+RPMVERCMP(1.0^20160101^git1, 1.0^20160101^git1, 0)
-+RPMVERCMP(1.0^20160102, 1.0^20160101^git1, 1)
-+RPMVERCMP(1.0^20160101^git1, 1.0^20160102, -1)
-+
-+dnl Basic testcases for tilde and caret sorting
-+RPMVERCMP(1.0~rc1^git1, 1.0~rc1^git1, 0)
-+RPMVERCMP(1.0~rc1^git1, 1.0~rc1, 1)
-+RPMVERCMP(1.0~rc1, 1.0~rc1^git1, -1)
-+RPMVERCMP(1.0^git1~pre, 1.0^git1~pre, 0)
-+RPMVERCMP(1.0^git1, 1.0^git1~pre, 1)
-+RPMVERCMP(1.0^git1~pre, 1.0^git1, -1)
-+
- dnl These are included here to document current, arguably buggy behaviors
- dnl for reference purposes and for easy checking against unintended
- dnl behavior changes.
---
-2.23.0
-
diff --git a/SOURCES/rpm-4-14.3-selinux-log-error.patch b/SOURCES/rpm-4-14.3-selinux-log-error.patch
new file mode 100644
index 0000000..f16a908
--- /dev/null
+++ b/SOURCES/rpm-4-14.3-selinux-log-error.patch
@@ -0,0 +1,11 @@
+--- rpm-4.14.3/plugins/selinux.c.orig 2020-05-11 16:07:22.873791795 +0200
++++ rpm-4.14.3/plugins/selinux.c 2020-05-11 16:10:11.701771157 +0200
+@@ -47,7 +47,7 @@
+
+ sehandle = selabel_open(SELABEL_CTX_FILE, opts, 1);
+
+- rpmlog(RPMLOG_DEBUG, "selabel_open: (%s) %s\n",
++ rpmlog((sehandle == NULL) ? RPMLOG_ERR : RPMLOG_DEBUG, "selabel_open: (%s) %s\n",
+ path, (sehandle == NULL ? strerror(errno) : ""));
+
+ return (sehandle != NULL) ? RPMRC_OK : RPMRC_FAIL;
diff --git a/SOURCES/rpm-4.14.3-python3.diff b/SOURCES/rpm-4.14.3-python3.diff
new file mode 100644
index 0000000..7ec81b5
--- /dev/null
+++ b/SOURCES/rpm-4.14.3-python3.diff
@@ -0,0 +1,13 @@
+--- rpm-4.14.3/configure.ac.orig 2020-05-04 21:08:41.481365399 +0200
++++ rpm-4.14.3/configure.ac 2020-05-04 21:09:03.550604043 +0200
+@@ -129,8 +129,8 @@
+
+ AC_PATH_PROG(__PERL, perl, /usr/bin/perl, $MYPATH)
+ AC_PATH_PROG(__PGP, pgp, /usr/bin/pgp, $MYPATH)
+-AC_PATH_PROG(__PYTHON, python2, /usr/bin/python2, $MYPATH)
+-AC_PATH_PROG(PYTHON, python2, /usr/bin/python2, $MYPATH)
++AC_PATH_PROG(__PYTHON, python3, /usr/bin/python3, $MYPATH)
++AC_PATH_PROG(PYTHON, python3, /usr/bin/python3, $MYPATH)
+ AC_PATH_PROG(__RM, rm, /bin/rm, $MYPATH)
+ AC_PATH_PROG(__RSH, rsh, /usr/bin/rsh, $MYPATH)
+ AC_PATH_PROG(__SED, sed, /bin/sed, $MYPATH)
diff --git a/SOURCES/rpm-4.14.x-whitelist-name.patch b/SOURCES/rpm-4.14.x-whitelist-name.patch
deleted file mode 100644
index de5cc5e..0000000
--- a/SOURCES/rpm-4.14.x-whitelist-name.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-A partial no-op backport of commit 9e8e8bcfb1b1fa359c37499e11a302ec7bde1595
-to get caret patches to apply nicely
-
-diff --git a/build/parsePreamble.c b/build/parsePreamble.c
-index 5715d2569..7d89617c2 100644
---- a/build/parsePreamble.c
-+++ b/build/parsePreamble.c
-@@ -22,8 +22,6 @@
- #define SKIPWHITE(_x) {while (*(_x) && (risspace(*_x) || *(_x) == ',')) (_x)++;}
- #define SKIPNONWHITE(_x){while (*(_x) &&!(risspace(*_x) || *(_x) == ',')) (_x)++;}
-
--#define WHITELIST_NAME ".-_+%{}"
--
- /**
- */
- static const rpmTagVal copyTagsDuringParse[] = {
-diff --git a/build/rpmbuild_internal.h b/build/rpmbuild_internal.h
-index 439b7d3b5..cc9de88f9 100644
---- a/build/rpmbuild_internal.h
-+++ b/build/rpmbuild_internal.h
-@@ -17,6 +17,8 @@
- #undef HTKEYTYPE
- #undef HTDATATYPE
-
-+#define WHITELIST_NAME ".-_+%{}"
-+
- struct TriggerFileEntry {
- int index;
- char * fileName;
diff --git a/SPECS/rpm.spec b/SPECS/rpm.spec
index 6043883..3677afc 100644
--- a/SPECS/rpm.spec
+++ b/SPECS/rpm.spec
@@ -28,9 +28,9 @@
%define rpmhome /usr/lib/rpm
-%global rpmver 4.14.2
+%global rpmver 4.14.3
#global snapver rc2
-%global rel 37
+%global rel 3
%global srcver %{version}%{?snapver:-%{snapver}}
%global srcdir %{?snapver:testing}%{!?snapver:%{name}-%(echo %{version} | cut -d'.' -f1-2).x}
@@ -72,37 +72,14 @@ Patch5: rpm-4.12.0-rpm2cpio-hack.patch
Patch7: rpm-4.14.1-Add-envvar-that-will-be-present-during-RPM-build.patch
# Patches already upstream:
-Patch100: 0001-Fix-nasty-setperms-setugids-regression-in-4.14.2-RhB.patch
Patch101: rpm-4.14.2-RPMTAG_MODULARITYLABEL.patch
Patch102: 0001-Document-noverify-in-the-man-page-RhBug-1646458.patch
-Patch103: 0001-Handle-unsupported-digests-the-same-as-disabled-ones.patch
Patch104: 0001-Mark-elements-with-associated-problems-as-failed.patch
-Patch105: 0001-Fix-ancient-python-GIL-locking-bug-on-callback-RhBug.patch
-Patch106: 0001-Fix-testing-for-wrong-variable-in-selinux-plugin-deb.patch
-Patch107: 0001-Log-RPMLOG_ERR-level-messages-on-actual-errors-in-se.patch
Patch108: 0001-Only-read-through-payload-on-verify-if-actually-need.patch
-Patch109: 0001-Make-rpmsign-exit-values-more-consistent-with-our-ot.patch
-Patch110: 0002-Drop-internal-only-visibility-on-rpmvs-related-API.patch
Patch111: 0003-Verify-packages-before-signing-RhBug-1646388.patch
Patch112: 0001-Fix-FA_TOUCH-on-files-with-suid-sgid-bits-and-or-cap.patch
-Patch113: 0001-Sort-list-of-hard-linked-files-in-find-debuginfo.sh-.patch
-Patch114: 0001-Correct-rpm-ql-exit-value-when-optional-p-is-omitted.patch
-Patch115: 0001-Show-list-of-files-only-once-when-use-rpm-ql-and-mul.patch
Patch116: 0001-Add-flag-to-use-strip-g-instead-of-full-strip-on-DSO.patch
-Patch117: 0001-Fix-segfault-on-fingerprinting-symlink-round-RhBug-1.patch
-Patch118: 0001-Fix-packages-getting-erased-on-failed-update-with-dn.patch
Patch119: 0001-Use-in-condition-to-avoid-sub-processes-in-find-debu.patch
-Patch120: 0001-rpmsign-man-page-Add-line-about-rpmsign-requiring-a-.patch
-Patch121: 0001-Use-dpbath-only-with-full-path-RhBug-1696408.patch
-Patch122: 0001-Fix-a-blindingly-obvious-memleak-in-package-verify-s.patch
-Patch123: 0001-Fix-rpmfiles-memory-leak-on-postuntrans-file-trigger.patch
-Patch125: 0001-Remove-capabilities-instead-of-setting-empty-caps-vi.patch
-Patch126: 0001-Fix-off-by-one-in-hdrblobGet-making-last-entry-unrea.patch
-Patch127: 0001-Fix-memleak-during-transaction-verify-step-in-the-NO.patch
-Patch128: 0001-Detect-kernel-modules-by-.modinfo-section-presence-f.patch
-Patch129: 0002-Support-build-id-generation-from-compressed-ELF-file.patch
-Patch130: 0001-Add-step-to-find-debuginfo.sh-script-to-compress-ann.patch
-Patch131: 0001-rpmpgp-Handle-EOF-without-EOL-better-at-END-PGP.patch
Patch132: 0001-debugedit-Refactor-reading-writing-of-relocated-valu.patch
Patch133: 0002-Handle-.debug_macro-in-debugedit.patch
Patch134: 0003-debugedit-Make-sure-.debug_line-old-new-idx-start-eq.patch
@@ -114,11 +91,6 @@ Patch139: 0001-Make-check-buildroot-check-the-build-files-in-parall.patch
Patch140: 0001-Fix-resource-leaks-on-zstd-open-error-paths.patch
# XXX should be before 0001-Pass-RPM_BUILD_NCPUS-to-build-scripts.patch
Patch141: 0001-Isolate-_smp_build_ncpus-and-use-it-for-_smp_mflags.patch
-Patch143: 0002-build-check-rich-dependencies-for-special-characters.patch
-Patch144: 0003-Add-support-for-sorting-caret-higher-than-base-versi.patch
-Patch145: rpm-4.14.x-whitelist-name.patch
-Patch146: 0001-Consolidate-allowed-version-release-evr-allowed-char.patch
-Patch147: 0002-Actually-permit-caret-in-version-release-and-evr-str.patch
# Python 3 string API sanity
Patch500: 0001-In-Python-3-return-all-our-string-data-as-surrogate-.patch
@@ -131,6 +103,8 @@ Patch504: 0002-Use-Python-3-compatible-exception-syntax-in-tests.patch
Patch505: 0003-Fix-couple-of-bytes-vs-strings-issues-in-Python-test.patch
Patch506: 0004-Bump-the-minimum-Python-version-requirement-to-2.7.patch
Patch507: 0005-Drop-an-unnecessary-Python-2-vs-3-incompatibility-fr.patch
+Patch508: rpm-4.14.3-python3.diff
+Patch509: rpm-4-14.3-selinux-log-error.patch
# These are not yet upstream
# Audit support
@@ -458,7 +432,7 @@ done;
--with-selinux \
--with-cap \
--with-acl \
- %{?with_ndb: --with-ndb} \
+ %{?with_ndb: --enable-ndb} \
%{?with_libimaevm: --with-imaevm} \
%{?with_zstd: --enable-zstd} \
%{?with_lmdb: --enable-lmdb} \
@@ -678,6 +652,15 @@ make check || cat tests/rpmtests.log
%doc doc/librpm/html/*
%changelog
+* Wed May 13 2020 Panu Matilainen <pmatilai@redhat.com> - 4.14.3-3
+- Fix configure option for --with ndb (#1817010, Matthew Almond)
+
+* Mon May 11 2020 Florian Festi <ffesti@redhat.com> - 4.14.3-2
+- Re-add selinux fix dropped in rebase
+
+* Mon May 4 2020 Florian Festi <ffesti@redhat.com> - 4.14.3-1
+- Rebase to 4.14.3 (#1765187)
+
* Fri Feb 21 2020 Michal Domonkos <mdomonko@redhat.com> - 4.14.2-37
- Add API safeguard for DNF by using Conflicts: (#1790400)