diff --git a/.git.metadata b/.git.metadata index 23e9687..1f2e864 100644 --- a/.git.metadata +++ b/.git.metadata @@ -1,2 +1,2 @@ -a66f98f88bf7734f8463446ac0735cee190da1dc SOURCES/git-2.31.1.tar.xz +3a35d0571c517f7f4cb2e1dfbd315e7c32023e2b SOURCES/git-2.39.1.tar.xz 87d3a395bad523277647f8614fbd9fefe0450fc6 SOURCES/gpgkey-junio.asc diff --git a/.gitignore b/.gitignore index 69936fb..4b5ee86 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -SOURCES/git-2.31.1.tar.xz +SOURCES/git-2.39.1.tar.xz SOURCES/gpgkey-junio.asc diff --git a/SOURCES/0003-t-lib-git-svn-try-harder-to-find-a-port.patch b/SOURCES/0003-t-lib-git-svn-try-harder-to-find-a-port.patch new file mode 100644 index 0000000..56624e2 --- /dev/null +++ b/SOURCES/0003-t-lib-git-svn-try-harder-to-find-a-port.patch @@ -0,0 +1,85 @@ +From aa5105dc115b43edc6c9c11714b092583f1221aa Mon Sep 17 00:00:00 2001 +From: Todd Zullinger +Date: Fri, 26 Aug 2022 18:28:44 -0400 +Subject: [PATCH] t/lib-git-svn: try harder to find a port + +As with the previous commits, try harder to find an open port to avoid +intermittent failures on busy/shared build systems. + +By default, we make 3 attempts. This may be overridden by setting +GIT_TEST_START_SVNSERVE_TRIES to a different value. + +Run svnserve in daemon mode and use 'test_atexit' to stop it. This is +cleaner than running in the foreground with --listen-once and having to +manage the PID ourselves. + +Signed-off-by: Todd Zullinger +--- + t/lib-git-svn.sh | 34 +++++++++++++++++++++++++---- + t/t9113-git-svn-dcommit-new-file.sh | 1 - + 2 files changed, 30 insertions(+), 5 deletions(-) + +diff --git a/t/lib-git-svn.sh b/t/lib-git-svn.sh +index ea28971e8e..04e660e2ba 100644 +--- a/t/lib-git-svn.sh ++++ b/t/lib-git-svn.sh +@@ -17,6 +17,7 @@ fi + GIT_DIR=$PWD/.git + GIT_SVN_DIR=$GIT_DIR/svn/refs/remotes/git-svn + SVN_TREE=$GIT_SVN_DIR/svn-tree ++SVNSERVE_PIDFILE="$PWD"/daemon.pid + test_set_port SVNSERVE_PORT + + svn >/dev/null 2>&1 +@@ -119,10 +120,35 @@ require_svnserve () { + } + + start_svnserve () { +- svnserve --listen-port $SVNSERVE_PORT \ +- --root "$rawsvnrepo" \ +- --listen-once \ +- --listen-host 127.0.0.1 & ++ test_atexit stop_svnserve ++ ++ i=0 ++ while test $i -lt ${GIT_TEST_START_SVNSERVE_TRIES:-3} ++ do ++ say >&3 "Starting svnserve on port $SVNSERVE_PORT ..." ++ svnserve --listen-port $SVNSERVE_PORT \ ++ --root "$rawsvnrepo" \ ++ --daemon --pid-file="$SVNSERVE_PIDFILE" \ ++ --listen-host 127.0.0.1 ++ ret=$? ++ # increment port and retry if unsuccessful ++ if test $ret -ne 0 ++ then ++ SVNSERVE_PORT=$(($SVNSERVE_PORT + 1)) ++ export SVNSERVE_PORT ++ else ++ break ++ fi ++ done ++} ++ ++stop_svnserve () { ++ say >&3 "Stopping svnserve ..." ++ SVNSERVE_PID="$(cat "$SVNSERVE_PIDFILE")" ++ if test -n "$SVNSERVE_PID" ++ then ++ kill "$SVNSERVE_PID" 2>/dev/null ++ fi + } + + prepare_utf8_locale () { +diff --git a/t/t9113-git-svn-dcommit-new-file.sh b/t/t9113-git-svn-dcommit-new-file.sh +index e8479cec7a..5925891f5d 100755 +--- a/t/t9113-git-svn-dcommit-new-file.sh ++++ b/t/t9113-git-svn-dcommit-new-file.sh +@@ -28,7 +28,6 @@ test_expect_success 'create files in new directory with dcommit' " + echo hello > git-new-dir/world && + git update-index --add git-new-dir/world && + git commit -m hello && +- start_svnserve && + git svn dcommit + " + diff --git a/SOURCES/git-2.27.0-core-crypto-hmac.patch b/SOURCES/git-2.27.0-core-crypto-hmac.patch deleted file mode 100644 index c99ced2..0000000 --- a/SOURCES/git-2.27.0-core-crypto-hmac.patch +++ /dev/null @@ -1,70 +0,0 @@ -diff -ur a/builtin/receive-pack.c b/builtin/receive-pack.c ---- a/builtin/receive-pack.c 2020-06-01 17:49:27.000000000 +0200 -+++ b/builtin/receive-pack.c 2020-06-15 15:28:48.149268576 +0200 -@@ -29,6 +29,8 @@ - #include "commit-reach.h" - #include "worktree.h" - #include "shallow.h" -+#include -+#include - - static const char * const receive_pack_usage[] = { - N_("git receive-pack "), -@@ -419,43 +421,11 @@ - return 0; - } - --static void hmac_hash(unsigned char *out, -+static inline void hmac_hash(unsigned char *out, - const char *key_in, size_t key_len, - const char *text, size_t text_len) - { -- unsigned char key[GIT_MAX_BLKSZ]; -- unsigned char k_ipad[GIT_MAX_BLKSZ]; -- unsigned char k_opad[GIT_MAX_BLKSZ]; -- int i; -- git_hash_ctx ctx; -- -- /* RFC 2104 2. (1) */ -- memset(key, '\0', GIT_MAX_BLKSZ); -- if (the_hash_algo->blksz < key_len) { -- the_hash_algo->init_fn(&ctx); -- the_hash_algo->update_fn(&ctx, key_in, key_len); -- the_hash_algo->final_fn(key, &ctx); -- } else { -- memcpy(key, key_in, key_len); -- } -- -- /* RFC 2104 2. (2) & (5) */ -- for (i = 0; i < sizeof(key); i++) { -- k_ipad[i] = key[i] ^ 0x36; -- k_opad[i] = key[i] ^ 0x5c; -- } -- -- /* RFC 2104 2. (3) & (4) */ -- the_hash_algo->init_fn(&ctx); -- the_hash_algo->update_fn(&ctx, k_ipad, sizeof(k_ipad)); -- the_hash_algo->update_fn(&ctx, text, text_len); -- the_hash_algo->final_fn(out, &ctx); -- -- /* RFC 2104 2. (6) & (7) */ -- the_hash_algo->init_fn(&ctx); -- the_hash_algo->update_fn(&ctx, k_opad, sizeof(k_opad)); -- the_hash_algo->update_fn(&ctx, out, the_hash_algo->rawsz); -- the_hash_algo->final_fn(out, &ctx); -+ HMAC(EVP_sha1(), key_in, key_len, text, text_len, out, NULL); - } - - static char *prepare_push_cert_nonce(const char *path, timestamp_t stamp) -diff -ur a/Makefile b/Makefile ---- a/Makefile 2020-06-01 17:49:27.000000000 +0200 -+++ b/Makefile 2020-06-15 15:00:45.212758547 +0200 -@@ -1830,6 +1830,8 @@ - BASIC_CFLAGS += -DHAVE_GETDELIM - endif - -+EXTLIBS += -lcrypto -+ - ifneq ($(PROCFS_EXECUTABLE_PATH),) - procfs_executable_path_SQ = $(subst ','\'',$(PROCFS_EXECUTABLE_PATH)) - BASIC_CFLAGS += '-DPROCFS_EXECUTABLE_PATH="$(procfs_executable_path_SQ)"' diff --git a/SOURCES/git-2.31.1-cve-2022-23521-cve-2022-41903.patch b/SOURCES/git-2.31.1-cve-2022-23521-cve-2022-41903.patch deleted file mode 100644 index c6f552e..0000000 --- a/SOURCES/git-2.31.1-cve-2022-23521-cve-2022-41903.patch +++ /dev/null @@ -1,745 +0,0 @@ -diff -ur b/attr.c a/attr.c ---- b/attr.c 2021-03-26 23:03:34.000000000 +0100 -+++ a/attr.c 2023-01-25 17:55:11.665410385 +0100 -@@ -28,7 +28,7 @@ - #endif - - struct git_attr { -- int attr_nr; /* unique attribute number */ -+ unsigned int attr_nr; /* unique attribute number */ - char name[FLEX_ARRAY]; /* attribute name */ - }; - -@@ -210,7 +210,7 @@ - * dictionary. If no entry is found, create a new attribute and store it in - * the dictionary. - */ --static const struct git_attr *git_attr_internal(const char *name, int namelen) -+static const struct git_attr *git_attr_internal(const char *name, size_t namelen) - { - struct git_attr *a; - -@@ -226,8 +226,8 @@ - a->attr_nr = hashmap_get_size(&g_attr_hashmap.map); - - attr_hashmap_add(&g_attr_hashmap, a->name, namelen, a); -- assert(a->attr_nr == -- (hashmap_get_size(&g_attr_hashmap.map) - 1)); -+ if (a->attr_nr != hashmap_get_size(&g_attr_hashmap.map) - 1) -+ die(_("unable to add additional attribute")); - } - - hashmap_unlock(&g_attr_hashmap); -@@ -272,7 +272,7 @@ - const struct git_attr *attr; - } u; - char is_macro; -- unsigned num_attr; -+ size_t num_attr; - struct attr_state state[FLEX_ARRAY]; - }; - -@@ -289,7 +289,7 @@ - struct attr_state *e) - { - const char *ep, *equals; -- int len; -+ size_t len; - - ep = cp + strcspn(cp, blank); - equals = strchr(cp, '='); -@@ -333,8 +333,7 @@ - static struct match_attr *parse_attr_line(const char *line, const char *src, - int lineno, int macro_ok) - { -- int namelen; -- int num_attr, i; -+ size_t namelen, num_attr, i; - const char *cp, *name, *states; - struct match_attr *res = NULL; - int is_macro; -@@ -345,6 +344,11 @@ - return NULL; - name = cp; - -+ if (strlen(line) >= ATTR_MAX_LINE_LENGTH) { -+ warning(_("ignoring overly long attributes line %d"), lineno); -+ return NULL; -+ } -+ - if (*cp == '"' && !unquote_c_style(&pattern, name, &states)) { - name = pattern.buf; - namelen = pattern.len; -@@ -381,10 +385,9 @@ - goto fail_return; - } - -- res = xcalloc(1, -- sizeof(*res) + -- sizeof(struct attr_state) * num_attr + -- (is_macro ? 0 : namelen + 1)); -+ res = xcalloc(1, st_add3(sizeof(*res), -+ st_mult(sizeof(struct attr_state), num_attr), -+ is_macro ? 0 : namelen + 1)); - if (is_macro) { - res->u.attr = git_attr_internal(name, namelen); - } else { -@@ -447,11 +450,12 @@ - - static void attr_stack_free(struct attr_stack *e) - { -- int i; -+ unsigned i; - free(e->origin); - for (i = 0; i < e->num_matches; i++) { - struct match_attr *a = e->attrs[i]; -- int j; -+ size_t j; -+ - for (j = 0; j < a->num_attr; j++) { - const char *setto = a->state[j].setto; - if (setto == ATTR__TRUE || -@@ -660,8 +664,8 @@ - a = parse_attr_line(line, src, lineno, macro_ok); - if (!a) - return; -- ALLOC_GROW(res->attrs, res->num_matches + 1, res->alloc); -- res->attrs[res->num_matches++] = a; -+ ALLOC_GROW_BY(res->attrs, res->num_matches, 1, res->alloc); -+ res->attrs[res->num_matches - 1] = a; - } - - static struct attr_stack *read_attr_from_array(const char **list) -@@ -700,21 +704,37 @@ - - static struct attr_stack *read_attr_from_file(const char *path, int macro_ok) - { -+ struct strbuf buf = STRBUF_INIT; - FILE *fp = fopen_or_warn(path, "r"); - struct attr_stack *res; -- char buf[2048]; - int lineno = 0; -+ int fd; -+ struct stat st; - - if (!fp) - return NULL; -+ -+ fd = fileno(fp); -+ if (fstat(fd, &st)) { -+ warning_errno(_("cannot fstat gitattributes file '%s'"), path); -+ fclose(fp); -+ return NULL; -+ } -+ if (st.st_size >= ATTR_MAX_FILE_SIZE) { -+ warning(_("ignoring overly large gitattributes file '%s'"), path); -+ fclose(fp); -+ return NULL; -+ } -+ - CALLOC_ARRAY(res, 1); -- while (fgets(buf, sizeof(buf), fp)) { -- char *bufp = buf; -- if (!lineno) -- skip_utf8_bom(&bufp, strlen(bufp)); -- handle_attr_line(res, bufp, path, ++lineno, macro_ok); -+ while (strbuf_getline(&buf, fp) != EOF) { -+ if (!lineno && starts_with(buf.buf, utf8_bom)) -+ strbuf_remove(&buf, 0, strlen(utf8_bom)); -+ handle_attr_line(res, buf.buf, path, ++lineno, macro_ok); - } -+ - fclose(fp); -+ strbuf_release(&buf); - return res; - } - -@@ -725,13 +745,18 @@ - struct attr_stack *res; - char *buf, *sp; - int lineno = 0; -+ size_t size; - - if (!istate) - return NULL; - -- buf = read_blob_data_from_index(istate, path, NULL); -+ buf = read_blob_data_from_index(istate, path, &size); - if (!buf) - return NULL; -+ if (size >= ATTR_MAX_FILE_SIZE) { -+ warning(_("ignoring overly large gitattributes blob '%s'"), path); -+ return NULL; -+ } - - CALLOC_ARRAY(res, 1); - for (sp = buf; *sp; ) { -@@ -1001,12 +1026,12 @@ - static int fill_one(const char *what, struct all_attrs_item *all_attrs, - const struct match_attr *a, int rem) - { -- int i; -+ size_t i; - -- for (i = a->num_attr - 1; rem > 0 && i >= 0; i--) { -- const struct git_attr *attr = a->state[i].attr; -+ for (i = a->num_attr; rem > 0 && i > 0; i--) { -+ const struct git_attr *attr = a->state[i - 1].attr; - const char **n = &(all_attrs[attr->attr_nr].value); -- const char *v = a->state[i].setto; -+ const char *v = a->state[i - 1].setto; - - if (*n == ATTR__UNKNOWN) { - debug_set(what, -@@ -1025,11 +1050,11 @@ - struct all_attrs_item *all_attrs, int rem) - { - for (; rem > 0 && stack; stack = stack->prev) { -- int i; -+ unsigned i; - const char *base = stack->origin ? stack->origin : ""; - -- for (i = stack->num_matches - 1; 0 < rem && 0 <= i; i--) { -- const struct match_attr *a = stack->attrs[i]; -+ for (i = stack->num_matches; 0 < rem && 0 < i; i--) { -+ const struct match_attr *a = stack->attrs[i - 1]; - if (a->is_macro) - continue; - if (path_matches(path, pathlen, basename_offset, -@@ -1060,11 +1085,11 @@ - const struct attr_stack *stack) - { - for (; stack; stack = stack->prev) { -- int i; -- for (i = stack->num_matches - 1; i >= 0; i--) { -- const struct match_attr *ma = stack->attrs[i]; -+ unsigned i; -+ for (i = stack->num_matches; i > 0; i--) { -+ const struct match_attr *ma = stack->attrs[i - 1]; - if (ma->is_macro) { -- int n = ma->u.attr->attr_nr; -+ unsigned int n = ma->u.attr->attr_nr; - if (!all_attrs[n].macro) { - all_attrs[n].macro = ma; - } -@@ -1116,7 +1141,7 @@ - collect_some_attrs(istate, path, check); - - for (i = 0; i < check->nr; i++) { -- size_t n = check->items[i].attr->attr_nr; -+ unsigned int n = check->items[i].attr->attr_nr; - const char *value = check->all_attrs[n].value; - if (value == ATTR__UNKNOWN) - value = ATTR__UNSET; -diff -ur b/attr.h a/attr.h ---- b/attr.h 2021-03-26 23:03:34.000000000 +0100 -+++ a/attr.h 2023-01-25 17:55:44.310607076 +0100 -@@ -107,6 +107,18 @@ - * - Free the `attr_check` struct by calling `attr_check_free()`. - */ - -+/** -+ * The maximum line length for a gitattributes file. If the line exceeds this -+ * length we will ignore it. -+ */ -+#define ATTR_MAX_LINE_LENGTH 2048 -+ -+ /** -+ * The maximum size of the giattributes file. If the file exceeds this size we -+ * will ignore it. -+ */ -+#define ATTR_MAX_FILE_SIZE (100 * 1024 * 1024) -+ - struct index_state; - - /** -diff -ur b/column.c a/column.c ---- b/column.c 2021-03-26 23:03:34.000000000 +0100 -+++ a/column.c 2023-01-25 17:35:25.867526707 +0100 -@@ -23,7 +23,7 @@ - /* return length of 's' in letters, ANSI escapes stripped */ - static int item_length(const char *s) - { -- return utf8_strnwidth(s, -1, 1); -+ return utf8_strnwidth(s, strlen(s), 1); - } - - /* -diff -ur b/git-compat-util.h a/git-compat-util.h ---- b/git-compat-util.h 2021-03-26 23:03:34.000000000 +0100 -+++ a/git-compat-util.h 2023-01-25 17:36:06.128731483 +0100 -@@ -854,6 +854,14 @@ - return a - b; - } - -+static inline int cast_size_t_to_int(size_t a) -+{ -+ if (a > INT_MAX) -+ die("number too large to represent as int on this platform: %"PRIuMAX, -+ (uintmax_t)a); -+ return (int)a; -+} -+ - #ifdef HAVE_ALLOCA_H - # include - # define xalloca(size) (alloca(size)) -diff -ur b/pretty.c a/pretty.c ---- b/pretty.c 2021-03-26 23:03:34.000000000 +0100 -+++ a/pretty.c 2023-01-25 17:39:45.405061148 +0100 -@@ -13,6 +13,13 @@ - #include "gpg-interface.h" - #include "trailer.h" - -+/* -+ * The limit for formatting directives, which enable the caller to append -+ * arbitrarily many bytes to the formatted buffer. This includes padding -+ * and wrapping formatters. -+ */ -+#define FORMATTING_LIMIT (16 * 1024) -+ - static char *user_format; - static struct cmt_fmt_map { - const char *name; -@@ -916,7 +923,9 @@ - if (pos) - strbuf_add(&tmp, sb->buf, pos); - strbuf_add_wrapped_text(&tmp, sb->buf + pos, -- (int) indent1, (int) indent2, (int) width); -+ cast_size_t_to_int(indent1), -+ cast_size_t_to_int(indent2), -+ cast_size_t_to_int(width)); - strbuf_swap(&tmp, sb); - strbuf_release(&tmp); - } -@@ -1042,9 +1051,18 @@ - const char *end = start + strcspn(start, ",)"); - char *next; - int width; -- if (!end || end == start) -+ if (!*end || end == start) - return 0; - width = strtol(start, &next, 10); -+ -+ /* -+ * We need to limit the amount of padding, or otherwise this -+ * would allow the user to pad the buffer by arbitrarily many -+ * bytes and thus cause resource exhaustion. -+ */ -+ if (width < -FORMATTING_LIMIT || width > FORMATTING_LIMIT) -+ return 0; -+ - if (next == start || width == 0) - return 0; - if (width < 0) { -@@ -1260,6 +1278,16 @@ - } - if (*next != ')') - return 0; -+ -+ /* -+ * We need to limit the format here as it allows the -+ * user to prepend arbitrarily many bytes to the buffer -+ * when rewrapping. -+ */ -+ if (width > FORMATTING_LIMIT || -+ indent1 > FORMATTING_LIMIT || -+ indent2 > FORMATTING_LIMIT) -+ return 0; - } - rewrap_message_tail(sb, c, width, indent1, indent2); - return end - placeholder + 1; -@@ -1507,19 +1535,21 @@ - struct format_commit_context *c) - { - struct strbuf local_sb = STRBUF_INIT; -- int total_consumed = 0, len, padding = c->padding; -+ size_t total_consumed = 0; -+ int len, padding = c->padding; -+ - if (padding < 0) { - const char *start = strrchr(sb->buf, '\n'); - int occupied; - if (!start) - start = sb->buf; -- occupied = utf8_strnwidth(start, -1, 1); -+ occupied = utf8_strnwidth(start, strlen(start), 1); - occupied += c->pretty_ctx->graph_width; - padding = (-padding) - occupied; - } - while (1) { - int modifier = *placeholder == 'C'; -- int consumed = format_commit_one(&local_sb, placeholder, c); -+ size_t consumed = format_commit_one(&local_sb, placeholder, c); - total_consumed += consumed; - - if (!modifier) -@@ -1531,7 +1561,7 @@ - placeholder++; - total_consumed++; - } -- len = utf8_strnwidth(local_sb.buf, -1, 1); -+ len = utf8_strnwidth(local_sb.buf, local_sb.len, 1); - - if (c->flush_type == flush_left_and_steal) { - const char *ch = sb->buf + sb->len - 1; -@@ -1546,7 +1576,7 @@ - if (*ch != 'm') - break; - p = ch - 1; -- while (ch - p < 10 && *p != '\033') -+ while (p > sb->buf && ch - p < 10 && *p != '\033') - p--; - if (*p != '\033' || - ch + 1 - p != display_mode_esc_sequence_len(p)) -@@ -1585,7 +1615,7 @@ - } - strbuf_addbuf(sb, &local_sb); - } else { -- int sb_len = sb->len, offset = 0; -+ size_t sb_len = sb->len, offset = 0; - if (c->flush_type == flush_left) - offset = padding - len; - else if (c->flush_type == flush_both) -@@ -1608,8 +1638,7 @@ - const char *placeholder, - void *context) - { -- int consumed; -- size_t orig_len; -+ size_t consumed, orig_len; - enum { - NO_MAGIC, - ADD_LF_BEFORE_NON_EMPTY, -@@ -1630,9 +1659,21 @@ - default: - break; - } -- if (magic != NO_MAGIC) -+ if (magic != NO_MAGIC) { - placeholder++; - -+ switch (placeholder[0]) { -+ case 'w': -+ /* -+ * `%+w()` cannot ever expand to a non-empty string, -+ * and it potentially changes the layout of preceding -+ * contents. We're thus not able to handle the magic in -+ * this combination and refuse the pattern. -+ */ -+ return 0; -+ }; -+ } -+ - orig_len = sb->len; - if (((struct format_commit_context *)context)->flush_type != no_flush) - consumed = format_and_pad_commit(sb, placeholder, context); -diff -ur b/t/t0003-attributes.sh a/t/t0003-attributes.sh ---- b/t/t0003-attributes.sh 2021-03-26 23:03:34.000000000 +0100 -+++ a/t/t0003-attributes.sh 2023-01-25 17:56:18.656788243 +0100 -@@ -339,4 +339,63 @@ - test_cmp expect actual - ' - -+test_expect_success 'large attributes line ignored in tree' ' -+ test_when_finished "rm .gitattributes" && -+ printf "path %02043d" 1 >.gitattributes && -+ git check-attr --all path >actual 2>err && -+ echo "warning: ignoring overly long attributes line 1" >expect && -+ test_cmp expect err && -+ test_must_be_empty actual -+' -+ -+test_expect_success 'large attributes line ignores trailing content in tree' ' -+ test_when_finished "rm .gitattributes" && -+ # older versions of Git broke lines at 2048 bytes; the 2045 bytes -+ # of 0-padding here is accounting for the three bytes of "a 1", which -+ # would knock "trailing" to the "next" line, where it would be -+ # erroneously parsed. -+ printf "a %02045dtrailing attribute\n" 1 >.gitattributes && -+ git check-attr --all trailing >actual 2>err && -+ echo "warning: ignoring overly long attributes line 1" >expect && -+ test_cmp expect err && -+ test_must_be_empty actual -+' -+ -+test_expect_success EXPENSIVE 'large attributes file ignored in tree' ' -+ test_when_finished "rm .gitattributes" && -+ dd if=/dev/zero of=.gitattributes bs=101M count=1 2>/dev/null && -+ git check-attr --all path >/dev/null 2>err && -+ echo "warning: ignoring overly large gitattributes file ${SQ}.gitattributes${SQ}" >expect && -+ test_cmp expect err -+' -+ -+test_expect_success 'large attributes line ignored in index' ' -+ test_when_finished "git update-index --remove .gitattributes" && -+ blob=$(printf "path %02043d" 1 | git hash-object -w --stdin) && -+ git update-index --add --cacheinfo 100644,$blob,.gitattributes && -+ git check-attr --cached --all path >actual 2>err && -+ echo "warning: ignoring overly long attributes line 1" >expect && -+ test_cmp expect err && -+ test_must_be_empty actual -+' -+ -+test_expect_success 'large attributes line ignores trailing content in index' ' -+ test_when_finished "git update-index --remove .gitattributes" && -+ blob=$(printf "a %02045dtrailing attribute\n" 1 | git hash-object -w --stdin) && -+ git update-index --add --cacheinfo 100644,$blob,.gitattributes && -+ git check-attr --cached --all trailing >actual 2>err && -+ echo "warning: ignoring overly long attributes line 1" >expect && -+ test_cmp expect err && -+ test_must_be_empty actual -+' -+ -+test_expect_success EXPENSIVE 'large attributes file ignored in index' ' -+ test_when_finished "git update-index --remove .gitattributes" && -+ blob=$(dd if=/dev/zero bs=101M count=1 2>/dev/null | git hash-object -w --stdin) && -+ git update-index --add --cacheinfo 100644,$blob,.gitattributes && -+ git check-attr --cached --all path >/dev/null 2>err && -+ echo "warning: ignoring overly large gitattributes blob ${SQ}.gitattributes${SQ}" >expect && -+ test_cmp expect err -+' -+ - test_done -diff -ur b/t/t4205-log-pretty-formats.sh a/t/t4205-log-pretty-formats.sh ---- b/t/t4205-log-pretty-formats.sh 2021-03-26 23:03:34.000000000 +0100 -+++ a/t/t4205-log-pretty-formats.sh 2023-01-25 17:40:19.966850121 +0100 -@@ -962,4 +962,80 @@ - test_cmp expect actual - ' - -+test_expect_success 'log --pretty with space stealing' ' -+ printf mm0 >expect && -+ git log -1 --pretty="format:mm%>>|(1)%x30" >actual && -+ test_cmp expect actual -+' -+ -+test_expect_success 'log --pretty with invalid padding format' ' -+ printf "%s%%<(20" "$(git rev-parse HEAD)" >expect && -+ git log -1 --pretty="format:%H%<(20" >actual && -+ test_cmp expect actual -+' -+ -+test_expect_success 'log --pretty with magical wrapping directives' ' -+ commit_id=$(git commit-tree HEAD^{tree} -m "describe me") && -+ git tag describe-me $commit_id && -+ printf "\n(tag:\ndescribe-me)%%+w(2)" >expect && -+ git log -1 --pretty="format:%w(1)%+d%+w(2)" $commit_id >actual && -+ test_cmp expect actual -+' -+ -+test_expect_success SIZE_T_IS_64BIT 'log --pretty with overflowing wrapping directive' ' -+ printf "%%w(2147483649,1,1)0" >expect && -+ git log -1 --pretty="format:%w(2147483649,1,1)%x30" >actual && -+ test_cmp expect actual && -+ printf "%%w(1,2147483649,1)0" >expect && -+ git log -1 --pretty="format:%w(1,2147483649,1)%x30" >actual && -+ test_cmp expect actual && -+ printf "%%w(1,1,2147483649)0" >expect && -+ git log -1 --pretty="format:%w(1,1,2147483649)%x30" >actual && -+ test_cmp expect actual -+' -+ -+test_expect_success SIZE_T_IS_64BIT 'log --pretty with overflowing padding directive' ' -+ printf "%%<(2147483649)0" >expect && -+ git log -1 --pretty="format:%<(2147483649)%x30" >actual && -+ test_cmp expect actual -+' -+ -+test_expect_success 'log --pretty with padding and preceding control chars' ' -+ printf "\20\20 0" >expect && -+ git log -1 --pretty="format:%x10%x10%>|(4)%x30" >actual && -+ test_cmp expect actual -+' -+ -+test_expect_success 'log --pretty truncation with control chars' ' -+ test_commit "$(printf "\20\20\20\20xxxx")" file contents commit-with-control-chars && -+ printf "\20\20\20\20x.." >expect && -+ git log -1 --pretty="format:%<(3,trunc)%s" commit-with-control-chars >actual && -+ test_cmp expect actual -+' -+ -+test_expect_success EXPENSIVE,SIZE_T_IS_64BIT 'log --pretty with huge commit message' ' -+ # We only assert that this command does not crash. This needs to be -+ # executed with the address sanitizer to demonstrate failure. -+ git log -1 --pretty="format:%>(2147483646)%x41%41%>(2147483646)%x41" >/dev/null -+' -+ -+test_expect_success EXPENSIVE,SIZE_T_IS_64BIT 'set up huge commit' ' -+ test-tool genzeros 2147483649 | tr "\000" "1" >expect && -+ huge_commit=$(git commit-tree -F expect HEAD^{tree}) -+' -+ -+test_expect_success EXPENSIVE,SIZE_T_IS_64BIT 'log --pretty with huge commit message' ' -+ git log -1 --format="%B%<(1)%x30" $huge_commit >actual && -+ echo 0 >>expect && -+ test_cmp expect actual -+' -+ -+test_expect_success EXPENSIVE,SIZE_T_IS_64BIT 'log --pretty with huge commit message does not cause allocation failure' ' -+ test_must_fail git log -1 --format="%<(1)%B" $huge_commit 2>error && -+ cat >expect <<-EOF && -+ fatal: number too large to represent as int on this platform: 2147483649 -+ EOF -+ test_cmp expect error -+' -+ - test_done -diff -ur b/t/test-lib.sh a/t/test-lib.sh ---- b/t/test-lib.sh 2021-03-26 23:03:34.000000000 +0100 -+++ a/t/test-lib.sh 2023-01-25 17:41:35.007391936 +0100 -@@ -1635,6 +1635,10 @@ - sed -ne "s/^$1: //p" - } - -+test_lazy_prereq SIZE_T_IS_64BIT ' -+ test 8 -eq "$(build_option sizeof-size_t)" -+' -+ - test_lazy_prereq LONG_IS_64BIT ' - test 8 -le "$(build_option sizeof-long)" - ' -diff -ur b/utf8.c a/utf8.c ---- b/utf8.c 2021-03-26 23:03:34.000000000 +0100 -+++ a/utf8.c 2023-01-25 18:34:55.927040924 +0100 -@@ -206,26 +206,34 @@ - * string, assuming that the string is utf8. Returns strlen() instead - * if the string does not look like a valid utf8 string. - */ --int utf8_strnwidth(const char *string, int len, int skip_ansi) -+int utf8_strnwidth(const char *string, size_t len, int skip_ansi) - { -- int width = 0; - const char *orig = string; -+ size_t width = 0; - -- if (len == -1) -- len = strlen(string); - while (string && string < orig + len) { -- int skip; -+ int glyph_width; -+ size_t skip; -+ - while (skip_ansi && - (skip = display_mode_esc_sequence_len(string)) != 0) - string += skip; -- width += utf8_width(&string, NULL); -+ -+ glyph_width = utf8_width(&string, NULL); -+ if (glyph_width > 0) -+ width += glyph_width; - } -- return string ? width : len; -+ -+ /* -+ * TODO: fix the interface of this function and `utf8_strwidth()` to -+ * return `size_t` instead of `int`. -+ */ -+ return cast_size_t_to_int(string ? width : len); - } - - int utf8_strwidth(const char *string) - { -- return utf8_strnwidth(string, -1, 0); -+ return utf8_strnwidth(string, strlen(string), 0); - } - - int is_utf8(const char *text) -@@ -357,51 +365,51 @@ - void strbuf_utf8_replace(struct strbuf *sb_src, int pos, int width, - const char *subst) - { -- struct strbuf sb_dst = STRBUF_INIT; -- char *src = sb_src->buf; -- char *end = src + sb_src->len; -- char *dst; -- int w = 0, subst_len = 0; -- -- if (subst) -- subst_len = strlen(subst); -- strbuf_grow(&sb_dst, sb_src->len + subst_len); -- dst = sb_dst.buf; -+ const char *src = sb_src->buf, *end = sb_src->buf + sb_src->len; -+ struct strbuf dst; -+ int w = 0; -+ -+ strbuf_init(&dst, sb_src->len); - - while (src < end) { -- char *old; -+ const char *old; -+ int glyph_width; - size_t n; - - while ((n = display_mode_esc_sequence_len(src))) { -- memcpy(dst, src, n); -+ strbuf_add(&dst, src, n); - src += n; -- dst += n; - } - - if (src >= end) - break; - - old = src; -- n = utf8_width((const char**)&src, NULL); -- if (!src) /* broken utf-8, do nothing */ -+ glyph_width = utf8_width((const char**)&src, NULL); -+ if (!src) /* broken utf-8, do nothing */ - goto out; -- if (n && w >= pos && w < pos + width) { -+ -+ /* -+ * In case we see a control character we copy it into the -+ * buffer, but don't add it to the width. -+ */ -+ if (glyph_width < 0) -+ glyph_width = 0; -+ -+ if (glyph_width && w >= pos && w < pos + width) { - if (subst) { -- memcpy(dst, subst, subst_len); -- dst += subst_len; -+ strbuf_addstr(&dst, subst); - subst = NULL; - } -- w += n; -- continue; -+ } else { -+ strbuf_add(&dst, old, src - old); - } -- memcpy(dst, old, src - old); -- dst += src - old; -- w += n; -+ -+ w += glyph_width; - } -- strbuf_setlen(&sb_dst, dst - sb_dst.buf); -- strbuf_swap(sb_src, &sb_dst); -+ strbuf_swap(sb_src, &dst); - out: -- strbuf_release(&sb_dst); -+ strbuf_release(&dst); - } - - /* -@@ -791,7 +799,7 @@ - void strbuf_utf8_align(struct strbuf *buf, align_type position, unsigned int width, - const char *s) - { -- int slen = strlen(s); -+ size_t slen = strlen(s); - int display_len = utf8_strnwidth(s, slen, 0); - int utf8_compensation = slen - display_len; - -diff -ur b/utf8.h a/utf8.h ---- b/utf8.h 2021-03-26 23:03:34.000000000 +0100 -+++ a/utf8.h 2023-01-25 17:22:31.971590518 +0100 -@@ -7,7 +7,7 @@ - - size_t display_mode_esc_sequence_len(const char *s); - int utf8_width(const char **start, size_t *remainder_p); --int utf8_strnwidth(const char *string, int len, int skip_ansi); -+int utf8_strnwidth(const char *string, size_t len, int skip_ansi); - int utf8_strwidth(const char *string); - int is_utf8(const char *text); - int is_encoding_utf8(const char *name); diff --git a/SOURCES/git-2.31.1.tar.sign b/SOURCES/git-2.31.1.tar.sign deleted file mode 100644 index a7b42c1..0000000 Binary files a/SOURCES/git-2.31.1.tar.sign and /dev/null differ diff --git a/SOURCES/git-2.38.1-core-crypto-hmac.patch b/SOURCES/git-2.38.1-core-crypto-hmac.patch new file mode 100644 index 0000000..b908ced --- /dev/null +++ b/SOURCES/git-2.38.1-core-crypto-hmac.patch @@ -0,0 +1,70 @@ +diff -ur a/builtin/receive-pack.c b/builtin/receive-pack.c +--- a/builtin/receive-pack.c 2022-10-07 06:48:26.000000000 +0200 ++++ b/builtin/receive-pack.c 2022-11-21 16:34:02.417278135 +0100 +@@ -30,6 +30,8 @@ + #include "commit-reach.h" + #include "worktree.h" + #include "shallow.h" ++#include ++#include + + static const char * const receive_pack_usage[] = { + N_("git receive-pack "), +@@ -528,43 +530,11 @@ + return 0; + } + +-static void hmac_hash(unsigned char *out, ++static inline void hmac_hash(unsigned char *out, + const char *key_in, size_t key_len, + const char *text, size_t text_len) + { +- unsigned char key[GIT_MAX_BLKSZ]; +- unsigned char k_ipad[GIT_MAX_BLKSZ]; +- unsigned char k_opad[GIT_MAX_BLKSZ]; +- int i; +- git_hash_ctx ctx; +- +- /* RFC 2104 2. (1) */ +- memset(key, '\0', GIT_MAX_BLKSZ); +- if (the_hash_algo->blksz < key_len) { +- the_hash_algo->init_fn(&ctx); +- the_hash_algo->update_fn(&ctx, key_in, key_len); +- the_hash_algo->final_fn(key, &ctx); +- } else { +- memcpy(key, key_in, key_len); +- } +- +- /* RFC 2104 2. (2) & (5) */ +- for (i = 0; i < sizeof(key); i++) { +- k_ipad[i] = key[i] ^ 0x36; +- k_opad[i] = key[i] ^ 0x5c; +- } +- +- /* RFC 2104 2. (3) & (4) */ +- the_hash_algo->init_fn(&ctx); +- the_hash_algo->update_fn(&ctx, k_ipad, sizeof(k_ipad)); +- the_hash_algo->update_fn(&ctx, text, text_len); +- the_hash_algo->final_fn(out, &ctx); +- +- /* RFC 2104 2. (6) & (7) */ +- the_hash_algo->init_fn(&ctx); +- the_hash_algo->update_fn(&ctx, k_opad, sizeof(k_opad)); +- the_hash_algo->update_fn(&ctx, out, the_hash_algo->rawsz); +- the_hash_algo->final_fn(out, &ctx); ++ HMAC(EVP_sha1(), key_in, key_len, text, text_len, out, NULL); + } + + static char *prepare_push_cert_nonce(const char *path, timestamp_t stamp) +diff -ur a/Makefile b/Makefile +--- a/Makefile 2022-10-07 06:48:26.000000000 +0200 ++++ b/Makefile 2022-11-21 16:35:56.986792752 +0100 +@@ -2008,6 +2008,8 @@ + EXTLIBS += -lcrypto -lssl + endif + ++EXTLIBS += -lcrypto ++ + ifneq ($(PROCFS_EXECUTABLE_PATH),) + procfs_executable_path_SQ = $(subst ','\'',$(PROCFS_EXECUTABLE_PATH)) + BASIC_CFLAGS += '-DPROCFS_EXECUTABLE_PATH="$(procfs_executable_path_SQ)"' diff --git a/SOURCES/git-2.39.1.tar.sign b/SOURCES/git-2.39.1.tar.sign new file mode 100644 index 0000000..e6ed440 Binary files /dev/null and b/SOURCES/git-2.39.1.tar.sign differ diff --git a/SOURCES/t-lib-git-svn-try-harder-to-find-a-port-2.31.1.patch b/SOURCES/t-lib-git-svn-try-harder-to-find-a-port-2.31.1.patch deleted file mode 100644 index 3459494..0000000 --- a/SOURCES/t-lib-git-svn-try-harder-to-find-a-port-2.31.1.patch +++ /dev/null @@ -1,62 +0,0 @@ -diff -ur b/t/lib-git-svn.sh c/t/lib-git-svn.sh ---- b/t/lib-git-svn.sh 2021-03-26 23:03:34.000000000 +0100 -+++ c/t/lib-git-svn.sh 2023-01-26 13:39:32.822183929 +0100 -@@ -13,6 +13,7 @@ - GIT_DIR=$PWD/.git - GIT_SVN_DIR=$GIT_DIR/svn/refs/remotes/git-svn - SVN_TREE=$GIT_SVN_DIR/svn-tree -+SVNSERVE_PIDFILE="$PWD"/daemon.pid - test_set_port SVNSERVE_PORT - - svn >/dev/null 2>&1 -@@ -115,10 +116,35 @@ - } - - start_svnserve () { -- svnserve --listen-port $SVNSERVE_PORT \ -- --root "$rawsvnrepo" \ -- --listen-once \ -- --listen-host 127.0.0.1 & -+ test_atexit stop_svnserve -+ -+ i=0 -+ while test $i -lt ${GIT_TEST_START_SVNSERVE_TRIES:-3} -+ do -+ say >&3 "Starting svnserve on port $SVNSERVE_PORT ..." -+ svnserve --listen-port $SVNSERVE_PORT \ -+ --root "$rawsvnrepo" \ -+ --daemon --pid-file="$SVNSERVE_PIDFILE" \ -+ --listen-host 127.0.0.1 -+ ret=$? -+ # increment port and retry if unsuccessful -+ if test $ret -ne 0 -+ then -+ SVNSERVE_PORT=$(($SVNSERVE_PORT + 1)) -+ export SVNSERVE_PORT -+ else -+ break -+ fi -+ done -+} -+ -+stop_svnserve () { -+ say >&3 "Stopping svnserve ..." -+ SVNSERVE_PID="$(cat "$SVNSERVE_PIDFILE")" -+ if test -n "$SVNSERVE_PID" -+ then -+ kill "$SVNSERVE_PID" 2>/dev/null -+ fi - } - - prepare_a_utf8_locale () { -diff -ur b/t/t9113-git-svn-dcommit-new-file.sh c/t/t9113-git-svn-dcommit-new-file.sh ---- b/t/t9113-git-svn-dcommit-new-file.sh 2021-03-26 23:03:34.000000000 +0100 -+++ c/t/t9113-git-svn-dcommit-new-file.sh 2023-01-26 13:39:30.314168109 +0100 -@@ -28,7 +28,6 @@ - echo hello > git-new-dir/world && - git update-index --add git-new-dir/world && - git commit -m hello && -- start_svnserve && - git svn dcommit - " - diff --git a/SPECS/git.spec b/SPECS/git.spec index ad4a7dc..dc819ed 100644 --- a/SPECS/git.spec +++ b/SPECS/git.spec @@ -85,12 +85,15 @@ %global build_ldflags -Wl,-z,relro -Wl,-z,now %endif +# Set path to the package-notes linker script +%global _package_note_file %{_builddir}/%{name}-%{version}/.package_note-%{name}-%{version}-%{release}.%{_arch}.ld + # Define for release candidates #global rcrev .rc0 Name: git -Version: 2.31.1 -Release: 3%{?rcrev}%{?dist} +Version: 2.39.1 +Release: 1%{?rcrev}%{?dist} Summary: Fast Version Control System License: GPLv2 URL: https://git-scm.com/ @@ -123,19 +126,17 @@ Source99: print-failed-test-output Patch0: git-cvsimport-Ignore-cvsps-2.2b1-Branches-output.patch Patch1: 0001-Switch-git-instaweb-default-to-apache-2.26.2.patch # https://bugzilla.redhat.com/show_bug.cgi?id=1619113 -Patch2: git-2.27.0-core-crypto-hmac.patch -# https://bugzilla.redhat.com/2162069 -Patch3: git-2.31.1-cve-2022-23521-cve-2022-41903.patch +Patch2: git-2.38.1-core-crypto-hmac.patch # https://bugzilla.redhat.com/2114531 # tests: try harder to find open ports for apache, git, and svn # # https://github.com/tmzullinger/git/commit/aedeaaf788 -Patch4: 0001-t-lib-httpd-try-harder-to-find-a-port-for-apache.patch +Patch3: 0001-t-lib-httpd-try-harder-to-find-a-port-for-apache.patch # https://github.com/tmzullinger/git/commit/16750d024c -Patch5: 0002-t-lib-git-daemon-try-harder-to-find-a-port.patch +Patch4: 0002-t-lib-git-daemon-try-harder-to-find-a-port.patch # https://github.com/tmzullinger/git/commit/aa5105dc11 -Patch6: t-lib-git-svn-try-harder-to-find-a-port-2.31.1.patch +Patch5: 0003-t-lib-git-svn-try-harder-to-find-a-port.patch %if %{with docs} # pod2man is needed to build Git.3pm @@ -647,26 +648,17 @@ export SOURCE_DATE_EPOCH=$(date -r version +%%s 2>/dev/null) # Fix shebang in a few places to silence rpmlint complaints %if %{with python2} sed -i -e '1s@#! */usr/bin/env python$@#!%{__python2}@' \ - contrib/fast-import/import-zips.py \ - contrib/hg-to-git/hg-to-git.py \ - contrib/hooks/multimail/git_multimail.py \ - contrib/hooks/multimail/migrate-mailhook-config \ - contrib/hooks/multimail/post-receive.example + contrib/fast-import/import-zips.py %else # Remove contrib/fast-import/import-zips.py which require python2. rm -rf contrib/fast-import/import-zips.py %endif # endif with python2 -# The multimail hook is installed with git. Use python3 to avoid an -# unnecessary python2 dependency, if possible. Also fix contrib/hg-to-git -# while here. +# Use python3 to avoid an unnecessary python2 dependency, if possible. %if %{with python3} sed -i -e '1s@#!\( */usr/bin/env python\|%{__python2}\)$@#!%{__python3}@' \ - contrib/hg-to-git/hg-to-git.py \ - contrib/hooks/multimail/git_multimail.py \ - contrib/hooks/multimail/migrate-mailhook-config \ - contrib/hooks/multimail/post-receive.example + contrib/hg-to-git/hg-to-git.py %endif # endif with python3 @@ -708,6 +700,9 @@ install -Dpm 0755 contrib/diff-highlight/diff-highlight \ %{buildroot}%{_datadir}/git-core/contrib/diff-highlight rm -rf contrib/diff-highlight/{Makefile,diff-highlight,*.perl,t} +# Remove contrib/scalar to avoid cruft in the git-core-doc docdir +rm -rf contrib/scalar + # Clean up contrib/subtree to avoid cruft in the git-core-doc docdir rm -rf contrib/subtree/{INSTALL,Makefile,git-subtree*,t} @@ -771,9 +766,6 @@ mkdir -p %{buildroot}%{_datadir}/git-core/contrib/completion install -pm 644 contrib/completion/git-completion.tcsh \ %{buildroot}%{_datadir}/git-core/contrib/completion/ -# Drop .py extension from git_multimail to avoid byte-compiling -mv contrib/hooks/multimail/git_multimail{.py,} - # Move contrib/hooks out of %%docdir mkdir -p %{buildroot}%{_datadir}/git-core/contrib mv contrib/hooks %{buildroot}%{_datadir}/git-core/contrib @@ -862,7 +854,17 @@ find %{buildroot}%{_pkgdocdir} -name "*.html" -print0 | xargs -r0 linkchecker # endif with docs && with linkcheck # Tests to skip on all releases and architectures -GIT_SKIP_TESTS="" +# +# t5559-http-fetch-smart-http2 runs t5551-http-fetch-smart with +# HTTP_PROTO=HTTP/2. Unfortunately, it fails quite regularly. +# https://lore.kernel.org/git/Y4fUntdlc1mqwad5@pobox.com/ +GIT_SKIP_TESTS="t5559" + +%if 0%{?rhel} && 0%{?rhel} < 8 +# Skip tests which require mod_http2 on el7 +GIT_SKIP_TESTS="$GIT_SKIP_TESTS t5559" +%endif +# endif rhel < 8 %ifarch aarch64 %{arm} %{power64} # Skip tests which fail on aarch64, arm, and ppc @@ -871,20 +873,39 @@ GIT_SKIP_TESTS="" # to limit the maximum stack size. # t5541.35 'push 2000 tags over http' # t5551.25 'clone the 2,000 tag repo to check OS command line overflow' -GIT_SKIP_TESTS="$GIT_SKIP_TESTS t5541.35 t5551.25" +GIT_SKIP_TESTS="$GIT_SKIP_TESTS t5541.37 t5551.25" %endif # endif aarch64 %%{arm} %%{power64} -%ifarch %{power64} -# Skip tests which fail on ppc +%if 0%{?rhel} == 8 && "%{_arch}" == "s390x" +# Skip tests which fail on s390x on rhel-8 # -# t9115-git-svn-dcommit-funky-renames is disabled because it frequently fails. -# The port it uses (9115) is already in use. It is unclear if this is -# due to an issue in the test suite or a conflict with some other process on -# the build host. It only appears to occur on ppc-arches. -GIT_SKIP_TESTS="$GIT_SKIP_TESTS t9115" -%endif -# endif %%{power64} +# The following tests fail on s390x & el8. The cause should be investigated. +# However, it's a lower priority since the same tests work consistently on +# s390x with Fedora and RHEL-9. The failures seem to originate in t5300. +# +# t5300.10 'unpack without delta' +# t5300.12 'unpack with REF_DELTA' +# t5300.13 'unpack with REF_DELTA' +# t5300.14 'unpack with OFS_DELTA' +# t5300.18 'compare delta flavors' +# t5300.20 'use packed deltified (REF_DELTA) objects' +# t5300.23 'verify pack' +# t5300.24 'verify pack -v' +# t5300.25 'verify-pack catches mismatched .idx and .pack files' +# t5300.29 'verify-pack catches a corrupted sum of the index file itself' +# t5300.30 'build pack index for an existing pack' +# t5300.45 'make sure index-pack detects the SHA1 collision' +# t5300.46 'make sure index-pack detects the SHA1 collision (large blobs)' +# t5303.5 'create corruption in data of first object' +# t5303.7 '... and loose copy of second object allows for partial recovery' +# t5303.11 'create corruption in data of first delta' +# t6300.35 'basic atom: head objectsize:disk' +# t6300.91 'basic atom: tag objectsize:disk' +# t6300.92 'basic atom: tag *objectsize:disk' +GIT_SKIP_TESTS="$GIT_SKIP_TESTS t5300.1[02348] t5300.2[03459] t5300.30 t5300.4[56] t5303.[57] t5303.11 t6300.35 t6300.9[12]" +%endif +# endif rhel == 8 && arch == s390x export GIT_SKIP_TESTS @@ -894,7 +915,7 @@ export LANG=en_US.UTF-8 # Explicitly enable tests which may be skipped opportunistically # Check for variables set via test_bool_env in the test suite: # git grep 'test_bool_env GIT_' -- t/{lib-,t[0-9]}*.sh | -# sed -r 's/.* (GIT_[^ ]+) .*/\1/g' | sort -u +# sed -r 's/.* (GIT_[^ ]+) .*/\1/g' | sort -u export GIT_TEST_GIT_DAEMON=true export GIT_TEST_HTTPD=true export GIT_TEST_SVNSERVE=true @@ -938,7 +959,6 @@ rmdir --ignore-fail-on-non-empty "$testdir" %endif # endif emacs_filesystem %{_datadir}/git-core/contrib/diff-highlight -%{_datadir}/git-core/contrib/hooks/multimail %{_datadir}/git-core/contrib/hooks/update-paranoid %{_datadir}/git-core/contrib/hooks/setgitperms.perl %{_datadir}/git-core/templates/hooks/fsmonitor-watchman.sample @@ -955,7 +975,6 @@ rmdir --ignore-fail-on-non-empty "$testdir" %license COPYING # exclude is best way here because of troubles with symlinks inside git-core/ %exclude %{_datadir}/git-core/contrib/diff-highlight -%exclude %{_datadir}/git-core/contrib/hooks/multimail %exclude %{_datadir}/git-core/contrib/hooks/update-paranoid %exclude %{_datadir}/git-core/contrib/hooks/setgitperms.perl %exclude %{_datadir}/git-core/templates/hooks/fsmonitor-watchman.sample @@ -1080,10 +1099,13 @@ rmdir --ignore-fail-on-non-empty "$testdir" %{?with_docs:%{_pkgdocdir}/git-svn.html} %changelog -* Wed Jan 25 2023 Ondřej Pohořelský - 2.31.1-3 -- Fixes CVE-2022-23521 and CVE-2022-41903 -- Tests: try harder to find open ports for apache, git, and svn -- Resolves: #2162063 +* Thu Jan 19 2023 Ondrej Pohorelsky - 2.39.1-1 +- Update to 2.39.1 +- Resolves: rhbz#2162064 + +* Mon Dec 19 2022 Ondrej Pohorelsky - 2.39.0-1 +- Update to 2.39.0 +- Resolves: rhbz#2139378 * Thu Nov 25 2021 Ondrej Pohorelsky - 2.31.1-2 - Remove perl(Email::Valid) require from git-email