diff --git a/SOURCES/procps-ng-3.3.10-free-mem-petabytes-segfault.patch b/SOURCES/procps-ng-3.3.10-free-mem-petabytes-segfault.patch
new file mode 100644
index 0000000..bae7933
--- /dev/null
+++ b/SOURCES/procps-ng-3.3.10-free-mem-petabytes-segfault.patch
@@ -0,0 +1,97 @@
+diff -up ./free.1.orig ./free.1
+--- ./free.1.orig 2018-01-16 16:11:35.609874589 +0100
++++ ./free.1 2018-01-17 14:33:04.625716399 +0100
+@@ -62,6 +62,9 @@ Display the amount of memory in gigabyte
+ \fB\-\-tera\fR
+ Display the amount of memory in terabytes.
+ .TP
++\fB\-\-peta\fR
++Display the amount of memory in petabytes.
++.TP
+ \fB\-h\fR, \fB\-\-human\fP
+ Show all output fields automatically scaled to shortest three digit unit and
+ display the units of print out. Following units are used.
+@@ -72,9 +75,10 @@ display the units of print out. Followi
+ M = megas
+ G = gigas
+ T = teras
++ P = petas
+ .fi
+ .sp
+-If unit is missing, and you have petabyte of RAM or swap, the number is in
++If unit is missing, and you have exabyte of RAM or swap, the number is in
+ terabytes and columns might not be aligned with header.
+ .TP
+ \fB\-w\fR, \fB\-\-wide\fR
+diff -up ./free.c.orig ./free.c
+--- ./free.c.orig 2018-01-16 16:10:27.058158964 +0100
++++ ./free.c 2018-01-17 14:58:06.723658091 +0100
+@@ -78,6 +78,7 @@ static void __attribute__ ((__noreturn__
+ fputs(_(" -m, --mega show output in megabytes\n"), out);
+ fputs(_(" -g, --giga show output in gigabytes\n"), out);
+ fputs(_(" --tera show output in terabytes\n"), out);
++ fputs(_(" --peta show output in petabytes\n"), out);
+ fputs(_(" -h, --human show human-readable output\n"), out);
+ fputs(_(" --si use powers of 1000 not 1024\n"), out);
+ fputs(_(" -l, --lohi show detailed low and high memory statistics\n"), out);
+@@ -101,7 +102,7 @@ double power(unsigned int base, unsigned
+ /* idea of this function is copied from top size scaling */
+ static const char *scale_size(unsigned long size, int flags, struct commandline_arguments args)
+ {
+- static char nextup[] = { 'B', 'K', 'M', 'G', 'T', 0 };
++ static char nextup[] = { 'B', 'K', 'M', 'G', 'T', 'P', 0 };
+ static char buf[BUFSIZ];
+ int i;
+ char *up;
+@@ -163,6 +164,7 @@ static const char *scale_size(unsigned l
+ case 3:
+ case 4:
+ case 5:
++ case 6:
+ if (4 >=
+ snprintf(buf, sizeof(buf), "%.1f%c",
+ (float)(size / power(base, i - 2)), *up))
+@@ -172,14 +174,14 @@ static const char *scale_size(unsigned l
+ (long)(size / power(base, i - 2)), *up))
+ return buf;
+ break;
+- case 6:
++ case 7:
+ break;
+ }
+ }
+ /*
+- * On system where there is more than petabyte of memory or swap the
++ * On system where there is more than exbibyte of memory or swap the
+ * output does not fit to column. For incoming few years this should
+- * not be a big problem (wrote at Apr, 2011).
++ * not be a big problem (wrote at Apr, 2015).
+ */
+ return buf;
+ }
+@@ -197,6 +199,7 @@ int main(int argc, char **argv)
+ enum {
+ SI_OPTION = CHAR_MAX + 1,
+ TERA_OPTION,
++ PETA_OPTION,
+ HELP_OPTION
+ };
+
+@@ -206,6 +209,7 @@ int main(int argc, char **argv)
+ { "mega", no_argument, NULL, 'm' },
+ { "giga", no_argument, NULL, 'g' },
+ { "tera", no_argument, NULL, TERA_OPTION },
++ { "peta", no_argument, NULL, PETA_OPTION },
+ { "human", no_argument, NULL, 'h' },
+ { "si", no_argument, NULL, SI_OPTION },
+ { "lohi", no_argument, NULL, 'l' },
+@@ -248,6 +252,9 @@ int main(int argc, char **argv)
+ case TERA_OPTION:
+ args.exponent = 5;
+ break;
++ case PETA_OPTION:
++ args.exponent = 6;
++ break;
+ case 'h':
+ flags |= FREE_HUMANREADABLE;
+ break;
diff --git a/SOURCES/procps-ng-3.3.10-ps-new-option-loginid-luid.patch b/SOURCES/procps-ng-3.3.10-ps-new-option-loginid-luid.patch
new file mode 100644
index 0000000..c1e0ecb
--- /dev/null
+++ b/SOURCES/procps-ng-3.3.10-ps-new-option-loginid-luid.patch
@@ -0,0 +1,61 @@
+diff -up ./ps/output.c.ori ./ps/output.c
+--- ./ps/output.c.ori 2018-04-19 15:18:36.510737173 +0200
++++ ./ps/output.c 2018-04-19 15:18:07.850849743 +0200
+@@ -1087,6 +1087,34 @@ static int pr_fuid(char *restrict const
+ return snprintf(outbuf, COLWID, "%d", pp->fuid);
+ }
+
++/* LoginID implementation */
++static int pr_luid(char *restrict const outbuf, const proc_t *restrict const pp){
++ char filename[48];
++ ssize_t num_read;
++ int fd;
++ u_int32_t luid;
++
++ snprintf(filename, sizeof filename, "/proc/%d/loginuid", pp->tgid);
++
++ if ((fd = open(filename, O_RDONLY, 0)) != -1) {
++ num_read = read(fd, outbuf, OUTBUF_SIZE - 1);
++ close(fd);
++ if (num_read > 0) {
++ outbuf[num_read] = '\0';
++
++ // processes born before audit have no LoginID set
++ luid = (u_int32_t) atoi(outbuf);
++ if (luid != -1)
++ return num_read;
++ }
++ }
++ outbuf[0] = '-';
++ outbuf[1] = '\0';
++ num_read = 1;
++ return num_read;
++}
++
++
+ // The Open Group Base Specifications Issue 6 (IEEE Std 1003.1, 2004 Edition)
+ // requires that user and group names print as decimal numbers if there is
+ // not enough room in the column. However, we will now truncate such names
+@@ -1531,7 +1559,7 @@ static const format_struct format_array[
+ {"lsession", "SESSION", pr_sd_session, sr_nop, 11, SD, LNX, ET|LEFT},
+ #endif
+ {"lstart", "STARTED", pr_lstart, sr_nop, 24, 0, XXX, ET|RIGHT},
+-{"luid", "LUID", pr_nop, sr_nop, 5, 0, LNX, ET|RIGHT}, /* login ID */
++{"luid", "LUID", pr_luid, sr_nop, 5, 0, LNX, ET|RIGHT}, /* login ID */
+ {"luser", "LUSER", pr_nop, sr_nop, 8, USR, LNX, ET|USER}, /* login USER */
+ {"lwp", "LWP", pr_tasks, sr_tasks, 5, 0, SUN, TO|PIDMAX|RIGHT},
+ {"m_drs", "DRS", pr_drs, sr_drs, 5, MEM, LNx, PO|RIGHT},
+diff -up ./ps/ps.1.ori ./ps/ps.1
+--- ./ps/ps.1.ori 2018-04-19 15:18:36.510737173 +0200
++++ ./ps/ps.1 2018-04-19 15:18:25.175781694 +0200
+@@ -1353,6 +1353,10 @@ displays the login session identifier of
+ if systemd support has been included.
+ T}
+
++luid LUID T{
++displays Login ID associated with a process.
++T}
++
+ lwp LWP T{
+ light weight process (thread) ID of the dispatchable entity (alias
+ .BR spid , \ tid ).
diff --git a/SOURCES/procps-ng-3.3.10-sysctl-empty-value-allowed.patch b/SOURCES/procps-ng-3.3.10-sysctl-empty-value-allowed.patch
new file mode 100644
index 0000000..4fc5765
--- /dev/null
+++ b/SOURCES/procps-ng-3.3.10-sysctl-empty-value-allowed.patch
@@ -0,0 +1,12 @@
+diff -up ./sysctl.c.ori ./sysctl.c
+--- ./sysctl.c.ori 2018-01-04 16:56:26.705925767 +0100
++++ ./sysctl.c 2018-01-04 16:56:40.365877248 +0100
+@@ -379,7 +379,7 @@ static int WriteSetting(const char *sett
+ /* point to the value in name=value */
+ value = equals + 1;
+
+- if (!*name || !*value || name == equals) {
++ if (!*name || name == equals) {
+ xwarnx(_("malformed setting \"%s\""), setting);
+ return -2;
+ }
diff --git a/SOURCES/procps-ng-3.3.10-top-locale-independent-float-delay.patch b/SOURCES/procps-ng-3.3.10-top-locale-independent-float-delay.patch
new file mode 100644
index 0000000..8d61e69
--- /dev/null
+++ b/SOURCES/procps-ng-3.3.10-top-locale-independent-float-delay.patch
@@ -0,0 +1,35 @@
+diff -up ./top/top.c.ori ./top/top.c
+--- ./top/top.c.ori 2018-01-15 14:04:42.403457405 +0100
++++ ./top/top.c 2018-01-15 14:07:59.663713707 +0100
+@@ -1260,15 +1260,25 @@ static char *ioline (const char *prompt)
+
+
+ /*
+- * Make locale aware float (but maybe restrict to whole numbers). */
++ * Make locale unaware float (but maybe restrict to whole numbers). */
+ static int mkfloat (const char *str, float *num, int whole) {
+- char *ep;
++ char tmp[SMLBUFSIZ], *ep;
+
+- if (whole)
++ if (whole) {
+ *num = (float)strtol(str, &ep, 0);
+- else
+- *num = strtof(str, &ep);
+- if (ep != str && *ep == '\0' && *num < INT_MAX)
++ if (ep != str && *ep == '\0' && *num < INT_MAX)
++ return 1;
++ return 0;
++ }
++ snprintf(tmp, sizeof(tmp), "%s", str);
++ *num = strtof(tmp, &ep);
++ if (*ep != '\0') {
++ // fallback - try to swap the floating point separator
++ if (*ep == '.') *ep = ',';
++ else if (*ep == ',') *ep = '.';
++ *num = strtof(tmp, &ep);
++ }
++ if (ep != tmp && *ep == '\0' && *num < INT_MAX)
+ return 1;
+ return 0;
+ } // end: mkfloat
diff --git a/SPECS/procps-ng.spec b/SPECS/procps-ng.spec
index 0023798..267d951 100644
--- a/SPECS/procps-ng.spec
+++ b/SPECS/procps-ng.spec
@@ -4,7 +4,7 @@
Summary: System and process monitoring utilities
Name: procps-ng
Version: 3.3.10
-Release: 17%{?dist}.2
+Release: 23%{?dist}
License: GPL+ and GPLv2 and GPLv2+ and GPLv3+ and LGPLv2+
Group: Applications/System
URL: https://sourceforge.net/projects/procps-ng/
@@ -25,6 +25,10 @@ Patch10: procps-ng-3.3.10-sysctl-conf-manpage-predef-note.patch
Patch11: procps-ng-3.3.10-top-instant-cpu-stats.patch
Patch12: procps-ng-3.3.10-sysctl-man-conf-override-hint.patch
Patch13: procps-ng-3.3.10-top-strange-mem-val-scaling.patch
+Patch14: procps-ng-3.3.10-sysctl-empty-value-allowed.patch
+Patch15: procps-ng-3.3.10-top-locale-independent-float-delay.patch
+Patch16: procps-ng-3.3.10-free-mem-petabytes-segfault.patch
+Patch17: procps-ng-3.3.10-ps-new-option-loginid-luid.patch
Patch18: procps-ng-3.3.10-CVE-2018-1124.patch
@@ -106,6 +110,10 @@ Internationalization pack for procps-ng
%patch11 -p1
%patch12 -p1
%patch13 -p1
+%patch14 -p1
+%patch15 -p1
+%patch16 -p1
+%patch17 -p1
%patch18 -p1
@@ -188,14 +196,30 @@ rmdir %{buildroot}/share
%{_datadir}/locale/*
%changelog
-* Tue May 15 2018 Kamil Dudka <kdudka@redhat.com> - 3.3.10-17.el7_5.2
+* Tue May 15 2018 Kamil Dudka <kdudka@redhat.com> - 3.3.10-23
- check for truncation after calling snprintf()
- Related: CVE-2018-1124
-* Fri May 11 2018 Kamil Dudka <kdudka@redhat.com> - 3.3.10-17.el7_5.1
+* Fri May 11 2018 Kamil Dudka <kdudka@redhat.com> - 3.3.10-22
- fix integer overflows leading to heap overflow in file2strvec()
- Resolves: CVE-2018-1124
+* Thu Apr 19 2018 Jan Rybar <jrybar@redhat.com> - 3.3.10-21
+- ps: new format option LUID (LoginId)
+- Resolves: rhbz#1518986
+
+* Mon Jan 15 2018 Jan Rybar <jrybar@redhat.com> - 3.3.10-20
+- free: segfault when system memory exceeds petabytes
+- Resolves: rhbz#1263765
+
+* Mon Jan 15 2018 Jan Rybar <jrybar@redhat.com> - 3.3.10-19
+- top: locale independent float character in delay now accepted
+- Resolves: rhbz#1182248
+
+* Thu Jan 04 2018 Jan Rybar <jrybar@redhat.com> - 3.3.10-18
+- sysctl: empty value is now accepted
+- Resolves: rhbz#1507356
+
* Wed Sep 06 2017 Jan Rybar <jrybar@redhat.com> - 3.3.10-17
- top: strange unit scaling with high memory values
- Resolves: rhbz#1253851