%global gitexecdir %{_libexecdir}/git-core Name: git Version: 2.33.0 Release: 9 Summary: A popular and widely used Version Control System License: GPLv2+ or LGPLv2.1 URL: https://git-scm.com/ Source0: https://www.kernel.org/pub/software/scm/git/%{name}-%{version}.tar.xz Source1: https://www.kernel.org/pub/software/scm/git/%{name}-%{version}.tar.sign Source100: git-gui.desktop Source101: git@.service.in Source102: git.socket Patch0: backport-0001-CVE-2022-24765.patch Patch1: backport-0002-CVE-2022-24765.patch Patch2: backport-0003-CVE-2022-24765.patch Patch3: backport-0004-CVE-2022-24765.patch Patch4: backport-t0033-add-tests-for-safe.directory.patch Patch5: backport-0005-CVE-2022-24765.patch Patch6: backport-0006-CVE-2022-24765.patch Patch7: backport-CVE-2022-29187.patch Patch8: backport-CVE-2022-39253-builtin-clone.c-disallow-local-clones-with-symlinks.patch Patch9: backport-CVE-2022-39260-shell-add-basic-tests.patch Patch10: backport-CVE-2022-39260-shell-limit-size-of-interactive-commands.patch Patch11: backport-CVE-2022-39260-alias.c-reject-too-long-cmdline-strings-in-split_cmd.patch Patch12: backport-CVE-2022-23521-attr-fix-overflow-when-upserting-attribute-with-over.patch Patch13: backport-CVE-2022-23521-attr-fix-out-of-bounds-read-with-huge-attribute-name.patch Patch14: backport-CVE-2022-23521-attr-fix-integer-overflow-when-parsing-huge-attribut.patch Patch15: backport-CVE-2022-23521-attr-fix-out-of-bounds-write-when-parsing-huge-numbe.patch Patch16: backport-CVE-2022-23521-attr-fix-out-of-bounds-read-with-unreasonable-amount.patch Patch17: backport-CVE-2022-23521-attr-fix-integer-overflow-with-more-than-INT_MAX-mac.patch Patch18: backport-CVE-2022-23521-attr-harden-allocation-against-integer-overflows.patch Patch19: backport-CVE-2022-23521-attr-fix-silently-splitting-up-lines-longer-than-204.patch Patch20: backport-CVE-2022-23521-attr-ignore-attribute-lines-exceeding-2048-bytes.patch Patch21: backport-CVE-2022-23521-attr-ignore-overly-large-gitattributes-files.patch Patch22: backport-CVE-2022-41903-test-lib-add-prerequisite-for-64-bit-platforms.patch Patch23: backport-CVE-2022-41903-pretty-fix-out-of-bounds-write-caused-by-integer-ove.patch Patch24: backport-CVE-2022-41903-pretty-fix-out-of-bounds-read-when-left-flushing-wit.patch Patch25: backport-CVE-2022-41903-pretty-fix-out-of-bounds-read-when-parsing-invalid-p.patch Patch26: backport-CVE-2022-41903-pretty-fix-adding-linefeed-when-placeholder-is-not-e.patch Patch27: backport-CVE-2022-41903-pretty-fix-integer-overflow-in-wrapping-format.patch Patch28: backport-CVE-2022-41903-utf8-fix-truncated-string-lengths-in-utf8_strnwidth.patch Patch29: backport-CVE-2022-41903-utf8-fix-returning-negative-string-width.patch Patch30: backport-CVE-2022-41903-utf8-fix-overflow-when-returning-string-width.patch Patch31: backport-CVE-2022-41903-utf8-fix-checking-for-glyph-width-in-strbuf_utf8_rep.patch Patch32: backport-CVE-2022-41903-utf8-refactor-strbuf_utf8_replace-to-not-rely-on-pre.patch Patch33: backport-CVE-2022-41903-pretty-restrict-input-lengths-for-padding-and-wrappi.patch Patch34: backport-CVE-2022-41953-windows-ignore-empty-PATH-elements.patch Patch35: backport-CVE-2022-41953-is_Cygwin-avoid-exec-ing-anything.patch Patch36: backport-CVE-2022-41953-Move-is_-platform-functions-to-the-beginning.patch Patch37: backport-CVE-2022-41953-Move-the-_which-function-almost-to-the-top.patch Patch38: backport-CVE-2022-41953-Work-around-Tcl-s-default-PATH-lookup.patch Patch39: backport-CVE-2023-22490-attr-adjust-a-mismatched-data-type.patch Patch40: backport-CVE-2023-22490-t5619-demonstrate-clone_local-with-ambiguous-transpo.patch Patch41: backport-CVE-2023-22490-clone-delay-picking-a-transport-until-after-get_repo.patch Patch42: backport-CVE-2023-22490-dir-iterator-prevent-top-level-symlinks-without-FOLL.patch Patch43: backport-CVE-2023-23946-apply-fix-writing-behind-newly-created-symbolic-link.patch BuildRequires: gcc gettext BuildRequires: openssl-devel libcurl-devel expat-devel systemd asciidoc xmlto glib2-devel libsecret-devel pcre-devel desktop-file-utils BuildRequires: python3-devel perl-generators perl-interpreter perl-Error perl(Test::More) perl-MailTools perl(Test) Requires: less zlib openssh-clients perl(Term::ReadKey) perl-Git git-core = %{version}-%{release} Obsoletes: %{name}-core-doc %{name}-subtree %{name}-p4 git-cvs < %{version}-%{release} Provides: %{name} <= %{version}-%{release} %{name}-subtree %{name}-p4 %description Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Git is easy to learn and has a tiny footprint with lightning fast performance. It outclasses SCM tools like Subversion, CVS, Perforce, and ClearCase with features like cheap local branching, convenient staging areas, and multiple workflows. %package core Summary: Core package of git with minimal functionality Requires: less Requires: openssh-clients Requires: zlib >= 1.2 %description core Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git-core rpm installs really the core tools with minimal dependencies. Install git package for common set of tools. To install all git packages, including tools for integrating with other SCMs, install the git-all meta-package %package daemon Summary: Git server daemon Requires: %{name} = %{version}-%{release} systemd %description daemon %{summary}. %package gui Summary: Graphical user interface to Git BuildArch: noarch Requires: %{name} = %{version}-%{release} tk %description gui %{summary}. %package -n gitk Summary: TK based graphical tool for visualization of Git BuildArch: noarch Requires: %{name} = %{version}-%{release} tk %description -n gitk %{summary}. %package web Summary: Git web interfaces BuildArch: noarch Requires: %{name} = %{version}-%{release} Obsoletes: gitweb %{name}-instaweb Provides: gitweb %{name}-instaweb %description web Git web interface allows user browsing git repositories via web service. %package svn Summary: Git tools for importing Subversion repositories BuildArch: noarch Requires: %{name} = %{version}-%{release} subversion perl-TermReadKey perl-Digest-MD5 %description svn %{summary}. %package email Summary: Git tools for sending patches via email BuildArch: noarch Requires: git = %{version}-%{release} Requires: perl-Authen-SASL perl-Net-SMTP-SSL %description email %{summary}. %package -n perl-Git Summary: Perl interface to Git BuildArch: noarch Requires: git = %{version}-%{release} perl(:MODULE_COMPAT_%(perl -V:version | cut -d"'" -f 2)) %description -n perl-Git %{summary}. %package -n perl-Git-SVN Summary: Perl interface to Git::SVN BuildArch: noarch Requires: git = %{version}-%{release} perl(:MODULE_COMPAT_%(perl -V:version | cut -d"'" -f 2)) %description -n perl-Git-SVN %{summary}. %package help Summary: Man pages and documents for Git system BuildArch: noarch Obsoletes: %{name}-core-doc Provides: %{name}-core-doc %description help %{summary}. %prep %autosetup -n %{name}-%{version} -p1 rm -rf perl/Git/LoadCPAN{.pm,/} grep -rlZ '^use Git::LoadCPAN::' | xargs -r0 sed -i 's/Git::LoadCPAN:://g' sed -i '/^git-cvs/d' command-list.txt %build %configure # Some options can not configure in configure script, so give options here (config.mak included in Makefile) cat > config.mak << EOF CFLAGS = %{optflags} LDFLAGS = %{__global_ldflags} NEEDS_CRYPTO_WITH_SSL = 1 USE_LIBPCRE = 1 INSTALL_SYMLINKS = 1 GNU_ROFF = 1 GITWEB_PROJECTROOT = %{_localstatedir}/lib/git PYTHON_PATH = %{__python3} htmldir = %{?_pkgdocdir} perllibdir = %{perl_vendorlib} gitwebdir = %{_localstatedir}/www/git NO_PERL_CPAN_FALLBACKS = 1 EOF # Default using python3 sed -i -e '1s@#!\( */usr/bin/env python\|%{__python2}\)$@#!%{__python3}@' \ contrib/hg-to-git/hg-to-git.py %make_build %make_build -C contrib/subtree/ %make_build -C contrib/contacts/ %make_build -C contrib/credential/libsecret/ %make_build -C contrib/credential/netrc/ %make_build -C contrib/diff-highlight/ %install %make_install install-doc %make_install -C contrib/subtree/ install-doc %make_install -C contrib/contacts/ install-doc install -p -m 644 README.md %{buildroot}%{_pkgdocdir} install -p -m 644 gitweb/INSTALL %{buildroot}%{_pkgdocdir}/INSTALL.gitweb install -p -m 644 gitweb/README %{buildroot}%{_pkgdocdir}/README.gitweb #setup bash completion install -Dpm 644 contrib/completion/git-completion.bash %{buildroot}%{_datadir}/bash-completion/completions/git ln -s git %{buildroot}%{_datadir}/bash-completion/completions/gitk # install contrib to git-core mkdir -p %{buildroot}%{_datadir}/git-core/contrib/completion install -p -m 644 contrib/completion/git-completion.tcsh %{buildroot}%{_datadir}/git-core/contrib/completion/ # install root path for gitweb mkdir -p %{buildroot}%{_localstatedir}/lib/git # install config files desktop-file-install --dir=%{buildroot}%{_datadir}/applications %{SOURCE100} install -D -p -m 644 %{SOURCE101} %{buildroot}%{_unitdir}/git@.service install -D -p -m 644 %{SOURCE102} %{buildroot}%{_unitdir}/git.socket install -pm 755 contrib/credential/libsecret/git-credential-libsecret %{buildroot}%{gitexecdir} install -pm 755 contrib/credential/netrc/git-credential-netrc %{buildroot}%{gitexecdir} rm -f %{buildroot}%{_bindir}/git-cvsserver rm -f %{buildroot}%{gitexecdir}/git-cvs* %find_lang %{name} cat %{name}.lang >> git-bin-files # split out bin for primary package (find %{buildroot}{%{_bindir},%{gitexecdir}} -type f -o -type l | grep -vE "git-(gui|daemon|cvs|svn|instaweb|citool|send-email)" | \ sed -e s@^%{buildroot}@@) >> git-bin-files exclude_re="archimport|email|git-(citool|credential-libsecret|cvs|daemon|gui|instaweb|p4|subtree|svn)|gitk|gitweb|p4merge" (find %{buildroot}{%{_bindir},%{_libexecdir}} -type f -o -type l | grep -vE "$exclude_re" | sed -e s@^%{buildroot}@@) > bin-man-doc-files (find %{buildroot}{%{_bindir},%{_libexecdir}} -mindepth 1 -type d | grep -vE "$exclude_re" | sed -e 's@^%{buildroot}@%dir @') >> bin-man-doc-files (find %{buildroot}%{perl_vendorlib} -type f | sed -e s@^%{buildroot}@@) > perl-git-files (find %{buildroot}%{perl_vendorlib} -mindepth 1 -type d | sed -e 's@^%{buildroot}@%dir @') >> perl-git-files # split out perl files for Git and Git::SVN grep Git/SVN perl-git-files > perl-git-svn-files sed -i "/Git\/SVN/ d" perl-git-files # Split core files not_core_re="git-(add--interactive|contacts|credential-netrc|filter-branch|instaweb|request-pull|send-mail)|gitweb" grep -vE "$not_core_re|%{_mandir}" bin-man-doc-files > bin-files-core %check make %{?_smp_mflags} test %preun daemon %systemd_preun git.socket %post daemon %systemd_post git.socket %postun daemon %systemd_postun_with_restart git.socket %files -f git-bin-files %defattr(-,root,root) %{_datadir}/git-core/ %{_datadir}/bash-completion/completions %doc README.md %license LGPL-2.1 COPYING %files core -f bin-files-core %license LGPL-2.1 COPYING # exclude is best way here because of troubles with symlinks inside git-core/ %exclude %{_datadir}/git-core/contrib/diff-highlight %exclude %{_datadir}/git-core/contrib/hooks/multimail %exclude %{_datadir}/git-core/contrib/hooks/update-paranoid %exclude %{_datadir}/git-core/contrib/hooks/setgitperms.perl %exclude %{_datadir}/git-core/templates/hooks/fsmonitor-watchman.sample %exclude %{_datadir}/git-core/templates/hooks/pre-rebase.sample %exclude %{_datadir}/git-core/templates/hooks/prepare-commit-msg.sample %{_datadir}/bash-completion/completions %{_datadir}/git-core/ %files daemon %defattr(-,root,root) %{_unitdir}/git.socket %{_unitdir}/git@.service %{gitexecdir}/git-daemon %{_localstatedir}/lib/git %files gui %defattr(-,root,root) %{_datadir}/applications/git-gui.desktop %{gitexecdir}/git-gui* %{gitexecdir}/git-citool %{_datadir}/git-gui/ %files -n gitk %defattr(-,root,root) %{_bindir}/gitk %{_datadir}/gitk/ %files web %defattr(-,root,root) %{_pkgdocdir}/*.gitweb %{_localstatedir}/www/git/ %{gitexecdir}/git-instaweb %files svn %defattr(-,root,root) %{gitexecdir}/git-svn %files email %defattr(-,root,root) %{gitexecdir}/*email* %files -n perl-Git -f perl-git-files %files -n perl-Git-SVN -f perl-git-svn-files %files help %defattr(-,root,root) %exclude %{_pkgdocdir}/{README.md,*.gitweb} %{_pkgdocdir}/* %{_mandir}/man1/git*.1.* %{_mandir}/man3/Git.* %{_mandir}/man5/git*.5.* %{_mandir}/man7/git*.7.* %changelog * Wed Feb 15 2023 fuanan - 2.33.0-9 - Type:CVE - ID:CVE-2023-22490 CVE-2023-23946 - SUG:NA - DESC:Fix CVE-2023-22490 CVE-2023-23946 * Tue Jan 31 2023 fuanan - 2.33.0-8 - Type:bugfix - ID:NA - SUG:NA - DESC:Modify parameter in backport-CVE-2022-23521-attr-fix-silently-splitting-up-lines-longer-than-204.patch * Sat Jan 28 2023 fuanan - 2.33.0-7 - Type:CVE - ID:CVE-2022-41953 - SUG:NA - DESC:Fix CVE-2022-41953 * Thu Jan 19 2023 fuanan - 2.33.0-6 - Type:CVE - ID:CVE-2022-23521 CVE-2022-41903 - SUG:NA - DESC:Fix CVE-2022-23521 CVE-2022-41903 * Fri Oct 21 2022 fuanan - 2.33.0-5 - Type:CVE - ID:CVE-2022-39253 CVE-2022-39260 - SUG:NA - DESC:Fix CVE-2022-39253 CVE-2022-39260 * Mon Sep 19 2022 fuanan - 2.33.0-4 - add subpackage git-core * Mon Jul 18 2022 fuanan - 2.33.0-3 - Type:CVE - ID:CVE-2022-29187 - SUG:NA - DESC:Fix CVE-2022-29187 * Fri May 20 2022 fuanan - 2.33.0-2 - Type:CVE - ID:CVE-2022-24765 - SUG:NA - DESC:Fix CVE-2022-24765 * Thu Dec 2 2021 zoulin - 2.33.0-1 - update version to 2.33.0 * Fri Sep 10 2021 fuanan - 2.30.0-6 - Type:CVE - ID:CVE-2021-40330 - SUG:NA - DESC:Fix CVE-2021-40330 * Tue Jul 20 2021 panxiaohe - 2.30.0-5 - remove unnecessary BuildRequires: gdb * Fri May 28 2021 panxiaohe - 2.30.0-4 - Fix CVE-2021-29468 - Add gcc and gettext to BuildRequires - necessary for building and msgfmt command * Fri Mar 19 2021 fuanan - 2.30.0-3 - Optimize compilation time * Thu Mar 18 2021 lirui - 2.30.0-2 - Type:CVE - ID:CVE-2021-21300 - SUG:NA - DESC:Fix CVE-2021-21300 * Wed Jan 27 2021 wangchen - 2.30.0-1 - Type:enhancement - ID:NA - SUG:NA - DESC:Update to 2.30.0 * Fri Sep 25 2020 yang_zhuang_zhuang - 2.27.0-2 - Type:bugfix - ID:NA - SUG:NA - DESC:Resolved the problem that a failure message is displayed when the git-daemon package is uninstalled * Tue Jul 28 2020 yang_zhuang_zhuang - 2.27.0-1 - Type:enhancement - ID:NA - SUG:NA - DESC:update version to 2.27.0 * Thu May 14 2020 gaihuiying - 2.23.0-16 - Type:cves - ID:CVE-2020-11008 - SUG:NA - DESC:fix CVE-2020-11008 credential: detect unrepresentable values when parsin urls fsck: detect gitmodules URLs with embedded newlines * Fri Apr 17 2020 openEuler Buildteam - 2.23.0-15 - Type:cves - ID:CVE-2020-5260 - SUG:NA - DESC:fix CVE-2020-5260 * Wed Apr 15 2020 openEuler Buildteam - 2.23.0-14 - Type:bugfix - ID:NA - SUG:NA - DESC:reset bash completion * Tue Apr 14 2020 openEuler Buildteam - 2.23.0-13 - Type:bugfix - ID:NA - SUG:NA - DESC:setup bash completion * Thu Mar 19 2020 openEuler Buildteam - 2.23.0-12 - skip updating the preference during running test suite * Sat Mar 14 2020 openEuler Buildteam - 2.23.0-11 - add build requires of gdb * Mon Feb 24 2020 openEuler Buildteam - 2.23.0-10 - delete cvs subpackage * Mon Feb 03 2020 openEuler Buildteam - 2.23.0-9 - fix CVE-2019-1348 CVE-2019-1349 CVE-2019-1350 CVE-2019-1351 CVE-2019-1352 CVE-2019-1353 CVE-2019-1354 CVE-2019-1387 CVE-2019-19604 fix test error * Thu Jan 09 2020 openEuler Buildteam - 2.23.0-8 - Delete unneeded files * Thu Dec 5 2019 shenyangyang - 2.23.0-7 - Add requires and two files in %{_libexecdir}/git-core * Thu Dec 5 2019 shenyangyang - 2.23.0-6 - Delete the perl(Error*) module that provided by perl-Git * Thu Oct 31 2019 openEuler Buildteam - 2.23.0-5 - Modify installation of contrib and templates * Wed Sep 25 2019 openEuler Buildteam - 2.23.0-4 - Modify license * Wed Sep 4 2019 openEuler Buildteam - 2.23.0-3 - Split out perl-Git-SVN * Wed Sep 4 2019 openEuler Buildteam - 2.23.0-2 - Split Package * Sat Aug 31 2019 openEuler Buildteam - 2.23.0-1 - Package init