packages/nano
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!18 Update to 8.0 for fix CVE-2024-5742

Browse Source 
From: @starlet-dx 
Reviewed-by: @wk333 
Signed-off-by: @wk333
This commit is contained in:
openeuler-ci-bot 2024-06-17 09:57:36 +00:00 committed by Gitee
commit 30b35e5a71
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
3 changed files with 25 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
nano-4.9.3.tar.xz
View File

Binary file not shown.

BIN
nano-8.0.tar.xz Normal file
View File

Binary file not shown.

31
nano.spec
View File

@ -1,12 +1,12 @@
Name: nano Name: nano
Version: 4.9.3 Version: 8.0
Release: 1 Release: 1
Summary: Nano is a tiny GNU editor Summary: Nano is a tiny GNU editor
License: GPLv3+ License: GPLv3+
URL: https://www.nano-editor.org URL: https://www.nano-editor.org
Source0: https://www.nano-editor.org/dist/v4/%{name}-%{version}.tar.xz Source0: https://www.nano-editor.org/dist/v4/%{name}-%{version}.tar.xz
BuildRequires: file-devel gettext-devel gcc git ncurses-devel sed texinfo groff BuildRequires: file-devel gettext-devel gcc ncurses-devel sed texinfo groff
Conflicts: filesystem < 3 Conflicts: filesystem < 3
%description %description
@ -15,8 +15,7 @@ Nano is a tiny GNU editor
%package_help %package_help
%prep %prep
%autosetup -S git %autosetup -p1
%build %build
install -d build install -d build
@ -25,9 +24,9 @@ cd build
%configure %configure
%make_build %make_build
sed -e 's/# set nowrap/set nowrap/' \ sed -e 's/^#.*set speller.*$/set speller "hunspell"/' \
-e 's/^#.*set speller.*$/set speller "hunspell"/' \
-e 's|^# \(include "/usr/share/nano/\*.nanorc"\)|\1|' \ -e 's|^# \(include "/usr/share/nano/\*.nanorc"\)|\1|' \
doc/sample.nanorc >> ./nanorc
%install %install
cd build cd build
@ -36,6 +35,10 @@ rm -rf %{buildroot}%{_infodir}/dir
rm -rf %{buildroot}%{_docdir}/nano/{nano,nano.1,nanorc.5,rnano.1}.html rm -rf %{buildroot}%{_docdir}/nano/{nano,nano.1,nanorc.5,rnano.1}.html
install -d %{buildroot}%{_sysconfdir} install -d %{buildroot}%{_sysconfdir}
install -m 0644 ./nanorc %{buildroot}%{_sysconfdir}/nanorc
mv %{buildroot}%{_datadir}/nano/extra/* %{buildroot}%{_datadir}/nano
rm -rf %{buildroot}%{_datadir}/nano/extra
%find_lang %{name} %find_lang %{name}
@ -47,6 +50,7 @@ install -d %{buildroot}%{_sysconfdir}
%{_bindir}/* %{_bindir}/*
%{_datadir}/nano %{_datadir}/nano
%{_infodir}/nano.info* %{_infodir}/nano.info*
%config(noreplace) %{_sysconfdir}/nanorc
%files help %files help
%defattr(-,root,root) %defattr(-,root,root)
@ -57,6 +61,21 @@ install -d %{buildroot}%{_sysconfdir}
%{_defaultdocdir}/nano/faq.html %{_defaultdocdir}/nano/faq.html
%changelog %changelog
* Mon Jun 17 2024 yaoxin <yao_xin001@hoperun.com> - 8.0-1
- Update to 8.0
* CVE-2024-5742: Avoid privilege escalations via symlink attacks
on emergency save file (boo#1226099)
* By default ^F is bound to starting a forward search, and ^B to
starting a backward search, while M-F and M-B repeat the search
in the corresponding direction. (See the documentation if you
want the old bindings back.)
* Command-line option --modernbindings (-/) makes ^Q quit, ^X cut,
^C copy, ^V paste, ^Z undo, ^Y redo, ^O open a file, ^W write a file,
^R replace, ^G find again, ^D find again backwards, ^A set the mark,
^T jump to a line, ^P show the position, and ^E execute.
* For easier access, M-" is bound to placing/removing an anchor,
and M-' to jumping to the next anchor.
* Thu Sep 10 2020 baizhonggui <baizhonggui@huawei.com> - 4.9.3-1 * Thu Sep 10 2020 baizhonggui <baizhonggui@huawei.com> - 4.9.3-1
- Modify source0 - Modify source0