!1 update to 20191109

Merge pull request !1 from yanan-rock/test_ci

CVE-2019-17594.patch

@@ -1,39 +0,0 @@
-From e414438ddee26bcb081881d035dc9e247ddba0c3 Mon Sep 17 00:00:00 2001
-Date: Wed, 16 Oct 2019 11:01:37 +0800
-Subject: [PATCH] ncurses: fix CVE-2019-17594
-
-reason:fix CVE-2019-17594
-check for invalid hashcode in _nc_find_entry
-
-CVE-2019-17594 reference:
-http://invisible-mirror.net/archives/ncurses/6.1/ncurses-6.1-20191012.patch.gz
----
- ncurses/tinfo/comp_hash.c | 10 +++++++---
- 1 file changed, 7 insertions(+), 3 deletions(-)
-
-diff --git a/ncurses/tinfo/comp_hash.c b/ncurses/tinfo/comp_hash.c
-index 959c6e1..4183f68 100644
---- a/ncurses/tinfo/comp_hash.c
-+++ b/ncurses/tinfo/comp_hash.c
-@@ -63,7 +63,9 @@ _nc_find_entry(const char *string,
- 
-     hashvalue = data->hash_of(string);
- 
--    if (data->table_data[hashvalue] >= 0) {
-+    if (hashvalue >= 0
-+	&& (unsigned) hashvalue < data->table_size
-+	&& data->table_data[hashvalue] >= 0) {
- 
- 	real_table = _nc_get_table(termcap);
- 	ptr = real_table + data->table_data[hashvalue];
-@@ -96,7 +98,9 @@ _nc_find_type_entry(const char *string,
-     const HashData *data = _nc_get_hash_info(termcap);
-     int hashvalue = data->hash_of(string);
- 
--    if (data->table_data[hashvalue] >= 0) {
-+    if (hashvalue >= 0
-+	&& (unsigned) hashvalue < data->table_size
-+	&& data->table_data[hashvalue] >= 0) {
- 	const struct name_table_entry *const table = _nc_get_table(termcap);
- 
- 	ptr = table + data->table_data[hashvalue];

CVE-2019-17595.patch

@@ -1,37 +0,0 @@
-From 07d64f8350b0c0f04ef7f3a43349c188acb4ddd8 Mon Sep 17 00:00:00 2001
-Date: Wed, 16 Oct 2019 11:20:17 +0800
-Subject: [PATCH] ncurses: fix CVE-2019-17595
-
-reason: fix CVE-2019-17595
-check for missing character after backslash in fmt_entry
-
-CVE-2019-17595 reference:
-http://invisible-mirror.net/archives/ncurses/6.1/ncurses-6.1-20191012.patch.g
-z
----
- progs/dump_entry.c | 7 ++++---
- 1 file changed, 4 insertions(+), 3 deletions(-)
-
-diff --git a/progs/dump_entry.c b/progs/dump_entry.c
-index 3b1fcb1..67ff5f4 100644
---- a/progs/dump_entry.c
-+++ b/progs/dump_entry.c
-@@ -1110,7 +1110,8 @@ fmt_entry(TERMTYPE2 *tterm,
- 				*d++ = '\\';
- 				*d = ':';
- 			    } else if (*d == '\\') {
--				*++d = *s++;
-+				if ((*++d = *s++) == '\0')
-+				    break;
- 			    }
- 			    d++;
- 			    *d = '\0';
-@@ -1370,7 +1371,7 @@ one_one_mapping(const char *mapping)
- 
-     if (VALID_STRING(mapping)) {
- 	int n = 0;
--	while (mapping[n] != '\0') {
-+	while (mapping[n] != '\0' && mapping[n + 1] != '\0') {
- 	    if (isLine(mapping[n]) &&
- 		mapping[n] != mapping[n + 1]) {
- 		result = FALSE;

ncurses-config.patch

@@ -1,6 +1,18 @@
-diff -up ncurses-6.1-20180714/misc/ncurses-config.in.config ncurses-6.1-20180714/misc/ncurses-config.in
+diff -up ncurses-6.1-20191109/misc/gen-pkgconfig.in.config ncurses-6.1-20191109/misc/gen-pkgconfig.in
---- ncurses-6.1-20180714/misc/ncurses-config.in.config	2018-06-10 00:29:01.000000000 +0200
+--- ncurses-6.1-20191109/misc/gen-pkgconfig.in.config	2019-10-13 00:27:10.000000000 +0200
-+++ ncurses-6.1-20180714/misc/ncurses-config.in	2018-07-16 16:23:22.202581815 +0200
++++ ncurses-6.1-20191109/misc/gen-pkgconfig.in	2019-11-12 09:52:09.693017663 +0100
+@@ -78,7 +78,7 @@ if [ "$includedir" != "/usr/include" ];
+ fi
+ 
+ lib_flags=
+-for opt in -L$libdir @LDFLAGS@ @EXTRA_LDFLAGS@ @LIBS@
++for opt in -L$libdir @LIBS@
+ do
+ 	case $opt in
+ 	-l*) # LIBS is handled specially below
+diff -up ncurses-6.1-20191109/misc/ncurses-config.in.config ncurses-6.1-20191109/misc/ncurses-config.in
+--- ncurses-6.1-20191109/misc/ncurses-config.in.config	2019-10-12 23:25:17.000000000 +0200
++++ ncurses-6.1-20191109/misc/ncurses-config.in	2019-11-12 09:54:42.069324995 +0100
 @@ -40,7 +40,6 @@ exec_prefix="@exec_prefix@"
  
  bindir="@bindir@"
@@ -9,16 +21,26 @@ diff -up ncurses-6.1-20180714/misc/ncurses-config.in.config ncurses-6.1-20180714
  datarootdir="@datarootdir@"
  datadir="@datadir@"
  mandir="@mandir@"
-@@ -111,7 +110,7 @@ while test $# -gt 0; do
+@@ -100,7 +99,7 @@ fi
- ENDECHO
+ # There is no portable way to find the list of standard library directories. 
- 		;;
+ # Require a POSIX shell anyway, to keep this simple.
- 	--libs)
+ lib_flags=
--		if test "$libdir" = /usr/lib
+-for opt in -L$libdir @LDFLAGS@ @EXTRA_LDFLAGS@ $LIBS
-+		if true
++for opt in $LIBS
- 		then
+ do
- 			LIBDIR=
+ 	case $opt in
- 		else
+ 	-Wl,-z,*) # ignore flags used to manipulate shared image
-@@ -155,7 +154,6 @@ ENDECHO
+@@ -109,9 +108,6 @@ do
+ 	-L*)
+ 		[ -d ${opt##-L} ] || continue
+ 		case ${opt##-L} in
+-		@LD_SEARCHPATH@) # skip standard libdir
+-			continue
+-			;;
+ 		*)
+ 			found=no
+ 			for check in $lib_flags
+@@ -231,7 +227,6 @@ ENDECHO
  		echo $INCS
  		;;
  	--libdir)

ncurses-kbs.patch

@@ -1,16 +1,16 @@
-diff -up ncurses-6.1-20180127/misc/terminfo.src.kbs ncurses-6.1-20180127/misc/terminfo.src
+diff -up ncurses-6.1-20191109/misc/terminfo.src.kbs ncurses-6.1-20191109/misc/terminfo.src
---- ncurses-6.1-20180127/misc/terminfo.src.kbs	2018-01-29 10:59:01.644758573 +0100
+--- ncurses-6.1-20191109/misc/terminfo.src.kbs	2019-11-12 09:23:27.079543254 +0100
-+++ ncurses-6.1-20180127/misc/terminfo.src	2018-01-29 11:02:34.018246276 +0100
++++ ncurses-6.1-20191109/misc/terminfo.src	2019-11-12 09:24:58.622727887 +0100
-@@ -5713,7 +5713,7 @@ rxvt-basic|rxvt terminal base (X Window
+@@ -5952,7 +5952,7 @@ rxvt-basic|rxvt terminal base (X Window
  	enacs=\E(B\E)0, flash=\E[?5h$<100/>\E[?5l, home=\E[H,
- 	ht=^I, hts=\EH, ich=\E[%p1%d@, ich1=\E[@, il=\E[%p1%dL,
+ 	ht=^I, hts=\EH, ich=\E[%p1%d@, il=\E[%p1%dL, il1=\E[L,
- 	il1=\E[L, ind=\n, is1=\E[?47l\E=\E[?1l,
+ 	ind=\n, is1=\E[?47l\E=\E[?1l,
 -	is2=\E[r\E[m\E[2J\E[H\E[?7h\E[?1;3;4;6l\E[4l, kbs=^H,
 +	is2=\E[r\E[m\E[2J\E[H\E[?7h\E[?1;3;4;6l\E[4l,
  	kcbt=\E[Z, kmous=\E[M, rc=\E8, rev=\E[7m, ri=\EM, rmacs=^O,
  	rmcup=\E[2J\E[?47l\E8, rmir=\E[4l, rmkx=\E>, rmso=\E[27m,
  	rmul=\E[24m,
-@@ -5725,7 +5725,7 @@ rxvt-basic|rxvt terminal base (X Window
+@@ -5964,7 +5964,7 @@ rxvt-basic|rxvt terminal base (X Window
  	    %p9%t\016%e\017%;,
  	sgr0=\E[0m\017, smacs=^N, smcup=\E7\E[?47h, smir=\E[4h,
  	smkx=\E=, smso=\E[7m, smul=\E[4m, tbc=\E[3g, use=vt100+enq,
@@ -19,7 +19,7 @@ diff -up ncurses-6.1-20180127/misc/terminfo.src.kbs ncurses-6.1-20180127/misc/te
  # Key Codes from rxvt reference:
  #
  # Note: Shift + F1-F10 generates F11-F20
-@@ -6897,7 +6897,7 @@ screen|VT 100/ANSI X3.64 virtual termina
+@@ -7467,7 +7467,7 @@ screen|VT 100/ANSI X3.64 virtual termina
  	dl=\E[%p1%dM, dl1=\E[M, ed=\E[J, el=\E[K, el1=\E[1K,
  	enacs=\E(B\E)0, flash=\Eg, home=\E[H, hpa=\E[%i%p1%dG,
  	ht=^I, hts=\EH, ich=\E[%p1%d@, il=\E[%p1%dL, il1=\E[L,
@@ -28,15 +28,15 @@ diff -up ncurses-6.1-20180127/misc/terminfo.src.kbs ncurses-6.1-20180127/misc/te
  	kcub1=\EOD, kcud1=\EOB, kcuf1=\EOC, kcuu1=\EOA,
  	kdch1=\E[3~, kend=\E[4~, kf1=\EOP, kf10=\E[21~,
  	kf11=\E[23~, kf12=\E[24~, kf2=\EOQ, kf3=\EOR, kf4=\EOS,
-@@ -6911,6 +6911,7 @@ screen|VT 100/ANSI X3.64 virtual termina
+@@ -7481,6 +7481,7 @@ screen|VT 100/ANSI X3.64 virtual termina
- 	sgr0=\E[m\017, smacs=^N, smcup=\E[?1049h, smir=\E[4h,
+ 	sgr0=\E[m\017, smacs=^N, smir=\E[4h, smkx=\E[?1h\E=,
- 	smkx=\E[?1h\E=, smso=\E[3m, smul=\E[4m, tbc=\E[3g,
+ 	smso=\E[3m, smul=\E[4m, tbc=\E[3g, vpa=\E[%i%p1%dd,
- 	vpa=\E[%i%p1%dd, E0=\E(B, S0=\E(%p1%c, use=ecma+color,
+ 	E0=\E(B, S0=\E(%p1%c, use=xterm+alt1049, use=ecma+color,
 +	use=xterm+kbs,
  # The bce and status-line entries are from screen 3.9.13 (and require some
  # changes to .screenrc).
  screen-bce|VT 100/ANSI X3.64 virtual terminal with bce,
-@@ -7026,6 +7027,7 @@ screen.xterm-r6|screen customized for X1
+@@ -7596,6 +7597,7 @@ screen.xterm-r6|screen customized for X1
  # on Solaris because Sun's curses implementation gets confused.
  screen.teraterm|disable ncv in teraterm,
  	ncv#127,

ncurses.spec

@@ -1,7 +1,7 @@
-%global revision 20180923
+%global revision 20191109
 Name:          ncurses
 Version:       6.1
-Release:       12
+Release:       13
 Summary:       Terminal control library
 License:       MIT
 URL:           https://invisible-island.net/ncurses/ncurses.html
@@ -12,14 +12,9 @@ Patch9:        ncurses-libs.patch
 Patch11:       ncurses-urxvt.patch
 Patch12:       ncurses-kbs.patch
 
-Patch6000:     CVE-2019-17594.patch
-Patch6001:     CVE-2019-17595.patch
-
 BuildRequires: gcc gcc-c++ gpm-devel pkgconfig
 
-Obsoletes:     ncurses < 5.6-13
+Obsoletes:     rxvt-unicode-terminfo < 9.22-18
-Obsoletes:     libtermcap < 2.0.8-48
-Obsoletes:     termcap < 1:5.5-2
 Provides:      %{name}-base = %{version}-%{release}
 Obsoletes:     %{name}-base < %{version}-%{release}
 Provides:      %{name}-libs = %{version}-%{release}
@@ -43,8 +38,6 @@ enhancements over BSD curses. SVr4 curses became the basis of X/Open Curses.
 Summary:       Development files for the ncurses library
 Requires:      %{name} = %{version}-%{release}
 Requires:      pkgconfig
-Obsoletes:     libtermcap-devel < 2.0.8-48
-Provides:      libtermcap-devel = 2.0.8-48
 Provides:      %{name}-static = %{version}-%{release}
 Obsoletes:     %{name}-static = %{version}-%{release}
 
@@ -61,6 +54,7 @@ Requires: %{name} = %{version}-%{release}
 This package contains development documentation, manuals 
 for interface function, and related documents.
 
+
 %prep
 %autosetup -n %{name}-%{version}-%{revision} -p1
 
@@ -167,7 +161,7 @@ rm -f $RPM_BUILD_ROOT%{_bindir}/ncurses*5-config
 rm -f $RPM_BUILD_ROOT%{_libdir}/terminfo
 rm -f $RPM_BUILD_ROOT%{_libdir}/pkgconfig/*_g.pc
 
-bzip2 NEWS
+xz  NEWS
 
 %ldconfig_scriptlets 
 
@@ -193,7 +187,7 @@ bzip2 NEWS
 %{_includedir}/*.h
 
 %files help
-%doc NEWS.bz2 README TO-DO
+%doc NEWS.xz README TO-DO
 %doc doc/html/hackguide.html
 %doc doc/html/ncurses-intro.html
 %doc misc/ncurses.supp
@@ -205,6 +199,9 @@ bzip2 NEWS
 
 
 %changelog
+* Fri Jan 10 2020 openEuler Buildteam <buildteam@openeuler.org> - 6.1-13
+- update to 20191102
+
 * Sat Dec 21 2019 openEuler Buildteam <buildteam@openeuler.org> - 6.1-12
 - Type:cves
 - ID:CVE-2019-17594  CVE-2019-17595