From c7c8a74b40dc34308fda7262aa5f05a19212e8c8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dan=20=C4=8Cerm=C3=A1k?= <dan.cermak@cgc-instruments.com>
Date: Fri, 27 Jan 2023 15:38:19 +0100
Subject: [PATCH 1/3] Ensure native files are newer than byte-code files

See: https://bugzilla.redhat.com/show_bug.cgi?id=2157979#c11
---
 emacs.spec | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/emacs.spec b/emacs.spec
index 0ac1220..ef9dad1 100644
--- a/emacs.spec
+++ b/emacs.spec
@@ -5,7 +5,7 @@ Summary:       GNU Emacs text editor
 Name:          emacs
 Epoch:         1
 Version:       28.2
-Release:       2%{?dist}
+Release:       3%{?dist}
 License:       GPLv3+ and CC0
 URL:           http://www.gnu.org/software/emacs/
 Source0:       https://ftp.gnu.org/gnu/emacs/emacs-%{version}.tar.xz
@@ -447,6 +447,10 @@ sed -i -e "s|\.%{native_lisp}|%{native_lisp}|" *-eln-filelist *-dirs
 # trying to extract debuginfo from them
 find %{buildroot}%{_libdir}/ -name '*eln' -type f | xargs chmod -x
 
+# ensure native files are newer than byte-code files
+# see: https://bugzilla.redhat.com/show_bug.cgi?id=2157979#c11
+find %{buildroot}%{_libdir}/ -name '*eln' -type f | xargs touch
+
 %check
 appstream-util validate-relax --nonet %{buildroot}/%{_metainfodir}/*.metainfo.xml
 desktop-file-validate %{buildroot}/%{_datadir}/applications/*.desktop
@@ -540,6 +544,9 @@ desktop-file-validate %{buildroot}/%{_datadir}/applications/*.desktop
 %{_includedir}/emacs-module.h
 
 %changelog
+* Fri Jan 27 2023 Dan Čermák <dan.cermak@cgc-instruments.com> - 1:28.2-3
+- Ensure that emacs-nox loads the correct eln files
+
 * Tue Jan 17 2023 Dan Čermák <dan.cermak@cgc-instruments.com> - 1:28.2-2
 - Don't include everything in %%emacs_libexecdir in common subpackage, fixes rhbz#2160550
 - Don't remove exec permissions from eln files, fixes rhbz#2160547

From ee3bd980d229361a65df962315e8bbae02b7aff8 Mon Sep 17 00:00:00 2001
From: Benson Muite <benson_muite@emailplus.org>
Date: Mon, 5 Jun 2023 15:28:16 +0300
Subject: [PATCH 2/3] Prevent entering infinite loops when editing python files

Use SPDX expressions
---
 emacs.spec                                    |  15 ++-
 ...r-end-of-string-in-python-nav-end-of.patch | 107 ++++++++++++++++++
 2 files changed, 119 insertions(+), 3 deletions(-)
 create mode 100644 fix-searching-for-end-of-string-in-python-nav-end-of.patch

diff --git a/emacs.spec b/emacs.spec
index ef9dad1..49485a3 100644
--- a/emacs.spec
+++ b/emacs.spec
@@ -5,8 +5,8 @@ Summary:       GNU Emacs text editor
 Name:          emacs
 Epoch:         1
 Version:       28.2
-Release:       3%{?dist}
-License:       GPLv3+ and CC0
+Release:       4%{?dist}
+License:       GPL-3.0-or-later AND CC0-1.0
 URL:           http://www.gnu.org/software/emacs/
 Source0:       https://ftp.gnu.org/gnu/emacs/emacs-%{version}.tar.xz
 Source1:       https://ftp.gnu.org/gnu/emacs/emacs-%{version}.tar.xz.sig
@@ -33,7 +33,10 @@ Patch7:        https://git.savannah.gnu.org/cgit/emacs.git/patch/?id=d48bb4874bc
 # https://debbugs.gnu.org/cgi/bugreport.cgi?bug=60208
 # backport of https://git.savannah.gnu.org/cgit/emacs.git/patch/?id=e59216d3be86918b995bd63273c851ebc6176a83
 Patch8:        native-compile-with_-Q.patch
-
+# Fix infinite loop error https://debbugs.gnu.org/cgi/bugreport.cgi?bug=58780
+# Can be removed on next release of Emacs rhbz#2187041
+Patch9:       fix-searching-for-end-of-string-in-python-nav-end-of.patch
+ 
 BuildRequires: gcc
 BuildRequires: atk-devel
 BuildRequires: cairo-devel
@@ -220,6 +223,7 @@ cp -p %{SOURCE3} lib/
 %patch6 -p1
 %patch7 -p1 -b .ctags-local-execution-cve
 %patch8 -p1 -b .native-compile-Q
+%patch9 -p1
 autoconf
 
 grep -v "tetris.elc" lisp/Makefile.in > lisp/Makefile.in.new \
@@ -544,6 +548,11 @@ desktop-file-validate %{buildroot}/%{_datadir}/applications/*.desktop
 %{_includedir}/emacs-module.h
 
 %changelog
+* Mon Jun  5 2023 Benson Muite <benson_muite@emailplus.org> - 1:28.2-4
+- Use SPDX license expression
+- Apply patch to prevent infinite loops when editing python files
+  fixes rhbz#2187041
+
 * Fri Jan 27 2023 Dan Čermák <dan.cermak@cgc-instruments.com> - 1:28.2-3
 - Ensure that emacs-nox loads the correct eln files
 
diff --git a/fix-searching-for-end-of-string-in-python-nav-end-of.patch b/fix-searching-for-end-of-string-in-python-nav-end-of.patch
new file mode 100644
index 0000000..8466659
--- /dev/null
+++ b/fix-searching-for-end-of-string-in-python-nav-end-of.patch
@@ -0,0 +1,107 @@
+From 62cfa24a89fdbf90cbe866ad88ca635327eb1f49 Mon Sep 17 00:00:00 2001
+From: kobarity <kobarity@gmail.com>
+Date: Sun, 5 Mar 2023 17:06:26 +0900
+Subject: [PATCH 1/2] Fix searching for end of string in
+ python-nav-end-of-statement
+
+* lisp/progmodes/python.el (python-nav-end-of-statement): Add
+searching for corresponding string-quote.
+* test/lisp/progmodes/python-tests.el (python-nav-end-of-statement-3)
+(python-nav-end-of-statement-4, python-info-current-defun-4): New
+tests. (Bug#58780)
+---
+ lisp/progmodes/python.el            | 14 ++++++---
+ test/lisp/progmodes/python-tests.el | 44 +++++++++++++++++++++++++++++
+ 2 files changed, 54 insertions(+), 4 deletions(-)
+
+diff --git a/lisp/progmodes/python.el b/lisp/progmodes/python.el
+index 1f970633bfc..cc4ece1669c 100644
+--- a/lisp/progmodes/python.el
++++ b/lisp/progmodes/python.el
+@@ -2076,10 +2076,16 @@ python-nav-end-of-statement
+                            (goto-char (+ (point)
+                                          (python-syntax-count-quotes
+                                           (char-after (point)) (point))))
+-                           (setq last-string-end
+-                                 (or (re-search-forward
+-                                      (rx (syntax string-delimiter)) nil t)
+-                                     (goto-char (point-max)))))))
++                           (setq
++                            last-string-end
++                            (or (if (eq t (nth 3 (syntax-ppss)))
++                                    (re-search-forward
++                                     (rx (syntax string-delimiter)) nil t)
++                                  (ignore-error scan-error
++                                    (goto-char string-start)
++                                    (python-nav--lisp-forward-sexp)
++                                    (point)))
++                                (goto-char (point-max)))))))
+                       ((python-syntax-context 'paren)
+                        ;; The statement won't end before we've escaped
+                        ;; at least one level of parenthesis.
+diff --git a/test/lisp/progmodes/python-tests.el b/test/lisp/progmodes/python-tests.el
+index 4f24c042c6a..e9df4a2c843 100644
+--- a/test/lisp/progmodes/python-tests.el
++++ b/test/lisp/progmodes/python-tests.el
+@@ -2943,6 +2943,36 @@ python-nav-end-of-statement-2
+    "'\n''\n"
+    (python-nav-end-of-statement)))
+ 
++(ert-deftest python-nav-end-of-statement-3 ()
++  "Test unmatched quotes (Bug#58780)."
++  (python-tests-with-temp-buffer
++   "
++' \"\"\"
++v = 1
++"
++   (python-tests-look-at "v =")
++   (should (= (save-excursion
++                (python-nav-end-of-statement)
++                (point))
++              (save-excursion
++                (point-max))))))
++
++(ert-deftest python-nav-end-of-statement-4 ()
++  (python-tests-with-temp-buffer
++   "
++abc = 'a\\
++b\\
++c'
++d = '''d'''
++"
++   (python-tests-look-at "b\\")
++   (should (= (save-excursion
++                (python-nav-end-of-statement)
++                (point))
++              (save-excursion
++                (python-tests-look-at "c'")
++                (pos-eol))))))
++
+ (ert-deftest python-nav-forward-statement-1 ()
+   (python-tests-with-temp-buffer
+    "
+@@ -5209,6 +5239,20 @@ python-info-current-defun-3
+    (should (string= (python-info-current-defun t)
+                     "def decoratorFunctionWithArguments"))))
+ 
++(ert-deftest python-info-current-defun-4 ()
++  "Ensure unmatched quotes do not cause hang (Bug#58780)."
++  (python-tests-with-temp-buffer
++   "
++def func():
++    ' \"\"\"
++    v = 1
++"
++   (python-tests-look-at "v = 1")
++   (should (string= (python-info-current-defun)
++                    "func"))
++   (should (string= (python-info-current-defun t)
++                    "def func"))))
++
+ (ert-deftest python-info-current-symbol-1 ()
+   (python-tests-with-temp-buffer
+    "
+-- 
+2.34.1
+
+

From 38c0533f73f386f6d515821d1c1df483f72abca8 Mon Sep 17 00:00:00 2001
From: Peter Oliver <git@mavit.org.uk>
Date: Thu, 28 Sep 2023 13:30:18 +0100
Subject: [PATCH 3/3] Upgrade to version 28.3-rc1, fixing CVE-2022-48337,
 CVE-2022-48338, CVE-2022-48339.

---
 .gitignore |  2 ++
 emacs.spec | 14 +++++++-------
 sources    |  4 ++--
 3 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/.gitignore b/.gitignore
index 0546e5c..96a24c7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -33,3 +33,5 @@
 /emacs-28.1.tar.xz.sig
 /emacs-28.2.tar.xz
 /emacs-28.2.tar.xz.sig
+/emacs-28.3-rc1.tar.xz
+/emacs-28.3-rc1.tar.xz.sig
diff --git a/emacs.spec b/emacs.spec
index 49485a3..e344289 100644
--- a/emacs.spec
+++ b/emacs.spec
@@ -4,12 +4,12 @@
 Summary:       GNU Emacs text editor
 Name:          emacs
 Epoch:         1
-Version:       28.2
-Release:       4%{?dist}
+Version:       28.3
+Release:       0.rc1%{?dist}
 License:       GPL-3.0-or-later AND CC0-1.0
 URL:           http://www.gnu.org/software/emacs/
-Source0:       https://ftp.gnu.org/gnu/emacs/emacs-%{version}.tar.xz
-Source1:       https://ftp.gnu.org/gnu/emacs/emacs-%{version}.tar.xz.sig
+Source0:       https://alpha.gnu.org/gnu/emacs/pretest/emacs-28.3-rc1.tar.xz
+Source1:       https://alpha.gnu.org/gnu/emacs/pretest/emacs-28.3-rc1.tar.xz.sig
 # Stefan Kangas' key
 Source2:       https://keys.openpgp.org/vks/v1/by-fingerprint/CEA1DE21AB108493CC9C65742E82323B8F4353EE
 Source3:       https://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob_plain;f=lib/cdefs.h;hb=refs/heads/master#./cdefs.h
@@ -28,8 +28,6 @@ Patch3:        emacs-libdir-vs-systemd.patch
 Patch4:        emacs-pdmp-fingerprint.patch
 Patch5:        emacs-configure-c99-1.patch
 Patch6:        emacs-configure-c99-2.patch
-# CVE-2022-45939
-Patch7:        https://git.savannah.gnu.org/cgit/emacs.git/patch/?id=d48bb4874bc6cd3e69c7a15fc3c91cc141025c51#./fixed-ctags-local-command-execute-vulnerability.patch
 # https://debbugs.gnu.org/cgi/bugreport.cgi?bug=60208
 # backport of https://git.savannah.gnu.org/cgit/emacs.git/patch/?id=e59216d3be86918b995bd63273c851ebc6176a83
 Patch8:        native-compile-with_-Q.patch
@@ -221,7 +219,6 @@ cp -p %{SOURCE3} lib/
 %patch4 -p1 -b .pdmp-fingerprint
 %patch5 -p1
 %patch6 -p1
-%patch7 -p1 -b .ctags-local-execution-cve
 %patch8 -p1 -b .native-compile-Q
 %patch9 -p1
 autoconf
@@ -548,6 +545,9 @@ desktop-file-validate %{buildroot}/%{_datadir}/applications/*.desktop
 %{_includedir}/emacs-module.h
 
 %changelog
+* Sat Sep 23 2023 Peter Oliver <rpm@mavit.org.uk> - 1:28.3-0.rc1
+- Upgrade to version 28.3-rc1, fixing CVE-2022-48337, CVE-2022-48338, CVE-2022-48339.
+
 * Mon Jun  5 2023 Benson Muite <benson_muite@emailplus.org> - 1:28.2-4
 - Use SPDX license expression
 - Apply patch to prevent infinite loops when editing python files
diff --git a/sources b/sources
index fcd9d25..23384f0 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (emacs-28.2.tar.xz) = a7cec7e3e82367815a1442f69af54102dbfc434069810a9dec5938a6660cb8b076e6f1fb0bfff9695b15603dbbe05eb9c7dfd92e90cf40fc4d1e5746bce83bd8
-SHA512 (emacs-28.2.tar.xz.sig) = de40bc10088051b2707fc9764a5a5fb49687c05bf0e27bd7ad6f5a952ad324904366ca10dbd58015e1d3d5206b900da99cf4485d7f048220e4dda657180f3d1c
+SHA512 (emacs-28.3-rc1.tar.xz) = 2cd4c5174a5ade6f928de3ff6aa1728fe0f18bd5b985d87b62f38aa083da14d9ae3db6372638548d33ef7bbb632823eabb051307d8fca6c78296bff3c79b2d2f
+SHA512 (emacs-28.3-rc1.tar.xz.sig) = 71f52c01480a7ac1858dd7b26c31ac65312ca7076cd0b07c21c16cadc23af1d4e4b68e446e3cec663a408e846b4569e893f3f3008fd2a2dc8da5fe53bf4d13e9