From 0ba730d3318b63544fdb48de4b316d13fa213f7e Mon Sep 17 00:00:00 2001
From: Peter Oliver <git@mavit.org.uk>
Date: Sat, 23 Sep 2023 16:58:50 +0100
Subject: [PATCH 1/4] Upgrade to version 28.3-rc1
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Fixes CVE-2022-48337, CVE-2022-48338, CVE-2022-48339.

It [appears that there will not be an Emacs 28.3](https://lists.gnu.org/archive/html/emacs-devel/2023-06/msg00136.html), so let’s go with the release candidate.
---
 emacs.spec | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/emacs.spec b/emacs.spec
index f21a606..2627472 100644
--- a/emacs.spec
+++ b/emacs.spec
@@ -4,12 +4,12 @@
 Summary:       GNU Emacs text editor
 Name:          emacs
 Epoch:         1
-Version:       28.2
-Release:       7%{?dist}
+Version:       28.3
+Release:       0.rc1%{?dist}
 License:       GPL-3.0-or-later AND CC0-1.0
 URL:           http://www.gnu.org/software/emacs/
-Source0:       https://ftp.gnu.org/gnu/emacs/emacs-%{version}.tar.xz
-Source1:       https://ftp.gnu.org/gnu/emacs/emacs-%{version}.tar.xz.sig
+Source0:       https://alpha.gnu.org/gnu/emacs/pretest/emacs-28.3-rc1.tar.xz
+Source1:       https://alpha.gnu.org/gnu/emacs/pretest/emacs-28.3-rc1.tar.xz.sig
 # Stefan Kangas' key
 Source2:       https://keys.openpgp.org/vks/v1/by-fingerprint/CEA1DE21AB108493CC9C65742E82323B8F4353EE
 Source3:       https://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob_plain;f=lib/cdefs.h;hb=refs/heads/master#./cdefs.h
@@ -28,8 +28,6 @@ Patch3:        emacs-libdir-vs-systemd.patch
 Patch4:        emacs-pdmp-fingerprint.patch
 Patch5:        emacs-configure-c99-1.patch
 Patch6:        emacs-configure-c99-2.patch
-# CVE-2022-45939
-Patch7:        https://git.savannah.gnu.org/cgit/emacs.git/patch/?id=d48bb4874bc6cd3e69c7a15fc3c91cc141025c51#./fixed-ctags-local-command-execute-vulnerability.patch
 # https://debbugs.gnu.org/cgi/bugreport.cgi?bug=60208
 # backport of https://git.savannah.gnu.org/cgit/emacs.git/patch/?id=e59216d3be86918b995bd63273c851ebc6176a83
 Patch8:        native-compile-with_-Q.patch
@@ -222,7 +220,6 @@ cp -p %{SOURCE3} lib/
 %patch4 -p1 -b .pdmp-fingerprint
 %patch5 -p1
 %patch6 -p1
-%patch7 -p1 -b .ctags-local-execution-cve
 %patch8 -p1 -b .native-compile-Q
 %patch9 -p1 -b .webkit2gtk-4.1
 %patch10 -p1
@@ -550,6 +547,9 @@ desktop-file-validate %{buildroot}/%{_datadir}/applications/*.desktop
 %{_includedir}/emacs-module.h
 
 %changelog
+* Sat Sep 23 2023 Peter Oliver <rpm@mavit.org.uk> - 1:28.3-0.rc1
+- Upgrade to version 28.3-rc1, fixing CVE-2022-48337, CVE-2022-48338, CVE-2022-48339.
+
 * Wed May 31 2023 Benson Muite <benson_muite@emailplus.org> 1:28.2-7
 - Apply patch to prevent infinite loops when editing python files
   fixes rhbz#2187041

From ad549480d326e3e8735dd94c774b110f5f9167d7 Mon Sep 17 00:00:00 2001
From: Peter Oliver <git@mavit.org.uk>
Date: Sun, 24 Sep 2023 01:06:40 +0100
Subject: [PATCH 2/4] Remember to update sources.

---
 .gitignore | 2 ++
 sources    | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/.gitignore b/.gitignore
index 0546e5c..96a24c7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -33,3 +33,5 @@
 /emacs-28.1.tar.xz.sig
 /emacs-28.2.tar.xz
 /emacs-28.2.tar.xz.sig
+/emacs-28.3-rc1.tar.xz
+/emacs-28.3-rc1.tar.xz.sig
diff --git a/sources b/sources
index fcd9d25..23384f0 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (emacs-28.2.tar.xz) = a7cec7e3e82367815a1442f69af54102dbfc434069810a9dec5938a6660cb8b076e6f1fb0bfff9695b15603dbbe05eb9c7dfd92e90cf40fc4d1e5746bce83bd8
-SHA512 (emacs-28.2.tar.xz.sig) = de40bc10088051b2707fc9764a5a5fb49687c05bf0e27bd7ad6f5a952ad324904366ca10dbd58015e1d3d5206b900da99cf4485d7f048220e4dda657180f3d1c
+SHA512 (emacs-28.3-rc1.tar.xz) = 2cd4c5174a5ade6f928de3ff6aa1728fe0f18bd5b985d87b62f38aa083da14d9ae3db6372638548d33ef7bbb632823eabb051307d8fca6c78296bff3c79b2d2f
+SHA512 (emacs-28.3-rc1.tar.xz.sig) = 71f52c01480a7ac1858dd7b26c31ac65312ca7076cd0b07c21c16cadc23af1d4e4b68e446e3cec663a408e846b4569e893f3f3008fd2a2dc8da5fe53bf4d13e9

From f2ef61d32027fbdb90232028bfc7057cfa1a911c Mon Sep 17 00:00:00 2001
From: Peter Oliver <git@mavit.org.uk>
Date: Mon, 22 Jan 2024 19:27:21 +0000
Subject: [PATCH 3/4] Update to version 29.2.

---
 .gitignore | 2 ++
 emacs.spec | 5 ++++-
 sources    | 4 ++--
 3 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/.gitignore b/.gitignore
index bd11d19..7e610c9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -35,3 +35,5 @@
 /emacs-28.2.tar.xz.sig
 /emacs-29.1.tar.xz
 /emacs-29.1.tar.xz.sig
+/emacs-29.2.tar.xz
+/emacs-29.2.tar.xz.sig
diff --git a/emacs.spec b/emacs.spec
index da3a5ba..4a97499 100644
--- a/emacs.spec
+++ b/emacs.spec
@@ -4,7 +4,7 @@
 Summary:       GNU Emacs text editor
 Name:          emacs
 Epoch:         1
-Version:       29.1
+Version:       29.2
 Release:       2%{?dist}
 License:       GPL-3.0-or-later AND CC0-1.0
 URL:           http://www.gnu.org/software/emacs/
@@ -538,6 +538,9 @@ desktop-file-validate %{buildroot}/%{_datadir}/applications/*.desktop
 %{_includedir}/emacs-module.h
 
 %changelog
+* Mon Jan 22 2024 Peter Oliver <rpm@mavit.org.uk> - 1:29.2-2
+- Update to version 29.2.
+
 * Fri Apr 14 2023 Peter Oliver <rpm@mavit.org.uk> - 1:28.2-5
 - Eliminate "file listed twice" warings during RPM build.
 
diff --git a/sources b/sources
index 2292cd8..7e4d130 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (emacs-29.1.tar.xz) = de10f2af462682019af680e6a82fd33feb05ce6d995bedf5756264fa06e29d90cab02c5884b0aeade1c5ab39cf064e0fb6ff9f78d9eedbd162f0a985945b9ec2
-SHA512 (emacs-29.1.tar.xz.sig) = 0177a372ab5cc0fc21f90b26d4e19c2e8feee887d5807291319ee5d7fafee2d8752923f24a928492c53cc1b1f2f8e2ea5ce8b55459b2af56bfc95cf0a6b0f399
+SHA512 (emacs-29.2.tar.xz) = 293fdc2387d58dfa506ae1960b05ccdb4c16ec53c4f55a1a6b665a4fe2815cabfad6257f2b62231040889ab3843d56a01ef62fc9efc1118bf833d7773c64820a
+SHA512 (emacs-29.2.tar.xz.sig) = eae72dbfa79c5f9410f2d03d2b96eb3a0b1fd30aaf5888932cfee861c743d01b4bf9a41d8e9381a4b93f075f2e3cad056e3c8fb3915b15942ce687d6c67c962e

From 7a4fb3e1b7a1cbf92ac03b5241ca5bde3ab2231f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dan=20=C4=8Cerm=C3=A1k?= <dan.cermak@cgc-instruments.com>
Date: Mon, 25 Mar 2024 12:23:19 +0100
Subject: [PATCH 4/4] New upstream release 29.3, fixes rhbz#2271287

Drop 0001-configure-Remove-obsolete-check-for-b-i486-linuxaout.patch, it does
not appear to be necessary anymore
---
 .gitignore                                    |  2 +
 ...-obsolete-check-for-b-i486-linuxaout.patch | 62 -------------------
 emacs.spec                                    |  8 ++-
 sources                                       |  4 +-
 4 files changed, 9 insertions(+), 67 deletions(-)
 delete mode 100644 0001-configure-Remove-obsolete-check-for-b-i486-linuxaout.patch

diff --git a/.gitignore b/.gitignore
index 7e610c9..289cdb7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -37,3 +37,5 @@
 /emacs-29.1.tar.xz.sig
 /emacs-29.2.tar.xz
 /emacs-29.2.tar.xz.sig
+/emacs-29.3.tar.xz
+/emacs-29.3.tar.xz.sig
diff --git a/0001-configure-Remove-obsolete-check-for-b-i486-linuxaout.patch b/0001-configure-Remove-obsolete-check-for-b-i486-linuxaout.patch
deleted file mode 100644
index 4e488ea..0000000
--- a/0001-configure-Remove-obsolete-check-for-b-i486-linuxaout.patch
+++ /dev/null
@@ -1,62 +0,0 @@
-From 123ece3c3313101048d43a5ef2f9bd66c4e97fb7 Mon Sep 17 00:00:00 2001
-From: Florian Weimer <fweimer@redhat.com>
-Date: Fri, 23 Dec 2022 18:49:25 +0100
-Subject: [PATCH] configure: Remove obsolete check for -b i486-linuxaout
-
-If there are still a.out system arounds, they shouldn't need this
-anymore because the toolchain has been fixed.
-
-* configure.ac (emacs_cv_b_link): Remove obsolete check.
-
-(cherry picked from commit 6c1413d5ef0d1fea639b0d8c83a0c0065d99359b)
----
- configure.ac | 33 ---------------------------------
- 1 file changed, 33 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 5dd182ae6e5..8a20caa8c4e 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -2695,39 +2695,6 @@ if test "${HAVE_X11}" = "yes"; then
-     export LD_RUN_PATH
-   fi
- 
--  if test "${opsys}" = "gnu-linux"; then
--    AC_CACHE_CHECK([whether X on GNU/Linux needs -b to link], [emacs_cv_b_link],
--    [AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],
--     [[XOpenDisplay ("foo");]])],
--     [xgnu_linux_first_failure=no],
--     [xgnu_linux_first_failure=yes])
--    if test "${xgnu_linux_first_failure}" = "yes"; then
--      OLD_CPPFLAGS="$CPPFLAGS"
--      OLD_LIBS="$LIBS"
--      CPPFLAGS="$CPPFLAGS -b i486-linuxaout"
--      LIBS="$LIBS -b i486-linuxaout"
--      AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],
--       [[XOpenDisplay ("foo");]])],
--       [xgnu_linux_second_failure=no],
--       [xgnu_linux_second_failure=yes])
--      if test "${xgnu_linux_second_failure}" = "yes"; then
--	# If we get the same failure with -b, there is no use adding -b.
--	# So leave it out.  This plays safe.
--        emacs_cv_b_link=no
--      else
--        emacs_cv_b_link=yes
--      fi
--      CPPFLAGS=$OLD_CPPFLAGS
--      LIBS=$OLD_LIBS
--    else
--      emacs_cv_b_link=no
--    fi])
--    if test "x$emacs_cv_b_link" = xyes ; then
--      LD_SWITCH_X_SITE="$LD_SWITCH_X_SITE -b i486-linuxaout"
--      C_SWITCH_X_SITE="$C_SWITCH_X_SITE -b i486-linuxaout"
--    fi
--  fi
--
-   # Reportedly, some broken Solaris systems have XKBlib.h but are missing
-   # header files included from there.
-   AC_CACHE_CHECK([for Xkb], [emacs_cv_xkb],
--- 
-2.41.0
-
diff --git a/emacs.spec b/emacs.spec
index 4a97499..9dedead 100644
--- a/emacs.spec
+++ b/emacs.spec
@@ -4,8 +4,8 @@
 Summary:       GNU Emacs text editor
 Name:          emacs
 Epoch:         1
-Version:       29.2
-Release:       2%{?dist}
+Version:       29.3
+Release:       1%{?dist}
 License:       GPL-3.0-or-later AND CC0-1.0
 URL:           http://www.gnu.org/software/emacs/
 Source0:       https://ftp.gnu.org/gnu/emacs/emacs-%{version}.tar.xz
@@ -24,7 +24,6 @@ Patch2:        emacs-system-crypto-policies.patch
 # causes a dependency on pkgconfig(systemd)
 # => remove it if we stop using this patch
 Patch3:        emacs-libdir-vs-systemd.patch
-Patch5:        0001-configure-Remove-obsolete-check-for-b-i486-linuxaout.patch
 
 BuildRequires: gcc
 BuildRequires: atk-devel
@@ -538,6 +537,9 @@ desktop-file-validate %{buildroot}/%{_datadir}/applications/*.desktop
 %{_includedir}/emacs-module.h
 
 %changelog
+* Mon Mar 25 2024 Dan Čermák <dan.cermak@cgc-instruments.com> - 1:29.3-1
+- New upstream release 29.3, fixes rhbz#2271287
+
 * Mon Jan 22 2024 Peter Oliver <rpm@mavit.org.uk> - 1:29.2-2
 - Update to version 29.2.
 
diff --git a/sources b/sources
index 7e4d130..a02f31c 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (emacs-29.2.tar.xz) = 293fdc2387d58dfa506ae1960b05ccdb4c16ec53c4f55a1a6b665a4fe2815cabfad6257f2b62231040889ab3843d56a01ef62fc9efc1118bf833d7773c64820a
-SHA512 (emacs-29.2.tar.xz.sig) = eae72dbfa79c5f9410f2d03d2b96eb3a0b1fd30aaf5888932cfee861c743d01b4bf9a41d8e9381a4b93f075f2e3cad056e3c8fb3915b15942ce687d6c67c962e
+SHA512 (emacs-29.3.tar.xz) = efaecfc46a0b88f61de477d92c08ee592b8838e6c34724151a3b1502efa7ebd4d4837733c694807e6de1ba4b8d37d2ec382c6bb2ed000b67ad8f0e11c7df2a6b
+SHA512 (emacs-29.3.tar.xz.sig) = 369cd1b2f39c57be4f343c950389a20d48f87f830b39183c8e0fbaf4f1929c5915ac82ceab5c4889dfa5ce95408857a06ff7ab877da346046a73e30d873c807c