--- /dev/null
+diff -ruN dpkg-1.15.5.6.orig/dselect/Makefile.in dpkg-1.15.5.6/dselect/Makefile.in
+--- dpkg-1.15.5.6.orig/dselect/Makefile.in 2010-01-08 20:02:49.000000000 +0200
++++ dpkg-1.15.5.6/dselect/Makefile.in 2010-02-14 10:11:43.052023614 +0200
+@@ -276,7 +276,7 @@
+ AM_CPPFLAGS = \
+ -DLOCALEDIR=\"$(localedir)\" \
+ -DADMINDIR=\"$(admindir)\" -DLIBDIR=\"$(pkglibdir)\" \
+- -DLOCALLIBDIR=\"/usr/local/lib/dpkg\" \
++ -DLOCALLIBDIR=\"/usr/local/share/dpkg\" \
+ -idirafter $(top_srcdir)/lib/compat \
+ -iquote $(builddir) \
+ -I$(top_builddir) \
+diff -ruN dpkg-1.15.5.6.orig/dselect/methods/Debian/Dselect/Ftp.pm dpkg-1.15.5.6/dselect/methods/Debian/Dselect/Ftp.pm
+--- dpkg-1.15.5.6.orig/dselect/methods/Debian/Dselect/Ftp.pm 2010-01-08 10:00:34.000000000 +0200
++++ dpkg-1.15.5.6/dselect/methods/Debian/Dselect/Ftp.pm 2010-02-14 09:16:24.669895188 +0200
+@@ -57,12 +57,12 @@
+ }
+
+ sub view_mirrors {
+- if (-f '/usr/lib/dpkg/methods/ftp/README.mirrors.txt') {
+- system('/usr/bin/pager', '/usr/lib/dpkg/methods/ftp/README.mirrors.txt');
+- } elsif (-f '/usr/lib/dpkg/methods/ftp/README.mirrors.txt.gz') {
+- system('gzip -dc /usr/lib/dpkg/methods/ftp/README.mirrors.txt.gz | pager');
++ if (-f '/usr/share/dpkg/methods/ftp/README.mirrors.txt') {
++ system('/usr/bin/pager', '/usr/share/dpkg/methods/ftp/README.mirrors.txt');
++ } elsif (-f '/usr/share/dpkg/methods/ftp/README.mirrors.txt.gz') {
++ system('gzip -dc /usr/share/dpkg/methods/ftp/README.mirrors.txt.gz | pager');
+ } else {
+- print "/usr/lib/dpkg/methods/ftp/README.mirrors.txt(.gz): file not found.\n";
++ print "/usr/share/dpkg/methods/ftp/README.mirrors.txt(.gz): file not found.\n";
+ }
+ }
+
+diff -ruN dpkg-1.15.5.6.orig/man/de/dpkg-parsechangelog.1 dpkg-1.15.5.6/man/de/dpkg-parsechangelog.1
+--- dpkg-1.15.5.6.orig/man/de/dpkg-parsechangelog.1 2010-01-08 20:05:23.000000000 +0200
++++ dpkg-1.15.5.6/man/de/dpkg-parsechangelog.1 2010-02-14 09:22:07.409881825 +0200
+@@ -30,8 +30,8 @@
+ \fB\-L\fP\fIlibverzeichnis\fP
+ Spezifiziere ein zusätzliches Verzeichnis, dass nach Parser\-Skripten
+ durchsucht werden soll. Diese Verzeichnis wird vor den
+-Standardverzeichnissen (derzeit \fB/usr/local/lib/dpkg/parsechangelog\fP und
+-\fB/usr/lib/dpkg/parsechangelog\fP) durchsucht.
++Standardverzeichnissen (derzeit \fB/usr/local/share/dpkg/parsechangelog\fP und
++\fB/usr/share/dpkg/parsechangelog\fP) durchsucht.
+ .TP
+ \fB\-h\fP, \fB\-\-help\fP
+ Zeige den Bedienungshinweis und beende.
+diff -ruN dpkg-1.15.5.6.orig/man/dpkg-parsechangelog.1 dpkg-1.15.5.6/man/dpkg-parsechangelog.1
+--- dpkg-1.15.5.6.orig/man/dpkg-parsechangelog.1 2010-01-08 10:00:34.000000000 +0200
++++ dpkg-1.15.5.6/man/dpkg-parsechangelog.1 2010-02-14 09:17:34.013861295 +0200
+@@ -28,8 +28,8 @@
+ Specify an additional directory to search for parser scripts.
+ This directory is searched before the default directories
+ which are currently
+-.BR /usr/local/lib/dpkg/parsechangelog " and "
+-.BR /usr/lib/dpkg/parsechangelog .
++.BR /usr/share/dpkg/parsechangelog " and "
++.BR /usr/local/share/dpkg/parsechangelog .
+ .TP
+ .BR \-h ", " \-\-help
+ Show the usage message and exit.
+diff -ruN dpkg-1.15.5.6.orig/man/fr/dpkg-parsechangelog.1 dpkg-1.15.5.6/man/fr/dpkg-parsechangelog.1
+--- dpkg-1.15.5.6.orig/man/fr/dpkg-parsechangelog.1 2010-01-08 20:05:23.000000000 +0200
++++ dpkg-1.15.5.6/man/fr/dpkg-parsechangelog.1 2010-02-14 09:22:29.321880079 +0200
+@@ -29,8 +29,8 @@
+ \fB\-L\fP\fIrep_lib\fP
+ Spécifie un répertoire supplémentaire pour la recherche de scripts
+ d'analyse. Ce répertoire est examiné avant les répertoires par défaut qui
+-sont \fB/usr/local/lib/dpkg/parsechangelog\fP et
+-\fB/usr/lib/dpkg/parsechangelog\fP.
++sont \fB/usr/local/share/dpkg/parsechangelog\fP et
++\fB/usr/share/dpkg/parsechangelog\fP.
+ .TP
+ \fB\-h\fP, \fB\-\-help\fP
+ Affiche un message d'aide puis quitte.
+diff -ruN dpkg-1.15.5.6.orig/man/pl/dpkg-parsechangelog.1 dpkg-1.15.5.6/man/pl/dpkg-parsechangelog.1
+--- dpkg-1.15.5.6.orig/man/pl/dpkg-parsechangelog.1 2010-01-08 20:05:23.000000000 +0200
++++ dpkg-1.15.5.6/man/pl/dpkg-parsechangelog.1 2010-02-14 09:21:02.338880496 +0200
+@@ -29,8 +29,8 @@
+ \fB\-L\fP\fIkatalog\-lib\fP
+ Okre¶la dodatkowy katalog, w którym bêd± wyszukiwane skrypty
+ parsera. Katalog ten jest przeszukiwany przed domy¶lnymi katalogami, którymi
+-obecnie s± \fB/usr/local/lib/dpkg/parsechangelog\fP oraz
+-\fB/usr/lib/dpkg/parsechangelog\fP.
++obecnie s± \fB/usr/local/share/dpkg/parsechangelog\fP oraz
++\fB/usr/share/dpkg/parsechangelog\fP.
+ .TP
+ \fB\-h\fP, \fB\-\-help\fP
+ Wy¶wietla informacjê o u¿ytkowaniu i koñczy dzia³anie.
+diff -ruN dpkg-1.15.5.6.orig/man/po/de.po dpkg-1.15.5.6/man/po/de.po
+--- dpkg-1.15.5.6.orig/man/po/de.po 2010-01-08 20:05:23.000000000 +0200
++++ dpkg-1.15.5.6/man/po/de.po 2010-02-14 09:26:20.671868793 +0200
+@@ -7747,12 +7747,12 @@
+ msgid ""
+ "Specify an additional directory to search for parser scripts. This "
+ "directory is searched before the default directories which are currently B</"
+-"usr/local/lib/dpkg/parsechangelog> and B</usr/lib/dpkg/parsechangelog>."
++"usr/local/share/dpkg/parsechangelog> and B</usr/share/dpkg/parsechangelog>."
+ msgstr ""
+ "Spezifiziere ein zusätzliches Verzeichnis, dass nach Parser-Skripten "
+ "durchsucht werden soll. Diese Verzeichnis wird vor den "
+-"Standardverzeichnissen (derzeit B</usr/local/lib/dpkg/parsechangelog> und B</"
+-"usr/lib/dpkg/parsechangelog>) durchsucht."
++"Standardverzeichnissen (derzeit B</usr/local/share/dpkg/parsechangelog> und B</"
++"usr/share/dpkg/parsechangelog>) durchsucht."
+
+ #. type: SS
+ #: dpkg-parsechangelog.1:39
+diff -ruN dpkg-1.15.5.6.orig/man/po/dpkg-man.pot dpkg-1.15.5.6/man/po/dpkg-man.pot
+--- dpkg-1.15.5.6.orig/man/po/dpkg-man.pot 2010-01-08 19:23:01.000000000 +0200
++++ dpkg-1.15.5.6/man/po/dpkg-man.pot 2010-02-14 09:30:59.909878930 +0200
+@@ -6216,7 +6216,7 @@
+ msgid ""
+ "Specify an additional directory to search for parser scripts. This "
+ "directory is searched before the default directories which are currently "
+-"B</usr/local/lib/dpkg/parsechangelog> and B</usr/lib/dpkg/parsechangelog>."
++"B</usr/local/share/dpkg/parsechangelog> and B</usr/share/dpkg/parsechangelog>."
+ msgstr ""
+
+ #. type: SS
+diff -ruN dpkg-1.15.5.6.orig/man/po/es.po dpkg-1.15.5.6/man/po/es.po
+--- dpkg-1.15.5.6.orig/man/po/es.po 2010-01-08 20:05:23.000000000 +0200
++++ dpkg-1.15.5.6/man/po/es.po 2010-02-14 09:30:16.053872999 +0200
+@@ -7517,7 +7517,7 @@
+ msgid ""
+ "Specify an additional directory to search for parser scripts. This "
+ "directory is searched before the default directories which are currently B</"
+-"usr/local/lib/dpkg/parsechangelog> and B</usr/lib/dpkg/parsechangelog>."
++"usr/local/share/dpkg/parsechangelog> and B</usr/share/dpkg/parsechangelog>."
+ msgstr ""
+
+ #. type: SS
+diff -ruN dpkg-1.15.5.6.orig/man/po/fr.po dpkg-1.15.5.6/man/po/fr.po
+--- dpkg-1.15.5.6.orig/man/po/fr.po 2010-01-08 20:05:23.000000000 +0200
++++ dpkg-1.15.5.6/man/po/fr.po 2010-02-14 09:24:19.351874142 +0200
+@@ -7737,11 +7737,11 @@
+ msgid ""
+ "Specify an additional directory to search for parser scripts. This "
+ "directory is searched before the default directories which are currently B</"
+-"usr/local/lib/dpkg/parsechangelog> and B</usr/lib/dpkg/parsechangelog>."
++"usr/local/share/dpkg/parsechangelog> and B</usr/share/dpkg/parsechangelog>."
+ msgstr ""
+ "Spécifie un répertoire supplémentaire pour la recherche de scripts "
+ "d'analyse. Ce répertoire est examiné avant les répertoires par défaut qui "
+-"sont B</usr/local/lib/dpkg/parsechangelog> et B</usr/lib/dpkg/"
++"sont B</usr/local/share/dpkg/parsechangelog> et B</usr/share/dpkg/"
+ "parsechangelog>."
+
+ #. type: SS
+diff -ruN dpkg-1.15.5.6.orig/man/po/hu.po dpkg-1.15.5.6/man/po/hu.po
+--- dpkg-1.15.5.6.orig/man/po/hu.po 2010-01-08 20:05:23.000000000 +0200
++++ dpkg-1.15.5.6/man/po/hu.po 2010-02-14 09:26:50.311874455 +0200
+@@ -6542,7 +6542,7 @@
+ msgid ""
+ "Specify an additional directory to search for parser scripts. This "
+ "directory is searched before the default directories which are currently B</"
+-"usr/local/lib/dpkg/parsechangelog> and B</usr/lib/dpkg/parsechangelog>."
++"usr/local/share/dpkg/parsechangelog> and B</usr/share/dpkg/parsechangelog>."
+ msgstr ""
+
+ #. type: SS
+diff -ruN dpkg-1.15.5.6.orig/man/po/ja.po dpkg-1.15.5.6/man/po/ja.po
+--- dpkg-1.15.5.6.orig/man/po/ja.po 2010-01-08 20:05:23.000000000 +0200
++++ dpkg-1.15.5.6/man/po/ja.po 2010-02-14 09:28:46.064874305 +0200
+@@ -7055,7 +7055,7 @@
+ msgid ""
+ "Specify an additional directory to search for parser scripts. This "
+ "directory is searched before the default directories which are currently B</"
+-"usr/local/lib/dpkg/parsechangelog> and B</usr/lib/dpkg/parsechangelog>."
++"usr/local/share/dpkg/parsechangelog> and B</usr/share/dpkg/parsechangelog>."
+ msgstr ""
+
+ #. type: SS
+diff -ruN dpkg-1.15.5.6.orig/man/po/pl.po dpkg-1.15.5.6/man/po/pl.po
+--- dpkg-1.15.5.6.orig/man/po/pl.po 2010-01-08 20:05:23.000000000 +0200
++++ dpkg-1.15.5.6/man/po/pl.po 2010-02-14 09:27:38.024873694 +0200
+@@ -7819,11 +7819,11 @@
+ msgid ""
+ "Specify an additional directory to search for parser scripts. This "
+ "directory is searched before the default directories which are currently B</"
+-"usr/local/lib/dpkg/parsechangelog> and B</usr/lib/dpkg/parsechangelog>."
++"usr/local/share/dpkg/parsechangelog> and B</usr/share/dpkg/parsechangelog>."
+ msgstr ""
+ "Określa dodatkowy katalog, w którym będą wyszukiwane skrypty parsera. "
+ "Katalog ten jest przeszukiwany przed domyślnymi katalogami, którymi obecnie "
+-"są B</usr/local/lib/dpkg/parsechangelog> oraz B</usr/lib/dpkg/"
++"są B</usr/local/share/dpkg/parsechangelog> oraz B</usr/share/dpkg/"
+ "parsechangelog>."
+
+ #. type: SS
+diff -ruN dpkg-1.15.5.6.orig/man/po/pt_BR.po dpkg-1.15.5.6/man/po/pt_BR.po
+--- dpkg-1.15.5.6.orig/man/po/pt_BR.po 2010-01-08 20:05:23.000000000 +0200
++++ dpkg-1.15.5.6/man/po/pt_BR.po 2010-02-14 09:28:12.583874117 +0200
+@@ -6687,7 +6687,7 @@
+ msgid ""
+ "Specify an additional directory to search for parser scripts. This "
+ "directory is searched before the default directories which are currently B</"
+-"usr/local/lib/dpkg/parsechangelog> and B</usr/lib/dpkg/parsechangelog>."
++"usr/local/share/dpkg/parsechangelog> and B</usr/share/dpkg/parsechangelog>."
+ msgstr ""
+
+ #. type: SS
+diff -ruN dpkg-1.15.5.6.orig/man/po/ru.po dpkg-1.15.5.6/man/po/ru.po
+--- dpkg-1.15.5.6.orig/man/po/ru.po 2010-01-08 20:05:23.000000000 +0200
++++ dpkg-1.15.5.6/man/po/ru.po 2010-02-14 09:25:17.556873843 +0200
+@@ -6823,7 +6823,7 @@
+ msgid ""
+ "Specify an additional directory to search for parser scripts. This "
+ "directory is searched before the default directories which are currently B</"
+-"usr/local/lib/dpkg/parsechangelog> and B</usr/lib/dpkg/parsechangelog>."
++"usr/local/share/dpkg/parsechangelog> and B</usr/share/dpkg/parsechangelog>."
+ msgstr ""
+
+ #. type: SS
+diff -ruN dpkg-1.15.5.6.orig/man/po/sv.po dpkg-1.15.5.6/man/po/sv.po
+--- dpkg-1.15.5.6.orig/man/po/sv.po 2010-01-08 20:05:23.000000000 +0200
++++ dpkg-1.15.5.6/man/po/sv.po 2010-02-14 09:29:32.735874132 +0200
+@@ -7552,11 +7552,11 @@
+ msgid ""
+ "Specify an additional directory to search for parser scripts. This "
+ "directory is searched before the default directories which are currently B</"
+-"usr/local/lib/dpkg/parsechangelog> and B</usr/lib/dpkg/parsechangelog>."
++"usr/local/share/dpkg/parsechangelog> and B</usr/share/dpkg/parsechangelog>."
+ msgstr ""
+ "Ange en ytterligare katalog att söka i efter parserskript. Katalogen söks "
+-"genom innan standardkatalogerna, vilka för närvarande är B</usr/local/lib/"
+-"dpkg/parsechangelog> och B</usr/lib/dpkg/parsechangelog>."
++"genom innan standardkatalogerna, vilka för närvarande är B</usr/local/share/"
++"dpkg/parsechangelog> och B</usr/share/dpkg/parsechangelog>."
+
+ #. type: SS
+ #: dpkg-parsechangelog.1:39
+diff -ruN dpkg-1.15.5.6.orig/man/sv/dpkg-parsechangelog.1 dpkg-1.15.5.6/man/sv/dpkg-parsechangelog.1
+--- dpkg-1.15.5.6.orig/man/sv/dpkg-parsechangelog.1 2010-01-08 20:05:23.000000000 +0200
++++ dpkg-1.15.5.6/man/sv/dpkg-parsechangelog.1 2010-02-14 09:22:54.488880085 +0200
+@@ -29,7 +29,7 @@
+ \fB\-L\fP\fIbibliotekskatalog\fP
+ Ange en ytterligare katalog att söka i efter parserskript. Katalogen söks
+ genom innan standardkatalogerna, vilka för närvarande är
+-\fB/usr/local/lib/dpkg/parsechangelog\fP och \fB/usr/lib/dpkg/parsechangelog\fP.
++\fB/usr/local/share/dpkg/parsechangelog\fP och \fB/usr/share/dpkg/parsechangelog\fP.
+ .TP
+ \fB\-h\fP, \fB\-\-help\fP
+ Visar hjälpskärm och avslutar.
+diff -ruN dpkg-1.15.5.6.orig/scripts/Dpkg/Changelog/Parse.pm dpkg-1.15.5.6/scripts/Dpkg/Changelog/Parse.pm
+--- dpkg-1.15.5.6.orig/scripts/Dpkg/Changelog/Parse.pm 2010-01-08 10:00:34.000000000 +0200
++++ dpkg-1.15.5.6/scripts/Dpkg/Changelog/Parse.pm 2010-02-14 09:14:27.550879827 +0200
+@@ -50,7 +50,7 @@
+
+ The parsing itself is done by an external program (searched in the
+ following list of directories: $opt{libdir},
+-/usr/local/lib/dpkg/parsechangelog, /usr/lib/dpkg/parsechangelog) That
++/usr/local/share/dpkg/parsechangelogusr) That
+ program is named according to the format that it's able to parse. By
+ default it's either "debian" or the format name lookep up in the 40 last
+ lines of the changelog itself (extracted with this perl regular expression
+@@ -70,9 +70,8 @@
+
+ sub changelog_parse {
+ my (%options) = @_;
+- my @parserpath = ("/usr/local/lib/dpkg/parsechangelog",
+- "$dpkglibdir/parsechangelog",
+- "/usr/lib/dpkg/parsechangelog");
++ my @parserpath = ( "$dpkglibdir/parsechangelog",
++ "/usr/local/share/dpkg/parsechangelog");
+ my $format = "debian";
+ my $changelogfile = "debian/changelog";
+ my $force = 0;
--- /dev/null
+# This file contains the list of architecture names in Debian's ‘sid’
+# distribution.
+#
+# Architecture names are formed as a combination of the system name
+# (from ostable) and CPU name (from cputable) after mapping from
+# the Debian triplet (from triplettable). Support for new
+# architectures in dpkg is added in those files, architecture names
+# are only added to this file when added to the distribution.
+#
+# Column 1 is present for historical reasons only, and should be ignored.
+# Column 2 contains the Debian name for the architecture, which is returned
+# by ‘dpkg --print-architecture’.
+#
+# <ignore> <Debian name>
+i486-linux-gnu i386
+ia64-linux-gnu ia64
+alpha-linux-gnu alpha
+x86_64-linux-gnu amd64
+arm-linux-gnu arm
+arm-linux-gnueabi armel
+hppa-linux-gnu hppa
+mips-linux-gnu mips
+mipsel-linux-gnu mipsel
+powerpc-linux-gnu powerpc
+s390-linux-gnu s390
+sparc-linux-gnu sparc
+i486-gnu hurd-i386
+i486-kfreebsd-gnu kfreebsd-i386
+x86_64-kfreebsd-gnu kfreebsd-amd64
--- /dev/null
+Name: dpkg
+Version: 1.15.5.6
+Release: 6%{?dist}
+Summary: Package maintenance system for Debian Linux
+Group: System Environment/Base
+# The entire source code is GPLv2+ with exception of the following
+# lib/dpkg/md5.c, lib/dpkg/md5.h - Public domain
+# lib/dpkg/showpkg.c, dselect/methods/multicd, lib/dpkg/utils.c, lib/dpkg/showpkg.c - GPLv2
+# dselect/methods/ftp - GPL no version info
+# scripts/Dpkg/Gettext.pm - BSD
+# lib/compat/obstack.h, lib/compat/gettext.h,lib/compat/obstack.c - LGPLv2+
+License: GPLv2 and GPLv2+ and LGPLv2+ and Public Domain and BSD
+URL: http://packages.debian.org/unstable/admin/dpkg
+Source0: http://ftp.debian.org/debian/pool/main/d/dpkg/%{name}_%{version}.tar.bz2
+# obtained from dpkg-source -x dpkg_1.15.5.6.dsc
+Source1: dpkg.archtable
+# Fedora specific patch to store files under /usr/share/dpkg, not these are not binary
+# libs. and set user search path to /usr/local/share/dpkg
+Patch1: dpkg-change-libdir-path.patch
+# Fixes CVE-2010-0396 bugzilla #572522
+Patch2: fedora-fix-CVE-2010-0396-00.patch
+Patch3: fedora-fix-CVE-2010-0396-01.patch
+Patch4: fedora-bug642160-empty-argv.patch
+Patch5: fedora-fix-CVE-2010-1679_CVE-2011-0402.patch
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+BuildRequires: zlib-devel, bzip2-devel, libselinux-devel, gettext, ncurses-devel
+
+%description
+
+This package contains the tools (including dpkg-source) required
+to unpack, build and upload Debian source packages.
+
+This package also contains the programs dpkg which used to handle the
+installation and removal of packages on a Debian system.
+
+This package also contains dselect, an interface for managing the
+installation and removal of packages on the system.
+
+dpkg and dselect will certainly be non-functional on a rpm-based system
+because packages dependencies will likely be unmet.
+
+%package devel
+Summary: Debian package development tools
+Group: Development/System
+Requires: %{name} = %{version}-%{release}
+Requires: perl, patch, make, binutils, bzip2, lzma
+BuildArch: noarch
+
+%description devel
+This package provides the development tools (including dpkg-source).
+Required to unpack, build and upload Debian source packages
+
+
+%package -n dselect
+Summary: Debian package management front-end
+Group: System Environment/Base
+Requires: %{name} = %{version}-%{release}
+
+%description -n dselect
+dselect is a high-level interface for the installation/removal of debs .
+
+%prep
+%setup -q
+
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+
+# Filter unwanted Requires:
+cat << \EOF > %{name}-req
+#!/bin/sh
+%{__perl_requires} $* |\
+ sed -e '/perl(Dselect::Ftp)/d' -e '/perl(extra)/d' -e '/perl(file)/d' -e '/perl(dpkg-gettext.pl)/d' -e '/perl(controllib.pl)/d' -e '/perl(in)/d'
+EOF
+
+%define __perl_requires %{_builddir}/%{name}-%{version}/%{name}-req
+chmod +x %{__perl_requires}
+
+%build
+%configure --without-start-stop-daemon \
+ --disable-linker-optimisations \
+ --with-admindir=%{_localstatedir}/lib/dpkg \
+ --libdir=%{_datadir} \
+ --with-selinux \
+ --with-zlib \
+ --with-bz2 \
+ --disable-silent-rules
+
+make %{?_smp_mflags}
+
+
+%install
+rm -rf $RPM_BUILD_ROOT
+make install DESTDIR=$RPM_BUILD_ROOT
+install -pm0644 %SOURCE1 $RPM_BUILD_ROOT/%{_datadir}/dpkg/archtable
+
+%find_lang dpkg
+%find_lang dpkg-dev
+%find_lang dselect
+
+# fedora has its own implementation
+rm -rf $RPM_BUILD_ROOT%{_bindir}/update-alternatives
+rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/alternatives/
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+
+%files -f dpkg.lang
+%defattr(-,root,root,-)
+%doc debian/changelog README AUTHORS COPYING THANKS TODO
+%dir %{_sysconfdir}/dpkg
+%{_bindir}/dpkg
+%{_bindir}/dpkg-deb
+%{_bindir}/dpkg-query
+%{_bindir}/dpkg-split
+%{_bindir}/dpkg-trigger
+%{_bindir}/dpkg-divert
+%{_bindir}/dpkg-statoverride
+%{_sbindir}/*
+%dir %{_datadir}/dpkg
+%{_datadir}/dpkg/mksplit
+%{_datadir}/dpkg/archtable
+%{_datadir}/dpkg/cputable
+%{_datadir}/dpkg/ostable
+%{_datadir}/dpkg/triplettable
+%{perl_vendorlib}/Dpkg.pm
+%dir %{perl_vendorlib}/Dpkg
+%{perl_vendorlib}/Dpkg/Gettext.pm
+%{_mandir}/man1/dpkg-deb.1.gz
+%{_mandir}/man1/dpkg-query.1.gz
+%{_mandir}/man1/dpkg-split.1.gz
+%{_mandir}/man1/dpkg-trigger.1.gz
+%{_mandir}/man1/dpkg.1.gz
+%{_mandir}/man5/dpkg.cfg.5.gz
+%{_mandir}/man8/dpkg-divert.8.gz
+%{_mandir}/man8/dpkg-statoverride.8.gz
+#fedora has own implemenation
+%exclude %{_sbindir}/install-info
+#fedora has own implemenation
+%exclude %{_mandir}/man8/update-alternatives.8.gz
+
+%files devel -f dpkg-dev.lang
+%defattr(-,root,root,-)
+%doc doc/README.api
+%{_bindir}/dpkg-architecture
+%{_bindir}/dpkg-buildpackage
+%{_bindir}/dpkg-checkbuilddeps
+%{_bindir}/dpkg-distaddfile
+%{_bindir}/dpkg-genchanges
+%{_bindir}/dpkg-gencontrol
+%{_bindir}/dpkg-gensymbols
+%{_bindir}/dpkg-name
+%{_bindir}/dpkg-parsechangelog
+%{_bindir}/dpkg-scanpackages
+%{_bindir}/dpkg-scansources
+%{_bindir}/dpkg-shlibdeps
+%{_bindir}/dpkg-source
+%{_bindir}/dpkg-vendor
+%dir %{_datadir}/dpkg/parsechangelog
+%{_datadir}/dpkg/parsechangelog/*
+%exclude %{perl_vendorlib}/Dpkg/Gettext.pm
+%{perl_vendorlib}/Dpkg/*.pm
+%{perl_vendorlib}/Dpkg/Changelog
+%{perl_vendorlib}/Dpkg/Shlibs
+%{perl_vendorlib}/Dpkg/Source
+%{perl_vendorlib}/Dpkg/Vendor
+%{perl_vendorlib}/Dpkg/Control
+%{_mandir}/man1/dpkg-architecture.1.gz
+%{_mandir}/man1/dpkg-buildpackage.1.gz
+%{_mandir}/man1/dpkg-checkbuilddeps.1.gz
+%{_mandir}/man1/dpkg-distaddfile.1.gz
+%{_mandir}/man1/dpkg-genchanges.1.gz
+%{_mandir}/man1/dpkg-gencontrol.1.gz
+%{_mandir}/man1/dpkg-gensymbols.1.gz
+%{_mandir}/man1/dpkg-name.1.gz
+%{_mandir}/man1/dpkg-parsechangelog.1.gz
+%{_mandir}/man1/dpkg-scanpackages.1.gz
+%{_mandir}/man1/dpkg-scansources.1.gz
+%{_mandir}/man1/dpkg-shlibdeps.1.gz
+%{_mandir}/man1/dpkg-source.1.gz
+%{_mandir}/man1/dpkg-vendor.1.gz
+%{_mandir}/man5/deb-control.5.gz
+%{_mandir}/man5/deb-old.5.gz
+%{_mandir}/man5/deb-override.5.gz
+%{_mandir}/man5/deb-extra-override.5.gz
+%{_mandir}/man5/deb-shlibs.5.gz
+%{_mandir}/man5/deb-substvars.5.gz
+%{_mandir}/man5/deb-symbols.5.gz
+%{_mandir}/man5/deb-triggers.5.gz
+%{_mandir}/man5/deb-version.5.gz
+%{_mandir}/man5/deb.5.gz
+
+
+%files -n dselect -f dselect.lang
+%defattr(-,root,root,-)
+%doc dselect/methods/multicd/README.multicd dselect/methods/ftp/README.mirrors.txt
+%{_bindir}/dselect
+%{perl_vendorlib}/Debian
+%{_datadir}/dpkg/methods
+%{_mandir}/man*/dselect*.gz
+
+
+
+%changelog
+* Wed Jan 12 2011 Andrew Colin Kissa <andrew@topdog.za.net> - 1.15.5.6-6
+- Fix CVE-2010-1679
+- Fix CVE-2011-0402
+
+* Sun Oct 17 2010 Jeroen van Meeuwen <kanarip@kanarip.com> - 1.15.5.6-5
+- Apply minimal fix for rhbz #642160
+
+* Thu Mar 11 2010 Andrew Colin Kissa <andrew@topdog.za.net> - 1.15.5.6-4
+- Fix CVE-2010-0396
+
+* Mon Feb 15 2010 Andrew Colin Kissa <andrew@topdog.za.net> - 1.15.5.6-3
+- review changes
+
+* Sun Feb 14 2010 Andrew Colin Kissa <andrew@topdog.za.net> - 1.15.5.6-2
+- review changes
+
+* Sat Feb 13 2010 Andrew Colin Kissa <andrew@topdog.za.net> - 1.15.5.6-1
+- Upgrade to latest upstream
+- review changes
+
+* Tue Nov 10 2009 Andrew Colin Kissa <andrew@topdog.za.net> - 1.15.4.1-1
+- Upgrade to latest upstream
+- review changes
+
+* Tue Dec 30 2008 Leigh Scott <leigh123linux@googlemail.com> - 1.14.23-3
+- more review changes
+
+* Mon Dec 15 2008 Leigh Scott <leigh123linux@googlemail.com> - 1.14.23-1
+- bump version and make some of the review changes
+
+* Tue Aug 19 2008 Leigh Scott <leigh123linux@googlemail.com> - 1.14.20-5
+- made changes for review
+
+* Thu Jul 31 2008 Leigh Scott <leigh123linux@googlemail.com> - 1.14.20-4
+- Change release to -4 as server refused -3
+
+* Thu Jul 31 2008 Leigh Scott <leigh123linux@googlemail.com> - 1.14.20-3
+- split the package into dkpg, dpkg-dev & dselect
+
+* Tue Jul 29 2008 Leigh Scott <leigh123linux@googlemail.com> - 1.14.20-2
+- recode man files to UTF8
+
+* Tue Jul 29 2008 Leigh Scott <leigh123linux@googlemail.com> - 1.14.20-1
+- Rebuild ans add build requires ncurses-devel
+
+* Thu Jul 19 2007 Patrice Dumas <pertusus@free.fr> - 1.14.5-1
+- initial packaging
--- /dev/null
+diff -ur dpkg-1.15.5.6.orig/scripts/Dpkg/Arch.pm dpkg-1.15.5.6/scripts/Dpkg/Arch.pm
+--- dpkg-1.15.5.6.orig/scripts/Dpkg/Arch.pm 2010-01-08 08:00:34.000000000 +0000
++++ dpkg-1.15.5.6/scripts/Dpkg/Arch.pm 2010-10-17 12:29:46.916000478 +0100
+@@ -47,8 +47,9 @@
+ return $build_arch if defined $build_arch;
+
+ my $build_arch = `dpkg --print-architecture`;
+- # FIXME: Handle bootstrapping
+- syserr("dpkg --print-architecture failed") if $? >> 8;
++ if ($? >> 8 || $build_arch =~ /^\s*$/) {
++ $build_arch = get_raw_host_arch();
++ }
+
+ chomp $build_arch;
+ return $build_arch;
--- /dev/null
+diff --git a/scripts/Dpkg/Source/Patch.pm b/scripts/Dpkg/Source/Patch.pm
+--- a/scripts/Dpkg/Source/Patch.pm
++++ b/scripts/Dpkg/Source/Patch.pm
+@@ -322,8 +322,9 @@ sub analyze {
+ error(_g("expected ^--- in line %d of diff `%s'"), $., $diff);
+ }
+ $_ = strip_ts($_);
+- if ($_ eq '/dev/null' or s{^(\./)?[^/]+/}{$destdir/}) {
++ if ($_ eq '/dev/null' or s{^[^/]+/}{$destdir/}) {
+ $fn = $_;
++ error(_g("%s contains an insecure path: %s"), $diff, $_) if m{/\.\./};
+ }
+ if (/\.dpkg-orig$/) {
+ error(_g("diff `%s' patches file with name ending .dpkg-orig"), $diff);
+@@ -336,8 +337,9 @@ sub analyze {
+ error(_g("line after --- isn't as expected in diff `%s' (line %d)"), $diff, $.);
+ }
+ $_ = strip_ts($_);
+- if ($_ eq '/dev/null' or s{^(\./)?[^/]+/}{$destdir/}) {
++ if ($_ eq '/dev/null' or s{^[^/]+/}{$destdir/}) {
+ $fn2 = $_;
++ error(_g("%s contains an insecure path: %s"), $diff, $_) if m{/\.\./};
+ } else {
+ unless (defined $fn) {
+ error(_g("none of the filenames in ---/+++ are relative in diff `%s' (line %d)"),
+@@ -363,6 +365,17 @@ sub analyze {
+ if ($dirname =~ s{/[^/]+$}{} && not -d $dirname) {
+ $dirtocreate{$dirname} = 1;
+ }
++
++ # Sanity check, refuse to patch through a symlink
++ $dirname = $fn;
++ while (1) {
++ if (-l $dirname) {
++ error(_g("diff %s modifies file %s through a symlink: %s"),
++ $diff, $fn, $dirname);
++ }
++ last unless $dirname =~ s{/[^/]+$}{};
++ }
++
+ if (-e $fn and not -f _) {
+ error(_g("diff `%s' patches something which is not a plain file"), $diff);
+ }
--- /dev/null
+diff --git a/scripts/Dpkg/Source/Package/V3/quilt.pm b/scripts/Dpkg/Source/Package/V3/quilt.pm
+--- a/scripts/Dpkg/Source/Package/V3/quilt.pm
++++ b/scripts/Dpkg/Source/Package/V3/quilt.pm
+@@ -123,6 +123,7 @@ sub read_patch_list {
+ }
+ }
+ next if $opts{"skip_auto"} and $_ eq $auto_patch;
++ error(_g("%s contains an insecure path: %s"), $file, $_) if m{(^|/)\.\./};
+ push @patches, $_;
+ }
+ close(SERIES);
--- /dev/null
+diff -ruN dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Archive.pm dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Archive.pm
+--- dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Archive.pm 2010-04-15 13:38:58.000000000 +0200
++++ dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Archive.pm 2011-01-06 21:08:30.000000000 +0200
+@@ -119,7 +119,7 @@
+ # Call tar extraction process
+ $fork_opts{"delete_env"} = [ "TAR_OPTIONS" ];
+ $fork_opts{'exec'} = [ 'tar', '--no-same-owner', '--no-same-permissions',
+- @{$opts{"options"}}, '-xkf', '-' ];
++ @{$opts{"options"}}, '-xf', '-' ];
+ fork_and_exec(%fork_opts);
+ $self->cleanup_after_open();
+
+@@ -142,7 +142,7 @@
+ closedir(D);
+ my $done = 0;
+ erasedir($dest);
+- if (scalar(@entries) == 1 && -d "$tmp/$entries[0]") {
++ if (scalar(@entries) == 1 && ! -l "$tmp/$entries[0]" && -d _) {
+ rename("$tmp/$entries[0]", $dest) ||
+ syserr(_g("Unable to rename %s to %s"),
+ "$tmp/$entries[0]", $dest);
+diff -ruN dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Package/V2.pm dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Package/V2.pm
+--- dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Package/V2.pm 2010-04-15 13:38:58.000000000 +0200
++++ dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Package/V2.pm 2011-01-06 21:08:30.000000000 +0200
+@@ -115,7 +115,12 @@
+ # Extract main tarball
+ info(_g("unpacking %s"), $tarfile);
+ my $tar = Dpkg::Source::Archive->new(filename => "$dscdir$tarfile");
+- $tar->extract($newdirectory, no_fixperms => 1);
++ $tar->extract($newdirectory, no_fixperms => 1,
++ options => [ "--anchored", "--no-wildcards-match-slash",
++ "--exclude", "*/.pc", "--exclude", ".pc" ]);
++ # The .pc exclusion is only needed for 3.0 (quilt) and to avoid
++ # having an upstream tarball provide a directory with symlinks
++ # that would be blindly followed when applying the patches
+
+ # Extract additional orig tarballs
+ foreach my $subdir (keys %origtar) {
+diff -ruN dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Patch.pm dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Patch.pm
+--- dpkg-1.15.5.6ubuntu4/scripts/Dpkg/Source/Patch.pm 2010-04-15 13:38:58.000000000 +0200
++++ dpkg-1.15.5.6ubuntu4.5//scripts/Dpkg/Source/Patch.pm 2011-01-06 21:08:30.000000000 +0200
+@@ -313,11 +313,42 @@
+ $header =~ s/\s.*// unless ($header =~ s/\t.*//);
+ return $header;
+ }
++
++ sub intuit_file_patched {
++ my ($old, $new) = @_;
++ return $new unless defined $old;
++ return $old unless defined $new;
++ return $new if -e $new and not -e $old;
++ return $old if -e $old and not -e $new;
++ # We don't consider the case where both files are non-existent and
++ # where patch picks the one with the fewest directories to create
++ # since dpkg-source will pre-create the required directories
++ #
++ # Precalculate metrics used by patch
++ my ($tmp_o, $tmp_n) = ($old, $new);
++ my ($len_o, $len_n) = (length($old), length($new));
++ $tmp_o =~ s{[/\\]+}{/}g;
++ $tmp_n =~ s{[/\\]+}{/}g;
++ my $nb_comp_o = ($tmp_o =~ tr{/}{/});
++ my $nb_comp_n = ($tmp_n =~ tr{/}{/});
++ $tmp_o =~ s{^.*/}{};
++ $tmp_n =~ s{^.*/}{};
++ my ($blen_o, $blen_n) = (length($tmp_o), length($tmp_n));
++ # Decide like patch would
++ if ($nb_comp_o != $nb_comp_n) {
++ return ($nb_comp_o < $nb_comp_n) ? $old : $new;
++ } elsif ($blen_o != $blen_n) {
++ return ($blen_o < $blen_n) ? $old : $new;
++ } elsif ($len_o != $len_n) {
++ return ($len_o < $len_n) ? $old : $new;
++ }
++ return $old;
++ }
+ $_ = getline($diff_handle);
+
+ HUNK:
+ while (defined($_) || not eof($diff_handle)) {
+- my ($fn, $fn2);
++ my (%path, %fn);
+ # skip comments leading up to patch (if any)
+ until (/^--- /) {
+ last HUNK if not defined($_ = getline($diff_handle));
+@@ -327,11 +358,8 @@
+ unless(s/^--- //) {
+ error(_g("expected ^--- in line %d of diff `%s'"), $., $diff);
+ }
+- $_ = strip_ts($_);
+- if ($_ eq '/dev/null' or s{^[^/]+/}{$destdir/}) {
+- $fn = $_;
+- error(_g("%s contains an insecure path: %s"), $diff, $_) if m{/\.\./};
+- }
++ $path{'old'} = $_ = strip_ts($_);
++ $fn{'old'} = $_ if $_ ne '/dev/null' and s{^[^/]*/+}{$destdir/};
+ if (/\.dpkg-orig$/) {
+ error(_g("diff `%s' patches file with name ending .dpkg-orig"), $diff);
+ }
+@@ -342,46 +370,47 @@
+ unless (s/^\+\+\+ //) {
+ error(_g("line after --- isn't as expected in diff `%s' (line %d)"), $diff, $.);
+ }
+- $_ = strip_ts($_);
+- if ($_ eq '/dev/null' or s{^[^/]+/}{$destdir/}) {
+- $fn2 = $_;
+- error(_g("%s contains an insecure path: %s"), $diff, $_) if m{/\.\./};
+- } else {
+- unless (defined $fn) {
+- error(_g("none of the filenames in ---/+++ are relative in diff `%s' (line %d)"),
+- $diff, $.);
+- }
+- }
++ $path{'new'} = $_ = strip_ts($_);
++ $fn{'new'} = $_ if $_ ne '/dev/null' and s{^[^/]*/+}{$destdir/};
++
++ unless (defined $fn{'old'} or defined $fn{'new'}) {
++ error(_g("none of the filenames in ---/+++ are valid in diff '%s' (line %d)"),
++ $diff, $.);
++ }
+
+- if (defined($fn) and $fn eq '/dev/null') {
++ # Safety checks on both filenames that patch could use
++ foreach my $key ("old", "new") {
++ next unless defined $fn{$key};
++ if ($path{$key} =~ m{/\.\./}) {
++ error(_g("%s contains an insecure path: %s"), $diff, $path{$key});
++ }
++ my $path = $fn{$key};
++ while (1) {
++ if (-l $path) {
++ error(_g("diff %s modifies file %s through a symlink: %s"),
++ $diff, $fn{$key}, $path);
++ }
++ last unless $path =~ s{/+[^/]*$}{};
++ last if length($path) <= length($destdir); # $destdir is assumed safe
++ }
++ }
++
++ if ($path{'old'} eq '/dev/null' and $path{'new'} eq '/dev/null') {
+ error(_g("original and modified files are /dev/null in diff `%s' (line %d)"),
+- $diff, $.) if (defined($fn2) and $fn2 eq '/dev/null');
+- $fn = $fn2;
+- } elsif (defined($fn2) and $fn2 ne '/dev/null') {
+- $fn = $fn2 unless defined $fn;
+- $fn = $fn2 if ((not -e $fn) and -e $fn2);
+- } elsif (defined($fn2) and $fn2 eq '/dev/null') {
++ $diff, $.);
++ } elsif ($path{'new'} eq '/dev/null') {
+ error(_g("file removal without proper filename in diff `%s' (line %d)"),
+- $diff, $. - 1) unless defined $fn;
++ $diff, $. - 1) unless defined $fn{'old'};
+ warning(_g("diff %s removes a non-existing file %s (line %d)"),
+- $diff, $fn, $.) unless -e $fn;
++ $diff, $fn{'old'}, $.) unless -e $fn{'old'};
+ }
++ my $fn = intuit_file_patched($fn{'old'}, $fn{'new'});
+
+ my $dirname = $fn;
+ if ($dirname =~ s{/[^/]+$}{} && not -d $dirname) {
+ $dirtocreate{$dirname} = 1;
+ }
+
+- # Sanity check, refuse to patch through a symlink
+- $dirname = $fn;
+- while (1) {
+- if (-l $dirname) {
+- error(_g("diff %s modifies file %s through a symlink: %s"),
+- $diff, $fn, $dirname);
+- }
+- last unless $dirname =~ s{/[^/]+$}{};
+- }
+-
+ if (-e $fn and not -f _) {
+ error(_g("diff `%s' patches something which is not a plain file"), $diff);
+ }
Code Review / packages / centos6 / dpkg.git / commitdiff