Diff between gnupg2-2.0.22-5.el7_5.src.rpm and gnupg2-2.0.22-5.amzn2.0.3.src.rpm

gnupg-centos-vs-amazon.diff

Only in amzn2/rpmbuild/SOURCES: gnupg-2.0-Fix-CVE-2014-4617.patch
diff -ru centos/rpmbuild/SPECS/gnupg2.spec amzn2/rpmbuild/SPECS/gnupg2.spec
--- centos/rpmbuild/SPECS/gnupg2.spec	2018-07-13 05:57:37.000000000 -0700
+++ amzn2/rpmbuild/SPECS/gnupg2.spec	2019-04-29 11:20:48.000000000 -0700
@@ -1,7 +1,10 @@
+%define _trivial .0
+%define _buildid .3
+
 Summary: Utility for secure communication and data storage
 Name:    gnupg2
 Version: 2.0.22
-Release: 5%{?dist}
+Release: 5%{?dist}%{?_trivial}%{?_buildid}
 
 License: GPLv3+
 Group:   Applications/System
@@ -17,6 +20,9 @@
 Patch7:  gnupg-2.0.22-rsa-es.patch
 Patch8:  gnupg-2.0.22-cve-2018-12020.patch
 
+# Amazon Patches
+Patch1000: gnupg-2.0-Fix-CVE-2014-4617.patch
+
 URL:     http://www.gnupg.org/
 
 #BuildRequires: automake libtool texinfo transfig
@@ -83,6 +89,9 @@
 %patch7 -p1 -b .rsa-es
 %patch8 -p1 -b .sanitize-filename
 
+# Amazon patches
+%patch1000 -p1 
+
 # pcsc-lite library major: 0 in 1.2.0, 1 in 1.2.9+ (dlopen()'d in pcsc-wrapper)
 # Note: this is just the name of the default shared lib to load in scdaemon,
 # it can use other implementations too (including non-pcsc ones).
@@ -197,6 +206,9 @@
 
 
 %changelog
+* Thu Apr 24 2019 Andrew Egelhofer <egelhofe@amazon.com> - 2.0.22-5.amzn2.0.3
+- Fix CVE-2014-4617
+
 * Thu Jun 21 2018 Tomáš Mráz <tmraz@redhat.com> - 2.0.22-5
 - fix CVE-2018-12020 - missing sanitization of original filename