packages/expat
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
expat/expat.spec
ZhouPengcheng d416184f53 Move autoreconf to build 
(cherry picked from commit 9542966f5578952243998da8825fd1e409df94fe)
2022-12-17 17:45:59 +08:00

162 lines
5.3 KiB
RPMSpec
Raw Blame History

%define Rversion %(echo %{version} | sed -e 's/\\./_/g' -e 's/^/R_/')
Name: expat
Version: 2.4.1
Release: 8
Summary: An XML parser library
License: MIT
URL: https://libexpat.github.io/
Source0: https://github.com/libexpat/libexpat/releases/download/%{Rversion}/expat-%{version}.tar.gz
Patch0: backport-CVE-2021-45960.patch
Patch1: backport-CVE-2021-46143.patch
Patch2: backport-CVE-2022-22822-CVE-2022-22823-CVE-2022-22824-CVE-2022-22825-CVE-2022-22826-CVE-2022-22827.patch
Patch3: backport-CVE-2022-23852-lib-Detect-and-prevent-integer-overflow-in-XML_GetBu.patch
Patch4: backport-CVE-2022-23852-tests-Cover-integer-overflow-in-XML_GetBuffer-CVE-20.patch
Patch5: backport-CVE-2022-23990-lib-Prevent-integer-overflow-in-doProlog-CVE-2022-23.patch
Patch6: backport-CVE-2022-25235-lib-Add-missing-validation-of-encoding.patch
Patch7: backport-tests-Cover-missing-validation-of-encoding.patch
Patch8: backport-CVE-2022-25236-lib-Protect-against-malicious-namespace-declarations.patch
Patch9: backport-tests-Cover-CVE-2022-25236.patch
Patch10: backport-CVE-2022-25313-Prevent-stack-exhaustion-in-build_model.patch
Patch11: backport-CVE-2022-25314-Prevent-integer-overflow-in-copyString.patch
Patch12: backport-CVE-2022-25315-Prevent-integer-overflow-in-storeRawNames.patch
Patch13: backport-Fix-build_model-regression.patch
Patch14: backport-tests-Protect-against-nested-element-declaration-mod.patch
Patch15: backport-lib-Fix-harmless-use-of-uninitialized-memory.patch
Patch16: backport-lib-Drop-unused-macro-UTF8_GET_NAMING.patch
Patch17: backport-lib-Relax-fix-to-CVE-2022-25236-with-regard-to-RFC-3.patch
Patch18: backport-tests-Cover-relaxed-fix-to-CVE-2022-25236.patch
Patch19: backport-0001-CVE-2022-40674.patch
Patch20: backport-0002-CVE-2022-40674.patch
Patch21: backport-CVE-2022-43680.patch
Patch22: backport-tests-Cover-overeager-DTD-destruction-in-XML_Externa.patch
BuildRequires: sed,autoconf,automake,gcc-c++,libtool,xmlto
%description
expat is a stream-oriented XML parser library written in C.
expat excels with files too large to fit RAM, and where
performance and flexibility are crucial.
%package devel
Summary: Development files
Requires: %{name} = %{version}-%{release}
%description devel
This package provides with static libraries and header files for developing with expat.
%package_help
%prep
%autosetup -p1
%build
autoreconf -fiv
%configure CFLAGS="$RPM_OPT_FLAGS -fPIC" DOCBOOK_TO_MAN="xmlto man --skip-validation"
%make_build
%install
%makeinstall
find %{buildroot} -type f -name changelog -delete
%check
make check
%ldconfig_scriptlets
%files
%defattr(-,root,root)
%license COPYING AUTHORS
%{_bindir}/*
%{_libdir}/libexpat.so.1*
%exclude %{_docdir}/%{name}/AUTHORS
%files devel
%defattr(-,root,root)
%{_includedir}/*
%{_libdir}/{libexpat.*a,libexpat.so}
%{_libdir}/cmake/expat-%{version}
%{_libdir}/pkgconfig/expat.pc
%files help
%defattr(-,root,root)
%doc README.md
%{_mandir}/man1/*
%changelog
* Tue Dec 13 2022 zhoupengcheng <zhoupengcheng11@huawei.com> - 2.4.8-8
- Move autoreconf to build
* Sat Oct 29 2022 fuanan <fuanan3@h-partners.com> - 2.4.1-7
- fix CVE-2022-43680
* Thu Sep 15 2022 panxiaohe <panxh.life@foxmail.com> - 2.4.1-6
- fix CVE-2022-40674
* Mon Mar 7 2022 yangzhuangzhuang <yangzhuangzhuang1@h-partners.com> - 2.4.1-5
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:Relax fix to CVE-2022-25236
* Sat Feb 26 2022 yangzhuangzhuang <yangzhuangzhuang1@h-partners.com> - 2.4.1-4
- Type:CVE
- ID:CVE-2022-25235 CVE-2022-25236 CVE-2022-25313 CVE-2022-25314 CVE-2022-25315
- SUG:NA
- DESC:Fix CVE-2022-25235 CVE-2022-25236 CVE-2022-25313 CVE-2022-25314 CVE-2022-25315
* Mon Feb 7 2022 yangzhuangzhuang <yangzhuangzhuang1@h-partners.com> - 2.4.1-3
- Type:CVE
- ID:CVE-2022-23852 CVE-2022-23990
- SUG:NA
- DESC:Fix CVE-2022-23852CVE-2022-23990
* Mon Jan 17 2022 wangjie <wangjie375@huawei.com> - 2.4.1-2
- Type:CVE
- ID:CVE-2021-45960 CVE-2021-46143 CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827
- SUG:NA
- DESC:fix CVE-2021-45960 CVE-2021-46143
CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827
* Tue Jul 6 2021 panxiaohe <panxiaohe@huawei.com> - 2.4.1-1
- update to 2.4.1
- fix CVE-2013-0340
* Wed Jan 20 2021 wangchen <wangchen137@huawei.com> - 2.2.10-1
- update to 2.2.10
* Sun Jun 28 2020 liuchenguang <liuchenguang4@huawei.com> - 2.2.9-2
- quality enhancement synchronization github patch
* Mon May 11 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.2.9-1
- Type:requirement
- ID:NA
- SUG:NA
- DESC:update to 2.2.9
* Mon Oct 21 2019 shenyangyang <shenyangyang4@huawei.com> - 2.2.6-5
- Type:NA
- ID:NA
- SUG:NA
- DESC:modify the directory of AUTHORS
* Mon Oct 21 2019 shenyangyang <shenyangyang4@huawei.com> - 2.2.6-4
- Type:NA
- ID:NA
- SUG:NA
- DESC:move AUTHORS to license directory
* Sat Sep 28 2019 shenyangyang<shenyangyang4@huawei.com> - 2.2.6-3
- Type:cves
- ID:CVE-2019-15903
- SUG:NA
- DESC:fix CVE-2019-15903
* Fri Aug 30 2019 gulining<gulining1@huawei.com> - 2.2.6-2
- Type:cves
- ID:CVE-2018-20843
- SUG:NA
- DESC:fix CVE-2018-20843
* Thu Aug 29 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.2.6-1
- Package Init
Reference in New Issue View Git Blame Copy Permalink