SLFO-pool/jdom
SHA256
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sync from SUSE:SLFO:Main jdom revision 2cc4ed19563040e6a4514bcc168cdc3f

Browse Source
This commit is contained in:
Adrian Schröter 2024-05-03 14:00:25 +02:00
commit 43b05edb44
9 changed files with 490 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

42
CVE-2021-33813.patch Normal file
View File

@ -0,0 +1,42 @@
--- libjdom1-java-1.1.3.orig/src/java/org/jdom/input/SAXBuilder.java
+++ libjdom1-java-1.1.3/src/java/org/jdom/input/SAXBuilder.java
@@ -442,6 +442,11 @@ public class SAXBuilder {
public void setFeature(String name, boolean value) {
// Save the specified feature for later.
features.put(name, value ? Boolean.TRUE : Boolean.FALSE);
+ if (name.equals("http://xml.org/sax/features/external-general-entities")) {
+ // See issue https://github.com/hunterhacker/jdom/issues/189
+ // And PR https://github.com/hunterhacker/jdom/pull/188
+ setExpandEntities(value);
+ }
}
/**
@@ -766,13 +771,6 @@ public class SAXBuilder {
internalSetFeature(parser, name, value.booleanValue(), name);
}
- // Set any user-specified properties on the parser.
- iter = properties.keySet().iterator();
- while (iter.hasNext()) {
- String name = (String)iter.next();
- internalSetProperty(parser, name, properties.get(name), name);
- }
-
if (coreFeatures) {
// Set validation.
try {
@@ -810,6 +808,13 @@ public class SAXBuilder {
}
catch (SAXNotRecognizedException e) { /* Ignore... */ }
catch (SAXNotSupportedException e) { /* Ignore... */ }
+
+ // Set any user-specified properties on the parser.
+ iter = properties.keySet().iterator();
+ while (iter.hasNext()) {
+ String name = (String)iter.next();
+ internalSetProperty(parser, name, properties.get(name), name);
+ }
}
/**

19
jdom-1.1-OSGiManifest.patch Normal file
View File

@ -0,0 +1,19 @@
--- ./package/META-INF/MANIFEST.MF 2008-07-21 16:00:59.000000000 -0400
+++ ./package/META-INF/MANIFEST.MF 2008-07-21 16:02:20.000000000 -0400
@@ -1,4 +1,16 @@
Manifest-Version: 1.0
+Bundle-RequiredExecutionEnvironment: J2SE-1.4
+Bundle-SymbolicName: org.jdom
+Bundle-ManifestVersion: 2
+Bundle-Name: %Bundle-Name.0
+Bundle-Localization: plugin
+Bundle-Version: 1.1.3
+Bundle-Vendor: %Bundle-Vendor.0
+Export-Package: org.jdom;version="1.1.3",org.jdom.adapters;version="1.
+ 1.2",org.jdom.filter;version="1.1.3",org.jdom.input;version="1.1.3",o
+ rg.jdom.output;version="1.1.3",org.jdom.transform;version="1.1.3",org
+ .jdom.xpath;version="1.1.3"
+Require-Bundle: org.apache.xerces;resolution:=optional
Name: org/jdom/
Specification-Title: JDOM Classes

75
jdom-1.1.3.pom Normal file
View File

@ -0,0 +1,75 @@
<project>
<modelVersion>4.0.0</modelVersion>
<groupId>org.jdom</groupId>
<artifactId>jdom</artifactId>
<packaging>jar</packaging>
<name>JDOM</name>
<version>1.1.3</version>
<description>
A complete, Java-based solution for accessing, manipulating,
and outputting XML data
</description>
<url>http://www.jdom.org</url>
<organization>
<name>JDOM</name>
<url>http://www.jdom.org</url>
</organization>
<mailingLists>
<mailingList>
<name>JDOM-interest Mailing List</name>
<post>jdom-interest@jdom.org</post>
<archive>http://jdom.markmail.org/</archive>
</mailingList>
</mailingLists>
<licenses>
<license>
<name>Similar to Apache License but with the acknowledgment clause removed</name>
<url>https://raw.github.com/hunterhacker/jdom/master/LICENSE.txt</url>
<distribution>repo</distribution>
</license>
</licenses>
<scm>
<url>git@github.com:/hunterhacker/jdom</url>
<connection>scm:git:git@github.com:hunterhacker/jdom</connection>
<developerConnection>scm:git:git@github.com:hunterhacker/jdom</developerConnection>
</scm>
<developers>
<developer>
<id>hunterhacker</id>
<name>Jason Hunter</name>
<email>jhunter@servlets.com</email>
</developer>
<developer>
<id>rolfl</id>
<name>Rolf Lear</name>
<email>jdom@tuis.net</email>
</developer>
</developers>
<dependencies>
<dependency>
<groupId>jaxen</groupId>
<artifactId>jaxen</artifactId>
<version>1.1.3</version>
<optional>true</optional>
</dependency>
<dependency>
<groupId>xerces</groupId>
<artifactId>xercesImpl</artifactId>
<version>2.10.0</version>
<optional>true</optional>
</dependency>
</dependencies>
<properties>
<jdk.version>1.2</jdk.version>
</properties>
</project>

BIN
jdom-1.1.3.tar.gz (Stored with Git LFS) Normal file
View File

Binary file not shown.

11
jdom-crosslink.patch Normal file
View File

@ -0,0 +1,11 @@
--- build.xml.orig 2010-02-05 12:37:26.594658382 +0000
+++ build.xml 2010-02-05 12:38:09.201658171 +0000
@@ -277,7 +277,7 @@
bottom="Copyright &#169; ${year} Jason Hunter, Brett McLaughlin. All Rights Reserved.">
<classpath refid="run.class.path"/>
- <link href="http://java.sun.com/j2se/1.4/docs/api"/>
+ <link href="${j2se.apidoc}"/>
</javadoc>
</target>

203
jdom.changes Normal file
View File

@ -0,0 +1,203 @@
-------------------------------------------------------------------
Thu Aug 24 10:16:57 UTC 2023 - Fridrich Strba <fstrba@suse.com>
- Build only the jdom package and drop xom, jaxen and xom into
separate standalone packages
- Removed patches:
* jdom-1.1-build.xml.patch
* jdom-1.1-xom-get-jaxen.patch
+ not needed with the current package
- Added patches:
* CVE-2021-33813.patch
+ fix CVE-2021-33813: An XXE issue in SAXBuilder in JDOM
through 2.0.6 allows attackers to cause a denial of service
via a crafted HTTP request.
* jdom-crosslink.patch
+ do not link to javadocs on web
* no-jaxen.patch
+ do not fail to generate javadoc when jaxen is not present
- Modified patch:
* jdom-1.1-OSGiManifest.patch
+ rediff
-------------------------------------------------------------------
Wed Mar 30 09:52:00 UTC 2022 - Fridrich Strba <fstrba@suse.com>
- Build against the standalone JavaEE modules unconditionally
-------------------------------------------------------------------
Fri Mar 18 19:12:10 UTC 2022 - Fridrich Strba <fstrba@suse.com>
- Modified patch:
* jdom-1.1-build.xml.patch
+ Build with source/target levels 8
-------------------------------------------------------------------
Thu Mar 17 15:50:20 UTC 2022 - Fridrich Strba <fstrba@suse.com>
- Build against standalone jaxb-api on distributions that have
JDK without the JavaEE modules
-------------------------------------------------------------------
Wed Mar 2 06:26:31 UTC 2022 - Fridrich Strba <fstrba@suse.com>
- Alias the xom artifact to the new com.io7m.xom groupId
-------------------------------------------------------------------
Fri May 14 15:39:29 UTC 2021 - Ferdinand Thiessen <rpm@fthiessen.de>
- Update jaxen to version 1.1.6
* Bug fixes
-------------------------------------------------------------------
Tue Apr 6 09:10:12 UTC 2021 - Andreas Schwab <schwab@suse.de>
- Increase java stack size to avoid overflow
-------------------------------------------------------------------
Tue Nov 12 08:02:50 UTC 2019 - Fridrich Strba <fstrba@suse.com>
- Add correct requires for the packages so that they pull all
required artifacts
- Clean up the packaging a bit
-------------------------------------------------------------------
Tue Mar 26 16:48:35 UTC 2019 - Fridrich Strba <fstrba@suse.com>
- Upgrade the jdom component to 1.1.3
- Modified patch:
* jdom-1.1-build.xml.patch
+ Remove unneeded hunk
- Added patch:
* jdom-1.1-OSGiManifest.patch
+ Make jdom an OSGi bundle
-------------------------------------------------------------------
Tue Nov 20 10:58:51 UTC 2018 - Fridrich Strba <fstrba@suse.com>
- Removed patch:
* include-glibj.jar.patch
+ The build works since ages without glibj being present, so
removing any trace of it
-------------------------------------------------------------------
Tue Nov 20 09:32:18 UTC 2018 - Fridrich Strba <fstrba@suse.com>
- Add maven pom files for the distributed jars
- Speed-up build by filtering out the failing files beforehand
and then building all with one javac invocation
-------------------------------------------------------------------
Fri Sep 29 06:37:03 UTC 2017 - fstrba@suse.com
- Fix build with jdk9: specify java source and target level 1.6
- Modified patch:
* jdom-1.1-build.xml.patch
+ specify java source and target level 1.6
- Add more BuildRequires, in order to build more java files in
stage 1
-------------------------------------------------------------------
Thu Sep 14 14:39:55 UTC 2017 - fstrba@suse.com
- Build with javac whose syntax is compatible with OpenJDK
-------------------------------------------------------------------
Fri May 19 16:55:11 UTC 2017 - tchvatal@suse.com
- Expand the buildignore lines for newer jdk
-------------------------------------------------------------------
Tue Mar 31 10:15:26 UTC 2015 - tchvatal@suse.com
- Provide and obsolete jaxen-bootstrap to avoid file conflict
-------------------------------------------------------------------
Tue Mar 24 12:34:14 UTC 2015 - tchvatal@suse.com
- Fix namespace clash with javapackages-tools on variables
-------------------------------------------------------------------
Tue Mar 24 11:17:50 UTC 2015 - tchvatal@suse.com
- Cleanup with spec-cleaner and add debug output
-------------------------------------------------------------------
Fri Jun 15 12:39:47 UTC 2012 - mvyskocil@suse.cz
- ignore jdk7 as well
-------------------------------------------------------------------
Mon Jun 4 08:41:52 UTC 2012 - coolo@suse.com
- remove stray character from xom summary to fix UTF-8 parsing
-------------------------------------------------------------------
Thu Mar 17 14:48:00 UTC 2011 - mvyskocil@suse.cz
- move to gcj back - the java.lang.StackOverflow is nothing nice
-------------------------------------------------------------------
Fri Mar 11 12:48:25 UTC 2011 - mvyskocil@suse.cz
- build using openjdk, split BR one per-line
-------------------------------------------------------------------
Fri Mar 11 12:46:55 UTC 2011 - mvyskocil@suse.cz
- build using openjdk, write one BuildRequire per line,
no authors in description
-------------------------------------------------------------------
Wed May 20 11:44:18 CEST 2009 - mvyskocil@suse.cz
- 'fixed bnc#501764: removed clover.license from source tarball'
-------------------------------------------------------------------
Mon May 18 15:36:12 CEST 2009 - mvyskocil@suse.cz
- Removed documentation of ConcurrentReaderHashMap (bnc#504663)
* dom4j-1.6.1/docs/clover/org/dom4j/tree/ConcurrentReaderHashMap.html
* dom4j-1.6.1/docs/xref/org/dom4j/tree/ConcurrentReaderHashMap.html
-------------------------------------------------------------------
Thu May 14 15:09:13 CEST 2009 - mvyskocil@suse.cz
- fixed version tag for jaxen and xom
-------------------------------------------------------------------
Tue Jan 20 14:52:53 CET 2009 - mvyskocil@suse.cz
- update jdom to 1.1 fixed bnc#467366
- updated jaxen to 1.1.1 (do not use an included jaxen)
- cleaned build requires
- Obsoleted java150 patch
-------------------------------------------------------------------
Fri Nov 21 16:38:31 CET 2008 - ro@suse.de
- update check-build.sh
-------------------------------------------------------------------
Wed Jan 23 15:58:46 CET 2008 - mvyskocil@suse.cz
- fixed beta build
-------------------------------------------------------------------
Thu Mar 29 12:15:04 CEST 2007 - dbornkessel@suse.de
- added unzip to build requires
-------------------------------------------------------------------
Mon Jan 15 12:55:41 CET 2007 - dbornkessel@suse.de
- removed xml-commons-apis build req. (Bug #232127)
-------------------------------------------------------------------
Thu Sep 28 10:05:09 CEST 2006 - dbornkessel@suse.de
- first versions
- fixes necessary to compile with Java 1.5.0
- set source="1.4" and target="1.4" for ant "javac" tasks
- set source="1.4" for ant "javadoc" tasks

103
jdom.spec Normal file
View File

@ -0,0 +1,103 @@
#
# spec file for package jdom
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: jdom
Version: 1.1.3
Release: 0
Summary: Java alternative to DOM and SAX
License: Saxpath
URL: http://www.jdom.org/
Source0: http://jdom.org/dist/binary/archive/jdom-%{version}.tar.gz
Source1: https://repo1.maven.org/maven2/org/jdom/jdom/%{version}/jdom-%{version}.pom
Patch0: %{name}-crosslink.patch
Patch1: %{name}-1.1-OSGiManifest.patch
Patch2: no-jaxen.patch
Patch10: CVE-2021-33813.patch
BuildRequires: ant
BuildRequires: fdupes
BuildRequires: java-devel >= 1.8
BuildRequires: javapackages-local >= 6
BuildArch: noarch
%description
JDOM is, quite simply, a Java representation of an XML document. JDOM
provides a way to represent that document for easy and efficient
reading, manipulation, and writing. It has a straightforward API, is a
lightweight and fast, and is optimized for the Java programmer. It's an
alternative to DOM and SAX, although it integrates well with both DOM
and SAX.
%package javadoc
Summary: Javadoc for %{name}
%description javadoc
Javadoc for %{name}.
%package demo
Summary: Demos for %{name}
Requires: %{name} = %{version}-%{release}
%description demo
Demonstrations and samples for %{name}.
%prep
%setup -q -n %{name}
%patch0
%patch1
%patch2 -p1
%patch10 -p1
# remove all binary libs
find . -name "*.jar" -exec rm -f {} \;
find . -name "*.class" -exec rm -f {} \;
%build
%{ant} -Dcompile.source=1.8 -Dcompile.target=1.8 -Dj2se.apidoc=%{_javadocdir}/java package javadoc-link
%install
# jar
install -dm 0755 %{buildroot}%{_javadir}
install -pm 0644 build/%{name}-*-snap.jar %{buildroot}%{_javadir}/%{name}.jar
# pom
install -dm 0755 %{buildroot}%{_mavenpomdir}
%{mvn_install_pom} %{SOURCE1} %{buildroot}%{_mavenpomdir}/%{name}.pom
%add_maven_depmap %{name}.pom %{name}.jar -a jdom:jdom,org.jdom:jdom-legacy
# javadoc
install -dm 0755 %{buildroot}%{_javadocdir}
cp -r build/apidocs %{buildroot}%{_javadocdir}/%{name}
%fdupes -s %{buildroot}%{_javadocdir}
# demo
install -dm 0755 %{buildroot}%{_datadir}/%{name}
cp -pr samples %{buildroot}%{_datadir}/%{name}
%fdupes -s %{buildroot}%{_datadir}/%{name}
%files -f .mfiles
%license LICENSE.txt
%doc CHANGES.txt COMMITTERS.txt README.txt TODO.txt
%files javadoc
%{_javadocdir}/%{name}
%license LICENSE.txt
%files demo
%{_datadir}/%{name}
%license LICENSE.txt
%changelog

11
no-jaxen.patch Normal file
View File

@ -0,0 +1,11 @@
diff -urEbwB jdom/build.xml jdom.new/build.xml
--- jdom/build.xml 2012-02-26 00:30:45.000000000 +0100
+++ jdom.new/build.xml 2023-08-23 19:35:51.544436993 +0200
@@ -254,6 +255,7 @@
use="true"
splitindex="true"
noindex="false"
+ failonerror="false"
windowtitle="${Name} v${version}"
doctitle="${Name} v${version}&lt;br&gt;API Specification"
header="&lt;b&gt;${Name}&lt;br&gt;&lt;font size='-1'&gt;${version}&lt;/font&gt;&lt;/b&gt;"