pool/autogen
SHA256
17
0
Fork 1
Code Issues Pull Requests Activity

Compare commits

base: pool:factory
Branches Tags
pool:factory pool:slfo-main pool:slfo-1.2
..
compare: pool:slfo-main
Branches Tags
pool:factory pool:slfo-main pool:slfo-1.2

2 Commits
factory ... slfo-main

Author SHA256 Message Date
Petr Gajdos
3dbc94abdd add patch 2025-08-25 15:05:36 +02:00
Petr Gajdos
78867f35ee CVE-2025-8746 2025-08-25 15:00:31 +02:00
3 changed files with 10 additions and 14 deletions
Expand all files Collapse all files

2
text-mmap-check-failed-addr.patch → autogen-CVE-2025-8746.patch
View File

@@ -7,7 +7,7 @@ Index: autogen-5.18.16/autoopts/save.c
char * scan = text;
+ if (TEXT_MMAP_FAILED_ADDR(text))
+ return;
+ goto leave;
+
for (;;) {
char * next = scan = strstr(scan, zCfgProg);

13
autogen.changes
View File

@@ -1,13 +1,10 @@
-------------------------------------------------------------------
Mon Jan 26 10:20:26 UTC 2026 - Andreas Schwab <schwab@suse.de>
Mon Aug 25 12:23:33 UTC 2025 - pgajdos@suse.com
- Disable -Werror
-------------------------------------------------------------------
Mon Sep 15 12:49:28 UTC 2025 - Andreas Schwab <schwab@suse.de>
- text-mmap-check-failed-addr.patch: Fix missing error check from mmap
(CVE-2025-8746, bsc#1247921)
- security update
- added patches
CVE-2025-8746 [bsc#1247921], improper input validation and memory bounds checking when processing certain malformed configuration files
+ autogen-CVE-2025-8746.patch
-------------------------------------------------------------------
Tue Apr 19 19:22:33 UTC 2022 - Martin Liška <mliska@suse.cz>

9
autogen.spec
View File

@@ -1,7 +1,7 @@
#
# spec file for package autogen
#
# Copyright (c) 2026 SUSE LLC and contributors
# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -37,14 +37,15 @@ Patch5: gcc9-fix-wrestrict.patch
# PATCH-FIX-UPSTREAM Allow building with guile 3.0
Patch6: guile-version.patch
Patch7: autogen-avoid-GCC-code-analysis-bug.patch
Patch8: text-mmap-check-failed-addr.patch
# CVE-2025-8746 [bsc#1247921], improper input validation and memory bounds checking when processing certain malformed configuration files
Patch8: autogen-CVE-2025-8746.patch
BuildRequires: fdupes
BuildRequires: guile-devel
BuildRequires: makeinfo
BuildRequires: pkgconfig >= 0.9.0
BuildRequires: pkgconfig(libxml-2.0)
Requires(post): %{install_info_prereq}
Requires(preun): %{install_info_prereq}
Requires(preun):%{install_info_prereq}
%description
AutoGen is a tool designed for generating program files that contain
@@ -88,8 +89,6 @@ well.
%prep
%autosetup -p1
# Unmaintained software, extra warnings are not useful any more
sed -ie 's/-Werror//' configure.ac configure
touch aclocal.m4 configure Makefile.in config-h.in
%build