From 3810ffd926279020ceac735afe21459a6ecbe954504fa0d92ebbdae9e532bcde Mon Sep 17 00:00:00 2001
From: Fridrich Strba <fstrba@suse.com>
Date: Tue, 18 Jan 2022 07:53:23 +0000
Subject: [PATCH 1/2] OBS-URL:
 https://build.opensuse.org/package/show/Java:packages/jdom2?expand=0&rev=12

---
 0001-Adapt-build.patch     | 24 +++++++------
 JDOM-2.0.6.1.tar.gz        |  3 ++
 JDOM-2.0.6.tar.gz          |  3 --
 jdom2-CVE-2021-33813.patch | 69 --------------------------------------
 jdom2.changes              | 12 +++++++
 jdom2.spec                 | 11 +++---
 6 files changed, 32 insertions(+), 90 deletions(-)
 create mode 100644 JDOM-2.0.6.1.tar.gz
 delete mode 100644 JDOM-2.0.6.tar.gz
 delete mode 100644 jdom2-CVE-2021-33813.patch

diff --git a/0001-Adapt-build.patch b/0001-Adapt-build.patch
index a07f307..a2c4014 100644
--- a/0001-Adapt-build.patch
+++ b/0001-Adapt-build.patch
@@ -1,14 +1,14 @@
-From 05a8a2fa49e92ad36a86d5d73588a2e46bf9ff95 Mon Sep 17 00:00:00 2001
+From 40912d0cdd69b3f327402176ce622078e6d0846d Mon Sep 17 00:00:00 2001
 From: Michael Simacek <msimacek@redhat.com>
 Date: Mon, 23 Jul 2018 14:30:14 +0200
 Subject: [PATCH] Adapt build
 
 ---
- build.xml | 40 +++++++++++++++++++++++++---------------
- 1 file changed, 25 insertions(+), 15 deletions(-)
+ build.xml | 42 ++++++++++++++++++++++++++----------------
+ 1 file changed, 26 insertions(+), 16 deletions(-)
 
 diff --git a/build.xml b/build.xml
-index cd7c2ed..10d8df6 100644
+index ed632c2c..78bbe934 100644
 --- a/build.xml
 +++ b/build.xml
 @@ -112,17 +112,7 @@ For instructions on how to build JDOM, please view the README.txt file.
@@ -38,7 +38,7 @@ index cd7c2ed..10d8df6 100644
  		</javadoc>
  	</target>
  	
-@@ -373,11 +364,11 @@ For instructions on how to build JDOM, please view the README.txt file.
+@@ -378,11 +369,11 @@ For instructions on how to build JDOM, please view the README.txt file.
  	<!-- =================================================================== -->
  	<target name="package" depends="coverage, jars"
            description="Creates the class package">
@@ -52,7 +52,7 @@ index cd7c2ed..10d8df6 100644
  	</target>
  
  	<!-- =================================================================== -->
-@@ -401,6 +392,7 @@ For instructions on how to build JDOM, please view the README.txt file.
+@@ -406,6 +397,7 @@ For instructions on how to build JDOM, please view the README.txt file.
  		        <include name="**/*.class"/>
  		        <!-- exclude name="**/**/jaxen/**/*.class"/ -->
  		    </fileset>
@@ -60,7 +60,7 @@ index cd7c2ed..10d8df6 100644
  		</cobertura-instrument>
  		
  		<property name="forkjunit" value="true" />
-@@ -528,7 +520,25 @@ For instructions on how to build JDOM, please view the README.txt file.
+@@ -533,7 +525,25 @@ For instructions on how to build JDOM, please view the README.txt file.
  			</filterset>
  		</copy>
  		
@@ -82,20 +82,22 @@ index cd7c2ed..10d8df6 100644
 +				<filter token="license" value="${license}" />
 +			</filterset>
 +		</copy>
-+		
++
 +		<!--exec dir="${mavendir}/core" executable="${gpg}">
  			<arg value="-abv"/>
  			<arg value="${mavenbase}.pom"/>
  		</exec>
-@@ -543,7 +553,7 @@ For instructions on how to build JDOM, please view the README.txt file.
+@@ -548,8 +558,8 @@ For instructions on how to build JDOM, please view the README.txt file.
  		<exec dir="${mavendir}/core" executable="${gpg}">
  			<arg value="-abv"/>
  			<arg value="${mavenbase}-javadoc.jar"/>
 -		</exec>
+-		
 +		</exec-->
- 		
++
  		<jar destfile="${mavendir}/${mavenbase}-maven-bundle.jar"
  			basedir="${mavendir}/core"
+ 			includes="${mavenbase}*" excludes="*maven-bundle*" />
 -- 
-2.17.1
+2.34.1
 
diff --git a/JDOM-2.0.6.1.tar.gz b/JDOM-2.0.6.1.tar.gz
new file mode 100644
index 0000000..f243bc2
--- /dev/null
+++ b/JDOM-2.0.6.1.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:18639399104d5c57b92fd6791823a74393651e80499b67ae3067294d62df083e
+size 8368301
diff --git a/JDOM-2.0.6.tar.gz b/JDOM-2.0.6.tar.gz
deleted file mode 100644
index c16e8c3..0000000
--- a/JDOM-2.0.6.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:81790196ecbd9cf62cb2aa2a9c14153d74dae3a0364a9a262f42098c6d3c165d
-size 8344114
diff --git a/jdom2-CVE-2021-33813.patch b/jdom2-CVE-2021-33813.patch
deleted file mode 100644
index 07a884f..0000000
--- a/jdom2-CVE-2021-33813.patch
+++ /dev/null
@@ -1,69 +0,0 @@
-From bd3ab78370098491911d7fe9d7a43b97144a234e Mon Sep 17 00:00:00 2001
-From: Esti <esther.burs@gmail.com>
-Date: Thu, 18 Feb 2021 16:40:01 +0200
-Subject: [PATCH] fix setFeature bug and add test case
-
----
- core/src/java/org/jdom2/input/SAXBuilder.java | 10 ++++------
- .../test/cases/input/TestSAXBuilder.java      | 20 +++++++++++++++++++
- 2 files changed, 24 insertions(+), 6 deletions(-)
-
-diff --git a/core/src/java/org/jdom2/input/SAXBuilder.java b/core/src/java/org/jdom2/input/SAXBuilder.java
-index d7105ec6..a1462334 100644
---- a/core/src/java/org/jdom2/input/SAXBuilder.java
-+++ b/core/src/java/org/jdom2/input/SAXBuilder.java
-@@ -971,11 +971,6 @@ protected void configureParser(final XMLReader parser, final SAXHandler contentH
- 			}
- 		}
- 
--		// Set any user-specified features on the parser.
--		for (final Map.Entry<String, Boolean> me : features.entrySet()) {
--			internalSetFeature(parser, me.getKey(), me.getValue().booleanValue(), me.getKey());
--		}
--
- 		// Set any user-specified properties on the parser.
- 		for (final Map.Entry<String, Object> me : properties.entrySet()) {
- 			internalSetProperty(parser, me.getKey(), me.getValue(), me.getKey());
-@@ -1007,7 +1002,10 @@ protected void configureParser(final XMLReader parser, final SAXHandler contentH
- 				// No lexical reporting available
- 			}
- 		}
--
-+		// Set any user-specified features on the parser.
-+		for (final Map.Entry<String, Boolean> me : features.entrySet()) {
-+			internalSetFeature(parser, me.getKey(), me.getValue().booleanValue(), me.getKey());
-+		}
- 	}
- 
- 	/**
-diff --git a/test/src/java/org/jdom2/test/cases/input/TestSAXBuilder.java b/test/src/java/org/jdom2/test/cases/input/TestSAXBuilder.java
-index 4ef34834..a69380ba 100644
---- a/test/src/java/org/jdom2/test/cases/input/TestSAXBuilder.java
-+++ b/test/src/java/org/jdom2/test/cases/input/TestSAXBuilder.java
-@@ -600,6 +600,26 @@ public void testSetFeature() {
- 		}
- 	}
- 
-+	@Test
-+	public void testSetExternalFeature() {
-+		String feature = "http://xml.org/sax/features/external-general-entities";
-+		MySAXBuilder sb = new MySAXBuilder();
-+		try {
-+			sb.setFeature(feature, true);
-+			XMLReader reader = sb.createParser();
-+			assertNotNull(reader);
-+			assertTrue(reader.getFeature(feature));
-+			sb.setFeature(feature, false);
-+			reader = sb.createParser();
-+			assertNotNull(reader);
-+			assertFalse(reader.getFeature(feature));
-+
-+		} catch (Exception e) {
-+			e.printStackTrace();
-+			fail("Could not create parser: " + e.getMessage());
-+		}
-+	}
-+
- 	@Test
- 	public void testSetProperty() {
- 		LexicalHandler lh = new LexicalHandler() {
diff --git a/jdom2.changes b/jdom2.changes
index b9f8dde..f152805 100644
--- a/jdom2.changes
+++ b/jdom2.changes
@@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Tue Jan 18 07:47:46 UTC 2022 - Fridrich Strba <fstrba@suse.com>
+
+- Upgrade to 2.0.6.1
+  * Upstream release to fix CVE-2021-33813
+- Removed patch:
+  * jdom2-CVE-2021-33813.patch
+    + integrated upstream
+- Modified patch:
+  * 0001-Adapt-build.patch
+    + rebase to changed context
+
 -------------------------------------------------------------------
 Thu Jun 17 09:17:40 UTC 2021 - Pedro Monreal <pmonreal@suse.com>
 
diff --git a/jdom2.spec b/jdom2.spec
index 18c6119..a0901c3 100644
--- a/jdom2.spec
+++ b/jdom2.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package jdom2
 #
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
 
 
 Name:           jdom2
-Version:        2.0.6
+Version:        2.0.6.1
 Release:        0
 Summary:        Java manipulation of XML
 License:        Saxpath
@@ -31,8 +31,6 @@ Source2:        jdom-junit-template.pom
 # Disable gpg signatures
 # Process contrib and junit pom files
 Patch0:         0001-Adapt-build.patch
-# PATCH-FIX-UPSTREAM bsc#1187446 CVE-2021-33813 Fix XXE issue in SAXBuilder
-Patch1:         jdom2-CVE-2021-33813.patch
 BuildRequires:  ant
 BuildRequires:  ant-junit
 BuildRequires:  fdupes
@@ -67,12 +65,11 @@ find -name '*.jar' -delete
 find -name '*.class' -delete
 
 %patch0 -p1
-%patch1 -p1
 
 cp -p %{SOURCE1} maven/contrib.pom
 cp -p %{SOURCE2} maven/junit.pom
 
-sed -i 's/\r//' LICENSE.txt README.txt
+sed -i 's/\r//' LICENSE.txt
 
 # Unable to run coverage: use log4j12 but switch to log4j 2.x
 sed -i.coverage "s|coverage, jars|jars|" build.xml
@@ -102,7 +99,7 @@ cp -pr build/apidocs/* %{buildroot}%{_javadocdir}/%{name}/
 %fdupes %{buildroot}%{_javadocdir}
 
 %files -f .mfiles
-%doc CHANGES.txt COMMITTERS.txt README.txt TODO.txt
+%doc CHANGES.txt COMMITTERS.txt README.md TODO.txt
 %license LICENSE.txt
 
 %files javadoc

From 4e0fc51d89bbd347898c9b1ab8cf38b74d888002ae2adf6f9d3789ec80644163 Mon Sep 17 00:00:00 2001
From: Fridrich Strba <fstrba@suse.com>
Date: Tue, 18 Jan 2022 08:03:32 +0000
Subject: [PATCH 2/2] OBS-URL:
 https://build.opensuse.org/package/show/Java:packages/jdom2?expand=0&rev=13

---
 jdom2.spec | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/jdom2.spec b/jdom2.spec
index a0901c3..1688022 100644
--- a/jdom2.spec
+++ b/jdom2.spec
@@ -35,6 +35,7 @@ BuildRequires:  ant
 BuildRequires:  ant-junit
 BuildRequires:  fdupes
 BuildRequires:  isorelax
+BuildRequires:  java-devel >= 1.7
 BuildRequires:  javapackages-local
 BuildRequires:  jaxen
 BuildRequires:  xalan-j2
@@ -77,7 +78,7 @@ sed -i.coverage "s|coverage, jars|jars|" build.xml
 %build
 mkdir lib
 build-jar-repository lib xerces-j2 xml-commons-apis jaxen junit isorelax xalan-j2 xalan-j2-serializer
-%ant -Dversion=%{version} -Dcompile.target=6 -Dcompile.source=6 -Dj2se.apidoc=%{_javadocdir}/java maven
+%{ant} -Dversion=%{version} -Dcompile.target=7 -Dcompile.source=7 -Dj2se.apidoc=%{_javadocdir}/java maven
 
 %install
 # jar