SHA256
1
0
forked from pool/Botan
Botan/Botan.spec

133 lines
4.1 KiB
RPMSpec
Raw Normal View History

#
# spec file for package Botan
#
Accepting request 322627 from home:netsroth:branches:devel:libraries:c_c++ - bump SONAME to libbotan-1_10-1 - Update to 1.10.10 * SECURITY: The BER decoder would crash due to reading from offset 0 of an empty vector if it encountered a BIT STRING which did not contain any data at all. As the type requires a 1 byte field this is not valid BER but could occur in malformed data. Found with afl. CVE-2015-5726 * SECURITY: The BER decoder would allocate a fairly arbitrary amount of memory in a length field, even if there was no chance the read request would succeed. This might cause the process to run out of memory or invoke the OOM killer. Found with afl. CVE-2015-5727 * Due to an ABI incompatible (though not API incompatible) change in this release, the version number of the shared object has been increased. * The default TLS policy no longer allows RC4. * Fix a signed integer overflow in Blue Midnight Wish that may cause incorrect computations or undefined behavior. - Update to 1.10.9 * Fixed EAX tag verification to run in constant time * The default TLS policy now disables SSLv3. * A crash could occur when reading from a blocking random device if the device initially indicated that entropy was available but a concurrent process drained the entropy pool before the read was initiated. * Fix decoding indefinite length BER constructs that contain a context sensitive tag of zero. Github pull 26 from Janusz Chorko. * The botan-config script previously tried to guess its prefix from the location of the binary. However this was error prone, and now the script assumes the final installation prefix matches the value set during the build. Github issue 29. OBS-URL: https://build.opensuse.org/request/show/322627 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=51
2015-08-14 07:57:04 +02:00
# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Accepting request 322627 from home:netsroth:branches:devel:libraries:c_c++ - bump SONAME to libbotan-1_10-1 - Update to 1.10.10 * SECURITY: The BER decoder would crash due to reading from offset 0 of an empty vector if it encountered a BIT STRING which did not contain any data at all. As the type requires a 1 byte field this is not valid BER but could occur in malformed data. Found with afl. CVE-2015-5726 * SECURITY: The BER decoder would allocate a fairly arbitrary amount of memory in a length field, even if there was no chance the read request would succeed. This might cause the process to run out of memory or invoke the OOM killer. Found with afl. CVE-2015-5727 * Due to an ABI incompatible (though not API incompatible) change in this release, the version number of the shared object has been increased. * The default TLS policy no longer allows RC4. * Fix a signed integer overflow in Blue Midnight Wish that may cause incorrect computations or undefined behavior. - Update to 1.10.9 * Fixed EAX tag verification to run in constant time * The default TLS policy now disables SSLv3. * A crash could occur when reading from a blocking random device if the device initially indicated that entropy was available but a concurrent process drained the entropy pool before the read was initiated. * Fix decoding indefinite length BER constructs that contain a context sensitive tag of zero. Github pull 26 from Janusz Chorko. * The botan-config script previously tried to guess its prefix from the location of the binary. However this was error prone, and now the script assumes the final installation prefix matches the value set during the build. Github issue 29. OBS-URL: https://build.opensuse.org/request/show/322627 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=51
2015-08-14 07:57:04 +02:00
%define version_suffix 1_10-1
%define short_version 1.10
Name: Botan
Accepting request 322627 from home:netsroth:branches:devel:libraries:c_c++ - bump SONAME to libbotan-1_10-1 - Update to 1.10.10 * SECURITY: The BER decoder would crash due to reading from offset 0 of an empty vector if it encountered a BIT STRING which did not contain any data at all. As the type requires a 1 byte field this is not valid BER but could occur in malformed data. Found with afl. CVE-2015-5726 * SECURITY: The BER decoder would allocate a fairly arbitrary amount of memory in a length field, even if there was no chance the read request would succeed. This might cause the process to run out of memory or invoke the OOM killer. Found with afl. CVE-2015-5727 * Due to an ABI incompatible (though not API incompatible) change in this release, the version number of the shared object has been increased. * The default TLS policy no longer allows RC4. * Fix a signed integer overflow in Blue Midnight Wish that may cause incorrect computations or undefined behavior. - Update to 1.10.9 * Fixed EAX tag verification to run in constant time * The default TLS policy now disables SSLv3. * A crash could occur when reading from a blocking random device if the device initially indicated that entropy was available but a concurrent process drained the entropy pool before the read was initiated. * Fix decoding indefinite length BER constructs that contain a context sensitive tag of zero. Github pull 26 from Janusz Chorko. * The botan-config script previously tried to guess its prefix from the location of the binary. However this was error prone, and now the script assumes the final installation prefix matches the value set during the build. Github issue 29. OBS-URL: https://build.opensuse.org/request/show/322627 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=51
2015-08-14 07:57:04 +02:00
Version: 1.10.10
Release: 0
Url: http://botan.randombit.net
Summary: A C++ Crypto Library
License: BSD-2-Clause
Group: Development/Libraries/C and C++
Accepting request 322627 from home:netsroth:branches:devel:libraries:c_c++ - bump SONAME to libbotan-1_10-1 - Update to 1.10.10 * SECURITY: The BER decoder would crash due to reading from offset 0 of an empty vector if it encountered a BIT STRING which did not contain any data at all. As the type requires a 1 byte field this is not valid BER but could occur in malformed data. Found with afl. CVE-2015-5726 * SECURITY: The BER decoder would allocate a fairly arbitrary amount of memory in a length field, even if there was no chance the read request would succeed. This might cause the process to run out of memory or invoke the OOM killer. Found with afl. CVE-2015-5727 * Due to an ABI incompatible (though not API incompatible) change in this release, the version number of the shared object has been increased. * The default TLS policy no longer allows RC4. * Fix a signed integer overflow in Blue Midnight Wish that may cause incorrect computations or undefined behavior. - Update to 1.10.9 * Fixed EAX tag verification to run in constant time * The default TLS policy now disables SSLv3. * A crash could occur when reading from a blocking random device if the device initially indicated that entropy was available but a concurrent process drained the entropy pool before the read was initiated. * Fix decoding indefinite length BER constructs that contain a context sensitive tag of zero. Github pull 26 from Janusz Chorko. * The botan-config script previously tried to guess its prefix from the location of the binary. However this was error prone, and now the script assumes the final installation prefix matches the value set during the build. Github issue 29. OBS-URL: https://build.opensuse.org/request/show/322627 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/Botan?expand=0&rev=51
2015-08-14 07:57:04 +02:00
Source: https://files.randombit.net/botan/%{name}-%{version}.tgz
Source2: baselibs.conf
Patch0: Botan-inttypes.patch
Patch1: Botan-ull_constants.patch.bz2
Patch2: Botan-fix_install_paths.patch
Patch4: Botan-no-buildtime.patch
Patch6: Botan-fix_pkgconfig.patch
Patch7: dont-set-mach-value.diff
Patch8: aarch64-support.patch
Patch9: ppc64le-support.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Requires: bzip2 >= 1.0.2
Requires: gmp >= 4.1
Requires: zlib
BuildRequires: bzip2 >= 1.0.2
BuildRequires: gcc-c++
BuildRequires: gmp-devel
BuildRequires: gmp-devel >= 4.1
BuildRequires: libbz2-devel
BuildRequires: libqt5-qtbase-devel
BuildRequires: openssl-devel
BuildRequires: pkg-config
BuildRequires: python
BuildRequires: zlib-devel
%description
Botan is a C++ library that provides support for many common
cryptographic operations, including encryption, authentication, and
X.509v3 certificates and CRLs. A wide variety of algorithms is
supported, including RSA, DSA, DES, AES, MD5, and SHA-1.
%package -n libbotan-%{version_suffix}
Summary: A C++ Crypto Library
Group: Development/Libraries/C and C++
%description -n libbotan-%{version_suffix}
Botan is a C++ library that provides support for many common
cryptographic operations, including encryption, authentication, and
X.509v3 certificates and CRLs. A wide variety of algorithms is
supported, including RSA, DSA, DES, AES, MD5, and SHA-1.
%package -n libbotan-devel
Summary: Development files for Botan
Group: Development/Libraries/C and C++
Requires: gmp-devel
Requires: libbz2-devel
Provides: Botan-devel = %{version}
Obsoletes: Botan-devel < %{version}
Requires: libbotan-%{version_suffix} = %{version}
%define botan_docdir %{_datadir}/doc/packages/%{name}-%{version}
%description -n libbotan-devel
This package contains the header files and libraries needed to develop
programs that use the Botan library.
%prep
%setup -q
%patch0
%patch1
%patch2
%patch4
%patch6
%patch7 -p1
%patch8
%patch9
%build
export RPM_OPT_FLAGS
%define common_config_flags --libdir=%{_lib} --with-bzip2 --with-zlib --with-gnump --with-openssl
./configure.py --prefix=%_prefix --libdir=%{_libdir} \
--docdir=%{_defaultdocdir} \
--includedir=%{_includedir} \
--with-bzip2 \
--with-zlib \
--with-gnump \
--with-openssl \
--enable-modules=qt_mutex \
--with-tr1-implementation=system \
--cpu=%_target_cpu
make %{?_smp_mflags} WARN_FLAGS="$RPM_OPT_FLAGS -I/usr/include/Qt"
%install
%makeinstall
rm -f %{buildroot}/%{_libdir}/libbotan*.a
%post -n libbotan-%{version_suffix} -p /sbin/ldconfig
%postun -n libbotan-%{version_suffix} -p /sbin/ldconfig
%files -n libbotan-%{version_suffix}
%defattr(-,root,root)
%docdir %{botan_docdir}
%{botan_docdir}
%{_libdir}/libbotan-%{short_version}.so.*
%files -n libbotan-devel
%defattr(-,root,root)
%{_libdir}/libbotan-%{short_version}.so
%{_libdir}/pkgconfig/botan-%{short_version}.pc
%{_includedir}/botan-%{short_version}
%{_bindir}/botan-config-%{short_version}
%changelog