rpm/apache-commons-beanutils
SHA256
1
0
Fork 0
forked from pool/apache-commons-beanutils
Code Pull Requests Activity

Accepting request 725107 from home:pmonrealgonzalez:branches:Java:packages

Browse Source 
- Update to 1.9.4
  * BEANUTILS-520: BeanUtils mitigate CVE-2014-0114
- Security fix: [bsc#1146657, CVE-2019-10086]
  * PropertyUtilsBean (and consequently BeanUtilsBean) now disallows class
    level property access by default, thus protecting against CVE-2014-0114.
- Fix build version in build.xml
  * Added apache-commons-beanutils-fix-build-version.patch

OBS-URL: https://build.opensuse.org/request/show/725107
OBS-URL: https://build.opensuse.org/package/show/Java:packages/apache-commons-beanutils?expand=0&rev=20
This commit is contained in:
Fridrich Strba 2019-08-22 06:45:06 +00:00 committed by Git OBS Bridge
parent 05a1bc446b
commit be3a89a195
7 changed files with 48 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
apache-commons-beanutils-fix-build-version.patch Normal file
View File

@ -0,0 +1,13 @@
Index: commons-beanutils-1.9.4-src/build.xml
===================================================================
--- commons-beanutils-1.9.4-src.orig/build.xml
+++ commons-beanutils-1.9.4-src/build.xml
@@ -43,7 +43,7 @@
<property name="component.title" value="Bean Introspection Utilities"/>
<!-- The current version number of this component -->
- <property name="component.version" value="1.9.3-SNAPSHOT"/>
+ <property name="component.version" value="1.9.4"/>
<!-- The base directory for compilation targets -->
<property name="build.home" value="target"/>

11
apache-commons-beanutils.changes
View File

@ -1,3 +1,14 @@
-------------------------------------------------------------------
Wed Aug 21 14:56:26 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
- Update to 1.9.4
* BEANUTILS-520: BeanUtils mitigate CVE-2014-0114
- Security fix: [bsc#1146657, CVE-2019-10086]
* PropertyUtilsBean (and consequently BeanUtilsBean) now disallows class
level property access by default, thus protecting against CVE-2014-0114.
- Fix build version in build.xml
* Added apache-commons-beanutils-fix-build-version.patch
-------------------------------------------------------------------
Tue Oct 23 17:30:33 UTC 2018 - Fridrich Strba <fstrba@suse.com>

8
apache-commons-beanutils.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package apache-commons-beanutils
#
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -19,7 +19,7 @@
%define base_name beanutils
%define short_name commons-%{base_name}
Name: apache-commons-beanutils
Version: 1.9.3
Version: 1.9.4
Release: 0
Summary: Utility methods for accessing and modifying the properties of JavaBeans
License: Apache-2.0
@ -28,6 +28,7 @@ URL: http://commons.apache.org/beanutils
Source0: http://www.apache.org/dist/commons/%{base_name}/source/%{short_name}-%{version}-src.tar.gz
Source1: http://www.apache.org/dist/commons/%{base_name}/source/%{short_name}-%{version}-src.tar.gz.asc
Patch0: jdk9.patch
Patch1: apache-commons-beanutils-fix-build-version.patch
BuildRequires: ant
BuildRequires: commons-collections
BuildRequires: commons-logging
@ -65,6 +66,7 @@ BeanUtils Package.
%prep
%setup -q -n %{short_name}-%{version}-src
%patch0 -p1
%patch1 -p1
sed -i 's/\r//' *.txt
# bug in ant build
touch README.txt
@ -76,7 +78,7 @@ ant -Dbuild.sysclasspath=first dist
%install
# jars
install -d -m 755 %{buildroot}%{_javadir}
install -m 644 dist/%{short_name}-%{version}-SNAPSHOT.jar %{buildroot}%{_javadir}/%{name}-%{version}.jar
install -m 644 dist/%{short_name}-%{version}.jar %{buildroot}%{_javadir}/%{name}-%{version}.jar
pushd %{buildroot}%{_javadir}
ln -s %{name}-%{version}.jar %{name}.jar

3
commons-beanutils-1.9.3-src.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:139fa584321bab198a68a3ed99ed3804268b9cc5e3257f0f6b3a503df0029a0d
size 414517

7
commons-beanutils-1.9.3-src.tar.gz.asc
View File

@ -1,7 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQBX4rOHQRBjo6D/0RkRApT1AJ9NGUGJzFi59vlrWvDzFKdROKXMvgCbBhL1
/oUw+UyHw8Gh5YAeSN4PnuI=
=v7kQ
-----END PGP SIGNATURE-----

BIN
commons-beanutils-1.9.4-src.tar.gz (Stored with Git LFS) Normal file
View File

Binary file not shown.

16
commons-beanutils-1.9.4-src.tar.gz.asc Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEtuc9hOpPzEcWYIclP6rSzV7LsxQFAl0+HtQACgkQP6rSzV7L
sxSeOA//WJ8qCJV5F3UGky4Ycp8Ihdb9j3ixZt68dLhcC0URw/aIwprn6F03/UFh
8MFbXrjZtqa2CBJ4G+Af0H7l0ZjQ6bG4VY/tALHhUUdq+jKAHD7nZq61UTkR5wDo
qDYPcazlfpjI+9pZnxe6JeoKL5O5ph3n9uzWnrt0JP56kzY8OU0Y4tNFzSFqCu1H
tKyYBFbCJAAtwMBT5dFF48ExjMGLkIGPveBnef6UtMNoGlT7TH8ixb6NmktZfj8l
oIdRI8Hk+zGpP/xiqTIhs7Z3uZ/kZJXOn6dPWTKsR3tEK8uqA+NCHVtPGMs0/trU
kcyQGtKKoHWk6W5xuEq0BJK+BEdWtEdnvwLFVkow5+i/Y/ezfvnE7bWL1MeYDrYM
pbvuuCGGRkk/XKSCkb81+6W3+ID3lF+4JS85Ny+zPfMH4CqUYNmeYJ5qE8qpRC0M
rxiA0s+nMBWsNVt3PUE36zep1JDnCwacMryITj6g88wsRY8Mo3TU5TLTkoYne4At
9PdCgdDrYMCYJlo5OPPy3k7mrbLBy8J4IfTPjAPzHXpXqvidPHLVGVg/T/QsXJAh
nNG0/2CQhPplJtm0fLQRkLYHA8kp4qvjACQGGu7zW8HliZNYeDdJy9M2LNdWstn6
xMWPp7UxgvFly8u4WEEk0Yox/EVT4O1Lc8kQgJF2RdU0KOQGaD4=
=yvPn
-----END PGP SIGNATURE-----