diff --git a/bzip2-1.0.6.2-autoconfiscated.patch b/bzip2-1.0.6.2-autoconfiscated.patch index 850caec..62304b8 100644 --- a/bzip2-1.0.6.2-autoconfiscated.patch +++ b/bzip2-1.0.6.2-autoconfiscated.patch @@ -1,7 +1,5 @@ -Index: bzip2-1.0.7/autogen.sh -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ bzip2-1.0.7/autogen.sh 2019-06-27 23:12:37.015916631 +0200 +--- /dev/null ++++ autogen.sh @@ -0,0 +1,8 @@ +mv LICENSE COPYING +mv CHANGES NEWS @@ -11,10 +9,8 @@ Index: bzip2-1.0.7/autogen.sh +aclocal +automake --add-missing --gnu +autoconf -Index: bzip2-1.0.7/README.autotools -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ bzip2-1.0.7/README.autotools 2019-06-27 23:12:37.015916631 +0200 +--- /dev/null ++++ README.autotools @@ -0,0 +1,41 @@ +bzip2 autoconfiscated +===================== @@ -57,10 +53,8 @@ Index: bzip2-1.0.7/README.autotools + +To be super-safe, I incremented minor number of the library file, so +both instances of the shared library can live together. -Index: bzip2-1.0.7/configure.ac -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ bzip2-1.0.7/configure.ac 2019-06-27 23:12:37.015916631 +0200 +--- /dev/null ++++ configure.ac @@ -0,0 +1,62 @@ +# -*- Autoconf -*- +# Process this file with autoconf to produce a configure script. @@ -124,10 +118,8 @@ Index: bzip2-1.0.7/configure.ac +AC_SUBST([BZIP2_LT_AGE]) +AC_CONFIG_FILES([Makefile bzip2.pc]) +AC_OUTPUT -Index: bzip2-1.0.7/Makefile.am -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ bzip2-1.0.7/Makefile.am 2019-06-27 23:12:37.015916631 +0200 +--- /dev/null ++++ Makefile.am @@ -0,0 +1,137 @@ +ACLOCAL_AMFLAGS = -I m4 +lib_LTLIBRARIES = libbz2.la @@ -266,10 +258,8 @@ Index: bzip2-1.0.7/Makefile.am + words2 \ + words3 \ + xmlproc.sh -Index: bzip2-1.0.7/bzip2.pc.in -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ bzip2-1.0.7/bzip2.pc.in 2019-06-27 23:12:37.015916631 +0200 +--- /dev/null ++++ bzip2.pc.in @@ -0,0 +1,11 @@ +prefix=@prefix@ +exec_prefix=@exec_prefix@ @@ -282,10 +272,8 @@ Index: bzip2-1.0.7/bzip2.pc.in +Version: @VERSION@ +Libs: -L${libdir} -lbz2 +Cflags: -I${includedir} -Index: bzip2-1.0.7/m4/visibility.m4 -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ bzip2-1.0.7/m4/visibility.m4 2019-06-27 23:12:37.015916631 +0200 +--- /dev/null ++++ m4/visibility.m4 @@ -0,0 +1,78 @@ +# visibility.m4 serial 4 (gettext-0.18.2) +dnl Copyright (C) 2005, 2008, 2010-2011 Free Software Foundation, Inc. @@ -365,10 +353,8 @@ Index: bzip2-1.0.7/m4/visibility.m4 + AC_DEFINE_UNQUOTED([HAVE_VISIBILITY], [$HAVE_VISIBILITY], + [Define to 1 or 0, depending whether the compiler supports simple visibility declarations.]) +]) -Index: bzip2-1.0.7/bzlib.h -=================================================================== ---- bzip2-1.0.7.orig/bzlib.h 2019-06-27 20:15:39.000000000 +0200 -+++ bzip2-1.0.7/bzlib.h 2019-06-27 23:12:37.015916631 +0200 +--- bzlib.h.orig ++++ bzlib.h @@ -91,9 +91,11 @@ typedef # endif #else diff --git a/bzip2.changes b/bzip2.changes index b713ab5..843037b 100644 --- a/bzip2.changes +++ b/bzip2.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Fri Jun 28 07:42:24 UTC 2019 - Martin Pluskal + +- Update bug reference +- Fix downloaded patches + ------------------------------------------------------------------- Thu Jun 27 21:01:36 UTC 2019 - Bjørn Lie @@ -8,7 +14,8 @@ Thu Jun 27 21:01:36 UTC 2019 - Bjørn Lie * bzip2recover: Fix buffer overflow for large argv[0]. * bzip2recover: Fix use after free issue with outFile (CVE-2016-3189). - * Make sure nSelectors is not out of range (CVE-2019-12900). + * Make sure nSelectors is not out of range (CVE-2019-12900 + bsc#1139083) - Drop patches fixed upstream: * bzip2-unsafe_strcpy.patch. * bzip2-1.0.6-CVE-2016-3189.patch. diff --git a/bzip2.spec b/bzip2.spec index ef303b9..9e4957f 100644 --- a/bzip2.spec +++ b/bzip2.spec @@ -72,7 +72,12 @@ Requires: glibc-devel The bzip2 runtime library development files. %prep -%autosetup -p1 +%setup -q +%patch0 +%patch1 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 %build autoreconf -fiv @@ -82,7 +87,7 @@ autoreconf -fiv %if 0%{?do_profiling} make %{?_smp_mflags} CFLAGS="%{optflags} %{cflags_profile_generate}" make %{?_smp_mflags} CFLAGS="%{optflags} %{cflags_profile_generate}" test - make clean + make %{?_smp_mflags} clean make %{?_smp_mflags} CFLAGS="%{optflags} %{cflags_profile_feedback}" %else make %{?_smp_mflags} CFLAGS="%{optflags}"