SHA256
1
0
forked from pool/expat
expat/expat.spec

109 lines
3.2 KiB
RPMSpec
Raw Normal View History

#
# spec file for package expat
#
Accepting request 508174 from home:msmeissn:branches:devel:libraries:c_c++ - Version update to 2.2.1 Sat June 17 2017 - Security fixes: CVE-2017-9233 / bsc#1047236 -- External entity infinite loop DoS Details: https://libexpat.github.io/doc/cve-2017-9233/ Commit c4bf96bb51dd2a1b0e185374362ee136fe2c9d7f - [MOX-002] CVE-2016-9063 / bsc#1047240 -- Detect integer overflow; (Fixed version of existing downstream patches!) - (SF.net) #539 Fix regression from fix to CVE-2016-0718 cutting off longer tag names; #25 More integer overflow detection (function poolGrow); - [MOX-002] Detect overflow from len=INT_MAX call to XML_Parse; - [MOX-005] #30 Use high quality entropy for hash initialization: * arc4random_buf on BSD, systems with libbsd (when configured with --with-libbsd), CloudABI * RtlGenRandom on Windows XP / Server 2003 and later * getrandom on Linux 3.17+ In a way, that's still part of CVE-2016-5300. https://github.com/libexpat/libexpat/pull/30/commits - [MOX-005] For the low quality entropy extraction fallback code, the parser instance address can no longer leak, - [MOX-003] Prevent use of uninitialised variable; commit - [MOX-004] a4dc944f37b664a3ca7199c624a98ee37babdb4b Add missing parameter validation to public API functions and dedicated error code XML_ERROR_INVALID_ARGUMENT: - [MOX-006] * NULL checks; commits * Negative length (XML_Parse); commit - [MOX-002] 70db8d2538a10f4c022655d6895e4c3e78692e7f - [MOX-001] #35 Change hash algorithm to William Ahern's version of SipHash to go further with fixing CVE-2012-0876. https://github.com/libexpat/libexpat/pull/39/commits OBS-URL: https://build.opensuse.org/request/show/508174 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=57
2017-07-04 18:25:59 +02:00
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: expat
Accepting request 508174 from home:msmeissn:branches:devel:libraries:c_c++ - Version update to 2.2.1 Sat June 17 2017 - Security fixes: CVE-2017-9233 / bsc#1047236 -- External entity infinite loop DoS Details: https://libexpat.github.io/doc/cve-2017-9233/ Commit c4bf96bb51dd2a1b0e185374362ee136fe2c9d7f - [MOX-002] CVE-2016-9063 / bsc#1047240 -- Detect integer overflow; (Fixed version of existing downstream patches!) - (SF.net) #539 Fix regression from fix to CVE-2016-0718 cutting off longer tag names; #25 More integer overflow detection (function poolGrow); - [MOX-002] Detect overflow from len=INT_MAX call to XML_Parse; - [MOX-005] #30 Use high quality entropy for hash initialization: * arc4random_buf on BSD, systems with libbsd (when configured with --with-libbsd), CloudABI * RtlGenRandom on Windows XP / Server 2003 and later * getrandom on Linux 3.17+ In a way, that's still part of CVE-2016-5300. https://github.com/libexpat/libexpat/pull/30/commits - [MOX-005] For the low quality entropy extraction fallback code, the parser instance address can no longer leak, - [MOX-003] Prevent use of uninitialised variable; commit - [MOX-004] a4dc944f37b664a3ca7199c624a98ee37babdb4b Add missing parameter validation to public API functions and dedicated error code XML_ERROR_INVALID_ARGUMENT: - [MOX-006] * NULL checks; commits * Negative length (XML_Parse); commit - [MOX-002] 70db8d2538a10f4c022655d6895e4c3e78692e7f - [MOX-001] #35 Change hash algorithm to William Ahern's version of SipHash to go further with fixing CVE-2012-0876. https://github.com/libexpat/libexpat/pull/39/commits OBS-URL: https://build.opensuse.org/request/show/508174 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=57
2017-07-04 18:25:59 +02:00
Version: 2.2.1
Release: 0
Summary: XML Parser Toolkit
License: MIT
Group: Development/Libraries/C and C++
Url: http://expat.sourceforge.net/
Source0: http://downloads.sourceforge.net/project/expat/expat/%{version}/expat-%{version}.tar.bz2
Source1: %{name}faq.html
Source2: baselibs.conf
BuildRequires: gcc-c++
BuildRequires: libtool
BuildRequires: pkgconfig
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
Expat is an XML parser library written in C. It is a stream-oriented
parser in which an application registers handlers for things the
parser might find in the XML document (like start tags).
%package -n libexpat1
Summary: XML Parser Toolkit
Group: System/Libraries
%description -n libexpat1
Expat is an XML parser library written in C. It is a stream-oriented
parser in which an application registers handlers for things the
parser might find in the XML document (like start tags).
%package -n libexpat-devel
Summary: XML Parser Toolkit
Group: Development/Libraries/C and C++
Requires: glibc-devel
Requires: libexpat1 = %{version}
%description -n libexpat-devel
Expat is an XML parser library written in C. It is a stream-oriented
parser in which an application registers handlers for things the
parser might find in the XML document (like start tags).
This package contains the development headers for the library found
in libexpat.
%prep
%setup -q
cp %{SOURCE1} .
rm -f examples/*.dsp
%build
%configure \
--disable-silent-rules \
--disable-static
%if %{do_profiling}
make %{?_smp_mflags} CFLAGS="%{optflags} %{cflags_profile_generate}"
make %{?_smp_mflags} CFLAGS="%{optflags} %{cflags_profile_generate}" LDFLAGS="%{optflags} %{cflags_profile_generate}" check
make clean
make %{?_smp_mflags} CFLAGS="%{optflags} %{cflags_profile_feedback}"
%else
make %{?_smp_mflags} CFLAGS="%{optflags}"
%endif
%install
%make_install
find %{buildroot} -type f -name "*.la" -delete -print
%check
make %{?_smp_mflags} check
%post -n libexpat1 -p /sbin/ldconfig
%postun -n libexpat1 -p /sbin/ldconfig
%files
%defattr(-, root, root)
%doc COPYING Changes README examples expatfaq.html
%doc doc/expat.png doc/reference.html doc/style.css doc/valid-xhtml10.png
%{_mandir}/man?/*
%{_bindir}/xmlwf
%files -n libexpat1
%defattr(-, root, root)
%{_libdir}/libexpat.so.*
%files -n libexpat-devel
%defattr(-, root, root)
%{_includedir}/*
%{_libdir}/libexpat.so
%{_libdir}/pkgconfig/expat.pc
%changelog