rpm/expat
SHA256
1
0
Fork 0
forked from pool/expat
Code Pull Requests Activity
87920586bc
expat/expat.spec
Tomáš Chvátal 87920586bc Accepting request 508174 from home:msmeissn:branches:devel:libraries:c_c++ 
- Version update to 2.2.1 Sat June 17 2017
  - Security fixes:
                    CVE-2017-9233 / bsc#1047236 -- External entity infinite loop DoS
                    Details: https://libexpat.github.io/doc/cve-2017-9233/
                    Commit c4bf96bb51dd2a1b0e185374362ee136fe2c9d7f
   - [MOX-002]      CVE-2016-9063 / bsc#1047240 -- Detect integer overflow; 
                    (Fixed version of existing downstream patches!)
   - (SF.net) #539  Fix regression from fix to CVE-2016-0718 cutting off
                    longer tag names; 
               #25  More integer overflow detection (function poolGrow); 
   - [MOX-002]      Detect overflow from len=INT_MAX call to XML_Parse; 
   - [MOX-005] #30  Use high quality entropy for hash initialization:
                    * arc4random_buf on BSD, systems with libbsd
                      (when configured with --with-libbsd), CloudABI
                    * RtlGenRandom on Windows XP / Server 2003 and later
                    * getrandom on Linux 3.17+
                    In a way, that's still part of CVE-2016-5300.
                    https://github.com/libexpat/libexpat/pull/30/commits
   - [MOX-005] For the low quality entropy extraction fallback code,
               the parser instance address can no longer leak, 
   - [MOX-003] Prevent use of uninitialised variable; commit
   - [MOX-004] a4dc944f37b664a3ca7199c624a98ee37babdb4b
               Add missing parameter validation to public API functions
               and dedicated error code XML_ERROR_INVALID_ARGUMENT:
   - [MOX-006] * NULL checks; commits
               * Negative length (XML_Parse); commit
   - [MOX-002] 70db8d2538a10f4c022655d6895e4c3e78692e7f
   - [MOX-001] #35  Change hash algorithm to William Ahern's version of SipHash
                    to go further with fixing CVE-2012-0876.
                    https://github.com/libexpat/libexpat/pull/39/commits

OBS-URL: https://build.opensuse.org/request/show/508174
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=57
2017-07-04 16:25:59 +00:00

102 lines
2.9 KiB
RPMSpec
Raw Blame History

#
# spec file for package expat
#
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: expat
Version: 2.2.1
Release: 0
Summary: XML Parser Toolkit
License: MIT
Group: Development/Libraries/C and C++
Url: http://expat.sourceforge.net/
Source0: http://downloads.sourceforge.net/project/expat/expat/%{version}/expat-%{version}.tar.bz2
Source1: %{name}faq.html
Source2: baselibs.conf
BuildRequires: gcc-c++
BuildRequires: libtool
BuildRequires: pkgconfig
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
Expat is an XML parser library written in C. It is a stream-oriented
parser in which an application registers handlers for things the
parser might find in the XML document (like start tags).
%package -n libexpat1
Summary: XML Parser Toolkit
Group: System/Libraries
%description -n libexpat1
Expat is an XML parser library written in C. It is a stream-oriented
parser in which an application registers handlers for things the
parser might find in the XML document (like start tags).
%package -n libexpat-devel
Summary: XML Parser Toolkit
Group: Development/Libraries/C and C++
Requires: glibc-devel
Requires: libexpat1 = %{version}
%description -n libexpat-devel
Expat is an XML parser library written in C. It is a stream-oriented
parser in which an application registers handlers for things the
parser might find in the XML document (like start tags).
This package contains the development headers for the library found
in libexpat.
%prep
%setup -q
cp %{SOURCE1} .
rm -f examples/*.dsp
%build
%configure \
--disable-silent-rules \
--disable-static
make %{?_smp_mflags}
%install
%make_install
find %{buildroot} -type f -name "*.la" -delete -print
%check
make %{?_smp_mflags} check
%post -n libexpat1 -p /sbin/ldconfig
%postun -n libexpat1 -p /sbin/ldconfig
%files
%defattr(-, root, root)
%doc COPYING Changes README examples expatfaq.html
%doc doc/expat.png doc/reference.html doc/style.css doc/valid-xhtml10.png
%{_mandir}/man?/*
%{_bindir}/xmlwf
%files -n libexpat1
%defattr(-, root, root)
%{_libdir}/libexpat.so.*
%files -n libexpat-devel
%defattr(-, root, root)
%{_includedir}/*
%{_libdir}/libexpat.so
%{_libdir}/pkgconfig/expat.pc
%changelog
View Git Blame Copy Permalink