Accepting request 1146610 from devel:tools

OBS-URL: https://build.opensuse.org/request/show/1146610 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/pkgconf?expand=0&rev=14
2024-02-16 20:45:29 +00:00 · 2024-02-16 20:45:29 +00:00 · 565c972203
commit 565c972203
parent 2ad8946bb4 c4b6303437
5 changed files with 28 additions and 66 deletions
--- a/pkgconf-1.8.0.tar.xz
+++ b/pkgconf-1.8.0.tar.xz
--- a/pkgconf-2.1.1.tar.xz
+++ b/pkgconf-2.1.1.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3a224f2accf091b77a5781316e27b9ee3ba82c083cc2e539e08940b68a44fec5
+size 311956
--- a/pkgconf-CVE-2023-24056.patch
+++ b/pkgconf-CVE-2023-24056.patch
@ -1,53 +0,0 @@
-diff -Nura pkgconf-1.8.0/libpkgconf/tuple.c pkgconf-1.8.0_new/libpkgconf/tuple.c
--- pkgconf-1.8.0/libpkgconf/tuple.c	2021-03-18 20:15:16.000000000 +0800
-+++ pkgconf-1.8.0_new/libpkgconf/tuple.c	2023-01-30 16:07:40.750297141 +0800
-@@ -293,12 +293,23 @@
- 				}
- 			}
- 
-+                        PKGCONF_TRACE(client, "lookup tuple %s", varname);
-+
-+                        size_t remain = PKGCONF_BUFSIZE - (bptr - buf);
- 			ptr += (pptr - ptr);
- 			kv = pkgconf_tuple_find_global(client, varname);
- 			if (kv != NULL)
- 			{
-				strncpy(bptr, kv, PKGCONF_BUFSIZE - (bptr - buf));
-				bptr += strlen(kv);
-+                       	        size_t nlen = pkgconf_strlcpy(bptr, kv, remain);
-+				if (nlen > remain)
-+				{
-+					pkgconf_warn(client, "warning: truncating very long variable to 64KB\n");
-+
-+					bptr = buf + (PKGCONF_BUFSIZE - 1);
-+					break;
-+				}
-+
-+				bptr += nlen;
- 			}
- 			else
- 			{
-@@ -306,12 +317,20 @@
- 
- 				if (kv != NULL)
- 				{
-+                                        size_t nlen;
-+
- 					parsekv = pkgconf_tuple_parse(client, vars, kv);
-+                                        nlen = pkgconf_strlcpy(bptr, parsekv, remain);
-+					free(parsekv);
- 
-					strncpy(bptr, parsekv, PKGCONF_BUFSIZE - (bptr - buf));
-					bptr += strlen(parsekv);
-+                                        if (nlen > remain)
-+                                        {
-+                                                pkgconf_warn(client, "warning: truncating very long variable to 64KB\n");
-+                                                bptr = buf + (PKGCONF_BUFSIZE - 1);
-+                                                break;
-+                                        }
- 
-					free(parsekv);
-+                                        bptr += nlen;
- 				}
- 			}
- 		}
--- a/pkgconf.changes
+++ b/pkgconf.changes
@ -1,3 +1,24 @@
+-------------------------------------------------------------------
+Mon Feb 12 12:29:11 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- update to 2.1.1:
+  * Fix --modversion with constraints
+  * Reintroduce an optimization to the dependency graph walker
+    which avoids revisiting already visited nodes
+  * Add a regression test to check that the dependency flattener is
+    working as expected
+
+-------------------------------------------------------------------
+Mon Dec 18 10:41:18 UTC 2023 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- update to 2.1.0:
+  * new solver for higher performance with complicated graphs
+  * Add --license selector to the pkgconf CLI
+  * Add flag --verbose and --solution to CLI
+  * Changes and fixes to --modversion
+  * bug fixes and developer visible changes
+- drop pkgconf-CVE-2023-24056.patch, now included
+
 -------------------------------------------------------------------
 Sun Jan 29 09:26:47 UTC 2023 - Cliff Zhao <qzhao@suse.com>

--- a/pkgconf.spec
+++ b/pkgconf.spec
@ -1,7 +1,7 @@
 #
 # spec file for package pkgconf
 #
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 # Copyright (c) 2020 Neal Gompa <ngompa13@gmail.com>.
 #
 # All modifications and additions to the file contributed by third parties
@ -40,12 +40,12 @@
 # Search path for pc files for pkgconf
 %global pkgconf_libdirs %{_libdir}/pkgconfig:%{_datadir}/pkgconfig

-%global somajor 3
+%global somajor 4
 %global libname lib%{name}%{somajor}
 %global devname lib%{name}-devel

 Name:           pkgconf
-Version:        1.8.0
+Version:        2.1.1
 Release:        0
 Summary:        Package compiler and linker metadata toolkit
 License:        ISC
@ -54,13 +54,7 @@ URL:            http://pkgconf.org/
 Source0:        https://distfiles.dereferenced.org/%{name}/%{name}-%{version}.tar.xz
 # Simple wrapper script to offer platform versions of pkgconfig from Fedora
 Source1:        platform-pkg-config.in
-# PATCH-FIX-UPSTREAM pkgconf-CVE-2023-24056.patch bsc#1207394 CVE-2023-24056 qzhao@suse.com -- Backport commit 628b2b2baf from upstream, test for, and stop string processing, on truncation.
-Patch0:         pkgconf-CVE-2023-24056.patch
-# For regenerating autotools scripts
-BuildRequires:  autoconf
-BuildRequires:  automake
 BuildRequires:  gcc
-BuildRequires:  libtool
 BuildRequires:  make
 # pkgconf uses libpkgconf internally
 Requires:       %{libname}%{?_isa} = %{version}-%{release}
@ -135,7 +129,6 @@ the system provider of pkg-config.
 %autosetup -p1

 %build
-autoreconf -fiv
 %configure --disable-static \
           --with-pkg-config-dir=%{pkgconf_libdirs} \
           --with-system-includedir=%{_includedir} \
@ -196,6 +189,7 @@ rm -rf %{buildroot}%{_mandir}/man7
 %license COPYING
 %doc README.md AUTHORS NEWS
 %{_bindir}/%{name}
+%{_bindir}/bomtool
 %{_mandir}/man1/%{name}.1*
 %{_mandir}/man5/pc.5*
 %{_mandir}/man5/%{name}-personality.5*