cjose/SPECS/cjose.spec

Name:           cjose
Version:        0.6.1
Release:        3%{?dist}
Summary:        C library implementing the Javascript Object Signing and Encryption (JOSE)

License:        MIT
URL:            https://github.com/cisco/cjose
Source0:  	https://github.com/cisco/%{name}/archive/%{version}/%{name}-%{version}.tar.gz

Patch1: concatkdf.patch
Patch2: 0002-check-cjose_get_alloc.patch
Patch3: 0003-CVE-2023-37464.patch

BuildRequires:  gcc
BuildRequires:  doxygen
BuildRequires:  openssl-devel
BuildRequires:  jansson-devel
BuildRequires:  check-devel

%description
Implementation of JOSE for C/C++


%package        devel
Summary:        Development files for %{name}
Requires:       %{name}%{?_isa} = %{version}-%{release}

%description    devel
The %{name}-devel package contains libraries and header files for
developing applications that use %{name}.


%prep
%autosetup -n %{name}-%{version} -p1

%build
%configure
%make_build


%install
%make_install
find %{buildroot} -name '*.a' -exec rm -f {} ';'
find %{buildroot} -name '*.la' -exec rm -f {} ';'


%post -p /sbin/ldconfig

%postun -p /sbin/ldconfig


%check
make check || (cat test/test-suite.log; exit 1)

%files
%license LICENSE
%doc CHANGELOG.md README.md
%doc /usr/share/doc/cjose
%{_libdir}/*.so.*


%files devel
%{_includedir}/*
%{_libdir}/*.so
%{_libdir}/pkgconfig/cjose.pc


%changelog
* Wed Jul 19 2023 <thalman@redhat.com> - 0.6.1-3
- CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual
  Authentication Tag provided in the JWE
  Resolves: rhbz#2223308
- Random memory override
  Resolves: rhbz#2072469

* Thu Aug  2 2018  <jdennis@redhat.com> - 0.6.1-2
- fix concatkdf big endian architecture problem.
  Upstream issue #77.

* Wed Aug  1 2018  <jdennis@redhat.com> - 0.6.1-1
- upgrade to latest upstream 0.6.1

* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.5.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.5.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

* Fri Jan 26 2018 Patrick Uiterwijk <patrick@puiterwijk.org> - 0.5.1-1
- Initial packaging
import cjose-0.6.1-2.module+el8+2454+f890a43a 2019-05-07 12:49:14 +00:00			`Name: cjose`
			`Version: 0.6.1`
Update Release to match upstream 2023-08-02 15:41:26 +00:00			`Release: 3%{?dist}`
import cjose-0.6.1-2.module+el8+2454+f890a43a 2019-05-07 12:49:14 +00:00			`Summary: C library implementing the Javascript Object Signing and Encryption (JOSE)`

			`License: MIT`
			`URL: https://github.com/cisco/cjose`
			`Source0: https://github.com/cisco/%{name}/archive/%{version}/%{name}-%{version}.tar.gz`

			`Patch1: concatkdf.patch`
import CS cjose-0.6.1-4.module_el8+568+35aaaaa0 2023-08-02 15:39:42 +00:00			`Patch2: 0002-check-cjose_get_alloc.patch`
			`Patch3: 0003-CVE-2023-37464.patch`
import cjose-0.6.1-2.module+el8+2454+f890a43a 2019-05-07 12:49:14 +00:00
			`BuildRequires: gcc`
			`BuildRequires: doxygen`
			`BuildRequires: openssl-devel`
			`BuildRequires: jansson-devel`
			`BuildRequires: check-devel`

			`%description`
			`Implementation of JOSE for C/C++`


			`%package devel`
			`Summary: Development files for %{name}`
			`Requires: %{name}%{?_isa} = %{version}-%{release}`

			`%description devel`
			`The %{name}-devel package contains libraries and header files for`
			`developing applications that use %{name}.`


			`%prep`
			`%autosetup -n %{name}-%{version} -p1`

			`%build`
			`%configure`
			`%make_build`


			`%install`
			`%make_install`
			`find %{buildroot} -name '*.a' -exec rm -f {} ';'`
			`find %{buildroot} -name '*.la' -exec rm -f {} ';'`


			`%post -p /sbin/ldconfig`

			`%postun -p /sbin/ldconfig`


			`%check`
			`make check \|\| (cat test/test-suite.log; exit 1)`

			`%files`
			`%license LICENSE`
			`%doc CHANGELOG.md README.md`
			`%doc /usr/share/doc/cjose`
			`%{_libdir}/.so.`


			`%files devel`
			`%{_includedir}/*`
			`%{_libdir}/*.so`
			`%{_libdir}/pkgconfig/cjose.pc`


			`%changelog`
Update Release to match upstream 2023-08-02 15:41:26 +00:00			`* Wed Jul 19 2023 <thalman@redhat.com> - 0.6.1-3`
import CS cjose-0.6.1-4.module_el8+568+35aaaaa0 2023-08-02 15:39:42 +00:00			`- CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual`
			`Authentication Tag provided in the JWE`
			`Resolves: rhbz#2223308`
			`- Random memory override`
			`Resolves: rhbz#2072469`

import cjose-0.6.1-2.module+el8+2454+f890a43a 2019-05-07 12:49:14 +00:00			`* Thu Aug 2 2018 <jdennis@redhat.com> - 0.6.1-2`
			`- fix concatkdf big endian architecture problem.`
			`Upstream issue #77.`

			`* Wed Aug 1 2018 <jdennis@redhat.com> - 0.6.1-1`
			`- upgrade to latest upstream 0.6.1`

			`* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.5.1-3`
			`- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild`

			`* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.5.1-2`
			`- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild`

			`* Fri Jan 26 2018 Patrick Uiterwijk <patrick@puiterwijk.org> - 0.5.1-1`
			`- Initial packaging`