import mingw-expat-2.4.8-1.el8

2022-11-08 02:02:25 -05:00 · 2022-11-08 02:02:25 -05:00 · 112b697610
parent 1b1a9c7177
commit 112b697610
4 changed files with 21 additions and 25 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/expat-2.2.4.tar.bz2
+SOURCES/expat-2.4.8.tar.bz2
--- a/.mingw-expat.metadata
+++ b/.mingw-expat.metadata
@ -1 +1 @@
-3394d6390c041a8f5dec1d5fe7c4af0a23ae4504 SOURCES/expat-2.2.4.tar.bz2
+5bc8aed3107a04ba2a35d45646eb079e6abbfe1d SOURCES/expat-2.4.8.tar.bz2
--- a/SOURCES/expat-2.2.5-CVE-2018-20843.patch
+++ b/SOURCES/expat-2.2.5-CVE-2018-20843.patch
@ -1,15 +0,0 @@
-
-https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-20843
-https://github.com/libexpat/libexpat/commit/11f8838bf99ea0a6f0b76f9760c43704d00c4ff6
-
--- libexpat-R_2_2_5/expat/lib/xmlparse.c.cve20843
-+++ libexpat-R_2_2_5/expat/lib/xmlparse.c
-@@ -6057,7 +6057,7 @@ setElementTypePrefix(XML_Parser parser,
-       else
-         poolDiscard(&dtd->pool);
-       elementType->prefix = prefix;
-
-+      break;
-     }
-   }
-   return 1;
--- a/SPECS/mingw-expat.spec
+++ b/SPECS/mingw-expat.spec
@ -1,18 +1,18 @@
 %{?mingw_package_header}

 Name:           mingw-expat
-Version:        2.2.4
-Release:        5%{?dist}
+Version:        2.4.8
+Release:        1%{?dist}
 Summary:        MinGW Windows port of expat XML parser library

 License:        MIT
 URL:            http://www.libexpat.org/
 Source0:        http://downloads.sourceforge.net/expat/expat-%{version}.tar.bz2
-Patch1:         expat-2.2.5-CVE-2018-20843.patch

 BuildArch:      noarch
 ExclusiveArch: %{ix86} x86_64

+BuildRequires: make
 BuildRequires:  mingw32-filesystem >= 95
 BuildRequires:  mingw32-gcc
 BuildRequires:  mingw32-binutils
@ -74,7 +74,7 @@ Static version of the MinGW Windows expat XML parser library.

 %prep
 %setup -q -n expat-%{version}
-%patch1 -p2 -b .cve20843
+

 %build
 %mingw_configure
@ -88,10 +88,10 @@ Static version of the MinGW Windows expat XML parser library.
 find $RPM_BUILD_ROOT -name "*.la" -delete

 # Remove documentation which duplicates that found in the native package.
-rm -r $RPM_BUILD_ROOT%{mingw32_docdir}
-rm -r $RPM_BUILD_ROOT%{mingw32_mandir}/man1
-rm -r $RPM_BUILD_ROOT%{mingw64_docdir}
-rm -r $RPM_BUILD_ROOT%{mingw64_mandir}/man1
+rm -rf $RPM_BUILD_ROOT%{mingw32_docdir}
+rm -rf $RPM_BUILD_ROOT%{mingw32_mandir}/man1
+rm -rf $RPM_BUILD_ROOT%{mingw64_docdir}
+rm -rf $RPM_BUILD_ROOT%{mingw64_mandir}/man1

 # Win32
 %files -n mingw32-expat
@ -100,6 +100,7 @@ rm -r $RPM_BUILD_ROOT%{mingw64_mandir}/man1
 %{mingw32_bindir}/xmlwf.exe
 %{mingw32_libdir}/libexpat.dll.a
 %{mingw32_libdir}/pkgconfig/expat.pc
+%{mingw32_libdir}/cmake/expat-%{version}/
 %{mingw32_includedir}/expat.h
 %{mingw32_includedir}/expat_config.h
 %{mingw32_includedir}/expat_external.h
@ -114,6 +115,7 @@ rm -r $RPM_BUILD_ROOT%{mingw64_mandir}/man1
 %{mingw64_bindir}/xmlwf.exe
 %{mingw64_libdir}/libexpat.dll.a
 %{mingw64_libdir}/pkgconfig/expat.pc
+%{mingw64_libdir}/cmake/expat-%{version}/
 %{mingw64_includedir}/expat.h
 %{mingw64_includedir}/expat_config.h
 %{mingw64_includedir}/expat_external.h
@ -123,6 +125,15 @@ rm -r $RPM_BUILD_ROOT%{mingw64_mandir}/man1


 %changelog
+* Mon May 02 2022 Uri Lublin <uril@redhat.com> - 2.4.8-1
+- Update to 2.4.8 and pick up CVEs fixes
+- Resolves: rhbz#2050504 CVE-2022-23990
+- Resolves: rhbz#2057023 CVE-2022-25236
+- Resolves: rhbz#2057037 CVE-2022-25235
+- Resolves: rhbz#2057094 CVE-2022-25313
+- Resolves: rhbz#2057099 CVE-2022-25314
+- Resolves: rhbz#2057127 CVE-2022-25315
+
 * Wed Jun 10 2020 Uri Lublin <uril@redhat.com> - 2.2.4-5
 - Rebuild
 - Resolves: rhbz#1773899