import mingw-expat-2.4.8-1.el8

This commit is contained in:
CentOS Sources 2022-09-27 17:32:33 -04:00 committed by Stepan Oksanichenko
parent 12119e7797
commit 7911d743e2
4 changed files with 21 additions and 25 deletions

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/expat-2.2.4.tar.bz2 SOURCES/expat-2.4.8.tar.bz2

View File

@ -1 +1 @@
3394d6390c041a8f5dec1d5fe7c4af0a23ae4504 SOURCES/expat-2.2.4.tar.bz2 5bc8aed3107a04ba2a35d45646eb079e6abbfe1d SOURCES/expat-2.4.8.tar.bz2

View File

@ -1,15 +0,0 @@
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-20843
https://github.com/libexpat/libexpat/commit/11f8838bf99ea0a6f0b76f9760c43704d00c4ff6
--- libexpat-R_2_2_5/expat/lib/xmlparse.c.cve20843
+++ libexpat-R_2_2_5/expat/lib/xmlparse.c
@@ -6057,7 +6057,7 @@ setElementTypePrefix(XML_Parser parser,
else
poolDiscard(&dtd->pool);
elementType->prefix = prefix;
-
+ break;
}
}
return 1;

View File

@ -1,18 +1,18 @@
%{?mingw_package_header} %{?mingw_package_header}
Name: mingw-expat Name: mingw-expat
Version: 2.2.4 Version: 2.4.8
Release: 5%{?dist} Release: 1%{?dist}
Summary: MinGW Windows port of expat XML parser library Summary: MinGW Windows port of expat XML parser library
License: MIT License: MIT
URL: http://www.libexpat.org/ URL: http://www.libexpat.org/
Source0: http://downloads.sourceforge.net/expat/expat-%{version}.tar.bz2 Source0: http://downloads.sourceforge.net/expat/expat-%{version}.tar.bz2
Patch1: expat-2.2.5-CVE-2018-20843.patch
BuildArch: noarch BuildArch: noarch
ExclusiveArch: %{ix86} x86_64 ExclusiveArch: %{ix86} x86_64
BuildRequires: make
BuildRequires: mingw32-filesystem >= 95 BuildRequires: mingw32-filesystem >= 95
BuildRequires: mingw32-gcc BuildRequires: mingw32-gcc
BuildRequires: mingw32-binutils BuildRequires: mingw32-binutils
@ -74,7 +74,7 @@ Static version of the MinGW Windows expat XML parser library.
%prep %prep
%setup -q -n expat-%{version} %setup -q -n expat-%{version}
%patch1 -p2 -b .cve20843
%build %build
%mingw_configure %mingw_configure
@ -88,10 +88,10 @@ Static version of the MinGW Windows expat XML parser library.
find $RPM_BUILD_ROOT -name "*.la" -delete find $RPM_BUILD_ROOT -name "*.la" -delete
# Remove documentation which duplicates that found in the native package. # Remove documentation which duplicates that found in the native package.
rm -r $RPM_BUILD_ROOT%{mingw32_docdir} rm -rf $RPM_BUILD_ROOT%{mingw32_docdir}
rm -r $RPM_BUILD_ROOT%{mingw32_mandir}/man1 rm -rf $RPM_BUILD_ROOT%{mingw32_mandir}/man1
rm -r $RPM_BUILD_ROOT%{mingw64_docdir} rm -rf $RPM_BUILD_ROOT%{mingw64_docdir}
rm -r $RPM_BUILD_ROOT%{mingw64_mandir}/man1 rm -rf $RPM_BUILD_ROOT%{mingw64_mandir}/man1
# Win32 # Win32
%files -n mingw32-expat %files -n mingw32-expat
@ -100,6 +100,7 @@ rm -r $RPM_BUILD_ROOT%{mingw64_mandir}/man1
%{mingw32_bindir}/xmlwf.exe %{mingw32_bindir}/xmlwf.exe
%{mingw32_libdir}/libexpat.dll.a %{mingw32_libdir}/libexpat.dll.a
%{mingw32_libdir}/pkgconfig/expat.pc %{mingw32_libdir}/pkgconfig/expat.pc
%{mingw32_libdir}/cmake/expat-%{version}/
%{mingw32_includedir}/expat.h %{mingw32_includedir}/expat.h
%{mingw32_includedir}/expat_config.h %{mingw32_includedir}/expat_config.h
%{mingw32_includedir}/expat_external.h %{mingw32_includedir}/expat_external.h
@ -114,6 +115,7 @@ rm -r $RPM_BUILD_ROOT%{mingw64_mandir}/man1
%{mingw64_bindir}/xmlwf.exe %{mingw64_bindir}/xmlwf.exe
%{mingw64_libdir}/libexpat.dll.a %{mingw64_libdir}/libexpat.dll.a
%{mingw64_libdir}/pkgconfig/expat.pc %{mingw64_libdir}/pkgconfig/expat.pc
%{mingw64_libdir}/cmake/expat-%{version}/
%{mingw64_includedir}/expat.h %{mingw64_includedir}/expat.h
%{mingw64_includedir}/expat_config.h %{mingw64_includedir}/expat_config.h
%{mingw64_includedir}/expat_external.h %{mingw64_includedir}/expat_external.h
@ -123,6 +125,15 @@ rm -r $RPM_BUILD_ROOT%{mingw64_mandir}/man1
%changelog %changelog
* Mon May 02 2022 Uri Lublin <uril@redhat.com> - 2.4.8-1
- Update to 2.4.8 and pick up CVEs fixes
- Resolves: rhbz#2050504 CVE-2022-23990
- Resolves: rhbz#2057023 CVE-2022-25236
- Resolves: rhbz#2057037 CVE-2022-25235
- Resolves: rhbz#2057094 CVE-2022-25313
- Resolves: rhbz#2057099 CVE-2022-25314
- Resolves: rhbz#2057127 CVE-2022-25315
* Wed Jun 10 2020 Uri Lublin <uril@redhat.com> - 2.2.4-5 * Wed Jun 10 2020 Uri Lublin <uril@redhat.com> - 2.2.4-5
- Rebuild - Rebuild
- Resolves: rhbz#1773899 - Resolves: rhbz#1773899