.fmf/version

@@ -1 +0,0 @@
-1

.gitignore

@@ -1,70 +1,2 @@
-/qpdf-3.0.1.tar.gz
-/qpdf-3.0.2.tar.gz
-/qpdf-4.0.0.tar.gz
-/qpdf-4.0.1.tar.gz
-/qpdf-4.1.0.tar.gz
-/qpdf-4.2.0.tar.gz
-/qpdf-5.0.0.tar.gz
-/qpdf-5.0.1.tar.gz
-/qpdf-5.1.0.tar.gz
-/qpdf-5.1.1.tar.gz
-/qpdf-5.1.2.tar.gz
-/qpdf-5.1.3.tar.gz
-/qpdf-5.2.0.tar.gz
-/qpdf-6.0.0.tar.gz
-/qpdf-7.0.0.tar.gz
+SOURCES/qpdf-7.1.1.tar.gz
 /qpdf-7.1.1.tar.gz
-/qpdf-8.0.0.tar.gz
-/qpdf-8.0.1.tar.gz
-/qpdf-8.0.2.tar.gz
-/qpdf-8.1.0.tar.gz
-/qpdf-8.2.1.tar.gz
-/qpdf-8.3.0.tar.gz
-/qpdf-8.4.0.tar.gz
-/qpdf-8.4.2.tar.gz
-/qpdf-9.0.1.tar.gz
-/qpdf-9.1.0.tar.gz
-/qpdf-9.1.1.tar.gz
-/qpdf-10.0.1.tar.gz
-/qpdf-10.0.3.tar.gz
-/qpdf-10.0.4.tar.gz
-/qpdf-10.1.0.tar.gz
-/qpdf-10.2.0.tar.gz
-/qpdf-10.3.0.tar.gz
-/qpdf-10.3.1.tar.gz
-/qpdf-10.3.2.tar.gz
-/qpdf-10.4.0.tar.gz
-/qpdf-10.5.0.tar.gz
-/qpdf-10.5.0-doc.zip
-/qpdf-10.6.0-doc.zip
-/qpdf-10.6.0.tar.gz
-/qpdf-10.6.1-doc.zip
-/qpdf-10.6.1.tar.gz
-/qpdf-10.6.2-doc.zip
-/qpdf-10.6.2.tar.gz
-/qpdf-10.6.3-doc.zip
-/qpdf-10.6.3.tar.gz
-/qpdf-11.1.0-doc.zip
-/qpdf-11.1.0.tar.gz
-/qpdf-11.1.1-doc.zip
-/qpdf-11.1.1.tar.gz
-/qpdf-11.2.0.tar.gz
-/qpdf-11.2.0-doc.zip
-/qpdf-11.3.0-doc.zip
-/qpdf-11.3.0.tar.gz
-/qpdf-11.4.0.tar.gz
-/qpdf-11.4.0-doc.zip
-/qpdf-11.5.0.tar.gz
-/qpdf-11.5.0-doc.zip
-/qpdf-11.6.1-doc.zip
-/qpdf-11.6.1.tar.gz
-/qpdf-11.6.2.tar.gz
-/qpdf-11.6.2-doc.zip
-/qpdf-11.6.3-doc.zip
-/qpdf-11.6.3.tar.gz
-/qpdf-11.6.4.tar.gz
-/qpdf-11.6.4-doc.zip
-/qpdf-11.7.0.tar.gz
-/qpdf-11.7.0-doc.zip
-/qpdf-11.8.0-doc.zip
-/qpdf-11.8.0.tar.gz

ci.fmf

@@ -1 +0,0 @@
-resultsdb-testcase: separate

gating.yaml

@@ -1,25 +1,7 @@
 --- !Policy
 product_versions:
-  - fedora-*
-decision_context: bodhi_update_push_testing
-subject_type: koji_build
-rules:
-  - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional}
- 
-#Rawhide
---- !Policy
-product_versions:
-  - fedora-*
-decision_context: bodhi_update_push_stable
-subject_type: koji_build
-rules:
-  - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional}
- 
-#gating rhel
---- !Policy
-product_versions:
-  - rhel-*
+    - rhel-8
 decision_context: osci_compose_gate
 rules:
-  - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-public.functional}
-  - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-internal.functional}
+    - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional}
+    - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tedude.validation}

plans.fmf

@@ -1,36 +0,0 @@
-/tier1-internal:
-  plan:
-    import:
-      url: https://gitlab.com/redhat/centos-stream/tests/qpdf.git
-      name: /plans/tier1/internal
-
-/tier1-public:
-  plan:
-    import:
-      url: https://gitlab.com/redhat/centos-stream/tests/qpdf.git
-      name: /plans/tier1/public
-
-/tier2-tier3-internal:
-  plan:
-    import:
-      url: https://gitlab.com/redhat/centos-stream/tests/qpdf.git
-      name: /plans/tier2-tier3/internal
-
-/tier2-tier3-public:
-  plan:
-    import:
-      url: https://gitlab.com/redhat/centos-stream/tests/qpdf.git
-      name: /plans/tier2-tier3/public
-
-/others-internal:
-  plan:
-    import:
-      url: https://gitlab.com/redhat/centos-stream/tests/qpdf.git
-      name: /plans/others/internal
-
-/others-public:
-  plan:
-    import:
-      url: https://gitlab.com/redhat/centos-stream/tests/qpdf.git
-      name: /plans/others/public
-

qpdf-CVE-2018-9918.patch

@@ -0,0 +1,55 @@
+diff -up qpdf-7.1.1/libqpdf/QPDFObjectHandle.cc.CVE-2018-9918 qpdf-7.1.1/libqpdf/QPDFObjectHandle.cc
+--- qpdf-7.1.1/libqpdf/QPDFObjectHandle.cc.CVE-2018-9918	2018-02-05 00:31:42.000000000 +0100
++++ qpdf-7.1.1/libqpdf/QPDFObjectHandle.cc	2018-04-16 15:35:36.378343714 +0200
+@@ -1054,12 +1054,26 @@ QPDFObjectHandle::parseInternal(PointerH
+ 
+ 	  case QPDFTokenizer::tt_array_open:
+ 	  case QPDFTokenizer::tt_dict_open:
+-            olist_stack.push_back(std::vector<QPDFObjectHandle>());
+-            state = st_start;
+-            offset_stack.push_back(input->tell());
+-            state_stack.push_back(
+-                (token.getType() == QPDFTokenizer::tt_array_open) ?
+-                st_array : st_dictionary);
++            if (olist_stack.size() > 500)
++            {
++		QTC::TC("qpdf", "QPDFObjectHandle too deep");
++                warn(context,
++                     QPDFExc(qpdf_e_damaged_pdf, input->getName(),
++                             object_description,
++                             input->getLastOffset(),
++                             "ignoring excessively deeply nested data structure"));
++                object = newNull();
++                state = st_top;
++            }
++            else
++            {
++                olist_stack.push_back(std::vector<QPDFObjectHandle>());
++                state = st_start;
++                offset_stack.push_back(input->tell());
++                state_stack.push_back(
++                    (token.getType() == QPDFTokenizer::tt_array_open) ?
++                    st_array : st_dictionary);
++            }
+ 	    break;
+ 
+ 	  case QPDFTokenizer::tt_bool:
+diff -up qpdf-7.1.1/qpdf/qpdf.testcov.CVE-2018-9918 qpdf-7.1.1/qpdf/qpdf.testcov
+--- qpdf-7.1.1/qpdf/qpdf.testcov.CVE-2018-9918	2018-02-05 00:31:42.000000000 +0100
++++ qpdf-7.1.1/qpdf/qpdf.testcov	2018-04-16 15:35:36.379343705 +0200
+@@ -302,3 +302,4 @@ qpdf-c called qpdf_set_compress_streams
+ qpdf-c called qpdf_set_preserve_unreferenced_objects 0
+ qpdf-c called qpdf_set_newline_before_endstream 0
+ QPDF_Stream TIFF predictor 0
++QPDFObjectHandle too deep 0
+diff -up qpdf-7.1.1/qpdf/qtest/qpdf/issue-146.out.CVE-2018-9918 qpdf-7.1.1/qpdf/qtest/qpdf/issue-146.out
+--- qpdf-7.1.1/qpdf/qtest/qpdf/issue-146.out.CVE-2018-9918	2018-02-05 00:31:42.000000000 +0100
++++ qpdf-7.1.1/qpdf/qtest/qpdf/issue-146.out	2018-04-16 15:53:17.499476948 +0200
+@@ -1,5 +1,5 @@
+ WARNING: issue-146.pdf: file is damaged
+ WARNING: issue-146.pdf: can't find startxref
+ WARNING: issue-146.pdf: Attempting to reconstruct cross-reference table
+-WARNING: issue-146.pdf (trailer, file position 20728): unknown token while reading object; treating as string
+-issue-146.pdf (trailer, file position 20732): EOF while reading token
++WARNING: issue-146.pdf (trailer, file position 695): ignoring excessively deeply nested data structure
++issue-146.pdf: unable to find trailer dictionary while recovering damaged file

qpdf-doc.patch

@@ -0,0 +1,30 @@
+diff -up qpdf-4.1.0/manual/fix-qdf.1.in.doc qpdf-4.1.0/manual/fix-qdf.1.in
+--- qpdf-4.1.0/manual/fix-qdf.1.in.doc	2013-04-14 21:03:51.000000000 +0200
++++ qpdf-4.1.0/manual/fix-qdf.1.in	2013-05-23 18:12:21.506581935 +0200
+@@ -14,5 +14,4 @@ the same file with stream lengths, cross
+ object stream offset tables regenerated.
+ .PP
+ For details about fix-qdf and about PDF files in QDF mode, please see
+-the qpdf manual, which can be found in @docdir@/qpdf-manual.html or
+-@docdir@/qpdf-manual.pdf.
++the qpdf manual, which can be found in qpdf-doc package.
+diff -up qpdf-4.1.0/manual/qpdf.1.in.doc qpdf-4.1.0/manual/qpdf.1.in
+--- qpdf-4.1.0/manual/qpdf.1.in.doc	2013-04-14 21:03:51.000000000 +0200
++++ qpdf-4.1.0/manual/qpdf.1.in	2013-05-23 18:12:13.723690019 +0200
+@@ -16,4 +16,4 @@ useful primarily to PDF developers.
+ .PP
+ For a summary of qpdf's options, please run
+ \fBqpdf --help\fR.  A complete manual can be found in
+-@docdir@/qpdf-manual.html or @docdir@/qpdf-manual.pdf.
++qpdf-doc package.
+diff -up qpdf-4.1.0/manual/zlib-flate.1.in.doc qpdf-4.1.0/manual/zlib-flate.1.in
+--- qpdf-4.1.0/manual/zlib-flate.1.in.doc	2013-04-14 21:03:51.000000000 +0200
++++ qpdf-4.1.0/manual/zlib-flate.1.in	2013-05-23 18:12:07.571775453 +0200
+@@ -21,6 +21,6 @@ This program should not be used as a gen
+ tool.  Use something like gzip(1) instead.
+ .PP
+ For details about qpdf, please see the qpdf manual, which can be found
+-in @docdir@/qpdf-manual.html or @docdir@/qpdf-manual.pdf.
++in qpdf-doc package.
+ .SH "SEE ALSO"
+ qpdf(1), gzip(1)

qpdf-relax.patch

@@ -1,198 +1,158 @@
-diff -up qpdf-11.7.0/libqpdf/QPDF.cc.relax qpdf-11.7.0/libqpdf/QPDF.cc
---- qpdf-11.7.0/libqpdf/QPDF.cc.relax	2023-12-24 13:36:07.000000000 +0100
-+++ qpdf-11.7.0/libqpdf/QPDF.cc	2024-01-08 15:17:27.020951639 +0100
-@@ -13,6 +13,10 @@
- #include <sstream>
- #include <vector>
+diff --git a/libqpdf/QPDF.cc b/libqpdf/QPDF.cc
+index 3475afe..f93ba0d 100644
+--- a/libqpdf/QPDF.cc
++++ b/libqpdf/QPDF.cc
+@@ -19,6 +19,10 @@
+ #include <qpdf/QPDF_Null.hh>
+ #include <qpdf/QPDF_Dictionary.hh>
  
-+#ifdef USE_CRYPTO_GNUTLS
++#ifdef HAVE_GNUTLS
 +# include <gnutls/crypto.h>
 +#endif
 +
- #include <qpdf/BufferInputSource.hh>
- #include <qpdf/FileInputSource.hh>
- #include <qpdf/OffsetInputSource.hh>
-@@ -250,14 +254,26 @@ void
- QPDF::processFile(char const* filename, char const* password)
+ std::string QPDF::qpdf_version = "7.1.1";
+ 
+ static char const* EMPTY_PDF =
+@@ -139,7 +143,13 @@ QPDF::processFile(char const* filename, char const* password)
  {
-     auto* fi = new FileInputSource(filename);
-+#ifdef USE_CRYPTO_GNUTLS
+     FileInputSource* fi = new FileInputSource();
+     fi->setFilename(filename);
++#ifdef HAVE_GNUTLS
 +    GNUTLS_FIPS140_SET_LAX_MODE();
 +#endif
-     processInputSource(std::shared_ptr<InputSource>(fi), password);
-+#ifdef USE_CRYPTO_GNUTLS
+     processInputSource(fi, password);
++#ifdef HAVE_GNUTLS
 +    GNUTLS_FIPS140_SET_STRICT_MODE();
 +#endif
  }
  
  void
- QPDF::processFile(char const* description, FILE* filep, bool close_file, char const* password)
+@@ -148,7 +158,13 @@ QPDF::processFile(char const* description, FILE* filep,
  {
-     auto* fi = new FileInputSource(description, filep, close_file);
-+#ifdef USE_CRYPTO_GNUTLS
+     FileInputSource* fi = new FileInputSource();
+     fi->setFile(description, filep, close_file);
++#ifdef HAVE_GNUTLS
 +    GNUTLS_FIPS140_SET_LAX_MODE();
 +#endif
-     processInputSource(std::shared_ptr<InputSource>(fi), password);
-+#ifdef USE_CRYPTO_GNUTLS
+     processInputSource(fi, password);
++#ifdef HAVE_GNUTLS
 +    GNUTLS_FIPS140_SET_STRICT_MODE();
 +#endif
  }
  
  void
-diff -up qpdf-11.7.0/libqpdf/QPDF_encryption.cc.relax qpdf-11.7.0/libqpdf/QPDF_encryption.cc
---- qpdf-11.7.0/libqpdf/QPDF_encryption.cc.relax	2023-12-24 13:36:07.000000000 +0100
-+++ qpdf-11.7.0/libqpdf/QPDF_encryption.cc	2024-01-08 15:19:52.303117277 +0100
-@@ -3,6 +3,8 @@
+diff --git a/libqpdf/QPDFWriter.cc b/libqpdf/QPDFWriter.cc
+index 0544640..48fe50d 100644
+--- a/libqpdf/QPDFWriter.cc
++++ b/libqpdf/QPDFWriter.cc
+@@ -23,6 +23,10 @@
+ #include <algorithm>
+ #include <stdlib.h>
  
- #include <qpdf/assert_debug.h>
++#ifdef HAVE_GNUTLS
++#include <gnutls/crypto.h>
++#endif
++
+ QPDFWriter::Members::Members(QPDF& pdf) :
+     pdf(pdf),
+     filename(0),
+@@ -323,6 +327,13 @@ void
+ QPDFWriter::setDeterministicID(bool val)
+ {
+     this->m->deterministic_id = val;
++
++#ifdef HAVE_GNUTLS
++    if (val)
++	GNUTLS_FIPS140_SET_LAX_MODE();
++    else
++	GNUTLS_FIPS140_SET_STRICT_MODE();
++#endif
+ }
+ 
+ void
+@@ -344,6 +355,13 @@ void
+ QPDFWriter::setPreserveEncryption(bool val)
+ {
+     this->m->preserve_encryption = val;
++
++#ifdef HAVE_GNUTLS
++    if (val)
++	GNUTLS_FIPS140_SET_STRICT_MODE();
++    else
++	GNUTLS_FIPS140_SET_LAX_MODE();
++#endif
+ }
+ 
+ void
+diff --git a/libqpdf/QPDF_encryption.cc b/libqpdf/QPDF_encryption.cc
+index fd717c3..9b38914 100644
+--- a/libqpdf/QPDF_encryption.cc
++++ b/libqpdf/QPDF_encryption.cc
+@@ -1,6 +1,8 @@
+ // This file implements methods from the QPDF class that involve
+ // encryption.
  
 +#include <qpdf/qpdf-config.h>
 +
  #include <qpdf/QPDF.hh>
  
  #include <qpdf/QPDFExc.hh>
-@@ -19,6 +21,10 @@
- #include <algorithm>
- #include <cstring>
+@@ -18,6 +20,10 @@
+ #include <assert.h>
+ #include <string.h>
  
-+#ifdef USE_CRYPTO_GNUTLS
++#ifdef HAVE_GNUTLS
 +# include <gnutls/crypto.h>
 +#endif
 +
  static unsigned char const padding_string[] = {
-     0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41, 0x64, 0x00, 0x4e, 0x56, 0xff, 0xfa, 0x01, 0x08,
-     0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, 0x3e, 0x80, 0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a};
-@@ -349,10 +355,21 @@ QPDF::compute_data_key(
-         result += "sAlT";
-     }
- 
-+#ifdef USE_CRYPTO_GNUTLS
-+    unsigned oldmode = gnutls_fips140_mode_enabled();
-+
-+    gnutls_fips140_set_mode(GNUTLS_FIPS140_LAX, GNUTLS_FIPS140_SET_MODE_THREAD);
-+#endif
-+
-     MD5 md5;
-     md5.encodeDataIncrementally(result.c_str(), result.length());
-     MD5::Digest digest;
-     md5.digest(digest);
-+
-+#ifdef USE_CRYPTO_GNUTLS
-+    gnutls_fips140_set_mode(static_cast<gnutls_fips_mode_t>(oldmode), GNUTLS_FIPS140_SET_MODE_THREAD);
-+#endif
-+
-     return {reinterpret_cast<char*>(digest), std::min(result.length(), toS(16))};
- }
- 
-@@ -976,6 +993,12 @@ QPDF::getKeyForObject(
+     0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41,
+     0x64, 0x00, 0x4e, 0x56, 0xff, 0xfa, 0x01, 0x08,
+@@ -1084,6 +1090,12 @@ QPDF::getKeyForObject(int objid, int generation, bool use_aes)
  void
- QPDF::decryptString(std::string& str, QPDFObjGen const& og)
+ QPDF::decryptString(std::string& str, int objid, int generation)
  {
-+#ifdef USE_CRYPTO_GNUTLS
++#ifdef HAVE_GNUTLS
 +    unsigned oldmode = gnutls_fips140_mode_enabled();
 +
 +    gnutls_fips140_set_mode(GNUTLS_FIPS140_LAX, GNUTLS_FIPS140_SET_MODE_THREAD);
 +#endif
 +
-     if (!og.isIndirect()) {
-         return;
-     }
-@@ -1036,6 +1059,10 @@ QPDF::decryptString(std::string& str, QP
-     } catch (std::runtime_error& e) {
-         throw damagedPDF("error decrypting string for object " + og.unparse() + ": " + e.what());
+     if (objid == 0)
+     {
+ 	return;
+@@ -1162,6 +1174,10 @@ QPDF::decryptString(std::string& str, int objid, int generation)
+ 		      QUtil::int_to_string(objid) + " " +
+ 		      QUtil::int_to_string(generation) + ": " + e.what());
      }
 +
-+#ifdef USE_CRYPTO_GNUTLS
++#ifdef HAVE_GNUTLS
 +    gnutls_fips140_set_mode(static_cast<gnutls_fips_mode_t>(oldmode), GNUTLS_FIPS140_SET_MODE_THREAD);
 +#endif
  }
  
- // Prepend a decryption pipeline to 'pipeline'. The decryption pipeline (returned as
-@@ -1051,6 +1078,12 @@ QPDF::decryptStream(
-     QPDFObjectHandle& stream_dict,
-     std::unique_ptr<Pipeline>& decrypt_pipeline)
+ void
+@@ -1169,6 +1185,12 @@ QPDF::decryptStream(Pipeline*& pipeline, int objid, int generation,
+ 		    QPDFObjectHandle& stream_dict,
+ 		    std::vector<PointerHolder<Pipeline> >& heap)
  {
-+#ifdef USE_CRYPTO_GNUTLS
++#ifdef HAVE_GNUTLS
 +    unsigned oldmode = gnutls_fips140_mode_enabled();
 +
 +    gnutls_fips140_set_mode(GNUTLS_FIPS140_LAX, GNUTLS_FIPS140_SET_MODE_THREAD);
 +#endif
 +
      std::string type;
-     if (stream_dict.getKey("/Type").isName()) {
-         type = stream_dict.getKey("/Type").getName();
-@@ -1151,6 +1184,10 @@ QPDF::decryptStream(
-             toI(key.length()));
+     if (stream_dict.getKey("/Type").isName())
+     {
+@@ -1297,6 +1319,10 @@ QPDF::decryptStream(Pipeline*& pipeline, int objid, int generation,
+                               key.length());
      }
-     pipeline = decrypt_pipeline.get();
+     heap.push_back(pipeline);
 +
-+#ifdef USE_CRYPTO_GNUTLS
++#ifdef HAVE_GNUTLS
 +    gnutls_fips140_set_mode(static_cast<gnutls_fips_mode_t>(oldmode), GNUTLS_FIPS140_SET_MODE_THREAD);
 +#endif
  }
  
  void
-diff -up qpdf-11.7.0/libqpdf/QPDFWriter.cc.relax qpdf-11.7.0/libqpdf/QPDFWriter.cc
---- qpdf-11.7.0/libqpdf/QPDFWriter.cc.relax	2023-12-24 13:36:07.000000000 +0100
-+++ qpdf-11.7.0/libqpdf/QPDFWriter.cc	2024-01-08 15:17:27.022951614 +0100
-@@ -26,6 +26,10 @@
- #include <cstdlib>
- #include <stdexcept>
- 
-+#ifdef USE_CRYPTO_GNUTLS
-+#include <gnutls/crypto.h>
-+#endif
-+
- QPDFWriter::ProgressReporter::~ProgressReporter() // NOLINT (modernize-use-equals-default)
- {
-     // Must be explicit and not inline -- see QPDF_DLL_CLASS in README-maintainer
-@@ -287,6 +291,13 @@ void
- QPDFWriter::setDeterministicID(bool val)
- {
-     m->deterministic_id = val;
-+
-+#ifdef USE_CRYPTO_GNUTLS
-+    if (val)
-+	GNUTLS_FIPS140_SET_LAX_MODE();
-+    else
-+	GNUTLS_FIPS140_SET_STRICT_MODE();
-+#endif
- }
- 
- void
-@@ -307,6 +318,13 @@ void
- QPDFWriter::setPreserveEncryption(bool val)
- {
-     m->preserve_encryption = val;
-+
-+#ifdef USE_CRYPTO_GNUTLS
-+    if (val)
-+	GNUTLS_FIPS140_SET_STRICT_MODE();
-+    else
-+	GNUTLS_FIPS140_SET_LAX_MODE();
-+#endif
- }
- 
- void
-@@ -1890,11 +1908,21 @@ QPDFWriter::generateID()
-             }
-         }
- 
-+#ifdef USE_CRYPTO_GNUTLS
-+        unsigned oldmode = gnutls_fips140_mode_enabled();
-+
-+        gnutls_fips140_set_mode(GNUTLS_FIPS140_LAX, GNUTLS_FIPS140_SET_MODE_THREAD);
-+#endif
-+
-         MD5 m;
-         m.encodeString(seed.c_str());
-         MD5::Digest digest;
-         m.digest(digest);
-         result = std::string(reinterpret_cast<char*>(digest), sizeof(MD5::Digest));
-+
-+#ifdef USE_CRYPTO_GNUTLS
-+        gnutls_fips140_set_mode(static_cast<gnutls_fips_mode_t>(oldmode), GNUTLS_FIPS140_SET_MODE_THREAD);
-+#endif
-     }
- 
-     // If /ID already exists, follow the spec: use the original first word and generate a new second

qpdf.spec

@@ -1,70 +1,56 @@
 Summary: Command-line tools and library for transforming PDF files
 Name:    qpdf
-Version: 11.8.0
-Release: 5%{?dist}
-# MIT: e.g. libqpdf/sha2.c, but those are not compiled in (GNUTLS is used)
-# upstream uses ASL 2.0 now, but he allowed other to distribute qpdf under
+Version: 7.1.1
+Release: 10%{?dist}
+# MIT: e.g. libqpdf/sha2.c
+# upstream uses ASL 2.0 now, but he allowed others to distribute qpdf under
 # old license (see README)
-License: Apache-2.0 OR Artistic-2.0
-URL:     https://qpdf.sourceforge.io/
-Source0: https://github.com/%{name}/%{name}/releases/download/v%{version}/%{name}-%{version}.tar.gz
-Source1: https://github.com/%{name}/%{name}/releases/download/v%{version}/%{name}-%{version}-doc.zip
-
-# make qpdf working under FIPS, downstream patch
-Patch1:  qpdf-relax.patch
+License: (Artistic 2.0 or ASL 2.0) and MIT
+URL:     http://qpdf.sourceforge.net/
+Source0: http://downloads.sourceforge.net/sourceforge/qpdf/qpdf-%{version}.tar.gz
 
+Patch0:  qpdf-doc.patch
+Patch1:  qpdf-CVE-2018-9918.patch
+Patch2:  qpdf-gnutls-crypto.patch
+Patch3:  qpdf-relax.patch
 
 # gcc and gcc-c++ are no longer in buildroot by default
 # gcc is needed for qpdf-ctest.c
 BuildRequires: gcc
 # gcc-c++ is need for everything except for qpdf-ctest
 BuildRequires: gcc-c++
-# uses cmake
-BuildRequires: cmake
 
 BuildRequires: zlib-devel
 BuildRequires: libjpeg-turbo-devel
-
-# for gnutls crypto
-BuildRequires: gnutls-devel
+BuildRequires: pcre-devel
 
 # for fix-qdf and test suite
-BuildRequires: perl-generators
 BuildRequires: perl-interpreter
-BuildRequires: perl(Carp)
-BuildRequires: perl(Config)
-BuildRequires: perl(constant)
-BuildRequires: perl(Cwd)
+BuildRequires: perl-generators
 BuildRequires: perl(Digest::MD5)
-BuildRequires: perl(Digest::SHA)
-BuildRequires: perl(File::Basename)
-BuildRequires: perl(File::Compare)
-BuildRequires: perl(File::Copy)
-BuildRequires: perl(File::Find)
-BuildRequires: perl(File::Spec)
-BuildRequires: perl(FileHandle)
-BuildRequires: perl(IO::Handle)
-BuildRequires: perl(IO::Select)
-BuildRequires: perl(IO::Socket)
-BuildRequires: perl(POSIX)
-BuildRequires: perl(strict)
-# perl(Term::ANSIColor) - not needed for tests
-# perl(Term::ReadKey) - not needed for tests
 
-Requires: %{name}-libs%{?_isa} = %{version}-%{release}
+# for autoreconf
+BuildRequires: autoconf
+BuildRequires: automake
+BuildRequires: libtool
+
+# for crypto by gnutls
+BuildRequires: gnutls-devel
+BuildRequires: pkgconf-pkg-config
+
+Requires: qpdf-libs%{?_isa} = %{version}-%{release}
 
 %package libs
 Summary: QPDF library for transforming PDF files
 
 %package devel
 Summary: Development files for QPDF library
-Requires: %{name}-libs%{?_isa} = %{version}-%{release}
+Requires: qpdf-libs%{?_isa} = %{version}-%{release}
 
 %package doc
 Summary: QPDF Manual
 BuildArch: noarch
-BuildRequires: unzip
-Requires: %{name}-libs = %{version}-%{release}
+Requires: qpdf-libs = %{version}-%{release}
 
 %description
 QPDF is a command-line program that does structural, content-preserving
@@ -88,57 +74,54 @@ QPDF Manual
 %prep
 %setup -q
 
-%patch -P 1 -p1 -b .relax
-
-# unpack zip file with manual
-unzip %{SOURCE1}
+# fix 'complete manual location' note in man pages
+%patch0 -p1 -b .doc
+#  CVE-2018-9918 qpdf: stack exhaustion in QPDFObjectHandle and QPDF_Dictionary classes in libqpdf.a [fedora-all]
+%patch1 -p1 -b .CVE-2018-9918
+# 1605101 - qpdf: should not re-implement crypto
+%patch2 -p1 -b .gnutls-crypto
+# 1605101 - downstream patch for relaxing crypto for deterministic id and decrypt
+%patch3 -p1 -b .relax
 
+sed -i -e '1s,^#!/usr/bin/env perl,#!/usr/bin/perl,' qpdf/fix-qdf
 
 %build
-%cmake -DBUILD_STATIC_LIBS=0 \
-       -DREQUIRE_CRYPTO_GNUTLS=1 \
-       -DUSE_IMPLICIT_CRYPTO=0 \
-       -DSHOW_FAILED_TEST_OUTPUT=1 \
-       -DINSTALL_CMAKE_PACKAGE=0
+# work-around check-rpaths errors
+autoreconf --verbose --force --install
 
-%cmake_build
+%configure --disable-static \
+           --enable-show-failed-test-output \
+           --enable-gnutls
+
+make %{?_smp_mflags}
 
 %install
-%cmake_install
+make install DESTDIR=%{buildroot}
 
-install -m 0644 %{name}-%{version}-doc/%{name}-manual.pdf %{buildroot}/%{_pkgdocdir}/%{name}-manual.pdf
-
-# install bash/zsh completions
-mkdir -p %{buildroot}%{bash_completions_dir}
-mkdir -p %{buildroot}%{zsh_completions_dir}
-install -m 0644 completions/bash/qpdf %{buildroot}%{bash_completions_dir}/qpdf
-install -m 0644 completions/zsh/_qpdf %{buildroot}%{zsh_completions_dir}/_qpdf
+rm -f %{buildroot}%{_libdir}/libqpdf.la
 
 %check
-%ctest
+make check
 
-%ldconfig_scriptlets libs
+%post libs -p /sbin/ldconfig
+
+%postun libs -p /sbin/ldconfig
 
 %files
 %{_bindir}/fix-qdf
 %{_bindir}/qpdf
 %{_bindir}/zlib-flate
 %{_mandir}/man1/*
-%dir %{bash_completions_dir}
-%{bash_completions_dir}/qpdf
-%dir %{zsh_completions_dir}
-%{zsh_completions_dir}/_qpdf
 
 %files libs
-%doc README.md TODO.md ChangeLog
-%license Artistic-2.0 LICENSE.txt NOTICE.md
-%{_libdir}/libqpdf.so.29
-%{_libdir}/libqpdf.so.29.8.0
+%doc README.md TODO ChangeLog
+%license Artistic-2.0
+%{_libdir}/libqpdf*.so.*
 
 %files devel
 %doc examples/*.cc examples/*.c
-%{_includedir}/qpdf/
-%{_libdir}/libqpdf.so
+%{_includedir}/*
+%{_libdir}/libqpdf*.so
 %{_libdir}/pkgconfig/libqpdf.pc
 
 %files doc
@@ -146,205 +129,24 @@ install -m 0644 completions/zsh/_qpdf %{buildroot}%{zsh_completions_dir}/_qpdf
 
 
 %changelog
-* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 11.8.0-5
-- Bump release for October 2024 mass rebuild:
-  Resolves: RHEL-64018
+* Tue Sep 10 2019 Zdenek Dohnal <zdohnal@redhat.com> - 7.1.1-10
+- used bad define in previous commit
 
-* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 11.8.0-4
-- Bump release for June 2024 mass rebuild
+* Tue Sep 10 2019 Zdenek Dohnal <zdohnal@redhat.com> - 7.1.1-9
+- 1605101 - qpdf: should not re-implement crypto - episode II - relaxing crypto for decrypt
 
-* Fri Jan 26 2024 Fedora Release Engineering <releng@fedoraproject.org> - 11.8.0-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+* Thu Sep 05 2019 Zdenek Dohnal <zdohnal@redhat.com> - 7.1.1-8
+- 1605101 - qpdf: should not re-implement crypto
 
-* Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 11.8.0-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
-
-* Tue Jan 09 2024 Zdenek Dohnal <zdohnal@redhat.com> - 11.8.0-1
-- 2257313 - qpdf-11.8.0 is available
-
-* Mon Jan 08 2024 Zdenek Dohnal <zdohnal@redhat.com> - 11.7.0-1
-- 2255755 - qpdf-11.7.0 is available
-
-* Tue Dec 19 2023 Zdenek Dohnal <zdohnal@redhat.com> - 11.6.4-2
-- 2254778 - remove the tests which fail with zlib-ng-compat for now
-
-* Mon Dec 18 2023 Zdenek Dohnal <zdohnal@redhat.com> - 11.6.4-1
-- 2253901 - qpdf-11.6.4 is available
-
-* Thu Nov 02 2023 Zdenek Dohnal <zdohnal@redhat.com> - 11.6.3-1
-- 2244319 - qpdf-11.6.3 is available
-
-* Mon Oct 09 2023 Zdenek Dohnal <zdohnal@redhat.com> - 11.6.2-1
-- 2242670 - qpdf-11.6.2 is available
-
-* Tue Sep 12 2023 Zdenek Dohnal <zdohnal@redhat.com> - 11.6.1-1
-- 2237125 - qpdf-11.6.1 is available
-
-* Wed Jul 26 2023 Zdenek Dohnal <zdohnal@redhat.com> - 11.5.0-1
-- 2221506 - qpdf-11.5.0 is available
-
-* Fri Jul 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 11.4.0-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
-
-* Mon May 22 2023 Zdenek Dohnal <zdohnal@redhat.com> - 11.4.0-1
-- 2208892 - qpdf-11.4.0 is available
-
-* Mon Mar 27 2023 Zdenek Dohnal <zdohnal@redhat.com> - 11.3.0-2
-- 2181519 - qpdf bash and zsh completion files are missing
-
-* Thu Mar 02 2023 Zdenek Dohnal <zdohnal@redhat.com> - 11.3.0-1
-- 2173354 - qpdf-11.3.0 is available
-
-* Fri Jan 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 11.2.0-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
-
-* Tue Nov 22 2022 Zdenek Dohnal <zdohnal@redhat.com> - 11.2.0-1
-- 2144359 - qpdf-11.2.0 is available
-
-* Thu Oct 13 2022 Zdenek Dohnal <zdohnal@redhat.com> - 11.1.1-1
-- 2125823 - qpdf-11.1.1 is available
-
-* Thu Sep 22 2022 Zdenek Dohnal <zdohnal@redhat.com> - 11.1.0-1
-- 2125823 - qpdf-11.1.0 is available, move to cmake
-
-* Thu Sep 22 2022 Zdenek Dohnal <zdohnal@redhat.com> - 10.6.3-5
-- use `grep -E` in test suite (bz2127957)
-
-* Mon Jul 25 2022 Zdenek Dohnal <zdohnal@redhat.com> - 10.6.3-4
-- qpdf doesn't depend on pcre since 7.0b1
-
-* Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 10.6.3-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
-
-* Thu Jul 14 2022 Zdenek Dohnal <zdohnal@redhat.com> - 10.6.3-2
-- 2107240 - FIPS breaks pdftopdf and bannertopdf
-
-* Fri Mar 18 2022 Zdenek Dohnal <zdohnal@redhat.com> - 10.6.3-1
-- 2063429 - qpdf-10.6.3 is available
-
-* Thu Feb 17 2022 Zdenek Dohnal <zdohnal@redhat.com> - 10.6.2-1
-- 2053647 - qpdf-10.6.2 is available
-
-* Mon Feb 14 2022 Zdenek Dohnal <zdohnal@redhat.com> - 10.6.1-1
-- 2053647 - qpdf-10.6.1 is available
-
-* Thu Feb 10 2022 Zdenek Dohnal <zdohnal@redhat.com> - 10.6.0-1
-- 2052569 - qpdf-10.6.0 is available
-
-* Fri Jan 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 10.5.0-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
-
-* Wed Jan 05 2022 Zdenek Dohnal <zdohnal@redhat.com> - 10.5.0-2
-- add qpdf-manual - now it is in a different archive
-
-* Mon Jan 03 2022 Zdenek Dohnal <zdohnal@redhat.com> - 10.5.0-1
-- 2034671 - qpdf-10.5.0 is available
-
-* Mon Dec 06 2021 Zdenek Dohnal <zdohnal@redhat.com> - 10.4.0-1
-- 2023979 - qpdf-10.4.0 is available
-
-* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 10.3.2-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
-
-* Thu May 20 2021 Zdenek Dohnal <zdohnal@redhat.com> - 10.3.2-1
-- 1958536 - qpdf-10.3.2 is available
-
-* Mon Apr 19 2021 Zdenek Dohnal <zdohnal@redhat.com> - 10.3.1-2
-- aarch64 specific patches were removed from zlib, so no need for ours
-- zlib got downstream patches on s390x, we need to patch qpdf test suite for it
-
-* Fri Mar 12 2021 Zdenek Dohnal <zdohnal@redhat.com> - 10.3.1-1
-- 1937988 - qpdf-10.3.1 is available
-
-* Thu Mar 11 2021 Zdenek Dohnal <zdohnal@redhat.com> - 10.3.0-1
-- 1935799 - qpdf-10.3.0 is available
-
-* Wed Feb 24 2021 Zdenek Dohnal <zdohnal@redhat.com> - 10.2.0-1
-- 1932052 - qpdf-10.2.0 is available
-
-* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 10.1.0-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
-
-* Mon Jan 11 2021 Zdenek Dohnal <zdohnal@redhat.com> - 10.1.0-1
-- 1912951 - qpdf-10.1.0 is available
-
-* Mon Nov 23 2020 Zdenek Dohnal <zdohnal@redhat.com> - 10.0.4-1
-- 1900262 - qpdf-10.0.4 is available
-
-* Thu Nov 05 2020 Zdenek Dohnal <zdohnal@redhat.com> - 10.0.3-2
-- make is no longer in buildroot by default
-
-* Mon Nov 02 2020 Zdenek Dohnal <zdohnal@redhat.com> - 10.0.3-1
-- 10.0.3
-
-* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 10.0.1-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
-
-* Tue Apr 14 2020 Zdenek Dohnal <zdohnal@redhat.com> - 10.0.1-1
-- 10.0.1
-
-* Wed Mar 25 2020 Jitka Plesnikova <jplesnik@redhat.com> - 9.1.1-3
-- Add all perl dependencies for tests
-
-* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 9.1.1-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
-
-* Mon Jan 27 2020 Zdenek Dohnal <zdohnal@redhat.com> - 9.1.1-1
-- 9.1.1
-
-* Tue Nov 19 2019 Zdenek Dohnal <zdohnal@redhat.com> - 9.1.0-1
-- 9.1.0
-
-* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 8.4.2-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
-
-* Fri May 31 2019 Zdenek Dohnal <zdohnal@redhat.com> - 8.4.2-1
-- 8.4.2
-
-* Mon Mar 25 2019 Zdenek Dohnal <zdohnal@redhat.com> - 8.4.0-1
-- 8.4.0
-
-* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 8.3.0-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
-
-* Mon Jan 14 2019 Zdenek Dohnal <zdohnal@redhat.com> - 8.3.0-1
-- 8.3.0
-
-* Mon Sep 24 2018 Zdenek Dohnal <zdohnal@redhat.com> - 8.2.1-1
-- 8.2.1
-
-* Tue Jul 24 2018 Zdenek Dohnal <zdohnal@redhat.com> - 8.1.0-4
+* Tue Jul 24 2018 Zdenek Dohnal <zdohnal@redhat.com> - 7.1.1-7
 - correcting license
 
-* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 8.1.0-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
-
-* Wed Jul 11 2018 Zdenek Dohnal <zdohnal@redhat.com> - 8.1.0-2
+* Wed Jul 11 2018 Zdenek Dohnal <zdohnal@redhat.com> - 7.1.1-6
 - ship license in correct tag, mention optional change of license
 
-* Mon Jun 25 2018 Zdenek Dohnal <zdohnal@redhat.com> - 8.1.0-1
-- 8.1.0
-- more tests fail because aarch64 zlib optimization - add patch for it
-
-* Fri May 25 2018 Zdenek Dohnal <zdohnal@redhat.com> - 8.0.2-3
-- erase failing tests for aarch64 because of zlib optimization
-
-* Mon Apr 16 2018 Zdenek Dohnal <zdohnal@redhat.com>
+* Mon Apr 16 2018 Zdenek Dohnal <zdohnal@redhat.com> - 7.1.1-5
 - CVE-2018-9918 qpdf: stack exhaustion in QPDFObjectHandle and QPDF_Dictionary classes in libqpdf.a [fedora-all] 
 
-* Wed Mar 07 2018 Zdenek Dohnal <zdohnal@redhat.com> - 8.0.2-1
-- 8.0.2
-
-* Mon Mar 05 2018 Zdenek Dohnal <zdohnal@redhat.com> - 8.0.1-1
-- 8.0.1
-
-* Tue Feb 27 2018 Rex Dieter <rdieter@fedoraproject.org> - 8.0.0-2
-- use %%license, %%ldconfig_scriptlets, %%make_build, %%make_install
-- %%files: track files more closely, libqpdf soname in particular
-
-* Mon Feb 26 2018 Zdenek Dohnal <zdohnal@redhat.com> - 8.0.0-1
-- rebase to 8.0.0
-
 * Mon Feb 19 2018 Zdenek Dohnal <zdohnal@redhat.com> - 7.1.1-4
 - gcc and gcc-c++ are no longer in buildroot by default
 

sources

@@ -1,2 +1 @@
-SHA512 (qpdf-11.8.0-doc.zip) = 5b2748d4b0b0367d4fd2773e697f6e125d92c397b62ee63388bce85c74a051e1b17d487941128927e3493669bd00196caa842eee76db0f05827a650a067b6939
-SHA512 (qpdf-11.8.0.tar.gz) = e558cd4f0066ace73670ead7a49b0343862cdd275bd013eb10cbef6e161a13955101e6d78de8e87bb05a68498c3018152e9d20d61c01dce55d3810e7f5768aa9
+SHA512 (qpdf-7.1.1.tar.gz) = a75f988c7dd7ac174bdc981cd3696ca8b539ac6c581e3afecf601dc67277014cb4fe3f0e5cb75a67412cafa4eb645b2fc2d8a0ec203834464baf0c7e80baa0b4