.fmf/version

@@ -0,0 +1 @@
+1

.gitignore

@@ -1,2 +1,70 @@
-SOURCES/qpdf-7.1.1.tar.gz
+/qpdf-3.0.1.tar.gz
+/qpdf-3.0.2.tar.gz
+/qpdf-4.0.0.tar.gz
+/qpdf-4.0.1.tar.gz
+/qpdf-4.1.0.tar.gz
+/qpdf-4.2.0.tar.gz
+/qpdf-5.0.0.tar.gz
+/qpdf-5.0.1.tar.gz
+/qpdf-5.1.0.tar.gz
+/qpdf-5.1.1.tar.gz
+/qpdf-5.1.2.tar.gz
+/qpdf-5.1.3.tar.gz
+/qpdf-5.2.0.tar.gz
+/qpdf-6.0.0.tar.gz
+/qpdf-7.0.0.tar.gz
 /qpdf-7.1.1.tar.gz
+/qpdf-8.0.0.tar.gz
+/qpdf-8.0.1.tar.gz
+/qpdf-8.0.2.tar.gz
+/qpdf-8.1.0.tar.gz
+/qpdf-8.2.1.tar.gz
+/qpdf-8.3.0.tar.gz
+/qpdf-8.4.0.tar.gz
+/qpdf-8.4.2.tar.gz
+/qpdf-9.0.1.tar.gz
+/qpdf-9.1.0.tar.gz
+/qpdf-9.1.1.tar.gz
+/qpdf-10.0.1.tar.gz
+/qpdf-10.0.3.tar.gz
+/qpdf-10.0.4.tar.gz
+/qpdf-10.1.0.tar.gz
+/qpdf-10.2.0.tar.gz
+/qpdf-10.3.0.tar.gz
+/qpdf-10.3.1.tar.gz
+/qpdf-10.3.2.tar.gz
+/qpdf-10.4.0.tar.gz
+/qpdf-10.5.0.tar.gz
+/qpdf-10.5.0-doc.zip
+/qpdf-10.6.0-doc.zip
+/qpdf-10.6.0.tar.gz
+/qpdf-10.6.1-doc.zip
+/qpdf-10.6.1.tar.gz
+/qpdf-10.6.2-doc.zip
+/qpdf-10.6.2.tar.gz
+/qpdf-10.6.3-doc.zip
+/qpdf-10.6.3.tar.gz
+/qpdf-11.1.0-doc.zip
+/qpdf-11.1.0.tar.gz
+/qpdf-11.1.1-doc.zip
+/qpdf-11.1.1.tar.gz
+/qpdf-11.2.0.tar.gz
+/qpdf-11.2.0-doc.zip
+/qpdf-11.3.0-doc.zip
+/qpdf-11.3.0.tar.gz
+/qpdf-11.4.0.tar.gz
+/qpdf-11.4.0-doc.zip
+/qpdf-11.5.0.tar.gz
+/qpdf-11.5.0-doc.zip
+/qpdf-11.6.1-doc.zip
+/qpdf-11.6.1.tar.gz
+/qpdf-11.6.2.tar.gz
+/qpdf-11.6.2-doc.zip
+/qpdf-11.6.3-doc.zip
+/qpdf-11.6.3.tar.gz
+/qpdf-11.6.4.tar.gz
+/qpdf-11.6.4-doc.zip
+/qpdf-11.7.0.tar.gz
+/qpdf-11.7.0-doc.zip
+/qpdf-11.8.0-doc.zip
+/qpdf-11.8.0.tar.gz

ci.fmf

@@ -0,0 +1 @@
+resultsdb-testcase: separate

gating.yaml

@@ -1,7 +1,25 @@
 --- !Policy
 product_versions:
-    - rhel-8
+  - fedora-*
+decision_context: bodhi_update_push_testing
+subject_type: koji_build
+rules:
+  - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional}
+ 
+#Rawhide
+--- !Policy
+product_versions:
+  - fedora-*
+decision_context: bodhi_update_push_stable
+subject_type: koji_build
+rules:
+  - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional}
+ 
+#gating rhel
+--- !Policy
+product_versions:
+  - rhel-*
 decision_context: osci_compose_gate
 rules:
-    - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional}
-    - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tedude.validation}
+  - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-public.functional}
+  - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-internal.functional}

plans.fmf

@@ -0,0 +1,36 @@
+/tier1-internal:
+  plan:
+    import:
+      url: https://gitlab.com/redhat/centos-stream/tests/qpdf.git
+      name: /plans/tier1/internal
+
+/tier1-public:
+  plan:
+    import:
+      url: https://gitlab.com/redhat/centos-stream/tests/qpdf.git
+      name: /plans/tier1/public
+
+/tier2-tier3-internal:
+  plan:
+    import:
+      url: https://gitlab.com/redhat/centos-stream/tests/qpdf.git
+      name: /plans/tier2-tier3/internal
+
+/tier2-tier3-public:
+  plan:
+    import:
+      url: https://gitlab.com/redhat/centos-stream/tests/qpdf.git
+      name: /plans/tier2-tier3/public
+
+/others-internal:
+  plan:
+    import:
+      url: https://gitlab.com/redhat/centos-stream/tests/qpdf.git
+      name: /plans/others/internal
+
+/others-public:
+  plan:
+    import:
+      url: https://gitlab.com/redhat/centos-stream/tests/qpdf.git
+      name: /plans/others/public
+

qpdf-CVE-2018-9918.patch

@@ -1,55 +0,0 @@
-diff -up qpdf-7.1.1/libqpdf/QPDFObjectHandle.cc.CVE-2018-9918 qpdf-7.1.1/libqpdf/QPDFObjectHandle.cc
---- qpdf-7.1.1/libqpdf/QPDFObjectHandle.cc.CVE-2018-9918	2018-02-05 00:31:42.000000000 +0100
-+++ qpdf-7.1.1/libqpdf/QPDFObjectHandle.cc	2018-04-16 15:35:36.378343714 +0200
-@@ -1054,12 +1054,26 @@ QPDFObjectHandle::parseInternal(PointerH
- 
- 	  case QPDFTokenizer::tt_array_open:
- 	  case QPDFTokenizer::tt_dict_open:
--            olist_stack.push_back(std::vector<QPDFObjectHandle>());
--            state = st_start;
--            offset_stack.push_back(input->tell());
--            state_stack.push_back(
--                (token.getType() == QPDFTokenizer::tt_array_open) ?
--                st_array : st_dictionary);
-+            if (olist_stack.size() > 500)
-+            {
-+		QTC::TC("qpdf", "QPDFObjectHandle too deep");
-+                warn(context,
-+                     QPDFExc(qpdf_e_damaged_pdf, input->getName(),
-+                             object_description,
-+                             input->getLastOffset(),
-+                             "ignoring excessively deeply nested data structure"));
-+                object = newNull();
-+                state = st_top;
-+            }
-+            else
-+            {
-+                olist_stack.push_back(std::vector<QPDFObjectHandle>());
-+                state = st_start;
-+                offset_stack.push_back(input->tell());
-+                state_stack.push_back(
-+                    (token.getType() == QPDFTokenizer::tt_array_open) ?
-+                    st_array : st_dictionary);
-+            }
- 	    break;
- 
- 	  case QPDFTokenizer::tt_bool:
-diff -up qpdf-7.1.1/qpdf/qpdf.testcov.CVE-2018-9918 qpdf-7.1.1/qpdf/qpdf.testcov
---- qpdf-7.1.1/qpdf/qpdf.testcov.CVE-2018-9918	2018-02-05 00:31:42.000000000 +0100
-+++ qpdf-7.1.1/qpdf/qpdf.testcov	2018-04-16 15:35:36.379343705 +0200
-@@ -302,3 +302,4 @@ qpdf-c called qpdf_set_compress_streams
- qpdf-c called qpdf_set_preserve_unreferenced_objects 0
- qpdf-c called qpdf_set_newline_before_endstream 0
- QPDF_Stream TIFF predictor 0
-+QPDFObjectHandle too deep 0
-diff -up qpdf-7.1.1/qpdf/qtest/qpdf/issue-146.out.CVE-2018-9918 qpdf-7.1.1/qpdf/qtest/qpdf/issue-146.out
---- qpdf-7.1.1/qpdf/qtest/qpdf/issue-146.out.CVE-2018-9918	2018-02-05 00:31:42.000000000 +0100
-+++ qpdf-7.1.1/qpdf/qtest/qpdf/issue-146.out	2018-04-16 15:53:17.499476948 +0200
-@@ -1,5 +1,5 @@
- WARNING: issue-146.pdf: file is damaged
- WARNING: issue-146.pdf: can't find startxref
- WARNING: issue-146.pdf: Attempting to reconstruct cross-reference table
--WARNING: issue-146.pdf (trailer, file position 20728): unknown token while reading object; treating as string
--issue-146.pdf (trailer, file position 20732): EOF while reading token
-+WARNING: issue-146.pdf (trailer, file position 695): ignoring excessively deeply nested data structure
-+issue-146.pdf: unable to find trailer dictionary while recovering damaged file

qpdf-doc.patch

@@ -1,30 +0,0 @@
-diff -up qpdf-4.1.0/manual/fix-qdf.1.in.doc qpdf-4.1.0/manual/fix-qdf.1.in
---- qpdf-4.1.0/manual/fix-qdf.1.in.doc	2013-04-14 21:03:51.000000000 +0200
-+++ qpdf-4.1.0/manual/fix-qdf.1.in	2013-05-23 18:12:21.506581935 +0200
-@@ -14,5 +14,4 @@ the same file with stream lengths, cross
- object stream offset tables regenerated.
- .PP
- For details about fix-qdf and about PDF files in QDF mode, please see
--the qpdf manual, which can be found in @docdir@/qpdf-manual.html or
--@docdir@/qpdf-manual.pdf.
-+the qpdf manual, which can be found in qpdf-doc package.
-diff -up qpdf-4.1.0/manual/qpdf.1.in.doc qpdf-4.1.0/manual/qpdf.1.in
---- qpdf-4.1.0/manual/qpdf.1.in.doc	2013-04-14 21:03:51.000000000 +0200
-+++ qpdf-4.1.0/manual/qpdf.1.in	2013-05-23 18:12:13.723690019 +0200
-@@ -16,4 +16,4 @@ useful primarily to PDF developers.
- .PP
- For a summary of qpdf's options, please run
- \fBqpdf --help\fR.  A complete manual can be found in
--@docdir@/qpdf-manual.html or @docdir@/qpdf-manual.pdf.
-+qpdf-doc package.
-diff -up qpdf-4.1.0/manual/zlib-flate.1.in.doc qpdf-4.1.0/manual/zlib-flate.1.in
---- qpdf-4.1.0/manual/zlib-flate.1.in.doc	2013-04-14 21:03:51.000000000 +0200
-+++ qpdf-4.1.0/manual/zlib-flate.1.in	2013-05-23 18:12:07.571775453 +0200
-@@ -21,6 +21,6 @@ This program should not be used as a gen
- tool.  Use something like gzip(1) instead.
- .PP
- For details about qpdf, please see the qpdf manual, which can be found
--in @docdir@/qpdf-manual.html or @docdir@/qpdf-manual.pdf.
-+in qpdf-doc package.
- .SH "SEE ALSO"
- qpdf(1), gzip(1)

qpdf-relax.patch

@@ -1,158 +1,198 @@
-diff --git a/libqpdf/QPDF.cc b/libqpdf/QPDF.cc
-index 3475afe..f93ba0d 100644
---- a/libqpdf/QPDF.cc
-+++ b/libqpdf/QPDF.cc
-@@ -19,6 +19,10 @@
- #include <qpdf/QPDF_Null.hh>
- #include <qpdf/QPDF_Dictionary.hh>
+diff -up qpdf-11.7.0/libqpdf/QPDF.cc.relax qpdf-11.7.0/libqpdf/QPDF.cc
+--- qpdf-11.7.0/libqpdf/QPDF.cc.relax	2023-12-24 13:36:07.000000000 +0100
++++ qpdf-11.7.0/libqpdf/QPDF.cc	2024-01-08 15:17:27.020951639 +0100
+@@ -13,6 +13,10 @@
+ #include <sstream>
+ #include <vector>
  
-+#ifdef HAVE_GNUTLS
++#ifdef USE_CRYPTO_GNUTLS
 +# include <gnutls/crypto.h>
 +#endif
 +
- std::string QPDF::qpdf_version = "7.1.1";
- 
- static char const* EMPTY_PDF =
-@@ -139,7 +143,13 @@ QPDF::processFile(char const* filename, char const* password)
+ #include <qpdf/BufferInputSource.hh>
+ #include <qpdf/FileInputSource.hh>
+ #include <qpdf/OffsetInputSource.hh>
+@@ -250,14 +254,26 @@ void
+ QPDF::processFile(char const* filename, char const* password)
  {
-     FileInputSource* fi = new FileInputSource();
-     fi->setFilename(filename);
-+#ifdef HAVE_GNUTLS
+     auto* fi = new FileInputSource(filename);
++#ifdef USE_CRYPTO_GNUTLS
 +    GNUTLS_FIPS140_SET_LAX_MODE();
 +#endif
-     processInputSource(fi, password);
-+#ifdef HAVE_GNUTLS
+     processInputSource(std::shared_ptr<InputSource>(fi), password);
++#ifdef USE_CRYPTO_GNUTLS
 +    GNUTLS_FIPS140_SET_STRICT_MODE();
 +#endif
  }
  
  void
-@@ -148,7 +158,13 @@ QPDF::processFile(char const* description, FILE* filep,
+ QPDF::processFile(char const* description, FILE* filep, bool close_file, char const* password)
  {
-     FileInputSource* fi = new FileInputSource();
-     fi->setFile(description, filep, close_file);
-+#ifdef HAVE_GNUTLS
+     auto* fi = new FileInputSource(description, filep, close_file);
++#ifdef USE_CRYPTO_GNUTLS
 +    GNUTLS_FIPS140_SET_LAX_MODE();
 +#endif
-     processInputSource(fi, password);
-+#ifdef HAVE_GNUTLS
+     processInputSource(std::shared_ptr<InputSource>(fi), password);
++#ifdef USE_CRYPTO_GNUTLS
 +    GNUTLS_FIPS140_SET_STRICT_MODE();
 +#endif
  }
  
  void
-diff --git a/libqpdf/QPDFWriter.cc b/libqpdf/QPDFWriter.cc
-index 0544640..48fe50d 100644
---- a/libqpdf/QPDFWriter.cc
-+++ b/libqpdf/QPDFWriter.cc
-@@ -23,6 +23,10 @@
- #include <algorithm>
- #include <stdlib.h>
+diff -up qpdf-11.7.0/libqpdf/QPDF_encryption.cc.relax qpdf-11.7.0/libqpdf/QPDF_encryption.cc
+--- qpdf-11.7.0/libqpdf/QPDF_encryption.cc.relax	2023-12-24 13:36:07.000000000 +0100
++++ qpdf-11.7.0/libqpdf/QPDF_encryption.cc	2024-01-08 15:19:52.303117277 +0100
+@@ -3,6 +3,8 @@
  
-+#ifdef HAVE_GNUTLS
-+#include <gnutls/crypto.h>
-+#endif
-+
- QPDFWriter::Members::Members(QPDF& pdf) :
-     pdf(pdf),
-     filename(0),
-@@ -323,6 +327,13 @@ void
- QPDFWriter::setDeterministicID(bool val)
- {
-     this->m->deterministic_id = val;
-+
-+#ifdef HAVE_GNUTLS
-+    if (val)
-+	GNUTLS_FIPS140_SET_LAX_MODE();
-+    else
-+	GNUTLS_FIPS140_SET_STRICT_MODE();
-+#endif
- }
- 
- void
-@@ -344,6 +355,13 @@ void
- QPDFWriter::setPreserveEncryption(bool val)
- {
-     this->m->preserve_encryption = val;
-+
-+#ifdef HAVE_GNUTLS
-+    if (val)
-+	GNUTLS_FIPS140_SET_STRICT_MODE();
-+    else
-+	GNUTLS_FIPS140_SET_LAX_MODE();
-+#endif
- }
- 
- void
-diff --git a/libqpdf/QPDF_encryption.cc b/libqpdf/QPDF_encryption.cc
-index fd717c3..9b38914 100644
---- a/libqpdf/QPDF_encryption.cc
-+++ b/libqpdf/QPDF_encryption.cc
-@@ -1,6 +1,8 @@
- // This file implements methods from the QPDF class that involve
- // encryption.
+ #include <qpdf/assert_debug.h>
  
 +#include <qpdf/qpdf-config.h>
 +
  #include <qpdf/QPDF.hh>
  
  #include <qpdf/QPDFExc.hh>
-@@ -18,6 +20,10 @@
- #include <assert.h>
- #include <string.h>
+@@ -19,6 +21,10 @@
+ #include <algorithm>
+ #include <cstring>
  
-+#ifdef HAVE_GNUTLS
++#ifdef USE_CRYPTO_GNUTLS
 +# include <gnutls/crypto.h>
 +#endif
 +
  static unsigned char const padding_string[] = {
-     0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41,
-     0x64, 0x00, 0x4e, 0x56, 0xff, 0xfa, 0x01, 0x08,
-@@ -1084,6 +1090,12 @@ QPDF::getKeyForObject(int objid, int generation, bool use_aes)
- void
- QPDF::decryptString(std::string& str, int objid, int generation)
- {
-+#ifdef HAVE_GNUTLS
+     0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41, 0x64, 0x00, 0x4e, 0x56, 0xff, 0xfa, 0x01, 0x08,
+     0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, 0x3e, 0x80, 0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a};
+@@ -349,10 +355,21 @@ QPDF::compute_data_key(
+         result += "sAlT";
+     }
+ 
++#ifdef USE_CRYPTO_GNUTLS
 +    unsigned oldmode = gnutls_fips140_mode_enabled();
 +
 +    gnutls_fips140_set_mode(GNUTLS_FIPS140_LAX, GNUTLS_FIPS140_SET_MODE_THREAD);
 +#endif
 +
-     if (objid == 0)
-     {
- 	return;
-@@ -1162,6 +1174,10 @@ QPDF::decryptString(std::string& str, int objid, int generation)
- 		      QUtil::int_to_string(objid) + " " +
- 		      QUtil::int_to_string(generation) + ": " + e.what());
+     MD5 md5;
+     md5.encodeDataIncrementally(result.c_str(), result.length());
+     MD5::Digest digest;
+     md5.digest(digest);
++
++#ifdef USE_CRYPTO_GNUTLS
++    gnutls_fips140_set_mode(static_cast<gnutls_fips_mode_t>(oldmode), GNUTLS_FIPS140_SET_MODE_THREAD);
++#endif
++
+     return {reinterpret_cast<char*>(digest), std::min(result.length(), toS(16))};
+ }
+ 
+@@ -976,6 +993,12 @@ QPDF::getKeyForObject(
+ void
+ QPDF::decryptString(std::string& str, QPDFObjGen const& og)
+ {
++#ifdef USE_CRYPTO_GNUTLS
++    unsigned oldmode = gnutls_fips140_mode_enabled();
++
++    gnutls_fips140_set_mode(GNUTLS_FIPS140_LAX, GNUTLS_FIPS140_SET_MODE_THREAD);
++#endif
++
+     if (!og.isIndirect()) {
+         return;
+     }
+@@ -1036,6 +1059,10 @@ QPDF::decryptString(std::string& str, QP
+     } catch (std::runtime_error& e) {
+         throw damagedPDF("error decrypting string for object " + og.unparse() + ": " + e.what());
      }
 +
-+#ifdef HAVE_GNUTLS
++#ifdef USE_CRYPTO_GNUTLS
 +    gnutls_fips140_set_mode(static_cast<gnutls_fips_mode_t>(oldmode), GNUTLS_FIPS140_SET_MODE_THREAD);
 +#endif
  }
  
- void
-@@ -1169,6 +1185,12 @@ QPDF::decryptStream(Pipeline*& pipeline, int objid, int generation,
- 		    QPDFObjectHandle& stream_dict,
- 		    std::vector<PointerHolder<Pipeline> >& heap)
+ // Prepend a decryption pipeline to 'pipeline'. The decryption pipeline (returned as
+@@ -1051,6 +1078,12 @@ QPDF::decryptStream(
+     QPDFObjectHandle& stream_dict,
+     std::unique_ptr<Pipeline>& decrypt_pipeline)
  {
-+#ifdef HAVE_GNUTLS
++#ifdef USE_CRYPTO_GNUTLS
 +    unsigned oldmode = gnutls_fips140_mode_enabled();
 +
 +    gnutls_fips140_set_mode(GNUTLS_FIPS140_LAX, GNUTLS_FIPS140_SET_MODE_THREAD);
 +#endif
 +
      std::string type;
-     if (stream_dict.getKey("/Type").isName())
-     {
-@@ -1297,6 +1319,10 @@ QPDF::decryptStream(Pipeline*& pipeline, int objid, int generation,
-                               key.length());
+     if (stream_dict.getKey("/Type").isName()) {
+         type = stream_dict.getKey("/Type").getName();
+@@ -1151,6 +1184,10 @@ QPDF::decryptStream(
+             toI(key.length()));
      }
-     heap.push_back(pipeline);
+     pipeline = decrypt_pipeline.get();
 +
-+#ifdef HAVE_GNUTLS
++#ifdef USE_CRYPTO_GNUTLS
 +    gnutls_fips140_set_mode(static_cast<gnutls_fips_mode_t>(oldmode), GNUTLS_FIPS140_SET_MODE_THREAD);
 +#endif
  }
  
  void
+diff -up qpdf-11.7.0/libqpdf/QPDFWriter.cc.relax qpdf-11.7.0/libqpdf/QPDFWriter.cc
+--- qpdf-11.7.0/libqpdf/QPDFWriter.cc.relax	2023-12-24 13:36:07.000000000 +0100
++++ qpdf-11.7.0/libqpdf/QPDFWriter.cc	2024-01-08 15:17:27.022951614 +0100
+@@ -26,6 +26,10 @@
+ #include <cstdlib>
+ #include <stdexcept>
+ 
++#ifdef USE_CRYPTO_GNUTLS
++#include <gnutls/crypto.h>
++#endif
++
+ QPDFWriter::ProgressReporter::~ProgressReporter() // NOLINT (modernize-use-equals-default)
+ {
+     // Must be explicit and not inline -- see QPDF_DLL_CLASS in README-maintainer
+@@ -287,6 +291,13 @@ void
+ QPDFWriter::setDeterministicID(bool val)
+ {
+     m->deterministic_id = val;
++
++#ifdef USE_CRYPTO_GNUTLS
++    if (val)
++	GNUTLS_FIPS140_SET_LAX_MODE();
++    else
++	GNUTLS_FIPS140_SET_STRICT_MODE();
++#endif
+ }
+ 
+ void
+@@ -307,6 +318,13 @@ void
+ QPDFWriter::setPreserveEncryption(bool val)
+ {
+     m->preserve_encryption = val;
++
++#ifdef USE_CRYPTO_GNUTLS
++    if (val)
++	GNUTLS_FIPS140_SET_STRICT_MODE();
++    else
++	GNUTLS_FIPS140_SET_LAX_MODE();
++#endif
+ }
+ 
+ void
+@@ -1890,11 +1908,21 @@ QPDFWriter::generateID()
+             }
+         }
+ 
++#ifdef USE_CRYPTO_GNUTLS
++        unsigned oldmode = gnutls_fips140_mode_enabled();
++
++        gnutls_fips140_set_mode(GNUTLS_FIPS140_LAX, GNUTLS_FIPS140_SET_MODE_THREAD);
++#endif
++
+         MD5 m;
+         m.encodeString(seed.c_str());
+         MD5::Digest digest;
+         m.digest(digest);
+         result = std::string(reinterpret_cast<char*>(digest), sizeof(MD5::Digest));
++
++#ifdef USE_CRYPTO_GNUTLS
++        gnutls_fips140_set_mode(static_cast<gnutls_fips_mode_t>(oldmode), GNUTLS_FIPS140_SET_MODE_THREAD);
++#endif
+     }
+ 
+     // If /ID already exists, follow the spec: use the original first word and generate a new second

qpdf.spec

@@ -1,56 +1,70 @@
 Summary: Command-line tools and library for transforming PDF files
 Name:    qpdf
-Version: 7.1.1
-Release: 10%{?dist}
-# MIT: e.g. libqpdf/sha2.c
-# upstream uses ASL 2.0 now, but he allowed others to distribute qpdf under
+Version: 11.8.0
+Release: 5%{?dist}
+# MIT: e.g. libqpdf/sha2.c, but those are not compiled in (GNUTLS is used)
+# upstream uses ASL 2.0 now, but he allowed other to distribute qpdf under
 # old license (see README)
-License: (Artistic 2.0 or ASL 2.0) and MIT
-URL:     http://qpdf.sourceforge.net/
-Source0: http://downloads.sourceforge.net/sourceforge/qpdf/qpdf-%{version}.tar.gz
+License: Apache-2.0 OR Artistic-2.0
+URL:     https://qpdf.sourceforge.io/
+Source0: https://github.com/%{name}/%{name}/releases/download/v%{version}/%{name}-%{version}.tar.gz
+Source1: https://github.com/%{name}/%{name}/releases/download/v%{version}/%{name}-%{version}-doc.zip
+
+# make qpdf working under FIPS, downstream patch
+Patch1:  qpdf-relax.patch
 
-Patch0:  qpdf-doc.patch
-Patch1:  qpdf-CVE-2018-9918.patch
-Patch2:  qpdf-gnutls-crypto.patch
-Patch3:  qpdf-relax.patch
 
 # gcc and gcc-c++ are no longer in buildroot by default
 # gcc is needed for qpdf-ctest.c
 BuildRequires: gcc
 # gcc-c++ is need for everything except for qpdf-ctest
 BuildRequires: gcc-c++
+# uses cmake
+BuildRequires: cmake
 
 BuildRequires: zlib-devel
 BuildRequires: libjpeg-turbo-devel
-BuildRequires: pcre-devel
+
+# for gnutls crypto
+BuildRequires: gnutls-devel
 
 # for fix-qdf and test suite
-BuildRequires: perl-interpreter
 BuildRequires: perl-generators
+BuildRequires: perl-interpreter
+BuildRequires: perl(Carp)
+BuildRequires: perl(Config)
+BuildRequires: perl(constant)
+BuildRequires: perl(Cwd)
 BuildRequires: perl(Digest::MD5)
+BuildRequires: perl(Digest::SHA)
+BuildRequires: perl(File::Basename)
+BuildRequires: perl(File::Compare)
+BuildRequires: perl(File::Copy)
+BuildRequires: perl(File::Find)
+BuildRequires: perl(File::Spec)
+BuildRequires: perl(FileHandle)
+BuildRequires: perl(IO::Handle)
+BuildRequires: perl(IO::Select)
+BuildRequires: perl(IO::Socket)
+BuildRequires: perl(POSIX)
+BuildRequires: perl(strict)
+# perl(Term::ANSIColor) - not needed for tests
+# perl(Term::ReadKey) - not needed for tests
 
-# for autoreconf
-BuildRequires: autoconf
-BuildRequires: automake
-BuildRequires: libtool
-
-# for crypto by gnutls
-BuildRequires: gnutls-devel
-BuildRequires: pkgconf-pkg-config
-
-Requires: qpdf-libs%{?_isa} = %{version}-%{release}
+Requires: %{name}-libs%{?_isa} = %{version}-%{release}
 
 %package libs
 Summary: QPDF library for transforming PDF files
 
 %package devel
 Summary: Development files for QPDF library
-Requires: qpdf-libs%{?_isa} = %{version}-%{release}
+Requires: %{name}-libs%{?_isa} = %{version}-%{release}
 
 %package doc
 Summary: QPDF Manual
 BuildArch: noarch
-Requires: qpdf-libs = %{version}-%{release}
+BuildRequires: unzip
+Requires: %{name}-libs = %{version}-%{release}
 
 %description
 QPDF is a command-line program that does structural, content-preserving
@@ -74,54 +88,57 @@ QPDF Manual
 %prep
 %setup -q
 
-# fix 'complete manual location' note in man pages
-%patch0 -p1 -b .doc
-#  CVE-2018-9918 qpdf: stack exhaustion in QPDFObjectHandle and QPDF_Dictionary classes in libqpdf.a [fedora-all]
-%patch1 -p1 -b .CVE-2018-9918
-# 1605101 - qpdf: should not re-implement crypto
-%patch2 -p1 -b .gnutls-crypto
-# 1605101 - downstream patch for relaxing crypto for deterministic id and decrypt
-%patch3 -p1 -b .relax
+%patch -P 1 -p1 -b .relax
+
+# unpack zip file with manual
+unzip %{SOURCE1}
 
-sed -i -e '1s,^#!/usr/bin/env perl,#!/usr/bin/perl,' qpdf/fix-qdf
 
 %build
-# work-around check-rpaths errors
-autoreconf --verbose --force --install
+%cmake -DBUILD_STATIC_LIBS=0 \
+       -DREQUIRE_CRYPTO_GNUTLS=1 \
+       -DUSE_IMPLICIT_CRYPTO=0 \
+       -DSHOW_FAILED_TEST_OUTPUT=1 \
+       -DINSTALL_CMAKE_PACKAGE=0
 
-%configure --disable-static \
-           --enable-show-failed-test-output \
-           --enable-gnutls
-
-make %{?_smp_mflags}
+%cmake_build
 
 %install
-make install DESTDIR=%{buildroot}
+%cmake_install
 
-rm -f %{buildroot}%{_libdir}/libqpdf.la
+install -m 0644 %{name}-%{version}-doc/%{name}-manual.pdf %{buildroot}/%{_pkgdocdir}/%{name}-manual.pdf
+
+# install bash/zsh completions
+mkdir -p %{buildroot}%{bash_completions_dir}
+mkdir -p %{buildroot}%{zsh_completions_dir}
+install -m 0644 completions/bash/qpdf %{buildroot}%{bash_completions_dir}/qpdf
+install -m 0644 completions/zsh/_qpdf %{buildroot}%{zsh_completions_dir}/_qpdf
 
 %check
-make check
+%ctest
 
-%post libs -p /sbin/ldconfig
-
-%postun libs -p /sbin/ldconfig
+%ldconfig_scriptlets libs
 
 %files
 %{_bindir}/fix-qdf
 %{_bindir}/qpdf
 %{_bindir}/zlib-flate
 %{_mandir}/man1/*
+%dir %{bash_completions_dir}
+%{bash_completions_dir}/qpdf
+%dir %{zsh_completions_dir}
+%{zsh_completions_dir}/_qpdf
 
 %files libs
-%doc README.md TODO ChangeLog
-%license Artistic-2.0
-%{_libdir}/libqpdf*.so.*
+%doc README.md TODO.md ChangeLog
+%license Artistic-2.0 LICENSE.txt NOTICE.md
+%{_libdir}/libqpdf.so.29
+%{_libdir}/libqpdf.so.29.8.0
 
 %files devel
 %doc examples/*.cc examples/*.c
-%{_includedir}/*
-%{_libdir}/libqpdf*.so
+%{_includedir}/qpdf/
+%{_libdir}/libqpdf.so
 %{_libdir}/pkgconfig/libqpdf.pc
 
 %files doc
@@ -129,24 +146,205 @@ make check
 
 
 %changelog
-* Tue Sep 10 2019 Zdenek Dohnal <zdohnal@redhat.com> - 7.1.1-10
-- used bad define in previous commit
+* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 11.8.0-5
+- Bump release for October 2024 mass rebuild:
+  Resolves: RHEL-64018
 
-* Tue Sep 10 2019 Zdenek Dohnal <zdohnal@redhat.com> - 7.1.1-9
-- 1605101 - qpdf: should not re-implement crypto - episode II - relaxing crypto for decrypt
+* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 11.8.0-4
+- Bump release for June 2024 mass rebuild
 
-* Thu Sep 05 2019 Zdenek Dohnal <zdohnal@redhat.com> - 7.1.1-8
-- 1605101 - qpdf: should not re-implement crypto
+* Fri Jan 26 2024 Fedora Release Engineering <releng@fedoraproject.org> - 11.8.0-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
 
-* Tue Jul 24 2018 Zdenek Dohnal <zdohnal@redhat.com> - 7.1.1-7
+* Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 11.8.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Tue Jan 09 2024 Zdenek Dohnal <zdohnal@redhat.com> - 11.8.0-1
+- 2257313 - qpdf-11.8.0 is available
+
+* Mon Jan 08 2024 Zdenek Dohnal <zdohnal@redhat.com> - 11.7.0-1
+- 2255755 - qpdf-11.7.0 is available
+
+* Tue Dec 19 2023 Zdenek Dohnal <zdohnal@redhat.com> - 11.6.4-2
+- 2254778 - remove the tests which fail with zlib-ng-compat for now
+
+* Mon Dec 18 2023 Zdenek Dohnal <zdohnal@redhat.com> - 11.6.4-1
+- 2253901 - qpdf-11.6.4 is available
+
+* Thu Nov 02 2023 Zdenek Dohnal <zdohnal@redhat.com> - 11.6.3-1
+- 2244319 - qpdf-11.6.3 is available
+
+* Mon Oct 09 2023 Zdenek Dohnal <zdohnal@redhat.com> - 11.6.2-1
+- 2242670 - qpdf-11.6.2 is available
+
+* Tue Sep 12 2023 Zdenek Dohnal <zdohnal@redhat.com> - 11.6.1-1
+- 2237125 - qpdf-11.6.1 is available
+
+* Wed Jul 26 2023 Zdenek Dohnal <zdohnal@redhat.com> - 11.5.0-1
+- 2221506 - qpdf-11.5.0 is available
+
+* Fri Jul 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 11.4.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+
+* Mon May 22 2023 Zdenek Dohnal <zdohnal@redhat.com> - 11.4.0-1
+- 2208892 - qpdf-11.4.0 is available
+
+* Mon Mar 27 2023 Zdenek Dohnal <zdohnal@redhat.com> - 11.3.0-2
+- 2181519 - qpdf bash and zsh completion files are missing
+
+* Thu Mar 02 2023 Zdenek Dohnal <zdohnal@redhat.com> - 11.3.0-1
+- 2173354 - qpdf-11.3.0 is available
+
+* Fri Jan 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 11.2.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
+
+* Tue Nov 22 2022 Zdenek Dohnal <zdohnal@redhat.com> - 11.2.0-1
+- 2144359 - qpdf-11.2.0 is available
+
+* Thu Oct 13 2022 Zdenek Dohnal <zdohnal@redhat.com> - 11.1.1-1
+- 2125823 - qpdf-11.1.1 is available
+
+* Thu Sep 22 2022 Zdenek Dohnal <zdohnal@redhat.com> - 11.1.0-1
+- 2125823 - qpdf-11.1.0 is available, move to cmake
+
+* Thu Sep 22 2022 Zdenek Dohnal <zdohnal@redhat.com> - 10.6.3-5
+- use `grep -E` in test suite (bz2127957)
+
+* Mon Jul 25 2022 Zdenek Dohnal <zdohnal@redhat.com> - 10.6.3-4
+- qpdf doesn't depend on pcre since 7.0b1
+
+* Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 10.6.3-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
+
+* Thu Jul 14 2022 Zdenek Dohnal <zdohnal@redhat.com> - 10.6.3-2
+- 2107240 - FIPS breaks pdftopdf and bannertopdf
+
+* Fri Mar 18 2022 Zdenek Dohnal <zdohnal@redhat.com> - 10.6.3-1
+- 2063429 - qpdf-10.6.3 is available
+
+* Thu Feb 17 2022 Zdenek Dohnal <zdohnal@redhat.com> - 10.6.2-1
+- 2053647 - qpdf-10.6.2 is available
+
+* Mon Feb 14 2022 Zdenek Dohnal <zdohnal@redhat.com> - 10.6.1-1
+- 2053647 - qpdf-10.6.1 is available
+
+* Thu Feb 10 2022 Zdenek Dohnal <zdohnal@redhat.com> - 10.6.0-1
+- 2052569 - qpdf-10.6.0 is available
+
+* Fri Jan 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 10.5.0-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
+
+* Wed Jan 05 2022 Zdenek Dohnal <zdohnal@redhat.com> - 10.5.0-2
+- add qpdf-manual - now it is in a different archive
+
+* Mon Jan 03 2022 Zdenek Dohnal <zdohnal@redhat.com> - 10.5.0-1
+- 2034671 - qpdf-10.5.0 is available
+
+* Mon Dec 06 2021 Zdenek Dohnal <zdohnal@redhat.com> - 10.4.0-1
+- 2023979 - qpdf-10.4.0 is available
+
+* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 10.3.2-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
+
+* Thu May 20 2021 Zdenek Dohnal <zdohnal@redhat.com> - 10.3.2-1
+- 1958536 - qpdf-10.3.2 is available
+
+* Mon Apr 19 2021 Zdenek Dohnal <zdohnal@redhat.com> - 10.3.1-2
+- aarch64 specific patches were removed from zlib, so no need for ours
+- zlib got downstream patches on s390x, we need to patch qpdf test suite for it
+
+* Fri Mar 12 2021 Zdenek Dohnal <zdohnal@redhat.com> - 10.3.1-1
+- 1937988 - qpdf-10.3.1 is available
+
+* Thu Mar 11 2021 Zdenek Dohnal <zdohnal@redhat.com> - 10.3.0-1
+- 1935799 - qpdf-10.3.0 is available
+
+* Wed Feb 24 2021 Zdenek Dohnal <zdohnal@redhat.com> - 10.2.0-1
+- 1932052 - qpdf-10.2.0 is available
+
+* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 10.1.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Mon Jan 11 2021 Zdenek Dohnal <zdohnal@redhat.com> - 10.1.0-1
+- 1912951 - qpdf-10.1.0 is available
+
+* Mon Nov 23 2020 Zdenek Dohnal <zdohnal@redhat.com> - 10.0.4-1
+- 1900262 - qpdf-10.0.4 is available
+
+* Thu Nov 05 2020 Zdenek Dohnal <zdohnal@redhat.com> - 10.0.3-2
+- make is no longer in buildroot by default
+
+* Mon Nov 02 2020 Zdenek Dohnal <zdohnal@redhat.com> - 10.0.3-1
+- 10.0.3
+
+* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 10.0.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue Apr 14 2020 Zdenek Dohnal <zdohnal@redhat.com> - 10.0.1-1
+- 10.0.1
+
+* Wed Mar 25 2020 Jitka Plesnikova <jplesnik@redhat.com> - 9.1.1-3
+- Add all perl dependencies for tests
+
+* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 9.1.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Mon Jan 27 2020 Zdenek Dohnal <zdohnal@redhat.com> - 9.1.1-1
+- 9.1.1
+
+* Tue Nov 19 2019 Zdenek Dohnal <zdohnal@redhat.com> - 9.1.0-1
+- 9.1.0
+
+* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 8.4.2-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Fri May 31 2019 Zdenek Dohnal <zdohnal@redhat.com> - 8.4.2-1
+- 8.4.2
+
+* Mon Mar 25 2019 Zdenek Dohnal <zdohnal@redhat.com> - 8.4.0-1
+- 8.4.0
+
+* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 8.3.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Mon Jan 14 2019 Zdenek Dohnal <zdohnal@redhat.com> - 8.3.0-1
+- 8.3.0
+
+* Mon Sep 24 2018 Zdenek Dohnal <zdohnal@redhat.com> - 8.2.1-1
+- 8.2.1
+
+* Tue Jul 24 2018 Zdenek Dohnal <zdohnal@redhat.com> - 8.1.0-4
 - correcting license
 
-* Wed Jul 11 2018 Zdenek Dohnal <zdohnal@redhat.com> - 7.1.1-6
+* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 8.1.0-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Wed Jul 11 2018 Zdenek Dohnal <zdohnal@redhat.com> - 8.1.0-2
 - ship license in correct tag, mention optional change of license
 
-* Mon Apr 16 2018 Zdenek Dohnal <zdohnal@redhat.com> - 7.1.1-5
+* Mon Jun 25 2018 Zdenek Dohnal <zdohnal@redhat.com> - 8.1.0-1
+- 8.1.0
+- more tests fail because aarch64 zlib optimization - add patch for it
+
+* Fri May 25 2018 Zdenek Dohnal <zdohnal@redhat.com> - 8.0.2-3
+- erase failing tests for aarch64 because of zlib optimization
+
+* Mon Apr 16 2018 Zdenek Dohnal <zdohnal@redhat.com>
 - CVE-2018-9918 qpdf: stack exhaustion in QPDFObjectHandle and QPDF_Dictionary classes in libqpdf.a [fedora-all] 
 
+* Wed Mar 07 2018 Zdenek Dohnal <zdohnal@redhat.com> - 8.0.2-1
+- 8.0.2
+
+* Mon Mar 05 2018 Zdenek Dohnal <zdohnal@redhat.com> - 8.0.1-1
+- 8.0.1
+
+* Tue Feb 27 2018 Rex Dieter <rdieter@fedoraproject.org> - 8.0.0-2
+- use %%license, %%ldconfig_scriptlets, %%make_build, %%make_install
+- %%files: track files more closely, libqpdf soname in particular
+
+* Mon Feb 26 2018 Zdenek Dohnal <zdohnal@redhat.com> - 8.0.0-1
+- rebase to 8.0.0
+
 * Mon Feb 19 2018 Zdenek Dohnal <zdohnal@redhat.com> - 7.1.1-4
 - gcc and gcc-c++ are no longer in buildroot by default
 

sources

@@ -1 +1,2 @@
-SHA512 (qpdf-7.1.1.tar.gz) = a75f988c7dd7ac174bdc981cd3696ca8b539ac6c581e3afecf601dc67277014cb4fe3f0e5cb75a67412cafa4eb645b2fc2d8a0ec203834464baf0c7e80baa0b4
+SHA512 (qpdf-11.8.0-doc.zip) = 5b2748d4b0b0367d4fd2773e697f6e125d92c397b62ee63388bce85c74a051e1b17d487941128927e3493669bd00196caa842eee76db0f05827a650a067b6939
+SHA512 (qpdf-11.8.0.tar.gz) = e558cd4f0066ace73670ead7a49b0343862cdd275bd013eb10cbef6e161a13955101e6d78de8e87bb05a68498c3018152e9d20d61c01dce55d3810e7f5768aa9