rpms/rust-sequoia-sq
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to 1.4.0 and fix CVE-2026-42784

Browse Source 
Resolves: RHEL-172374
This commit is contained in:
Jakub Jelen 2026-05-18 17:04:14 +02:00
parent 6eaef0108e
commit 85acfc9234
5 changed files with 15 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -7,3 +7,5 @@
/rust-sequoia-sq-1.3.0-vendor.tar.xz
/sequoia-sq-vendor-1.3.1.1.tar.gz
/sequoia-sq-1.3.1.1.tar.gz
/sequoia-sq-vendor-1.4.0.1.tar.gz
/sequoia-sq-1.4.0.1.tar.gz

16
rust-sequoia-sq.spec
View File

@ -9,15 +9,15 @@
Name: rust-sequoia-sq
Version: 1.3.1.1
Version: 1.4.0.1
Release: %autorelease
Summary: Command-line frontends for Sequoia
License: LGPL-2.0-or-later
URL: https://crates.io/crates/sequoia-sq
# The version 1.3.1 upstream + patches from justus/pqc branch
# The version 1.4.0 upstream + patches from pqc branches
# Generated using:
# git archive --format=tar.gz --prefix sequoia-sq-1.3.1.1/ -o sequoia-sq-1.3.1.1.tar.gz justus/pqc
# git archive --format=tar.gz --prefix sequoia-sq-1.4.0.1/ -o ../sequoia-sq-1.4.0.1.tar.gz pqc
Source0: %{crate}-%{version}.tar.gz
# Generated using cargo-vendor-filterer:
@ -27,15 +27,9 @@ Source0: %{crate}-%{version}.tar.gz
# --platform i686-unknown-linux-gnu \
# --platform s390x-unknown-linux-gnu \
# --all-features
# tar -czf ../%%{crate}-vendor-%%{version}.tar.gz vendor
# tar -czf ../sequoia-sq-vendor-1.4.0.1.tar.gz vendor
Source1: %{crate}-vendor-%{version}.tar.gz
Source3: vendor.toml
# Manually created patch for downstream crate metadata changes
# * switch crypto backend from Nettle to OpenSSL
# * exclude files that are only useful for upstream development
# * drop automated generation of upstream integration tests
# * drop features for unsupported crypto backends
Patch: sequoia-sq-fix-metadata.diff
%if 0%{?rhel}
BuildRequires: rust-toolset
@ -51,6 +45,7 @@ BuildRequires: sqlite-devel
BuildRequires: capnproto
BuildRequires: capnproto-devel
BuildRequires: clang
BuildRequires: cmake >= 3.1
%global _description %{expand:
@ -115,7 +110,6 @@ License: %{shrink:
%prep
%autosetup -n %{crate}-%{version} -N -a1
%autopatch -M 99 -p1
%cargo_prep -N
# include full configuration for vendored dependencies
cat %{SOURCE3} >> .cargo/config.toml

63
sequoia-sq-fix-metadata.diff
View File

@ -1,63 +0,0 @@
diff -up a/Cargo.toml.orig b/Cargo.toml
--- a/Cargo.toml.orig 2025-06-19 18:18:08.225290250 +0200
+++ b/Cargo.toml 2025-06-19 18:20:29.142344871 +0200
@@ -23,6 +23,12 @@ categories = ["cryptography", "authentic
license = "LGPL-2.0-or-later"
edition = "2021"
rust-version = "1.79"
+exclude = [
+ "/deny.toml",
+ "/Dockerfile",
+ "/sq.subplot",
+ "/sq-subplot.md",
+]
[badges]
gitlab = { repository = "sequoia-pgp/sequoia-sq" }
@@ -66,11 +72,6 @@ termcolor = "1.2.0"
textwrap = { version = ">=0.15, <0.17", default-features = false, features = ["smawk", "unicode-width"] }
typenum = "1"
-# This is for subplot only. If you don't enable the subplot feature,
-# feel free to patch it out.
-subplotlib = { version = ">=0.11, <0.13", optional = true }
-culpa = { version = "1", optional = true }
-
[build-dependencies]
anyhow = "1.0.18"
buffered-reader = { version = "1.4", default-features = false, features = ["compression"] }
@@ -90,10 +91,6 @@ typenum = "1"
cfg-if = "1"
terminal_size = ">=0.2.6, <0.5"
-# This is for subplot only. If you don't enable the subplot feature,
-# feel free to patch it out.
-subplot-build = { version = ">=0.11, <0.13", optional = true }
-
[dev-dependencies]
assert_cmd = "2"
predicates = ">=2, <4"
@@ -105,22 +102,13 @@ name = "sq"
path = "src/main.rs"
bench = false
-[[test]]
-name = "sq-subplot"
-path = "tests/sq-subplot.rs"
-required-features = ["subplot"]
-
[features]
default = [
- "crypto-nettle",
+ "crypto-openssl",
]
crypto-nettle = ["sequoia-openpgp/crypto-nettle"]
crypto-openssl = ["sequoia-openpgp/crypto-openssl"]
-crypto-botan = ["sequoia-openpgp/crypto-botan"]
-crypto-botan2 = ["sequoia-openpgp/crypto-botan2"]
-crypto-cng = ["sequoia-openpgp/crypto-cng"]
crypto-rust = ["sequoia-openpgp/crypto-rust"]
-subplot = ["culpa", "subplot-build", "subplotlib"]
[profile.release]
debug = true

4
sources
View File

@ -1,2 +1,2 @@
SHA512 (sequoia-sq-vendor-1.3.1.1.tar.gz) = 7e23b5466f8b951b4324c64d5a04807d5d2865d80b11c9be52ea48564984378e69501e8d67f387fa66bef0a874bb1588f31be63423a3f5ad2f04632f737e2fd8
SHA512 (sequoia-sq-1.3.1.1.tar.gz) = 652549f83aba9e3dbe95b9bf16824e1bd0ac12922a14b5d5c78af88da6d333ea43b7f1922a1c12d4b4ccf659c7e2f731c1ad2fb42c91410f17fbb6a3e4d779bc
SHA512 (sequoia-sq-vendor-1.4.0.1.tar.gz) = 57cbdb583364dfa2c6b3c445677cc46f59e5cf723573e5813b686ef3cc8e5cd23f2b8f9bdff176eeb3187b9efe86f57b64afadcefa8508fef98f23f191d2cf6b
SHA512 (sequoia-sq-1.4.0.1.tar.gz) = 10d21460425e90e60f2842189387c8cb42a42d08ae04c29a6e0bedc6fefed73f24c3b6eff885becea593a2ee847c78ae3f8c8c52100bf3890160e62f51b2debc

17
vendor.toml
View File

@ -1,19 +1,14 @@
[source.crates-io]
replace-with = "vendored-sources"
[source."git+https://github.com/teythoon/rust-openssl?branch=justus/pqc"]
git = "https://github.com/teythoon/rust-openssl"
branch = "justus/pqc"
[source."git+https://gitlab.com/jjelen/sequoia-policy-config?branch=jjelen/pqc-ossl"]
git = "https://gitlab.com/jjelen/sequoia-policy-config"
branch = "jjelen/pqc-ossl"
replace-with = "vendored-sources"
[source."git+https://gitlab.com/sequoia-pgp/sequoia-policy-config?branch=justus/pqc"]
git = "https://gitlab.com/sequoia-pgp/sequoia-policy-config"
branch = "justus/pqc"
replace-with = "vendored-sources"
[source."git+https://gitlab.com/sequoia-pgp/sequoia?branch=justus/pqc"]
git = "https://gitlab.com/sequoia-pgp/sequoia"
branch = "justus/pqc"
[source."git+https://gitlab.com/jjelen/sequoia?branch=jjelen/pqc-ossl"]
git = "https://gitlab.com/jjelen/sequoia"
branch = "jjelen/pqc-ossl"
replace-with = "vendored-sources"
[source.vendored-sources]