Compare commits
No commits in common. "c8-stream-1.1" and "stream-subversion-1.10-rhel-8.10.0" have entirely different histories.
c8-stream-
...
stream-sub
|
@ -1 +1,2 @@
|
|||
SOURCES/subversion-1.10.2.tar.bz2
|
||||
/subversion-1.10.2.tar.bz2
|
||||
|
|
|
@ -1 +1 @@
|
|||
bc52ef2e671f821998ac9a5f7ebecbbcaaef83b8 SOURCES/subversion-1.10.2.tar.bz2
|
||||
bc52ef2e671f821998ac9a5f7ebecbbcaaef83b8 subversion-1.10.2.tar.bz2
|
||||
|
|
|
@ -0,0 +1,27 @@
|
|||
#!/bin/sh
|
||||
|
||||
version=$1
|
||||
|
||||
echo "This update includes the latest stable release of _Apache Subversion_, version **${1}**".
|
||||
echo
|
||||
|
||||
curl --silent -n "http://svn.apache.org/repos/asf/subversion/tags/$1/CHANGES" | \
|
||||
sed -n "
|
||||
/^#/d;
|
||||
/^Version ${1/-rc*/}/,/^Version /{
|
||||
/, from \/branches/d;
|
||||
/repos\/asf\/subversion\/tags/d;
|
||||
s,#\([0-9]*\),[SVN-\1](https://issues.apache.org/jira/browse/SVN-\1),;
|
||||
s/(r[0-9, retal]+)\*//g;
|
||||
s/^ *//;
|
||||
s/ +/ /g;
|
||||
s/^ *- \(.*\)$/#### \1/;
|
||||
s/\(.*visible changes.*:\)$/### \1/;
|
||||
/^ *$/d;
|
||||
/Windows/d
|
||||
/^Version /d
|
||||
s,(r1.*),,g
|
||||
s,\(@[0-9]*\),\\\1,g
|
||||
p;
|
||||
}
|
||||
" -
|
|
@ -0,0 +1,9 @@
|
|||
--- !Policy
|
||||
product_versions:
|
||||
- rhel-9
|
||||
decision_context: osci_compose_gate
|
||||
rules:
|
||||
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional}
|
||||
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier2.functional}
|
||||
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier3.functional}
|
||||
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.acceptance-tier.functional}
|
|
@ -0,0 +1,53 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
if [ $# -lt 1 ]; then
|
||||
echo "What?"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
repo="https://svn.apache.org/repos/asf/subversion/trunk"
|
||||
#repo="https://svn.apache.org/repos/asf/subversion/branches/1.11.x"
|
||||
prefix=`rpmspec -q --queryformat='%{name}-%{version}\n' ./subversion.spec | sed 1q`
|
||||
suffix="r$1${2:++}"
|
||||
fn="${prefix}-${suffix}.patch"
|
||||
vcurl="http://svn.apache.org/viewvc?view=revision&revision="
|
||||
|
||||
if test -f ${fn}; then
|
||||
mv -v -f ${fn} ${fn}\~
|
||||
echo "# $0 $*" > ${fn}
|
||||
sed '1{/#.*pullrev/d;};/^--- /,$d' < ${fn}\~ >> ${fn}
|
||||
else
|
||||
echo "# $0 $*" > ${fn}
|
||||
fi
|
||||
|
||||
new=0
|
||||
for r in $*; do
|
||||
if ! grep -q "${vcurl}${r}" ${fn}; then
|
||||
echo "${vcurl}${r}"
|
||||
new=1
|
||||
fi
|
||||
done >> ${fn}
|
||||
|
||||
[ $new -eq 0 ] || echo >> ${fn}
|
||||
|
||||
prev=/dev/null
|
||||
for r in $*; do
|
||||
echo "+ fetching ${r}"
|
||||
this=`mktemp /tmp/pullrevXXXXXX`
|
||||
svn diff -c ${r} ${repo} | filterdiff --remove-timestamps --clean -x 'CHANGES' -x 'next-number' -x 'STATUS' \
|
||||
--addprefix="${prefix}/" > ${this}
|
||||
next=`mktemp /tmp/pullrevXXXXXX`
|
||||
combinediff --quiet ${prev} ${this} > ${next}
|
||||
rm -f "${this}"
|
||||
[ "${prev}" = "/dev/null" ] || rm -f "${prev}"
|
||||
prev=${next}
|
||||
done
|
||||
|
||||
cat ${prev} >> ${fn}
|
||||
|
||||
vi "${fn}"
|
||||
echo "+ git add ${fn}"
|
||||
git add "${fn}"
|
||||
echo "+ spec template:"
|
||||
echo "PatchN: ${fn}"
|
||||
echo "%patchN -p1 -b .${suffix}"
|
|
@ -0,0 +1 @@
|
|||
SHA512 (subversion-1.10.2.tar.bz2) = ccbe860ec93a198745e40620cb7e005a85797e344a99ddbc0e24c32ad846976eae35cf5b3d62ba5751b998f0d40bbebbba72f484d92c92693bbb2112c989b129
|
|
@ -0,0 +1,17 @@
|
|||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1922303
|
||||
https://github.com/apache/subversion/commit/c83d9e5db564bdbbd91a7eb1c9399f66f481361c
|
||||
|
||||
--- a/subversion/libsvn_repos/config_file.c
|
||||
+++ b/subversion/libsvn_repos/config_file.c
|
||||
@@ -237,6 +237,10 @@ get_repos_config(svn_stream_t **stream,
|
||||
{
|
||||
/* Search for a repository in the full path. */
|
||||
repos_root_dirent = svn_repos_find_root_path(dirent, scratch_pool);
|
||||
+ if (repos_root_dirent == NULL)
|
||||
+ return svn_error_trace(handle_missing_file(stream, checksum, access,
|
||||
+ url, must_exist,
|
||||
+ svn_node_none));
|
||||
|
||||
/* Attempt to open a repository at repos_root_dirent. */
|
||||
SVN_ERR(svn_repos_open3(&access->repos, repos_root_dirent, NULL,
|
|
@ -0,0 +1,41 @@
|
|||
--- subversion-1.10.2/subversion/libsvn_repos/authz.c
|
||||
+++ subversion-1.10.2/subversion/libsvn_repos/authz.c
|
||||
@@ -130,6 +130,30 @@
|
||||
static svn_object_pool__t *filtered_pool = NULL;
|
||||
static svn_atomic_t authz_pool_initialized = FALSE;
|
||||
|
||||
+/*
|
||||
+ * Ensure that we will initialize authz again if the pool which
|
||||
+ * our authz caches depend on is cleared.
|
||||
+ *
|
||||
+ * HTTPD may run pre/post config hooks multiple times and clear
|
||||
+ * its global configuration pool which our authz pools depend on.
|
||||
+ * This happens in a non-threaded context during HTTPD's intialization
|
||||
+ * and HTTPD's main loop, so it is safe to reset static variables here.
|
||||
+ * (And any applications which cleared this pool while SVN threads
|
||||
+ * were running would crash no matter what.)
|
||||
+ *
|
||||
+ * See issue #4880, "Use-after-free of object-pools in
|
||||
+ * subversion/libsvn_repos/authz.c when used as httpd module"
|
||||
+ */
|
||||
+static apr_status_t
|
||||
+deinit_authz(void *data)
|
||||
+{
|
||||
+ /* The two object pools run their own cleanup handlers. */
|
||||
+ authz_pool = NULL;
|
||||
+ filtered_pool = NULL;
|
||||
+ authz_pool_initialized = FALSE;
|
||||
+ return APR_SUCCESS;
|
||||
+}
|
||||
+
|
||||
/* Implements svn_atomic__err_init_func_t. */
|
||||
static svn_error_t *
|
||||
synchronized_authz_initialize(void *baton, apr_pool_t *pool)
|
||||
@@ -143,6 +167,7 @@
|
||||
SVN_ERR(svn_object_pool__create(&authz_pool, multi_threaded, pool));
|
||||
SVN_ERR(svn_object_pool__create(&filtered_pool, multi_threaded, pool));
|
||||
|
||||
+ apr_pool_cleanup_register(pool, NULL, deinit_authz, apr_pool_cleanup_null);
|
||||
return SVN_NO_ERROR;
|
||||
}
|
||||
|
|
@ -0,0 +1,84 @@
|
|||
|
||||
Fix the way libtool is used to match standard practice:
|
||||
|
||||
a) link ONLY libraries using -rpath $(libdir), not executables
|
||||
.. this avoids adding an RPATH for $libdir to executables
|
||||
b) link non-installable test binaries using -no-install
|
||||
.. only for convenience but should speed up builds slightly(?)
|
||||
|
||||
--- subversion-1.12.0/build.conf.linking
|
||||
+++ subversion-1.12.0/build.conf
|
||||
@@ -572,7 +572,7 @@
|
||||
path = subversion/bindings/swig/python/libsvn_swig_py
|
||||
libs = libsvn_client libsvn_wc libsvn_ra libsvn_delta libsvn_subr
|
||||
apriconv apr python swig
|
||||
-link-cmd = $(LINK)
|
||||
+link-cmd = $(LINK_LIB)
|
||||
install = swig-py-lib
|
||||
# need special build rule to include -DSWIGPYTHON
|
||||
compile-cmd = $(COMPILE_SWIG_PY)
|
||||
@@ -598,7 +598,7 @@
|
||||
lang = ruby
|
||||
path = subversion/bindings/swig/ruby/libsvn_swig_ruby
|
||||
libs = libsvn_client libsvn_wc libsvn_delta libsvn_subr apriconv apr ruby swig
|
||||
-link-cmd = $(LINK) $(SWIG_RB_LIBS)
|
||||
+link-cmd = $(LINK_LIB) $(SWIG_RB_LIBS)
|
||||
install = swig-rb-lib
|
||||
# need special build rule to include
|
||||
compile-cmd = $(COMPILE_SWIG_RB)
|
||||
@@ -769,6 +769,7 @@
|
||||
libs = libsvn_repos libsvn_fs libsvn_delta libsvn_subr aprutil apriconv apr
|
||||
msvc-static = yes
|
||||
undefined-lib-symbols = yes
|
||||
+link-cmd = $(LINK_TEST_LIB)
|
||||
|
||||
# ----------------------------------------------------------------------------
|
||||
# Tests for libsvn_fs_base
|
||||
--- subversion-1.12.0/build/generator/gen_base.py.linking
|
||||
+++ subversion-1.12.0/build/generator/gen_base.py
|
||||
@@ -599,7 +599,7 @@
|
||||
self.install = options.get('install')
|
||||
self.compile_cmd = options.get('compile-cmd')
|
||||
self.sources = options.get('sources', '*.c *.cpp')
|
||||
- self.link_cmd = options.get('link-cmd', '$(LINK)')
|
||||
+ self.link_cmd = options.get('link-cmd', '$(LINK_LIB)')
|
||||
|
||||
self.external_lib = options.get('external-lib')
|
||||
self.external_project = options.get('external-project')
|
||||
@@ -659,6 +659,14 @@
|
||||
|
||||
self.msvc_force_static = options.get('msvc-force-static') == 'yes'
|
||||
|
||||
+ if self.install in ['test', 'bdb-test', 'sub-test', ]:
|
||||
+ self.link_cmd = '$(LINK_TEST)'
|
||||
+ elif self.install in ['bin', 'tools']:
|
||||
+ self.link_cmd = '$(LINK_EXE)'
|
||||
+ elif self.link_cmd == '$(LINK_LIB)':
|
||||
+ raise GenError('ERROR: Unknown executable link type for ' + self.name + \
|
||||
+ ': ' + self.link_cmd + ' (' + self.install + ')')
|
||||
+
|
||||
def add_dependencies(self):
|
||||
TargetLinked.add_dependencies(self)
|
||||
|
||||
--- subversion-1.12.0/Makefile.in.linking
|
||||
+++ subversion-1.12.0/Makefile.in
|
||||
@@ -268,11 +268,14 @@
|
||||
COMPILE_SVNXX = $(LT_COMPILE_CXX) $(SVNXX_INCLUDES) -o $@ -c
|
||||
COMPILE_SVNXX_TEST = $(LT_COMPILE_CXX) $(SVNXX_INCLUDES) $(BOOST_TEST_CPPFLAGS) -o $@ -c
|
||||
|
||||
-LINK = $(LIBTOOL) $(LTFLAGS) --mode=link $(CC) $(LT_LDFLAGS) $(CFLAGS) $(LDFLAGS) -rpath $(libdir)
|
||||
-LINK_LIB = $(LINK) $(LT_SO_VERSION)
|
||||
-LINK_CXX = $(LIBTOOL) $(LTCXXFLAGS) --mode=link $(CXX) $(LT_LDFLAGS) $(CXXFLAGS) $(LDFLAGS) -rpath $(libdir)
|
||||
-LINK_CXX_LIB = $(LINK_CXX) $(LT_SO_VERSION)
|
||||
-LINK_SVNXX_TEST = $(LINK_CXX) $(BOOST_TEST_LDFLAGS)
|
||||
+LINK = $(LIBTOOL) $(LTFLAGS) --mode=link $(CC) $(LT_LDFLAGS) $(CFLAGS) $(LDFLAGS)
|
||||
+LINK_LIB = $(LINK) $(LT_SO_VERSION) -rpath $(libdir)
|
||||
+LINK_CXX = $(LIBTOOL) $(LTCXXFLAGS) --mode=link $(CXX) $(LT_LDFLAGS) $(CXXFLAGS) $(LDFLAGS)
|
||||
+LINK_CXX_LIB = $(LINK_CXX) $(LT_SO_VERSION) -rpath $(libdir)
|
||||
+LINK_SVNXX_TEST = $(LINK_CXX) $(BOOST_TEST_LDFLAGS) -no-install
|
||||
+LINK_TEST = $(LINK) -no-install
|
||||
+LINK_TEST_LIB = $(LINK_TEST) -avoid-version
|
||||
+LINK_EXE = $(LINK)
|
||||
|
||||
# special link rule for mod_dav_svn
|
||||
LINK_APACHE_MOD = $(LIBTOOL) $(LTFLAGS) --mode=link $(CC) $(LT_LDFLAGS) $(CFLAGS) $(LDFLAGS) -rpath $(APACHE_LIBEXECDIR) -avoid-version -module $(APACHE_LDFLAGS) -shared
|
|
@ -0,0 +1,19 @@
|
|||
|
||||
Use the minor version as the revision in the libtool version, so the library
|
||||
soversion is not always 0.0.0. (Does not influence the soname)
|
||||
|
||||
--- subversion-1.14.0/configure.ac.soversion
|
||||
+++ subversion-1.14.0/configure.ac
|
||||
@@ -112,7 +112,11 @@
|
||||
SVN_APR_MAJOR_VERSION=1
|
||||
fi
|
||||
AC_SUBST(SVN_APR_MAJOR_VERSION)
|
||||
-SVN_LT_SOVERSION="-version-info $svn_lib_ver"
|
||||
+
|
||||
+m4_define([svn_ver_minor], m4_bpatsubst(AC_PACKAGE_VERSION, [[0-9]*\.\([0-9]*\)\.[0-9]*], [\1]))
|
||||
+
|
||||
+SVN_LT_SOVERSION="-version-info $svn_lib_ver:svn_ver_minor"
|
||||
+AC_MSG_NOTICE([SVN_LT_SOVERSION $SVN_LT_SOVERSION])
|
||||
AC_SUBST(SVN_LT_SOVERSION)
|
||||
AC_DEFINE_UNQUOTED(SVN_SOVERSION, $svn_lib_ver,
|
||||
[Subversion library major verson])
|
|
@ -0,0 +1,14 @@
|
|||
|
||||
Suppress gcc 10 warning.
|
||||
|
||||
--- subversion-1.14.0/subversion/tests/svn_test.h.testwarn
|
||||
+++ subversion-1.14.0/subversion/tests/svn_test.h
|
||||
@@ -128,7 +128,7 @@
|
||||
return svn_error_createf(SVN_ERR_TEST_FAILED, NULL, \
|
||||
"Strings not equal\n Expected: '%s'\n Found: '%s'" \
|
||||
"\n at %s:%d", \
|
||||
- tst_str2, tst_str1, __FILE__, __LINE__); \
|
||||
+ tst_str2 ? tst_str2 : "(NULL)", tst_str1 ? tst_str1 : "(NULL)", __FILE__, __LINE__); \
|
||||
} while(0)
|
||||
|
||||
/** Handy macro for testing integer equality.
|
|
@ -0,0 +1,41 @@
|
|||
--- subversion-1.14.1/subversion/libsvn_repos/authz.c
|
||||
+++ subversion-1.14.1/subversion/libsvn_repos/authz.c
|
||||
@@ -130,6 +130,30 @@
|
||||
static svn_object_pool__t *filtered_pool = NULL;
|
||||
static svn_atomic_t authz_pool_initialized = FALSE;
|
||||
|
||||
+/*
|
||||
+ * Ensure that we will initialize authz again if the pool which
|
||||
+ * our authz caches depend on is cleared.
|
||||
+ *
|
||||
+ * HTTPD may run pre/post config hooks multiple times and clear
|
||||
+ * its global configuration pool which our authz pools depend on.
|
||||
+ * This happens in a non-threaded context during HTTPD's intialization
|
||||
+ * and HTTPD's main loop, so it is safe to reset static variables here.
|
||||
+ * (And any applications which cleared this pool while SVN threads
|
||||
+ * were running would crash no matter what.)
|
||||
+ *
|
||||
+ * See issue #4880, "Use-after-free of object-pools in
|
||||
+ * subversion/libsvn_repos/authz.c when used as httpd module"
|
||||
+ */
|
||||
+static apr_status_t
|
||||
+deinit_authz(void *data)
|
||||
+{
|
||||
+ /* The two object pools run their own cleanup handlers. */
|
||||
+ authz_pool = NULL;
|
||||
+ filtered_pool = NULL;
|
||||
+ authz_pool_initialized = FALSE;
|
||||
+ return APR_SUCCESS;
|
||||
+}
|
||||
+
|
||||
/* Implements svn_atomic__err_init_func_t. */
|
||||
static svn_error_t *
|
||||
synchronized_authz_initialize(void *baton, apr_pool_t *pool)
|
||||
@@ -143,6 +167,7 @@
|
||||
SVN_ERR(svn_object_pool__create(&authz_pool, multi_threaded, pool));
|
||||
SVN_ERR(svn_object_pool__create(&filtered_pool, multi_threaded, pool));
|
||||
|
||||
+ apr_pool_cleanup_register(pool, NULL, deinit_authz, apr_pool_cleanup_null);
|
||||
return SVN_NO_ERROR;
|
||||
}
|
||||
|
|
@ -0,0 +1,30 @@
|
|||
|
||||
See upstream dev@subversion thread. Fixes intermittent failure of
|
||||
javahl tests, particularly reproducible on aarch64.
|
||||
|
||||
Message-ID: <11de5f5c-5059-b973-95a1-385e7913a63a@syntevo.com>
|
||||
From: Alexandr Miloslavskiy
|
||||
|
||||
--- subversion-1.14.1/subversion/bindings/javahl/tests/org/apache/subversion/javahl/BasicTests.java.fixjavatests
|
||||
+++ subversion-1.14.1/subversion/bindings/javahl/tests/org/apache/subversion/javahl/BasicTests.java
|
||||
@@ -4676,7 +4676,19 @@
|
||||
// RuntimeException("Test exception") is expected here
|
||||
}
|
||||
|
||||
- tunnelAgent.joinAndTest();
|
||||
+ // In this test, there is a race condition that sometimes results in
|
||||
+ // IOException when 'WAIT_TUNNEL' tries to read from a pipe that
|
||||
+ // already has its read end closed. This is not an error, but
|
||||
+ // it's hard to distinguish this case from other IOException which
|
||||
+ // indicate a problem. To reproduce, simply wrap this test's body in
|
||||
+ // a loop. The workaround is to ignore any detected IOException.
|
||||
+ //
|
||||
+ // tunnelAgent.joinAndTest();
|
||||
+ try {
|
||||
+ tunnelAgent.join();
|
||||
+ } catch (InterruptedException e) {
|
||||
+ e.printStackTrace ();
|
||||
+ }
|
||||
}
|
||||
|
||||
/**
|
|
@ -0,0 +1,14 @@
|
|||
|
||||
Fix intermittent failures when "svn add" guesses a near-empty file is binary and hence
|
||||
the output is different.
|
||||
|
||||
--- subversion-1.14.1/subversion/tests/cmdline/svntest/main.py.testnoautoprops
|
||||
+++ subversion-1.14.1/subversion/tests/cmdline/svntest/main.py
|
||||
@@ -691,6 +691,7 @@
|
||||
|
||||
[miscellany]
|
||||
interactive-conflicts = false
|
||||
+enable-auto-props = no
|
||||
"""
|
||||
if exclusive_wc_locks:
|
||||
config_contents += """
|
|
@ -37,7 +37,7 @@
|
|||
Summary: A Modern Concurrent Version Control System
|
||||
Name: subversion
|
||||
Version: 1.10.2
|
||||
Release: 3%{?dist}
|
||||
Release: 5%{?dist}
|
||||
License: ASL 2.0
|
||||
Group: Development/Tools
|
||||
URL: https://subversion.apache.org/
|
||||
|
@ -56,6 +56,9 @@ Patch4: subversion-1.8.0-rubybind.patch
|
|||
Patch5: subversion-1.8.5-swigplWall.patch
|
||||
Patch6: subversion-1.10.2-CVE-2019-0203.patch
|
||||
Patch7: subversion-1.10.2-CVE-2018-11782.patch
|
||||
Patch8: subversion-1.10.2-CVE-2020-17525.patch
|
||||
Patch9: subversion-1.10.2-CVE-2022-24070.patch
|
||||
|
||||
BuildRequires: autoconf, libtool, texinfo, which
|
||||
BuildRequires: swig >= 1.3.24, gettext
|
||||
%if %{with bdb}
|
||||
|
@ -224,6 +227,8 @@ This package includes supplementary tools for use with Subversion.
|
|||
%patch5 -p1 -b .swigplWall
|
||||
%patch6 -p1 -b .cve0203
|
||||
%patch7 -p1 -b .cve11782
|
||||
%patch8 -p1 -b .cve17525
|
||||
%patch9 -p1 -b .cve24070
|
||||
|
||||
%build
|
||||
# Regenerate the buildsystem, so that:
|
||||
|
@ -546,6 +551,12 @@ make check-javahl
|
|||
%endif
|
||||
|
||||
%changelog
|
||||
* Wed May 04 2022 Richard Lescak <rlescak@gmail.com> - 1.10.2-5
|
||||
- add security fix for CVE-2022-24070
|
||||
|
||||
* Wed Feb 10 2021 Joe Orton <jorton@redhat.com> - 1.10.2-4
|
||||
- add security fix for CVE-2020-17525
|
||||
|
||||
* Mon May 18 2020 Joe Orton <jorton@redhat.com> - 1.10.2-3
|
||||
- add security fix for CVE-2018-11782
|
||||
|
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue