import xmlrpc-c-1.51.0-8.el8
This commit is contained in:
commit
3996a889f0
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
SOURCES/xmlrpc-c-1.51.0.tar.xz
|
1
.xmlrpc-c.metadata
Normal file
1
.xmlrpc-c.metadata
Normal file
@ -0,0 +1 @@
|
||||
784a3e74971f3b7d992d768c732daa891ffd2412 SOURCES/xmlrpc-c-1.51.0.tar.xz
|
@ -0,0 +1,83 @@
|
||||
From 78e995f9f2958fc54e2a559a52c81684dc3460cf Mon Sep 17 00:00:00 2001
|
||||
From: giraffedata <giraffedata@98333e67-4a24-44d7-a75c-e53540dd3050>
|
||||
Date: Sun, 21 Jan 2018 22:27:31 +0000
|
||||
Subject: [PATCH] Remove trace statements accidentally committed with 2977
|
||||
|
||||
git-svn-id: https://svn.code.sf.net/p/xmlrpc-c/code/trunk@2981 98333e67-4a24-44d7-a75c-e53540dd3050
|
||||
---
|
||||
src/cpp/value.cpp | 8 --------
|
||||
src/xmlrpc_string.c | 5 -----
|
||||
2 files changed, 13 deletions(-)
|
||||
|
||||
diff --git a/src/cpp/value.cpp b/src/cpp/value.cpp
|
||||
index e2c12372..b319430e 100644
|
||||
--- a/src/cpp/value.cpp
|
||||
+++ b/src/cpp/value.cpp
|
||||
@@ -1,4 +1,3 @@
|
||||
-#include <iostream>
|
||||
/*****************************************************************************
|
||||
value.cpp
|
||||
******************************************************************************
|
||||
@@ -622,13 +621,9 @@ public:
|
||||
|
||||
switch (nlCode) {
|
||||
case value_string::nlCode_all:
|
||||
- cerr << "Going to call xmlrpc_string_new_lp" << endl;
|
||||
- cerr << "length = " << cppvalue.length() << ", value = "
|
||||
- << cppvalue.c_str() << endl;
|
||||
this->valueP = xmlrpc_string_new_lp(&env.env_c,
|
||||
cppvalue.length(),
|
||||
cppvalue.c_str());
|
||||
- cerr << "Back from xmlrpc_string_new_lp" << endl;
|
||||
break;
|
||||
case value_string::nlCode_lf:
|
||||
this->valueP = xmlrpc_string_new_lp_cr(&env.env_c,
|
||||
@@ -661,12 +656,9 @@ value_string::value_string(std::string const& cppvalue,
|
||||
|
||||
value_string::value_string(std::string const& cppvalue) {
|
||||
|
||||
- cerr << "value_string constructor entered" << endl;
|
||||
cNewStringWrapper wrapper(cppvalue, nlCode_all);
|
||||
- cerr << "wrapper constructed" << endl;
|
||||
|
||||
this->instantiate(wrapper.valueP);
|
||||
- cerr << "value_string constructor exiting" << endl;
|
||||
}
|
||||
|
||||
|
||||
diff --git a/src/xmlrpc_string.c b/src/xmlrpc_string.c
|
||||
index 2da61e4e..e6e00716 100644
|
||||
--- a/src/xmlrpc_string.c
|
||||
+++ b/src/xmlrpc_string.c
|
||||
@@ -1,4 +1,3 @@
|
||||
-#include <stdio.h>
|
||||
/*=============================================================================
|
||||
xmlrpc_string
|
||||
===============================================================================
|
||||
@@ -746,15 +745,12 @@ stringNew(xmlrpc_env * const envP,
|
||||
enum crTreatment const crTreatment,
|
||||
xmlrpc_value ** const valPP) {
|
||||
|
||||
- fprintf(stderr, "stringNew entered\n");
|
||||
xmlrpc_value * valP;
|
||||
|
||||
xmlrpc_validate_utf8(envP, value, length);
|
||||
|
||||
if (!envP->fault_occurred) {
|
||||
- fprintf(stderr, "Going to xmlrpc_createXmlrpcValue\n");
|
||||
xmlrpc_createXmlrpcValue(envP, &valP);
|
||||
- fprintf(stderr, "Back from createXmlrpcValue\n");
|
||||
|
||||
if (!envP->fault_occurred) {
|
||||
valP->_type = XMLRPC_TYPE_STRING;
|
||||
@@ -774,7 +770,6 @@ stringNew(xmlrpc_env * const envP,
|
||||
*valPP = valP;
|
||||
}
|
||||
}
|
||||
- fprintf(stderr, "stringNew exiting\n");
|
||||
}
|
||||
|
||||
|
||||
--
|
||||
2.17.0
|
||||
|
1668
SOURCES/0001-add-meson-buildsystem-definitions.patch
Normal file
1668
SOURCES/0001-add-meson-buildsystem-definitions.patch
Normal file
File diff suppressed because it is too large
Load Diff
34
SOURCES/0001-xmlrpc_server_abyss-use-va_args-properly.patch
Normal file
34
SOURCES/0001-xmlrpc_server_abyss-use-va_args-properly.patch
Normal file
@ -0,0 +1,34 @@
|
||||
From d31c2ffbf5181053330fa32e4f03c47283bd1448 Mon Sep 17 00:00:00 2001
|
||||
From: Igor Gnatenko <i.gnatenko.brain@gmail.com>
|
||||
Date: Sat, 17 Dec 2016 10:28:31 +0100
|
||||
Subject: [PATCH 1/3] xmlrpc_server_abyss: use va_args properly
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
../src/xmlrpc_server_abyss.c: In function ‘createServer’:
|
||||
../src/xmlrpc_server_abyss.c:783:13: error: format not a string literal and no format arguments [-Werror=format-security]
|
||||
xmlrpc_faultf(envP, error);
|
||||
^~~~~~~~~~~~~
|
||||
|
||||
Signed-off-by: Igor Gnatenko <i.gnatenko.brain@gmail.com>
|
||||
---
|
||||
src/xmlrpc_server_abyss.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/xmlrpc_server_abyss.c b/src/xmlrpc_server_abyss.c
|
||||
index 8aacb4b..58f5ba0 100644
|
||||
--- a/src/xmlrpc_server_abyss.c
|
||||
+++ b/src/xmlrpc_server_abyss.c
|
||||
@@ -780,7 +780,7 @@ createServer(xmlrpc_env * const envP,
|
||||
ServerInit2(abyssServerP, &error);
|
||||
|
||||
if (error) {
|
||||
- xmlrpc_faultf(envP, error);
|
||||
+ xmlrpc_faultf(envP, "%s", error);
|
||||
xmlrpc_strfree(error);
|
||||
}
|
||||
}
|
||||
--
|
||||
2.13.1
|
||||
|
84
SOURCES/0002-Use-proper-datatypes-for-long-long.patch
Normal file
84
SOURCES/0002-Use-proper-datatypes-for-long-long.patch
Normal file
@ -0,0 +1,84 @@
|
||||
From aca713786debd68c81a823c5989afb3de82da45b Mon Sep 17 00:00:00 2001
|
||||
From: Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de>
|
||||
Date: Sat, 5 Apr 2008 11:41:34 +0200
|
||||
Subject: [PATCH 2/3] Use proper datatypes for 'long long'
|
||||
|
||||
xmlrpc-c uses 'long long' at some places (e.g. in printf
|
||||
statements with PRId64) under the assumption that it has a
|
||||
width of exactly 64 bits.
|
||||
|
||||
On 64 bit machines 'long long' has a width of 128 bit and
|
||||
will cause overhead both in memory and cpu usage there. As
|
||||
'long long' is used only to handle <i8> datatypes, the patch
|
||||
uses a plain 64 integer type there.
|
||||
|
||||
It is arguable whether 'int_least64_t' (and 'int_least32_t')
|
||||
would be a better choice for 'int64_t' (and 'int32_t'), but
|
||||
for now, the patch uses datatypes with exact widths.
|
||||
---
|
||||
include/xmlrpc-c/base.h | 7 ++++---
|
||||
lib/libutil/string_number.c | 1 +
|
||||
src/cpp/param_list.cpp | 2 +-
|
||||
3 files changed, 6 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/include/xmlrpc-c/base.h b/include/xmlrpc-c/base.h
|
||||
index e74e2c5..90f2c91 100644
|
||||
--- a/include/xmlrpc-c/base.h
|
||||
+++ b/include/xmlrpc-c/base.h
|
||||
@@ -5,6 +5,7 @@
|
||||
|
||||
#include <stddef.h>
|
||||
#include <stdarg.h>
|
||||
+#include <stdint.h>
|
||||
#include <time.h>
|
||||
#include <xmlrpc-c/c_util.h> /* For XMLRPC_DLLEXPORT */
|
||||
#include <xmlrpc-c/util.h>
|
||||
@@ -73,9 +74,9 @@ xmlrpc_version(unsigned int * const majorP,
|
||||
|
||||
typedef signed int xmlrpc_int;
|
||||
/* An integer of the type defined by XML-RPC <int>; i.e. 32 bit */
|
||||
-typedef XMLRPC_INT32 xmlrpc_int32;
|
||||
+typedef int32_t xmlrpc_int32;
|
||||
/* An integer of the type defined by XML-RPC <i4>; i.e. 32 bit */
|
||||
-typedef XMLRPC_INT64 xmlrpc_int64;
|
||||
+typedef int64_t xmlrpc_int64;
|
||||
/* An integer of the type defined by "XML-RPC" <i8>; i.e. 64 bit */
|
||||
typedef int xmlrpc_bool;
|
||||
/* A boolean (of the type defined by XML-RPC <boolean>, but there's
|
||||
@@ -112,7 +113,7 @@ typedef int xmlrpc_socket;
|
||||
#define XMLRPC_INT32_MAX 0x7fffffff
|
||||
#define XMLRPC_INT32_MIN (-XMLRPC_INT32_MAX - 1)
|
||||
|
||||
-#define XMLRPC_INT64_MAX 0x7fffffffffffffffll
|
||||
+#define XMLRPC_INT64_MAX ((xmlrpc_int64)0x7fffffffffffffffll)
|
||||
#define XMLRPC_INT64_MIN (-XMLRPC_INT64_MAX - 1)
|
||||
|
||||
|
||||
diff --git a/lib/libutil/string_number.c b/lib/libutil/string_number.c
|
||||
index 1c284af..a7e78ad 100644
|
||||
--- a/lib/libutil/string_number.c
|
||||
+++ b/lib/libutil/string_number.c
|
||||
@@ -6,6 +6,7 @@
|
||||
============================================================================*/
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
+#include <inttypes.h>
|
||||
#include <errno.h>
|
||||
|
||||
#include <xmlrpc-c/base.h>
|
||||
diff --git a/src/cpp/param_list.cpp b/src/cpp/param_list.cpp
|
||||
index 1f7ae41..60f7df9 100644
|
||||
--- a/src/cpp/param_list.cpp
|
||||
+++ b/src/cpp/param_list.cpp
|
||||
@@ -277,7 +277,7 @@ paramList::getI8(unsigned int const paramNumber,
|
||||
throw(fault("Parameter that is supposed to be 64-bit integer is not",
|
||||
fault::CODE_TYPE));
|
||||
|
||||
- long long const longlongvalue(static_cast<long long>(
|
||||
+ xmlrpc_int64 const longlongvalue(static_cast<xmlrpc_int64>(
|
||||
value_i8(this->paramVector[paramNumber])));
|
||||
|
||||
if (longlongvalue < minimum)
|
||||
--
|
||||
2.13.1
|
||||
|
16
SOURCES/0002-chmod-x-xml-rpc-api2txt.patch
Normal file
16
SOURCES/0002-chmod-x-xml-rpc-api2txt.patch
Normal file
@ -0,0 +1,16 @@
|
||||
From d97ec6e652690a321d7ce8c81aa30f87d9c0de8f Mon Sep 17 00:00:00 2001
|
||||
From: Igor Gnatenko <i.gnatenko.brain@gmail.com>
|
||||
Date: Mon, 19 Dec 2016 21:33:47 +0100
|
||||
Subject: [PATCH 2/2] chmod +x xml-rpc-api2txt
|
||||
|
||||
It's script which is installing into $bindir, so it must be executable.
|
||||
|
||||
Signed-off-by: Igor Gnatenko <i.gnatenko.brain@gmail.com>
|
||||
---
|
||||
tools/xml-rpc-api2txt/xml-rpc-api2txt | 0
|
||||
1 file changed, 0 insertions(+), 0 deletions(-)
|
||||
mode change 100644 => 100755 tools/xml-rpc-api2txt/xml-rpc-api2txt
|
||||
|
||||
diff --git a/tools/xml-rpc-api2txt/xml-rpc-api2txt b/tools/xml-rpc-api2txt/xml-rpc-api2txt
|
||||
old mode 100644
|
||||
new mode 100755
|
27
SOURCES/0003-allow-30x-redirections.patch
Normal file
27
SOURCES/0003-allow-30x-redirections.patch
Normal file
@ -0,0 +1,27 @@
|
||||
From 9bb040a9ae29e1b5afcb674c74f107114b316818 Mon Sep 17 00:00:00 2001
|
||||
From: Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de>
|
||||
Date: Thu, 29 Jul 2010 19:25:32 +0200
|
||||
Subject: [PATCH 3/3] allow 30x redirections
|
||||
|
||||
---
|
||||
lib/curl_transport/curltransaction.c | 4 ++++
|
||||
1 file changed, 4 insertions(+)
|
||||
|
||||
diff --git a/lib/curl_transport/curltransaction.c b/lib/curl_transport/curltransaction.c
|
||||
index f0aafae..b5392a9 100644
|
||||
--- a/lib/curl_transport/curltransaction.c
|
||||
+++ b/lib/curl_transport/curltransaction.c
|
||||
@@ -671,6 +671,10 @@ setupCurlSession(xmlrpc_env * const envP,
|
||||
curl_easy_setopt(curlSessionP, CURLOPT_POST, 1);
|
||||
curl_easy_setopt(curlSessionP, CURLOPT_URL, transP->serverUrl);
|
||||
|
||||
+ curl_easy_setopt(curlSessionP, CURLOPT_FOLLOWLOCATION, 1);
|
||||
+ curl_easy_setopt(curlSessionP, CURLOPT_MAXREDIRS, (long)10);
|
||||
+ curl_easy_setopt(curlSessionP, CURLOPT_POSTREDIR, CURL_REDIR_POST_ALL);
|
||||
+
|
||||
XMLRPC_MEMBLOCK_APPEND(char, envP, transP->postDataP, "\0", 1);
|
||||
if (!envP->fault_occurred) {
|
||||
curl_easy_setopt(curlSessionP, CURLOPT_POSTFIELDS,
|
||||
--
|
||||
2.13.1
|
||||
|
@ -0,0 +1,89 @@
|
||||
From 6aee99f381cc5bdfb6e514ac1e82f5e7b0fa7e2d Mon Sep 17 00:00:00 2001
|
||||
From: Rob Crittenden <rcritten@redhat.com>
|
||||
Date: Fri, 25 Feb 2022 16:42:35 -0500
|
||||
Subject: [PATCH 5/6] Add missing validation of encoding (CVE-2022-25235)
|
||||
|
||||
Backported from upstream https://github.com/libexpat/libexpat/pull/562
|
||||
|
||||
Resolves: #2058114
|
||||
---
|
||||
lib/expat/xmltok/xmltok.c | 21 +++++++++++++++------
|
||||
lib/expat/xmltok/xmltok_impl.c | 8 ++++++--
|
||||
2 files changed, 21 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/lib/expat/xmltok/xmltok.c b/lib/expat/xmltok/xmltok.c
|
||||
index 7b31fbb..3b0c950 100644
|
||||
--- a/lib/expat/xmltok/xmltok.c
|
||||
+++ b/lib/expat/xmltok/xmltok.c
|
||||
@@ -61,12 +61,17 @@ We need 8 bits to index into pages, 3 bits to add to that index and
|
||||
? UTF8_GET_NAMING3(pages, (const unsigned char *)(p)) \
|
||||
: 0))
|
||||
|
||||
+#define UTF8_INVALID2(p) \
|
||||
+ ((*p) < 0xC2 || ((p)[1] & 0x80) == 0 || ((p)[1] & 0xC0) == 0xC0)
|
||||
+
|
||||
#define UTF8_INVALID3(p) \
|
||||
- ((*p) == 0xED \
|
||||
- ? (((p)[1] & 0x20) != 0) \
|
||||
- : ((*p) == 0xEF \
|
||||
- ? ((p)[1] == 0xBF && ((p)[2] == 0xBF || (p)[2] == 0xBE)) \
|
||||
- : 0))
|
||||
+ (((p)[2] & 0x80) == 0 \
|
||||
+ || ((*p) == 0xEF && (p)[1] == 0xBF ? (p)[2] > 0xBD \
|
||||
+ : ((p)[2] & 0xC0) == 0xC0) \
|
||||
+ || ((*p) == 0xE0 \
|
||||
+ ? (p)[1] < 0xA0 || ((p)[1] & 0xC0) == 0xC0 \
|
||||
+ : ((p)[1] & 0x80) == 0 \
|
||||
+ || ((*p) == 0xED ? (p)[1] > 0x9F : ((p)[1] & 0xC0) == 0xC0)))
|
||||
|
||||
#define UTF8_INVALID4(p) ((*p) == 0xF4 && ((p)[1] & 0x30) != 0)
|
||||
|
||||
@@ -104,7 +109,11 @@ int utf8_isNmstrt3(const ENCODING *enc ATTR_UNUSED, const char *p)
|
||||
|
||||
#define utf8_isNmstrt4 isNever
|
||||
|
||||
-#define utf8_isInvalid2 isNever
|
||||
+static
|
||||
+int utf8_isInvalid2(const ENCODING *enc ATTR_UNUSED, const char *p)
|
||||
+{
|
||||
+ return UTF8_INVALID2((const unsigned char *)p);
|
||||
+}
|
||||
|
||||
static
|
||||
int utf8_isInvalid3(const ENCODING *enc ATTR_UNUSED, const char *p)
|
||||
diff --git a/lib/expat/xmltok/xmltok_impl.c b/lib/expat/xmltok/xmltok_impl.c
|
||||
index d035527..bae79b9 100644
|
||||
--- a/lib/expat/xmltok/xmltok_impl.c
|
||||
+++ b/lib/expat/xmltok/xmltok_impl.c
|
||||
@@ -43,7 +43,7 @@ See the file copying.txt for copying permission.
|
||||
case BT_LEAD ## n: \
|
||||
if (end - ptr < n) \
|
||||
return XML_TOK_PARTIAL_CHAR; \
|
||||
- if (!IS_NAME_CHAR(enc, ptr, n)) { \
|
||||
+ if (IS_INVALID_CHAR(enc, ptr, n) || !IS_NAME_CHAR(enc, ptr, n)) { \
|
||||
*nextTokPtr = ptr; \
|
||||
return XML_TOK_INVALID; \
|
||||
} \
|
||||
@@ -71,7 +71,7 @@ See the file copying.txt for copying permission.
|
||||
case BT_LEAD ## n: \
|
||||
if (end - ptr < n) \
|
||||
return XML_TOK_PARTIAL_CHAR; \
|
||||
- if (!IS_NMSTRT_CHAR(enc, ptr, n)) { \
|
||||
+ if (IS_INVALID_CHAR(enc, ptr, n) || !IS_NMSTRT_CHAR(enc, ptr, n)) { \
|
||||
*nextTokPtr = ptr; \
|
||||
return XML_TOK_INVALID; \
|
||||
} \
|
||||
@@ -1168,6 +1168,10 @@ int PREFIX(prologTok)(const ENCODING *enc, const char *ptr, const char *end,
|
||||
case BT_LEAD ## n: \
|
||||
if (end - ptr < n) \
|
||||
return XML_TOK_PARTIAL_CHAR; \
|
||||
+ if (IS_INVALID_CHAR(enc, ptr, n)) { \
|
||||
+ *nextTokPtr = ptr; \
|
||||
+ return XML_TOK_INVALID; \
|
||||
+ } \
|
||||
if (IS_NMSTRT_CHAR(enc, ptr, n)) { \
|
||||
ptr += n; \
|
||||
tok = XML_TOK_NAME; \
|
||||
--
|
||||
2.31.1
|
||||
|
@ -0,0 +1,92 @@
|
||||
From ce6eddc1a167dafaac17c7bad9fa6b013fada31b Mon Sep 17 00:00:00 2001
|
||||
From: Rob Crittenden <rcritten@redhat.com>
|
||||
Date: Fri, 25 Feb 2022 13:07:07 -0500
|
||||
Subject: [PATCH 5/6] lib: Prevent more integer overflows (CVE-2022-22822 to
|
||||
CVE-2022-22827)
|
||||
|
||||
Backport fixes from https://github.com/libexpat/libexpat/pull/539
|
||||
|
||||
Resolves: #2058567, #2058576, #2058282, #2058589, #2058595, #2058602
|
||||
---
|
||||
lib/expat/xmlparse/xmlparse.c | 40 +++++++++++++++++++++++++++++++++++
|
||||
1 file changed, 40 insertions(+)
|
||||
|
||||
diff --git a/lib/expat/xmlparse/xmlparse.c b/lib/expat/xmlparse/xmlparse.c
|
||||
index 48adfb3..16ab82a 100644
|
||||
--- a/lib/expat/xmlparse/xmlparse.c
|
||||
+++ b/lib/expat/xmlparse/xmlparse.c
|
||||
@@ -19,6 +19,7 @@ See the file copying.txt for copying permission.
|
||||
#include <assert.h>
|
||||
#include <limits.h> /* UINT_MAX */
|
||||
#include <time.h> /* time() */
|
||||
+#include <stdint.h>
|
||||
|
||||
#include "xmlrpc_config.h"
|
||||
#include "c_util.h"
|
||||
@@ -1076,6 +1077,9 @@ int addBinding(XML_Parser parser,
|
||||
;
|
||||
if (namespaceSeparator)
|
||||
len++;
|
||||
+ if (namespaceSeparator && (uri[len] == namespaceSeparator)) {
|
||||
+ return XML_ERROR_SYNTAX;
|
||||
+ }
|
||||
if (freeBindingList) {
|
||||
b = freeBindingList;
|
||||
if (len > b->uriAlloc) {
|
||||
@@ -2116,10 +2120,32 @@ storeAtts(XML_Parser const xmlParserP,
|
||||
}
|
||||
/* get the attributes from the tokenizer */
|
||||
n = XmlGetAttributes(enc, attStr, attsSize, atts);
|
||||
+
|
||||
+
|
||||
+ /* Detect and prevent integer overflow */
|
||||
+ if (n > INT_MAX - nDefaultAtts) {
|
||||
+ return XML_ERROR_NO_MEMORY;
|
||||
+ }
|
||||
+
|
||||
if (n + nDefaultAtts > attsSize) {
|
||||
int oldAttsSize = attsSize;
|
||||
ATTRIBUTE *temp;
|
||||
+ /* Detect and prevent integer overflow */
|
||||
+ if ((nDefaultAtts > INT_MAX - INIT_ATTS_SIZE)
|
||||
+ || (n > INT_MAX - (nDefaultAtts + INIT_ATTS_SIZE))) {
|
||||
+ return XML_ERROR_NO_MEMORY;
|
||||
+ }
|
||||
attsSize = n + nDefaultAtts + INIT_ATTS_SIZE;
|
||||
+ /* Detect and prevent integer overflow.
|
||||
+ * The preprocessor guard addresses the "always false" warning
|
||||
+ * from -Wtype-limits on platforms where
|
||||
+ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
|
||||
+#if UINT_MAX >= SIZE_MAX
|
||||
+ if ((unsigned)parser->m_attsSize > (size_t)(-1) / sizeof(ATTRIBUTE)) {
|
||||
+ attsSize = oldAttsSize;
|
||||
+ return XML_ERROR_NO_MEMORY;
|
||||
+ }
|
||||
+#endif
|
||||
temp = realloc((void *)atts, attsSize * sizeof(ATTRIBUTE));
|
||||
if (!temp)
|
||||
return XML_ERROR_NO_MEMORY;
|
||||
@@ -2297,6 +2323,20 @@ storeAtts(XML_Parser const xmlParserP,
|
||||
n = i + binding->uriLen;
|
||||
if (n > binding->uriAlloc) {
|
||||
TAG *p;
|
||||
+
|
||||
+ /* Detect and prevent integer overflow */
|
||||
+ if (n > INT_MAX - EXPAND_SPARE) {
|
||||
+ return XML_ERROR_NO_MEMORY;
|
||||
+ }
|
||||
+ /* Detect and prevent integer overflow.
|
||||
+ * The preprocessor guard addresses the "always false" warning
|
||||
+ * from -Wtype-limits on platforms where
|
||||
+ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
|
||||
+#if UINT_MAX >= SIZE_MAX
|
||||
+ if ((unsigned)(n + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) {
|
||||
+ return XML_ERROR_NO_MEMORY;
|
||||
+ }
|
||||
+#endif
|
||||
XML_Char *uri = malloc((n + EXPAND_SPARE) * sizeof(XML_Char));
|
||||
if (!uri)
|
||||
return XML_ERROR_NO_MEMORY;
|
||||
--
|
||||
2.31.1
|
||||
|
@ -0,0 +1,32 @@
|
||||
From 06d354807ac297374973631a6418edf7e3fcbf30 Mon Sep 17 00:00:00 2001
|
||||
From: Rob Crittenden <rcritten@redhat.com>
|
||||
Date: Mon, 28 Feb 2022 10:43:23 -0500
|
||||
Subject: [PATCH 6/6] Prevent integer overflow on m_groupSize in doProlog
|
||||
(CVE-2021-46143)
|
||||
|
||||
Backported from upstream https://github.com/libexpat/libexpat/pull/538
|
||||
|
||||
Resolves: #2058560
|
||||
---
|
||||
lib/expat/xmlparse/xmlparse.c | 5 +++++
|
||||
1 file changed, 5 insertions(+)
|
||||
|
||||
diff --git a/lib/expat/xmlparse/xmlparse.c b/lib/expat/xmlparse/xmlparse.c
|
||||
index 16ab82a..b9aa927 100644
|
||||
--- a/lib/expat/xmlparse/xmlparse.c
|
||||
+++ b/lib/expat/xmlparse/xmlparse.c
|
||||
@@ -3991,6 +3991,11 @@ doProlog(XML_Parser const xmlParserP,
|
||||
case XML_ROLE_GROUP_OPEN:
|
||||
if (prologState.level >= groupSize) {
|
||||
if (groupSize) {
|
||||
+ /* Detect and prevent integer overflow */
|
||||
+ if (groupSize > (unsigned int)(-1) / 2u) {
|
||||
+ *errorCodeP = XML_ERROR_NO_MEMORY;
|
||||
+ return;
|
||||
+ }
|
||||
char *temp = realloc(groupConnector, groupSize *= 2);
|
||||
if (!temp) {
|
||||
*errorCodeP = XML_ERROR_NO_MEMORY;
|
||||
--
|
||||
2.31.1
|
||||
|
515
SPECS/xmlrpc-c.spec
Normal file
515
SPECS/xmlrpc-c.spec
Normal file
@ -0,0 +1,515 @@
|
||||
%global advanced_branch 1
|
||||
|
||||
# Upstream libxml2 backend is completely broken since 2015
|
||||
# https://sourceforge.net/p/xmlrpc-c/patches/49/
|
||||
%bcond_with libxml2
|
||||
|
||||
Name: xmlrpc-c
|
||||
Version: 1.51.0
|
||||
Release: 8%{?dist}
|
||||
Summary: Lightweight RPC library based on XML and HTTP
|
||||
# See doc/COPYING for details.
|
||||
# The Python 1.5.2 license used by a few files is just BSD.
|
||||
License: BSD and MIT
|
||||
URL: http://xmlrpc-c.sourceforge.net/
|
||||
%{!?advanced_branch:Source0: http://dl.sourceforge.net/sourceforge/xmlrpc-c/xmlrpc-%version.tgz}
|
||||
# generated by 'make svn-sources [SVN_VER=%version SVN_REV=%svnrev]'. Unfortunately,
|
||||
# upstream does not tag versions so we must fetch from the branch and
|
||||
# check which version was used for it
|
||||
%{?advanced_branch:Source0: xmlrpc-c-%version.tar.xz}
|
||||
|
||||
# Upstreamable patches
|
||||
Patch101: 0001-xmlrpc_server_abyss-use-va_args-properly.patch
|
||||
Patch102: 0002-Use-proper-datatypes-for-long-long.patch
|
||||
Patch103: 0003-allow-30x-redirections.patch
|
||||
#Patch104: xmlrpc-c-printf-size_t.patch
|
||||
#Patch105: xmlrpc-c-check-vasprintf-return-value.patch
|
||||
Patch104: 0004-Add-missing-validation-of-encoding-CVE-2022-25235.patch
|
||||
Patch105: 0005-lib-Prevent-more-integer-overflows-CVE-2022-22822-to.patch
|
||||
Patch106: 0006-Prevent-integer-overflow-on-m_groupSize-in-doProlog-.patch
|
||||
|
||||
# Backported patches
|
||||
# https://sourceforge.net/p/xmlrpc-c/code/2981/
|
||||
# Fixes RHBZ #1541868
|
||||
Patch201: 0001-Remove-trace-statements-accidentally-committed-with-.patch
|
||||
|
||||
# Meson buildsystem, see https://blogs.gnome.org/ignatenko/2016/12/17/meson-%E2%99%A5-xmlrpc-c/
|
||||
Patch1001: 0001-add-meson-buildsystem-definitions.patch
|
||||
Patch1002: 0002-chmod-x-xml-rpc-api2txt.patch
|
||||
|
||||
BuildRequires: git-core
|
||||
BuildRequires: meson >= 0.36.0
|
||||
BuildRequires: gcc
|
||||
BuildRequires: gcc-c++
|
||||
%if %{with libxml2}
|
||||
BuildRequires: pkgconfig(libxml-2.0)
|
||||
%else
|
||||
# upstream has its own fork of expat
|
||||
Provides: bundled(expat)
|
||||
%endif
|
||||
BuildRequires: pkgconfig(openssl)
|
||||
BuildRequires: pkgconfig(libcurl)
|
||||
BuildRequires: readline-devel
|
||||
BuildRequires: ncurses-devel
|
||||
|
||||
%package c++
|
||||
Summary: C++ libraries for xmlrpc-c
|
||||
Requires: %{name}%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
|
||||
|
||||
%package client
|
||||
Summary: C client libraries for xmlrpc-c
|
||||
Requires: %{name}%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
|
||||
|
||||
%package client++
|
||||
Summary: C++ client libraries for xmlrpc-c
|
||||
Requires: %{name}%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
|
||||
Requires: %{name}-c++%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
|
||||
Requires: %{name}-client%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
|
||||
|
||||
%package devel
|
||||
Summary: Development files for xmlrpc-c based programs
|
||||
Requires: %{name}%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
|
||||
Requires: %{name}-c++%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
|
||||
Requires: %{name}-client%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
|
||||
Requires: %{name}-client++%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
|
||||
|
||||
%package apps
|
||||
Summary: Sample XML-RPC applications
|
||||
Requires: %{name}%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
|
||||
Requires: %{name}-c++%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
|
||||
Requires: %{name}-client%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
|
||||
Requires: %{name}-client++%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
|
||||
|
||||
|
||||
%description
|
||||
XML-RPC is a quick-and-easy way to make procedure calls over the
|
||||
Internet. It converts the procedure call into XML document, sends it
|
||||
to a remote server using HTTP, and gets back the response as XML.
|
||||
|
||||
This library provides a modular implementation of XML-RPC for C.
|
||||
|
||||
|
||||
%description c++
|
||||
XML-RPC is a quick-and-easy way to make procedure calls over the
|
||||
Internet. It converts the procedure call into XML document, sends it
|
||||
to a remote server using HTTP, and gets back the response as XML.
|
||||
|
||||
This library provides a modular implementation of XML-RPC for C++.
|
||||
|
||||
|
||||
%description client
|
||||
XML-RPC is a quick-and-easy way to make procedure calls over the
|
||||
Internet. It converts the procedure call into XML document, sends it
|
||||
to a remote server using HTTP, and gets back the response as XML.
|
||||
|
||||
This library provides a modular implementation of XML-RPC for C
|
||||
clients.
|
||||
|
||||
%description client++
|
||||
XML-RPC is a quick-and-easy way to make procedure calls over the
|
||||
Internet. It converts the procedure call into XML document, sends it
|
||||
to a remote server using HTTP, and gets back the response as XML.
|
||||
|
||||
This library provides a modular implementation of XML-RPC for C++
|
||||
clients.
|
||||
|
||||
|
||||
%description devel
|
||||
Static libraries and header files for writing XML-RPC applications in
|
||||
C and C++.
|
||||
|
||||
|
||||
%description apps
|
||||
XML-RPC is a quick-and-easy way to make procedure calls over the
|
||||
Internet. It converts the procedure call into XML document, sends it
|
||||
to a remote server using HTTP, and gets back the response as XML.
|
||||
|
||||
This package contains some handy XML-RPC demo applications.
|
||||
|
||||
|
||||
%prep
|
||||
%autosetup -Sgit
|
||||
|
||||
%build
|
||||
%meson %{?with_libxml2:-Dlibxml2-backend=true}
|
||||
%meson_build
|
||||
|
||||
%install
|
||||
%meson_install
|
||||
|
||||
%ldconfig_scriptlets
|
||||
%ldconfig_scriptlets client
|
||||
%ldconfig_scriptlets c++
|
||||
%ldconfig_scriptlets client++
|
||||
|
||||
%files
|
||||
%license doc/COPYING lib/abyss/license.txt
|
||||
%doc doc/CREDITS doc/HISTORY
|
||||
%if ! %{with libxml2}
|
||||
%{_libdir}/libxmlrpc_xml*.so.*
|
||||
%endif
|
||||
%{_libdir}/libxmlrpc_openssl.so.*
|
||||
%{_libdir}/libxmlrpc.so.*
|
||||
%{_libdir}/libxmlrpc_util.so.*
|
||||
%{_libdir}/libxmlrpc_abyss.so.*
|
||||
%{_libdir}/libxmlrpc_server.so.*
|
||||
%{_libdir}/libxmlrpc_server_abyss.so.*
|
||||
%{_libdir}/libxmlrpc_server_cgi.so.*
|
||||
|
||||
%files client
|
||||
%{_libdir}/libxmlrpc_client.so.*
|
||||
|
||||
%files c++
|
||||
%{_libdir}/libxmlrpc_cpp.so.*
|
||||
%{_libdir}/libxmlrpc++.so.*
|
||||
%{_libdir}/libxmlrpc_util++.so.*
|
||||
%{_libdir}/libxmlrpc_abyss++.so.*
|
||||
%{_libdir}/libxmlrpc_server++.so.*
|
||||
%{_libdir}/libxmlrpc_server_abyss++.so.*
|
||||
%{_libdir}/libxmlrpc_server_cgi++.so.*
|
||||
%{_libdir}/libxmlrpc_packetsocket.so.*
|
||||
%{_libdir}/libxmlrpc_server_pstream++.so.*
|
||||
|
||||
%files client++
|
||||
%{_libdir}/libxmlrpc_client++.so.*
|
||||
|
||||
%files devel
|
||||
%{_bindir}/xmlrpc-c-config
|
||||
%{_includedir}/xmlrpc-c/
|
||||
%{_includedir}/*.h
|
||||
%{_libdir}/pkgconfig/xmlrpc*.pc
|
||||
%{_libdir}/libxmlrpc*.so
|
||||
|
||||
%files apps
|
||||
%{_bindir}/xmlrpc_parsecall
|
||||
%{_bindir}/xmlrpc
|
||||
%{_bindir}/xmlrpc_transport
|
||||
%doc tools/xmlrpc_transport/xmlrpc_transport.html
|
||||
%{_bindir}/xml-rpc-api2cpp
|
||||
%{_mandir}/man1/xml-rpc-api2cpp.1*
|
||||
%{_bindir}/xml-rpc-api2txt
|
||||
%{_mandir}/man1/xml-rpc-api2txt.1*
|
||||
%{_bindir}/xmlrpc_cpp_proxy
|
||||
%{_bindir}/xmlrpc_pstream
|
||||
%{_bindir}/xmlrpc_dumpserver
|
||||
|
||||
%changelog
|
||||
* Thu Apr 14 2022 Rob Crittenden <rcritten@redhat.com> - 1.51.0-8
|
||||
- Address some Coverity issues in the patch set
|
||||
|
||||
* Tue Apr 05 2022 Rob Crittenden <rcritten@redhat.com> - 1.51.0-7
|
||||
- lib: Prevent more integer overflows (CVE-2022-22822 to CVE-2022-22827)
|
||||
(#2058567, #2058576, #2058582, #2058589, #2058595, #2058602)
|
||||
- Prevent integer overflow on m_groupSize in doProlog
|
||||
(CVE-2021-46143) (#2058560)
|
||||
|
||||
* Thu Mar 03 2022 Rob Crittenden <rcritten@redhat.com> - 1.51.0-6
|
||||
- Add missing validation of encoding (CVE-2022-25235) (#2070481)
|
||||
|
||||
* Thu Apr 19 2018 Adam Williamson <awilliam@redhat.com> - 1.51.0-5
|
||||
- Backport upstream fix for console spam with debug messages (#1541868)
|
||||
|
||||
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.51.0-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||
|
||||
* Wed Jan 31 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.51.0-3
|
||||
- Switch to %%ldconfig_scriptlets
|
||||
|
||||
* Wed Jan 17 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.51.0-2
|
||||
- BuildRequire openssl by pkgconfig()
|
||||
|
||||
* Mon Jan 01 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.51.0-1
|
||||
- Update to 1.51.0
|
||||
|
||||
* Sun Oct 01 2017 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.49.02-2
|
||||
- Fix Requires.private in xmlrpc_server++.pc
|
||||
|
||||
* Fri Sep 29 2017 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.49.02-1
|
||||
- Update to 1.49.02
|
||||
|
||||
* Fri Sep 29 2017 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.48.0-8
|
||||
- Add xmlrpc_client++.pc
|
||||
|
||||
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.48.0-7
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
||||
|
||||
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.48.0-6
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
||||
|
||||
* Fri Jun 30 2017 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.48.0-5
|
||||
- Fix underlinking issue causing FTBFS
|
||||
|
||||
* Mon Mar 13 2017 Peter Robinson <pbrobinson@fedoraproject.org> 1.48.0-4
|
||||
- Build with openssl 1.1
|
||||
|
||||
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.48.0-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
||||
|
||||
* Sat Jan 21 2017 Igor Gnatenko <ignatenko@redhat.com> - 1.48.0-2
|
||||
- Apply patches via git to preserve permissions
|
||||
|
||||
* Sun Dec 18 2016 Igor Gnatenko <i.gnatenko.brain@gmail.com> - 1.48.0-1
|
||||
- Update to 1.48.0
|
||||
|
||||
* Tue Feb 16 2016 Mikolaj Izdebski <mizdebsk@redhat.com> - 1.32.5-1909.svn2451
|
||||
- Add patch for conversion from int to usnigned char
|
||||
- Resolves: rhbz#1308254
|
||||
|
||||
* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.32.5-1909.svn2451
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
||||
|
||||
* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.32.5-1908.svn2451
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
||||
|
||||
* Sat May 02 2015 Kalev Lember <kalevlember@gmail.com> - 1.32.5-1907.svn2451
|
||||
- Rebuilt for GCC 5 C++11 ABI change
|
||||
|
||||
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.32.5-1906.svn2451
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
||||
|
||||
* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.32.5-1905.svn2451
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
||||
|
||||
* Fri Mar 28 2014 Mikolaj Izdebski <mizdebsk@redhat.com> - 1.32.5-1904.svn2451
|
||||
- Add patch to silence format-security compiler warning
|
||||
- Resolves: rhbz#1037399
|
||||
|
||||
* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.32.5-1903.svn2451
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
||||
|
||||
* Thu Apr 25 2013 Mikolaj Izdebski <mizdebsk@redhat.com> - 1.32.5-1902.svn2451
|
||||
- Add missing inter-package dependencies
|
||||
- Rename fedora directory to build
|
||||
|
||||
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.32.5-1901.svn2451
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
|
||||
|
||||
* Sun Dec 9 2012 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.32.5-1900.svn2451
|
||||
- updated to 1.32.5
|
||||
|
||||
* Sun Oct 21 2012 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.32.2-1900.svn2434
|
||||
- updated to 1.32.2
|
||||
|
||||
* Sat Oct 6 2012 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.32.1-1900.svn2413
|
||||
- updated to 1.32.1
|
||||
|
||||
* Sun Aug 26 2012 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.31.4-1900.svn2386
|
||||
- updated to 1.31.4
|
||||
|
||||
* Sun Jul 22 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.31.0-1801.svn2365
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
||||
|
||||
* Sun Jul 1 2012 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.31.0-1800.svn2365
|
||||
- updated to 1.31.0
|
||||
|
||||
* Wed Jun 6 2012 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.30.6-1800.svn2328
|
||||
- updated to 1.30.6
|
||||
|
||||
* Sat May 26 2012 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.30.5-1800.svn2324
|
||||
- updated to 1.30.5 (IPv6 server fixes)
|
||||
|
||||
* Sat May 12 2012 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.30.4-1800.svn2318
|
||||
- updated to 1.30.4
|
||||
|
||||
* Thu Apr 5 2012 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.30.1-1800.svn2298
|
||||
- updated to 1.30.1
|
||||
|
||||
* Tue Feb 28 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.29.0-1701.svn2233
|
||||
- Rebuilt for c++ ABI breakage
|
||||
|
||||
* Wed Jan 4 2012 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.29.0-1700.svn2233
|
||||
- updated to 1.29.0
|
||||
|
||||
* Mon Oct 3 2011 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.28.1-1700.svn2203
|
||||
- updated to 1.28.1
|
||||
|
||||
* Mon Oct 3 2011 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.27.5-1701.svn2185
|
||||
- fixed error handling when transfering too large files (#741980)
|
||||
|
||||
* Sat Aug 27 2011 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.27.5-1700.svn2185
|
||||
- updated to 1.27.5
|
||||
|
||||
* Sun Aug 7 2011 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.27.4-1700.svn2171
|
||||
- updated to 1.27.4
|
||||
|
||||
* Sun Aug 7 2011 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.27.3-1700.svn2145
|
||||
- updated to 1.27.3
|
||||
|
||||
* Mon Jun 27 2011 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.27.0-1600.svn2145
|
||||
- updated to 1.27.0
|
||||
- made it build with recent curl
|
||||
|
||||
* Mon Jun 13 2011 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.26.3-1600.svn2134
|
||||
- updated to 1.26.3
|
||||
- removed default-constructor patch; issue is solved upstream
|
||||
|
||||
* Sat Apr 2 2011 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.26.0-1600.svn2188
|
||||
- updated to 1.26.0
|
||||
|
||||
* Mon Feb 07 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.25.1-1501.svn2077
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
||||
|
||||
* Thu Jan 6 2011 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.25.1-1500.svn2077
|
||||
- updated to 1.25.1
|
||||
|
||||
* Thu Dec 30 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.25.0-1500.svn2074
|
||||
- updated to 1.25.0
|
||||
|
||||
* Sun Nov 7 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.24.4-1500.svn2042
|
||||
- updated to 1.24.4
|
||||
|
||||
* Sat Oct 9 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.24.1-1500.svn1987
|
||||
- updated to 1.24.1
|
||||
- set -Wno-uninitialized CFLAGS; code contains lot of constructs
|
||||
triggering this warning and the 'int a=a' defeaters have been
|
||||
removed in this version
|
||||
|
||||
* Fri Aug 27 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.23.02-1500.svn1968
|
||||
- updated to 1.23.02 (note: this breaks C++ ABI)
|
||||
- added vasprintf patch
|
||||
|
||||
* Thu Jul 29 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.23.01-1400.svn1958
|
||||
- updated to 1.23.01
|
||||
- added patch to make curl follow HTTP POST 301 redirects (#618504)
|
||||
|
||||
* Sun Apr 18 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.22.01-1400.svn1907
|
||||
- updated to 1.22.01 (svn 1907)
|
||||
|
||||
* Tue Feb 23 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.21.00-1401.1851
|
||||
- require the various subpackages explicitly for -devel; the ld linker
|
||||
scripts broke rpm's autodetection (#567400)
|
||||
- removed -devel Requires: which are covered by pkgconfig autodeps
|
||||
- added %%{?_isa} annotations
|
||||
|
||||
* Sun Feb 21 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.21.00-1400.1851
|
||||
- made linker scripts more 'ldconfig' friendly
|
||||
|
||||
* Mon Feb 15 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.21.00-1301.1851
|
||||
- replaced .so symlinks by linker scripts which add all implicit
|
||||
dependencies in AS_NEEDED() commands (#564607, #565577)
|
||||
|
||||
* Thu Jan 14 2010 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.21.00-1300.1851
|
||||
- updated to 1.21.00 (rev 1851)
|
||||
- removed curl-trace patch as applied upstream
|
||||
- rediffed patches
|
||||
|
||||
* Sat Nov 21 2009 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.20.3-1.1841
|
||||
- updated to rev1841
|
||||
- rediffed patches
|
||||
- added patch to fix handling of wrong certificates (Nikola Pajkovsky)
|
||||
- added support for $XMLRPC_TRACE_CURL env (John Dennis)
|
||||
|
||||
* Mon Jul 27 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.16.6-3.1582
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
|
||||
|
||||
* Thu Feb 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.16.6-2.1582
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
|
||||
|
||||
* Thu Dec 11 2008 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.16.6-1.1582
|
||||
- updated to 1.16.6; rediffed patches
|
||||
- fixed client headers (bug #475887)
|
||||
|
||||
* Sat Nov 15 2008 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.16.4.1567-2
|
||||
- updated to 1.16.4
|
||||
- rediffed/updated patches
|
||||
- splitted some subpackages (c++, client) out of main package as they
|
||||
introduce additional dependencies (c++, curl)
|
||||
|
||||
* Sat Sep 6 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 1.14.8-2
|
||||
- fix license tag
|
||||
|
||||
* Sat Jun 21 2008 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.14.8-1
|
||||
- updated to 1.14.8
|
||||
|
||||
* Sun May 25 2008 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.14.6-1
|
||||
- updated to 1.14.6
|
||||
|
||||
* Sat Apr 12 2008 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.14.2-1
|
||||
- updated to 1.14.2
|
||||
- rediffed patches
|
||||
- added patch to fix broken usage of 'long long' datatype
|
||||
|
||||
* Mon Mar 17 2008 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.13.8-2
|
||||
- fixed cmake quoting so that pkgconfig files get correct version number
|
||||
- fixed handling of 'server-util' and '--cflags' within xmlrpc-c-config
|
||||
|
||||
* Sun Mar 16 2008 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.13.8-1
|
||||
- updated to 1.13.8
|
||||
- removed some patches which were applied upstream
|
||||
|
||||
* Tue Feb 26 2008 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.13.07-2
|
||||
- moved to advanced branched; rediffed/updated existing cmake patch
|
||||
and fixed other compilation issues (#369841)
|
||||
|
||||
* Mon Feb 18 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 1.06.23-2
|
||||
- Autorebuild for GCC 4.3
|
||||
|
||||
* Wed Jan 2 2008 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.06.23-1
|
||||
- use correct pkg-config script for 'xmlrpc-config abyss-server'
|
||||
output (#355411)
|
||||
- updated to 1.06.23 (#355411)
|
||||
|
||||
* Tue Sep 4 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.06.18-1
|
||||
- updated to 1.06.18
|
||||
|
||||
* Thu Aug 16 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.06.17-1
|
||||
- updated to 1.06.17
|
||||
|
||||
* Sun Jul 22 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.06.16-1
|
||||
- updated to 1.06.16
|
||||
|
||||
* Thu Jun 14 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.06.14-1
|
||||
- updated to 1.06.14
|
||||
|
||||
* Sun Apr 1 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.06.11-2
|
||||
- rediffed cmake patch against current version
|
||||
- made the xmlrpc-c-config compatible to the upstream version
|
||||
- added compatibility symlinks for some header files (thx to Robert de
|
||||
Vries for reporting these two issues)
|
||||
|
||||
* Sat Mar 17 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.06.11-1
|
||||
- updated to 1.06.11
|
||||
|
||||
* Sat Feb 3 2007 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.06.09-1
|
||||
- updated to 1.06.09
|
||||
- removed -typo patch since applied upstream
|
||||
|
||||
* Mon Nov 6 2006 Jindrich Novy <jnovy@redhat.com> - 1.06.05-3
|
||||
- rebuild against the new curl
|
||||
|
||||
* Mon Oct 2 2006 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.06.05-2
|
||||
- updated cmake patch
|
||||
- strip installed libraries
|
||||
|
||||
* Wed Sep 20 2006 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.06.05-1
|
||||
- updated to 1.06.05
|
||||
- merged + updated patches
|
||||
|
||||
* Sat Sep 16 2006 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.06.04-1
|
||||
- updated to 1.06.04
|
||||
- patched the broken buildsystem
|
||||
- disabled libwww backend explicitely
|
||||
|
||||
* Sun Jun 4 2006 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.05-1
|
||||
- updated to 1.05
|
||||
- updated patches
|
||||
|
||||
* Sat Feb 18 2006 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.04-2
|
||||
- rebuilt for FC5
|
||||
|
||||
* Sun Dec 18 2005 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.04-1
|
||||
- added libxml2-devel and openssl-devel Requires: for the -devel
|
||||
subpackage
|
||||
- ship doc/* instead of doc
|
||||
- initial Fedora Extras package (review 175840)
|
||||
|
||||
* Thu Dec 15 2005 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.04-0.1
|
||||
- disabled w3c-libwww because it does not exist anymore in FC5 and
|
||||
seems to be unmaintained upstream
|
||||
- added missing libxml2-devel
|
||||
- cleaned up list of %%doc files
|
||||
- fixed gcc4.1 build issues
|
||||
- removed static libraries when there exists a corresponding dynamic one
|
||||
|
||||
* Tue Aug 2 2005 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - 1.03.02-1
|
||||
- Initial build.
|
Loading…
Reference in New Issue
Block a user