Compare commits
10 Commits
80a794ab9f
...
cf4cd85e00
Author | SHA1 | Date |
---|---|---|
Matej Mužila | cf4cd85e00 | |
Mohan Boddu | 212a5fd6ca | |
Mohan Boddu | 5f26a038aa | |
DistroBaker | 3b25713183 | |
DistroBaker | 530379994e | |
Troy Dawson | bda41afbd4 | |
Troy Dawson | ab64c22dfc | |
Troy Dawson | 4cd9627ff8 | |
Troy Dawson | 1e4942f67a | |
Troy Dawson | 09bbe99654 |
|
@ -1 +1 @@
|
||||||
/xz-5.2.4.tar.xz
|
/xz-5.2.5.tar.xz
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
0b9d1e06b59f7fe0796afe1d93851b9306b4a3b6 xz-5.2.5.tar.xz
|
|
@ -1,6 +0,0 @@
|
||||||
--- !Policy
|
|
||||||
product_versions:
|
|
||||||
- rhel-8
|
|
||||||
decision_context: osci_compose_gate
|
|
||||||
rules:
|
|
||||||
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional}
|
|
2
sources
2
sources
|
@ -1 +1 @@
|
||||||
003e4d0b1b1899fc6e3000b24feddf7c xz-5.2.4.tar.xz
|
SHA512 (xz-5.2.5.tar.xz) = 59266068a51cb616eb31b67cd8f07ffeb2288d1391c61665ae2ec6814465afac80fec69248f6a2f2db45b44475af001296a99af6a32287226a9c41419173ccbb
|
||||||
|
|
|
@ -1,13 +0,0 @@
|
||||||
diff --git a/src/scripts/xzless.in b/src/scripts/xzless.in
|
|
||||||
index a3da697..288dd87 100644
|
|
||||||
--- a/src/scripts/xzless.in
|
|
||||||
+++ b/src/scripts/xzless.in
|
|
||||||
@@ -46,7 +46,7 @@ if test "${LESSMETACHARS+set}" != set; then
|
|
||||||
LESSMETACHARS="$space$tab$nl'"';*?"()<>[|&^`#\$%=~'
|
|
||||||
fi
|
|
||||||
|
|
||||||
-if test "$(less -V | { read ver && echo ${ver#less }; })" -ge 429; then
|
|
||||||
+if test "$(less -V | { read less ver re && echo ${ver}; })" -ge 429; then
|
|
||||||
# less 429 or later: LESSOPEN pipe will be used on
|
|
||||||
# standard input if $LESSOPEN begins with |-.
|
|
||||||
LESSOPEN="|-$xz -cdfq -- %s"
|
|
|
@ -1,81 +0,0 @@
|
||||||
diff --git a/src/xz/message.c b/src/xz/message.c
|
|
||||||
index abbd171..ce953ac 100644
|
|
||||||
--- a/src/xz/message.c
|
|
||||||
+++ b/src/xz/message.c
|
|
||||||
@@ -1110,7 +1110,8 @@ message_help(bool long_help)
|
|
||||||
|
|
||||||
puts(_(
|
|
||||||
" -z, --compress force compression\n"
|
|
||||||
-" -d, --decompress force decompression\n"
|
|
||||||
+" -d, --decompress, --uncompress\n"
|
|
||||||
+" force decompression\n"
|
|
||||||
" -t, --test test compressed file integrity\n"
|
|
||||||
" -l, --list list information about .xz files"));
|
|
||||||
|
|
||||||
@@ -1120,7 +1121,8 @@ message_help(bool long_help)
|
|
||||||
puts(_(
|
|
||||||
" -k, --keep keep (don't delete) input files\n"
|
|
||||||
" -f, --force force overwrite of output file and (de)compress links\n"
|
|
||||||
-" -c, --stdout write to standard output and don't delete input files"));
|
|
||||||
+" -c, --stdout, --to-stdout\n"
|
|
||||||
+" write to standard output and don't delete input files"));
|
|
||||||
|
|
||||||
if (long_help) {
|
|
||||||
puts(_(
|
|
||||||
@@ -1152,6 +1154,10 @@ message_help(bool long_help)
|
|
||||||
" -e, --extreme try to improve compression ratio by using more CPU time;\n"
|
|
||||||
" does not affect decompressor memory requirements"));
|
|
||||||
|
|
||||||
+ puts(_(
|
|
||||||
+" -T, --threads=NUM use at most NUM threads; the default is 1; set to 0\n"
|
|
||||||
+" to use the number of processor cores"));
|
|
||||||
+
|
|
||||||
if (long_help) {
|
|
||||||
// FIXME? Mention something about threading?
|
|
||||||
puts(_(
|
|
||||||
@@ -1166,7 +1172,7 @@ message_help(bool long_help)
|
|
||||||
puts(_( // xgettext:no-c-format
|
|
||||||
" --memlimit-compress=LIMIT\n"
|
|
||||||
" --memlimit-decompress=LIMIT\n"
|
|
||||||
-" -M, --memlimit=LIMIT\n"
|
|
||||||
+" -M, --memlimit=LIMIT, (old alias --memory=LIMIT)\n"
|
|
||||||
" set memory usage limit for compression, decompression,\n"
|
|
||||||
" or both; LIMIT is in bytes, % of RAM, or 0 for defaults"));
|
|
||||||
|
|
||||||
diff --git a/src/xz/xz.1 b/src/xz/xz.1
|
|
||||||
index 0368f05..e5da140 100644
|
|
||||||
--- a/src/xz/xz.1
|
|
||||||
+++ b/src/xz/xz.1
|
|
||||||
@@ -912,7 +912,7 @@ See
|
|
||||||
for possible ways to specify the
|
|
||||||
.IR limit .
|
|
||||||
.TP
|
|
||||||
-\fB\-M\fR \fIlimit\fR, \fB\-\-memlimit=\fIlimit\fR, \fB\-\-memory=\fIlimit
|
|
||||||
+\fB\-M\fR \fIlimit\fR, \fB\-\-memlimit=\fIlimit\fR, (old alias \fB\-\-memory=\fIlimit\fR)
|
|
||||||
This is equivalent to specifying \fB\-\-memlimit\-compress=\fIlimit
|
|
||||||
\fB\-\-memlimit\-decompress=\fIlimit\fR.
|
|
||||||
.TP
|
|
||||||
diff --git a/src/xzdec/xzdec.c b/src/xzdec/xzdec.c
|
|
||||||
index b7830db..48ac1fe 100644
|
|
||||||
--- a/src/xzdec/xzdec.c
|
|
||||||
+++ b/src/xzdec/xzdec.c
|
|
||||||
@@ -64,13 +64,15 @@ help(void)
|
|
||||||
"Usage: %s [OPTION]... [FILE]...\n"
|
|
||||||
"Uncompress files in the ." TOOL_FORMAT " format to the standard output.\n"
|
|
||||||
"\n"
|
|
||||||
-" -c, --stdout (ignored)\n"
|
|
||||||
-" -d, --decompress (ignored)\n"
|
|
||||||
-" -k, --keep (ignored)\n"
|
|
||||||
" -q, --quiet specify *twice* to suppress errors\n"
|
|
||||||
-" -Q, --no-warn (ignored)\n"
|
|
||||||
" -h, --help display this help and exit\n"
|
|
||||||
" -V, --version display the version number and exit\n"
|
|
||||||
+" -c, --stdout, --to-stdout\n"
|
|
||||||
+" ignored, data are always written to standard output\n"
|
|
||||||
+" -d, --decompress, --uncompress\n"
|
|
||||||
+" ignored, only decompression is supported\n"
|
|
||||||
+" -k, --keep ignored, we never create/remove any files\n"
|
|
||||||
+" -Q, --no-warn ignored, we never use exit status 2\n"
|
|
||||||
"\n"
|
|
||||||
"With no FILE, or when FILE is -, read standard input.\n"
|
|
||||||
"\n"
|
|
|
@ -1,23 +0,0 @@
|
||||||
commit 5019413a055ce29e660dbbf15e02443cb5a26c59
|
|
||||||
Author: Jeff Bastian <jbastian@redhat.com>
|
|
||||||
AuthorDate: Wed Apr 3 13:59:17 2013 +0200
|
|
||||||
Commit: Lasse Collin <lasse.collin@tukaani.org>
|
|
||||||
CommitDate: Fri Apr 5 19:14:50 2013 +0300
|
|
||||||
|
|
||||||
xzgrep: make the '-h' option to be --no-filename equivalent
|
|
||||||
|
|
||||||
* src/scripts/xzgrep.in: Accept the '-h' option in argument parsing.
|
|
||||||
|
|
||||||
diff --git a/src/scripts/xzgrep.in b/src/scripts/xzgrep.in
|
|
||||||
index d8e9bb5..951266b 100644
|
|
||||||
--- a/src/scripts/xzgrep.in
|
|
||||||
+++ b/src/scripts/xzgrep.in
|
|
||||||
@@ -109,7 +109,7 @@ while test $# -ne 0; do
|
|
||||||
files_with_matches=1;;
|
|
||||||
(-L | --files-witho*)
|
|
||||||
files_without_matches=1;;
|
|
||||||
- (--no-f*)
|
|
||||||
+ (-h | --no-f*)
|
|
||||||
no_filename=1;;
|
|
||||||
(-V | --v | --ve | --ver | --vers | --versi | --versio | --version)
|
|
||||||
echo "$version" || exit 2
|
|
|
@ -1,60 +0,0 @@
|
||||||
commit 1e60f2c0a0ee6c18b02943ce56214799a70aac26 (HEAD, origin/master, origin/HEAD, master)
|
|
||||||
Author: Lasse Collin <lasse.collin@tukaani.org>
|
|
||||||
AuthorDate: Wed Jun 11 21:03:25 2014 +0300
|
|
||||||
Commit: Lasse Collin <lasse.collin@tukaani.org>
|
|
||||||
CommitDate: Wed Jun 11 21:03:25 2014 +0300
|
|
||||||
|
|
||||||
xzgrep: Add a test for the previous fix.
|
|
||||||
|
|
||||||
This is a simplified version of Pavel Raiskup's
|
|
||||||
original patch.
|
|
||||||
|
|
||||||
diff --git a/tests/test_scripts.sh b/tests/test_scripts.sh
|
|
||||||
index 293929e..7ac1fea 100755
|
|
||||||
--- a/tests/test_scripts.sh
|
|
||||||
+++ b/tests/test_scripts.sh
|
|
||||||
@@ -12,16 +12,18 @@
|
|
||||||
# If scripts weren't built, this test is skipped.
|
|
||||||
XZ=../src/xz/xz
|
|
||||||
XZDIFF=../src/scripts/xzdiff
|
|
||||||
-test -x "$XZ" || XZ=
|
|
||||||
-test -x "$XZDIFF" || XZDIFF=
|
|
||||||
-if test -z "$XZ" || test -z "$XZDIFF"; then
|
|
||||||
+XZGREP=../src/scripts/xzgrep
|
|
||||||
+
|
|
||||||
+for i in XZ XZDIFF XZGREP; do
|
|
||||||
+ eval test -x "\$$i" && continue
|
|
||||||
(exit 77)
|
|
||||||
exit 77
|
|
||||||
-fi
|
|
||||||
+done
|
|
||||||
|
|
||||||
PATH=`pwd`/../src/xz:$PATH
|
|
||||||
export PATH
|
|
||||||
|
|
||||||
+test -z "$srcdir" && srcdir=.
|
|
||||||
preimage=$srcdir/files/good-1-check-crc32.xz
|
|
||||||
samepostimage=$srcdir/files/good-1-check-crc64.xz
|
|
||||||
otherpostimage=$srcdir/files/good-1-lzma2-1.xz
|
|
||||||
@@ -50,5 +52,21 @@ if test "$status" != 2 ; then
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
+# The exit status must be 0 when a match was found at least from one file,
|
|
||||||
+# and 1 when no match was found in any file.
|
|
||||||
+for pattern in el Hello NOMATCH; do
|
|
||||||
+ for opts in "" "-l" "-h" "-H"; do
|
|
||||||
+ "$XZGREP" $opts $pattern \
|
|
||||||
+ "$srcdir/files/good-1-lzma2-1.xz" \
|
|
||||||
+ "$srcdir/files/good-2-lzma2.xz" > /dev/null 2>&1
|
|
||||||
+ status=$?
|
|
||||||
+ test $status = 0 && test $pattern != NOMATCH && continue
|
|
||||||
+ test $status = 1 && test $pattern = NOMATCH && continue
|
|
||||||
+ echo "wrong exit status from xzgrep"
|
|
||||||
+ (exit 1)
|
|
||||||
+ exit 1
|
|
||||||
+ done
|
|
||||||
+done
|
|
||||||
+
|
|
||||||
(exit 0)
|
|
||||||
exit 0
|
|
|
@ -1,50 +0,0 @@
|
||||||
commit ceca37901783988204caaf40dff4623d535cc789
|
|
||||||
Author: Lasse Collin <lasse.collin@tukaani.org>
|
|
||||||
AuthorDate: Wed Jun 11 20:43:28 2014 +0300
|
|
||||||
Commit: Lasse Collin <lasse.collin@tukaani.org>
|
|
||||||
CommitDate: Wed Jun 11 20:43:28 2014 +0300
|
|
||||||
|
|
||||||
xzgrep: exit 0 when at least one file matches.
|
|
||||||
|
|
||||||
Mimic the original grep behavior and return exit_success when
|
|
||||||
at least one xz compressed file matches given pattern.
|
|
||||||
|
|
||||||
Original bugreport:
|
|
||||||
https://bugzilla.redhat.com/show_bug.cgi?id=1108085
|
|
||||||
|
|
||||||
Thanks to Pavel Raiskup for the patch.
|
|
||||||
|
|
||||||
diff --git a/src/scripts/xzgrep.in b/src/scripts/xzgrep.in
|
|
||||||
index 951266b..018915f 100644
|
|
||||||
--- a/src/scripts/xzgrep.in
|
|
||||||
+++ b/src/scripts/xzgrep.in
|
|
||||||
@@ -147,7 +147,9 @@ if test $# -eq 0; then
|
|
||||||
fi
|
|
||||||
|
|
||||||
exec 3>&1
|
|
||||||
-res=0
|
|
||||||
+
|
|
||||||
+# res=1 means that no file matched yet
|
|
||||||
+res=1
|
|
||||||
|
|
||||||
for i; do
|
|
||||||
case $i in
|
|
||||||
@@ -195,8 +197,17 @@ for i; do
|
|
||||||
fi >&3 5>&-
|
|
||||||
)
|
|
||||||
r=$?
|
|
||||||
+
|
|
||||||
+ # fail occured previously, nothing worse can happen
|
|
||||||
+ test $res -gt 1 && continue
|
|
||||||
+
|
|
||||||
test "$xz_status" -eq 0 || test "$xz_status" -eq 2 \
|
|
||||||
|| test "$(kill -l "$xz_status" 2> /dev/null)" = "PIPE" || r=2
|
|
||||||
- test $res -lt $r && res=$r
|
|
||||||
+
|
|
||||||
+ # still no match
|
|
||||||
+ test $r -eq 1 && continue
|
|
||||||
+
|
|
||||||
+ # 0 == match, >=2 == fail
|
|
||||||
+ res=$r
|
|
||||||
done
|
|
||||||
exit $res
|
|
|
@ -0,0 +1,94 @@
|
||||||
|
From 69d1b3fc29677af8ade8dc15dba83f0589cb63d6 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Lasse Collin <lasse.collin@tukaani.org>
|
||||||
|
Date: Tue, 29 Mar 2022 19:19:12 +0300
|
||||||
|
Subject: [PATCH] xzgrep: Fix escaping of malicious filenames (ZDI-CAN-16587).
|
||||||
|
|
||||||
|
Malicious filenames can make xzgrep to write to arbitrary files
|
||||||
|
or (with a GNU sed extension) lead to arbitrary code execution.
|
||||||
|
|
||||||
|
xzgrep from XZ Utils versions up to and including 5.2.5 are
|
||||||
|
affected. 5.3.1alpha and 5.3.2alpha are affected as well.
|
||||||
|
This patch works for all of them.
|
||||||
|
|
||||||
|
This bug was inherited from gzip's zgrep. gzip 1.12 includes
|
||||||
|
a fix for zgrep.
|
||||||
|
|
||||||
|
The issue with the old sed script is that with multiple newlines,
|
||||||
|
the N-command will read the second line of input, then the
|
||||||
|
s-commands will be skipped because it's not the end of the
|
||||||
|
file yet, then a new sed cycle starts and the pattern space
|
||||||
|
is printed and emptied. So only the last line or two get escaped.
|
||||||
|
|
||||||
|
One way to fix this would be to read all lines into the pattern
|
||||||
|
space first. However, the included fix is even simpler: All lines
|
||||||
|
except the last line get a backslash appended at the end. To ensure
|
||||||
|
that shell command substitution doesn't eat a possible trailing
|
||||||
|
newline, a colon is appended to the filename before escaping.
|
||||||
|
The colon is later used to separate the filename from the grep
|
||||||
|
output so it is fine to add it here instead of a few lines later.
|
||||||
|
|
||||||
|
The old code also wasn't POSIX compliant as it used \n in the
|
||||||
|
replacement section of the s-command. Using \<newline> is the
|
||||||
|
POSIX compatible method.
|
||||||
|
|
||||||
|
LC_ALL=C was added to the two critical sed commands. POSIX sed
|
||||||
|
manual recommends it when using sed to manipulate pathnames
|
||||||
|
because in other locales invalid multibyte sequences might
|
||||||
|
cause issues with some sed implementations. In case of GNU sed,
|
||||||
|
these particular sed scripts wouldn't have such problems but some
|
||||||
|
other scripts could have, see:
|
||||||
|
|
||||||
|
info '(sed)Locale Considerations'
|
||||||
|
|
||||||
|
This vulnerability was discovered by:
|
||||||
|
cleemy desu wayo working with Trend Micro Zero Day Initiative
|
||||||
|
|
||||||
|
Thanks to Jim Meyering and Paul Eggert discussing the different
|
||||||
|
ways to fix this and for coordinating the patch release schedule
|
||||||
|
with gzip.
|
||||||
|
---
|
||||||
|
src/scripts/xzgrep.in | 20 ++++++++++++--------
|
||||||
|
1 file changed, 12 insertions(+), 8 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/scripts/xzgrep.in b/src/scripts/xzgrep.in
|
||||||
|
index b180936..e5186ba 100644
|
||||||
|
--- a/src/scripts/xzgrep.in
|
||||||
|
+++ b/src/scripts/xzgrep.in
|
||||||
|
@@ -180,22 +180,26 @@ for i; do
|
||||||
|
{ test $# -eq 1 || test $no_filename -eq 1; }; then
|
||||||
|
eval "$grep"
|
||||||
|
else
|
||||||
|
+ # Append a colon so that the last character will never be a newline
|
||||||
|
+ # which would otherwise get lost in shell command substitution.
|
||||||
|
+ i="$i:"
|
||||||
|
+
|
||||||
|
+ # Escape & \ | and newlines only if such characters are present
|
||||||
|
+ # (speed optimization).
|
||||||
|
case $i in
|
||||||
|
(*'
|
||||||
|
'* | *'&'* | *'\'* | *'|'*)
|
||||||
|
- i=$(printf '%s\n' "$i" |
|
||||||
|
- sed '
|
||||||
|
- $!N
|
||||||
|
- $s/[&\|]/\\&/g
|
||||||
|
- $s/\n/\\n/g
|
||||||
|
- ');;
|
||||||
|
+ i=$(printf '%s\n' "$i" | LC_ALL=C sed 's/[&\|]/\\&/g; $!s/$/\\/');;
|
||||||
|
esac
|
||||||
|
- sed_script="s|^|$i:|"
|
||||||
|
+
|
||||||
|
+ # $i already ends with a colon so don't add it here.
|
||||||
|
+ sed_script="s|^|$i|"
|
||||||
|
|
||||||
|
# Fail if grep or sed fails.
|
||||||
|
r=$(
|
||||||
|
exec 4>&1
|
||||||
|
- (eval "$grep" 4>&-; echo $? >&4) 3>&- | sed "$sed_script" >&3 4>&-
|
||||||
|
+ (eval "$grep" 4>&-; echo $? >&4) 3>&- |
|
||||||
|
+ LC_ALL=C sed "$sed_script" >&3 4>&-
|
||||||
|
) || r=2
|
||||||
|
exit $r
|
||||||
|
fi >&3 5>&-
|
||||||
|
--
|
||||||
|
2.35.1
|
||||||
|
|
|
@ -0,0 +1,70 @@
|
||||||
|
From: H.J. Lu <hjl.tools@gmail.com>
|
||||||
|
Date: Wed, 23 Dec 2020 15:49:04 +0100 (06:49 -0800)
|
||||||
|
Subject: [PATCH] liblzma: Enable Intel CET in x86 CRC assembly codes
|
||||||
|
|
||||||
|
When Intel CET is enabled, we need to include <cet.h> in assembly codes
|
||||||
|
to mark Intel CET support and add _CET_ENDBR to indirect jump targets.
|
||||||
|
|
||||||
|
Tested on Intel Tiger Lake under CET enabled Linux.
|
||||||
|
---
|
||||||
|
src/liblzma/check/crc32_x86.S | 9 +++++++++
|
||||||
|
src/liblzma/check/crc64_x86.S | 9 +++++++++
|
||||||
|
2 files changed, 18 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/liblzma/check/crc32_x86.S b/src/liblzma/check/crc32_x86.S
|
||||||
|
index 67f68a4..e3745e6 100644
|
||||||
|
--- a/src/liblzma/check/crc32_x86.S
|
||||||
|
+++ b/src/liblzma/check/crc32_x86.S
|
||||||
|
@@ -51,6 +51,14 @@ init_table(void)
|
||||||
|
* extern uint32_t lzma_crc32(const uint8_t *buf, size_t size, uint32_t crc);
|
||||||
|
*/
|
||||||
|
|
||||||
|
+/* When Intel CET is enabled, include <cet.h> in assembly code to mark
|
||||||
|
+ Intel CET support. */
|
||||||
|
+#ifdef __CET__
|
||||||
|
+# include <cet.h>
|
||||||
|
+#else
|
||||||
|
+# define _CET_ENDBR
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
/*
|
||||||
|
* On some systems, the functions need to be prefixed. The prefix is
|
||||||
|
* usually an underscore.
|
||||||
|
@@ -83,6 +91,7 @@ init_table(void)
|
||||||
|
|
||||||
|
ALIGN(4, 16)
|
||||||
|
LZMA_CRC32:
|
||||||
|
+ _CET_ENDBR
|
||||||
|
/*
|
||||||
|
* Register usage:
|
||||||
|
* %eax crc
|
||||||
|
diff --git a/src/liblzma/check/crc64_x86.S b/src/liblzma/check/crc64_x86.S
|
||||||
|
index f5bb84b..7ee08f6 100644
|
||||||
|
--- a/src/liblzma/check/crc64_x86.S
|
||||||
|
+++ b/src/liblzma/check/crc64_x86.S
|
||||||
|
@@ -41,6 +41,14 @@ init_table(void)
|
||||||
|
* extern uint64_t lzma_crc64(const uint8_t *buf, size_t size, uint64_t crc);
|
||||||
|
*/
|
||||||
|
|
||||||
|
+/* When Intel CET is enabled, include <cet.h> in assembly code to mark
|
||||||
|
+ Intel CET support. */
|
||||||
|
+#ifdef __CET__
|
||||||
|
+# include <cet.h>
|
||||||
|
+#else
|
||||||
|
+# define _CET_ENDBR
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
/*
|
||||||
|
* On some systems, the functions need to be prefixed. The prefix is
|
||||||
|
* usually an underscore.
|
||||||
|
@@ -73,6 +81,7 @@ init_table(void)
|
||||||
|
|
||||||
|
ALIGN(4, 16)
|
||||||
|
LZMA_CRC64:
|
||||||
|
+ _CET_ENDBR
|
||||||
|
/*
|
||||||
|
* Register usage:
|
||||||
|
* %eax crc LSB
|
||||||
|
--
|
||||||
|
2.26.0
|
||||||
|
|
67
xz.spec
67
xz.spec
|
@ -3,20 +3,23 @@
|
||||||
|
|
||||||
Summary: LZMA compression utilities
|
Summary: LZMA compression utilities
|
||||||
Name: xz
|
Name: xz
|
||||||
Version: 5.2.4
|
Version: 5.2.5
|
||||||
Release: 4%{?dist}
|
Release: 8%{?dist}
|
||||||
|
|
||||||
# Scripts xz{grep,diff,less,more} and symlinks (copied from gzip) are
|
# Scripts xz{grep,diff,less,more} and symlinks (copied from gzip) are
|
||||||
# GPLv2+, binaries are Public Domain (linked against LGPL getopt_long but its
|
# GPLv2+, binaries are Public Domain (linked against LGPL getopt_long but its
|
||||||
# OK), documentation is Public Domain.
|
# OK), documentation is Public Domain.
|
||||||
License: GPLv2+ and Public Domain
|
License: GPLv2+ and Public Domain
|
||||||
# official upstream release
|
# official upstream release
|
||||||
Source0: http://tukaani.org/%{name}/%{name}-%{version}.tar.xz
|
Source0: https://tukaani.org/%{name}/%{name}-%{version}.tar.xz
|
||||||
|
|
||||||
Source100: colorxzgrep.sh
|
Source100: colorxzgrep.sh
|
||||||
Source101: colorxzgrep.csh
|
Source101: colorxzgrep.csh
|
||||||
|
|
||||||
URL: http://tukaani.org/%{name}/
|
Patch1: xz-5.2.5-enable_CET.patch
|
||||||
|
Patch2: xz-5.2.5-cve-2022-1271.patch
|
||||||
|
|
||||||
|
URL: https://tukaani.org/%{name}/
|
||||||
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
||||||
|
|
||||||
# For /usr/libexec/grepconf.sh (RHBZ#1189120).
|
# For /usr/libexec/grepconf.sh (RHBZ#1189120).
|
||||||
|
@ -24,6 +27,7 @@ Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
||||||
# have grepconf, but we're only concerned with F22 here.
|
# have grepconf, but we're only concerned with F22 here.
|
||||||
Requires: grep >= 2.20-5
|
Requires: grep >= 2.20-5
|
||||||
|
|
||||||
|
BuildRequires: make
|
||||||
BuildRequires: gcc
|
BuildRequires: gcc
|
||||||
BuildRequires: perl-interpreter
|
BuildRequires: perl-interpreter
|
||||||
|
|
||||||
|
@ -80,7 +84,7 @@ commands that deal with the older LZMA format.
|
||||||
|
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%autosetup
|
%autosetup -p1
|
||||||
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
|
@ -122,21 +126,22 @@ LD_LIBRARY_PATH=$PWD/src/liblzma/.libs make check
|
||||||
|
|
||||||
|
|
||||||
%files -f %{name}.lang
|
%files -f %{name}.lang
|
||||||
%license %{_pkgdocdir}/COPYING*
|
%license COPYING*
|
||||||
%doc %{_pkgdocdir}
|
%doc %{_pkgdocdir}
|
||||||
%exclude %_pkgdocdir/examples*
|
%exclude %_pkgdocdir/examples*
|
||||||
%{_bindir}/*xz*
|
%{_bindir}/*xz*
|
||||||
%{_mandir}/man1/*xz*
|
%{_mandir}/man1/*xz*
|
||||||
|
%{_mandir}/de/man1/*xz*
|
||||||
%{profiledir}/*
|
%{profiledir}/*
|
||||||
|
|
||||||
|
|
||||||
%files libs
|
%files libs
|
||||||
%license %{_pkgdocdir}/COPYING
|
%license COPYING
|
||||||
%{_libdir}/lib*.so.5*
|
%{_libdir}/lib*.so.5*
|
||||||
|
|
||||||
|
|
||||||
%files static
|
%files static
|
||||||
%license %{_pkgdocdir}/COPYING
|
%license COPYING
|
||||||
%{_libdir}/liblzma.a
|
%{_libdir}/liblzma.a
|
||||||
|
|
||||||
|
|
||||||
|
@ -152,15 +157,55 @@ LD_LIBRARY_PATH=$PWD/src/liblzma/.libs make check
|
||||||
%files lzma-compat
|
%files lzma-compat
|
||||||
%{_bindir}/*lz*
|
%{_bindir}/*lz*
|
||||||
%{_mandir}/man1/*lz*
|
%{_mandir}/man1/*lz*
|
||||||
|
%{_mandir}/de/man1/*lz*
|
||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Wed Oct 7 18:35:46 CEST 2020 Petr Šabata <contyk@redhat.com> - 5.2.4-4
|
* Tue May 31 2022 Matej Mužila <mmuzila@redhat.com> - 5.2.5-8
|
||||||
- rebuilt
|
- Fix arbitrary file write vulnerability
|
||||||
|
Resolves: CVE-2022-1271
|
||||||
|
|
||||||
* Thu Nov 22 2018 Pavel Raiskup <praiskup@redhat.com> - 5.2.4-3
|
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 5.2.5-7
|
||||||
|
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||||
|
Related: rhbz#1991688
|
||||||
|
|
||||||
|
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 5.2.5-6
|
||||||
|
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
||||||
|
|
||||||
|
* Thu Jan 28 2021 Fedora Release Engineering <releng@fedoraproject.org> - 5.2.5-5
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||||
|
|
||||||
|
* Mon Jan 04 2021 Ondrej Dubaj <odubaj@redhat.com> - 5.2.5-4
|
||||||
|
- Enabled CET for i686 (#1910368)
|
||||||
|
|
||||||
|
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 5.2.5-3
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||||
|
|
||||||
|
* Mon Jun 8 2020 Richard W.M. Jones <rjones@redhat.com> - 5.2.5-2
|
||||||
|
- Fix location of German man pages (RHBZ#1844813).
|
||||||
|
|
||||||
|
* Mon Mar 30 2020 Ondrej Dubaj <odubaj@redhat.com> - 5.2.5-1
|
||||||
|
- Rebase to version 5.2.5 (#1818418)
|
||||||
|
|
||||||
|
* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 5.2.4-8
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Aug 21 2019 Petr Kubat <pkubat@redhat.com> - 5.2.4-7
|
||||||
|
- Use relative path for COPYING files so that rpm moves them to correct place
|
||||||
|
Related: rhbz#1741074
|
||||||
|
|
||||||
|
* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 5.2.4-6
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
||||||
|
|
||||||
|
* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 5.2.4-5
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
||||||
|
|
||||||
|
* Thu Nov 22 2018 Pavel Raiskup <praiskup@redhat.com> - 5.2.4-4
|
||||||
- fix annocheck failures on i686 (rhbz#1630650)
|
- fix annocheck failures on i686 (rhbz#1630650)
|
||||||
|
|
||||||
|
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 5.2.4-3
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||||
|
|
||||||
* Wed May 09 2018 Pavel Raiskup <praiskup@redhat.com> - 5.2.4-2
|
* Wed May 09 2018 Pavel Raiskup <praiskup@redhat.com> - 5.2.4-2
|
||||||
- drop ppc64p7 hack, per fedora devel list discussion:
|
- drop ppc64p7 hack, per fedora devel list discussion:
|
||||||
https://lists.fedoraproject.org/archives/list/
|
https://lists.fedoraproject.org/archives/list/
|
||||||
|
|
Loading…
Reference in New Issue