Replace the docs/zzipdoc/{match,options}.py files with their github
version. The original version of the files contains incompatible version headers. These files were thus removed from the source tar archive and replaced with their current github version. Resolves: rhbz:1982241
This commit is contained in:
parent
57e73671d3
commit
2c40933977
3
.gitignore
vendored
3
.gitignore
vendored
@ -6,3 +6,6 @@ zziplib-0.13.49.tar.bz2
|
|||||||
/v0.13.68.tar.gz
|
/v0.13.68.tar.gz
|
||||||
/v0.13.69.tar.gz
|
/v0.13.69.tar.gz
|
||||||
/v0.13.71.tar.gz
|
/v0.13.71.tar.gz
|
||||||
|
/v0.13.71-pruned.tar.gz
|
||||||
|
/match.py
|
||||||
|
/options.py
|
||||||
|
4
sources
4
sources
@ -1 +1,3 @@
|
|||||||
SHA512 (v0.13.71.tar.gz) = e035d0ac26dca78335ae3defc652543ff7b353a1a95d76ed1beeb21a08e16f287a62d488f528cfbb77d5b558581b68d439aa0823577524e9aa61a3cf5f208cb5
|
SHA512 (v0.13.71-pruned.tar.gz) = a121e2d6bd545350623571055559575bad8ef620ae66cd1bf8112c089b06cd5a293799edc68171dfb64798328f1208b1fdeb6d0a208b3e682e03a578ae092570
|
||||||
|
SHA512 (match.py) = cd76328f468dd96d2d453bfc9ae66b6d560f9caa59b08a467ff71b862123bc50191d71d3af2fed837bab780cd3d6403b2053871249b01227ef072b4e3fe938d3
|
||||||
|
SHA512 (options.py) = 47a581611a6dfca92013ae8029bdb48ab0c711ca5e2981a0fabc6fa9e59739b9bfbe8df2d1ac5b15e20e238e15516588c0dd13f7375d6706e22456e54084e610
|
||||||
|
22
zziplib.spec
22
zziplib.spec
@ -1,10 +1,18 @@
|
|||||||
Summary: Lightweight library to easily extract data from zip files
|
Summary: Lightweight library to easily extract data from zip files
|
||||||
Name: zziplib
|
Name: zziplib
|
||||||
Version: 0.13.71
|
Version: 0.13.71
|
||||||
Release: 6%{?dist}
|
Release: 7%{?dist}
|
||||||
License: LGPLv2+ or MPLv1.1
|
License: LGPLv2+ or MPLv1.1
|
||||||
URL: http://zziplib.sourceforge.net/
|
URL: http://zziplib.sourceforge.net/
|
||||||
Source: https://github.com/gdraheim/zziplib/archive/v%{version}.tar.gz
|
#Source: https://github.com/gdraheim/zziplib/archive/v%{version}.tar.gz
|
||||||
|
|
||||||
|
#Using the pruned version of the upstream archive. The archive does not contain the Source1 and Source2 files. Their github version is used instead (the original ones had licensing issues)
|
||||||
|
#rhbz#1982241
|
||||||
|
Source0: v%{version}-pruned.tar.gz
|
||||||
|
#https://raw.githubusercontent.com/gdraheim/zziplib/465450c86c930026664329876e5350d21a7527db/docs/zzipdoc/match.py
|
||||||
|
Source1: match.py
|
||||||
|
#https://raw.githubusercontent.com/gdraheim/zziplib/465450c86c930026664329876e5350d21a7527db/docs/zzipdoc/options.py
|
||||||
|
Source2: options.py
|
||||||
|
|
||||||
Patch1: CVE-2020-18442.patch
|
Patch1: CVE-2020-18442.patch
|
||||||
Patch100: multilib-32.patch
|
Patch100: multilib-32.patch
|
||||||
@ -62,6 +70,9 @@ zziplib library.
|
|||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
|
cp %{SOURCE1} docs/zzipdoc/
|
||||||
|
cp %{SOURCE2} docs/zzipdoc/
|
||||||
|
|
||||||
%patch1 -p1
|
%patch1 -p1
|
||||||
|
|
||||||
|
|
||||||
@ -111,6 +122,13 @@ popd
|
|||||||
%{_mandir}/man3/*
|
%{_mandir}/man3/*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Jul 23 2021 Jakub Martisko <jamartis@redhat.com> - 0.13.71-7
|
||||||
|
- Remove the doc/zzipdoc/{options,match}.py scritps from the original tar
|
||||||
|
- Replace them with a current github version
|
||||||
|
- The original version of the files contains autogenerated header with incompatible license
|
||||||
|
- This build thus uses modified tar archive
|
||||||
|
Resolves: rhbz#1982241
|
||||||
|
|
||||||
* Thu Jul 22 2021 Jakub Martisko <jamartis@redhat.com> - 0.13.71-6
|
* Thu Jul 22 2021 Jakub Martisko <jamartis@redhat.com> - 0.13.71-6
|
||||||
- Fix CVE-2020-18442
|
- Fix CVE-2020-18442
|
||||||
Resolves: CVE-2020-18442
|
Resolves: CVE-2020-18442
|
||||||
|
Loading…
Reference in New Issue
Block a user