Replace the docs/zzipdoc/{match,options}.py files with their github

version.

The original version of the files contains incompatible version headers.
These files were thus removed from the source tar archive and replaced
with their current github version.

Resolves: rhbz:1982241
This commit is contained in:
Jakub Martisko 2021-07-23 11:26:09 +02:00
parent 57e73671d3
commit 2c40933977
3 changed files with 26 additions and 3 deletions

3
.gitignore vendored
View File

@ -6,3 +6,6 @@ zziplib-0.13.49.tar.bz2
/v0.13.68.tar.gz /v0.13.68.tar.gz
/v0.13.69.tar.gz /v0.13.69.tar.gz
/v0.13.71.tar.gz /v0.13.71.tar.gz
/v0.13.71-pruned.tar.gz
/match.py
/options.py

View File

@ -1 +1,3 @@
SHA512 (v0.13.71.tar.gz) = e035d0ac26dca78335ae3defc652543ff7b353a1a95d76ed1beeb21a08e16f287a62d488f528cfbb77d5b558581b68d439aa0823577524e9aa61a3cf5f208cb5 SHA512 (v0.13.71-pruned.tar.gz) = a121e2d6bd545350623571055559575bad8ef620ae66cd1bf8112c089b06cd5a293799edc68171dfb64798328f1208b1fdeb6d0a208b3e682e03a578ae092570
SHA512 (match.py) = cd76328f468dd96d2d453bfc9ae66b6d560f9caa59b08a467ff71b862123bc50191d71d3af2fed837bab780cd3d6403b2053871249b01227ef072b4e3fe938d3
SHA512 (options.py) = 47a581611a6dfca92013ae8029bdb48ab0c711ca5e2981a0fabc6fa9e59739b9bfbe8df2d1ac5b15e20e238e15516588c0dd13f7375d6706e22456e54084e610

View File

@ -1,10 +1,18 @@
Summary: Lightweight library to easily extract data from zip files Summary: Lightweight library to easily extract data from zip files
Name: zziplib Name: zziplib
Version: 0.13.71 Version: 0.13.71
Release: 6%{?dist} Release: 7%{?dist}
License: LGPLv2+ or MPLv1.1 License: LGPLv2+ or MPLv1.1
URL: http://zziplib.sourceforge.net/ URL: http://zziplib.sourceforge.net/
Source: https://github.com/gdraheim/zziplib/archive/v%{version}.tar.gz #Source: https://github.com/gdraheim/zziplib/archive/v%{version}.tar.gz
#Using the pruned version of the upstream archive. The archive does not contain the Source1 and Source2 files. Their github version is used instead (the original ones had licensing issues)
#rhbz#1982241
Source0: v%{version}-pruned.tar.gz
#https://raw.githubusercontent.com/gdraheim/zziplib/465450c86c930026664329876e5350d21a7527db/docs/zzipdoc/match.py
Source1: match.py
#https://raw.githubusercontent.com/gdraheim/zziplib/465450c86c930026664329876e5350d21a7527db/docs/zzipdoc/options.py
Source2: options.py
Patch1: CVE-2020-18442.patch Patch1: CVE-2020-18442.patch
Patch100: multilib-32.patch Patch100: multilib-32.patch
@ -62,6 +70,9 @@ zziplib library.
%prep %prep
%setup -q %setup -q
cp %{SOURCE1} docs/zzipdoc/
cp %{SOURCE2} docs/zzipdoc/
%patch1 -p1 %patch1 -p1
@ -111,6 +122,13 @@ popd
%{_mandir}/man3/* %{_mandir}/man3/*
%changelog %changelog
* Fri Jul 23 2021 Jakub Martisko <jamartis@redhat.com> - 0.13.71-7
- Remove the doc/zzipdoc/{options,match}.py scritps from the original tar
- Replace them with a current github version
- The original version of the files contains autogenerated header with incompatible license
- This build thus uses modified tar archive
Resolves: rhbz#1982241
* Thu Jul 22 2021 Jakub Martisko <jamartis@redhat.com> - 0.13.71-6 * Thu Jul 22 2021 Jakub Martisko <jamartis@redhat.com> - 0.13.71-6
- Fix CVE-2020-18442 - Fix CVE-2020-18442
Resolves: CVE-2020-18442 Resolves: CVE-2020-18442