.gear/rules | 2 + .../tags/7e4d33da204d7f3e70e2080c628d5641ebbc511c | 6 + .gear/tags/list | 1 + cmake/autotools/expat-noconfig__linux.cmake.in | 4 +- expat.spec | 243 +++++++++++++++++++++ tests/Makefile.am | 4 +- 6 files changed, 256 insertions(+), 4 deletions(-) diff --git a/.gear/rules b/.gear/rules new file mode 100644 index 0000000..16308ac --- /dev/null +++ b/.gear/rules @@ -0,0 +1,2 @@ +tar: v@version@:. name=expat-@version@ +diff: v@version@:. . name=expat-@version@-@release@.patch diff --git a/.gear/tags/7e4d33da204d7f3e70e2080c628d5641ebbc511c b/.gear/tags/7e4d33da204d7f3e70e2080c628d5641ebbc511c new file mode 100644 index 0000000..80af265 --- /dev/null +++ b/.gear/tags/7e4d33da204d7f3e70e2080c628d5641ebbc511c @@ -0,0 +1,6 @@ +object f3750babd2c408b01b960f3721a53d0ca4664bdb +type commit +tag v2.4.9 +tagger Vladimir D. Seleznev 1663684068 +0000 + +expat 2.4.9 diff --git a/.gear/tags/list b/.gear/tags/list new file mode 100644 index 0000000..0d62526 --- /dev/null +++ b/.gear/tags/list @@ -0,0 +1 @@ +7e4d33da204d7f3e70e2080c628d5641ebbc511c v2.4.9 diff --git a/cmake/autotools/expat-noconfig__linux.cmake.in b/cmake/autotools/expat-noconfig__linux.cmake.in index d0ad645..b285f02 100644 --- a/cmake/autotools/expat-noconfig__linux.cmake.in +++ b/cmake/autotools/expat-noconfig__linux.cmake.in @@ -8,12 +8,12 @@ set(CMAKE_IMPORT_FILE_VERSION 1) # Import target "expat::expat" for configuration "NoConfig" set_property(TARGET expat::expat APPEND PROPERTY IMPORTED_CONFIGURATIONS NOCONFIG) set_target_properties(expat::expat PROPERTIES - IMPORTED_LOCATION_NOCONFIG "${_IMPORT_PREFIX}/@LIBDIR_BASENAME@/libexpat.so.@SO_MAJOR@.@SO_MINOR@.@SO_PATCH@" + IMPORTED_LOCATION_NOCONFIG "/@LIBDIR_BASENAME@/libexpat.so.@SO_MAJOR@.@SO_MINOR@.@SO_PATCH@" IMPORTED_SONAME_NOCONFIG "libexpat.so.@SO_MAJOR@" ) list(APPEND _cmake_import_check_targets expat::expat ) -list(APPEND _cmake_import_check_files_for_expat::expat "${_IMPORT_PREFIX}/@LIBDIR_BASENAME@/libexpat.so.@SO_MAJOR@.@SO_MINOR@.@SO_PATCH@" ) +list(APPEND _cmake_import_check_files_for_expat::expat "/@LIBDIR_BASENAME@/libexpat.so.@SO_MAJOR@.@SO_MINOR@.@SO_PATCH@" ) # Commands beyond this point should not need to know the version. set(CMAKE_IMPORT_FILE_VERSION) diff --git a/expat.spec b/expat.spec new file mode 100644 index 0000000..2a16347 --- /dev/null +++ b/expat.spec @@ -0,0 +1,243 @@ +Name: expat +Version: 2.4.9 +Release: alt1 + +%def_disable static +%define pkgdocdir %_docdir/%name-%version + +Summary: An XML parser written in C +License: MIT +Group: System/Base +Url: http://www.libexpat.org/ +# http://downloads.sourceforge.net/project/expat/expat/%version/expat-%version.tar.bz2 +Source: %name-%version.tar +Patch: %name-%version-%release.patch + +Requires: lib%name = %version-%release + +# for "make check" +BuildRequires: gcc-c++ + +%package -n lib%name +Summary: XML parser library +Group: System/Libraries + +%package -n lib%name-devel +Summary: Development files for Expat, an XML parser library for C +Group: Development/C +Requires: lib%name = %version-%release +Provides: expat-devel = %version +Obsoletes: expat-devel + +%package -n lib%name-devel-static +Summary: Static library for developing static applications which will manipulate XML files +Group: Development/C +Requires: lib%name-devel = %version-%release + +%description +Expat is a stream-oriented XML parser written in C. + +%description -n lib%name +Expat is a stream-oriented XML parser written in C. +This package provides the Expat parser as a shared library. + +%description -n lib%name-devel +Expat is a stream-oriented XML parser written in C. +This package is needed if you want to build programs which use Expat +library. + +%description -n lib%name-devel-static +Expat is a stream-oriented XML parser written in C. +This package provides the Expat parser as a library for static linking. + +%prep +%setup +%patch -p1 + +%build +%autoreconf +export DOCBOOK_TO_MAN="xmlto man --skip-validation" +%configure %{subst_enable static} +%make_build + +%install +%makeinstall_std + +# Relocate shared library from /usr/lib to /lib. +mkdir -p %buildroot/%_lib +mv %buildroot%_libdir/libexpat.so.1* %buildroot/%_lib +rm %buildroot%_libdir/libexpat.so +ln -s ../../%_lib/libexpat.so.1 %buildroot%_libdir/libexpat.so + +install -d -m755 %buildroot%pkgdocdir +install -p -m644 AUTHORS README.md COPYING Changes %buildroot%pkgdocdir/ +install -p -m644 doc/*.{html,css} %buildroot%pkgdocdir/ +install -d -m755 %buildroot%pkgdocdir/examples +install -p -m644 examples/*.c %buildroot%pkgdocdir/examples/ + +%check +%make_build -k check + +%files +%_bindir/* +%_man1dir/* + +%files -n lib%name +/%_lib/*.so.* +%dir %pkgdocdir +%pkgdocdir/AUTHORS +%pkgdocdir/Changes +%pkgdocdir/COPYING +%pkgdocdir/README.md + +%files -n lib%name-devel +%_libdir/*.so +%_libdir/cmake/expat-%version +%_includedir/* +%_pkgconfigdir/*.pc +%dir %pkgdocdir +%pkgdocdir/*.html +%pkgdocdir/*.css +%pkgdocdir/examples + +%if_enabled static +%files -n lib%name-devel-static +%_libdir/*.a +%endif # enabled static + +%changelog +* Sat Sep 24 2022 Vladimir D. Seleznev 2.4.9-alt1 +- Updated to 2.4.9 (fixes: CVE-2022-40674 Heap use-after-free vulnerability in + function doContent). + +* Wed Mar 09 2022 Vladimir D. Seleznev 2.4.7-alt1 +- Updated to 2.4.7 (relax fix to CVE-2022-25236). + +* Sun Feb 20 2022 Vladimir D. Seleznev 2.4.6-alt1 +- Updated to 2.4.6 (fixes: CVE-2022-25235, CVE-2022-25236, CVE-2022-25313, + CVE-2022-25314 and CVE-2022-25315). + +* Fri Feb 04 2022 Vladimir D. Seleznev 2.4.4-alt1 +- Updated to 2.4.4 (fixes: CVE-2022-23852 and CVE-2022-23990). + +* Tue Jan 18 2022 Vladimir D. Seleznev 2.4.3-alt1 +- Updated to 2.4.3 (with multiple security fixes). +- Fixes: + + CVE-2021-45960 issues with left shift by >= 29 places in function storeAtts that + can lead to realloc misbehavior; + + CVE-2021-46143 Integer overflow on variable m_groupSize in function doProlog; + + CVE-2022-22822 Integer overflows near memory allocation in function addBinding; + + CVE-2022-22823 Integer overflows near memory allocation in function build_model; + + CVE-2022-22824 Integer overflows near memory allocation in function defineAttribute; + + CVE-2022-22825 Integer overflows near memory allocation in function lookup; + + CVE-2022-22826 Integer overflows near memory allocation in function nextScaffoldPart; + + CVE-2022-22827 Integer overflows near memory allocation in function storeAtts. + +* Tue Dec 14 2021 Vladimir D. Seleznev 2.4.1-alt2 +- Fixed cmake macros (closes #41571). + +* Mon Dec 13 2021 Vladimir D. Seleznev 2.4.1-alt1 +- Updated to 2.4.1. + +* Fri Oct 16 2020 Vladimir D. Seleznev 2.2.10-alt1 +- Updated to 2.2.10. + +* Sun May 31 2020 Vladimir D. Seleznev 2.2.9-alt1 +- 2.2.4 -> 2.2.9 (fixes CVE-2018-20843 and CVE-2019-15903) +- Fixed license field according with SPDX + +* Mon Aug 21 2017 Alexey Tourbin 2.2.4-alt1 +- 2.1.0 -> 2.2.4 + +* Wed Sep 12 2012 Dmitry V. Levin 2.1.0-alt1 +- Updated to 2.1.0. +- Stopped build and packaging of libexpat-devel-static. + +* Sat Feb 05 2011 Alexey Tourbin 2.0.1-alt5 +- relocated shared library from /usr/lib to /lib + +* Mon Oct 11 2010 Alexey Tourbin 2.0.1-alt4 +- backported more bugfixes from cvs +- enabled "make check" + +* Wed May 06 2009 Dmitry V. Levin 2.0.1-alt3 +- Fixed build with fresh libtool. + +* Fri Apr 10 2009 Alexey Tourbin 2.0.1-alt2 +- backported from cvs: +- parser crash with specially formatted UTF-8 sequences (expat-Bugs-1990430) +- xmlwf should return a non-zero code for parsing errors (expat-Bugs-2517938) + +* Fri Apr 10 2009 Alexey Tourbin 2.0.1-alt1 +- updated to 2.0.1 release +- removed ldconfig scriptlets + +* Sun Apr 08 2007 Alexey Tourbin 2.0.1-alt0.1 +- updated to 20061213 cvs snapshot + +* Thu Jan 19 2006 Dmitry V. Levin 2.0.0-alt3.1 +- Fixed recently added Provides for x86_64. + +* Tue Jan 17 2006 Mikhail Zabaluev 2.0.0-alt3 +- Added triggerpostun to correct libexpat.so.0 symlink after an upgrade + from a pre-2.0 version + +* Tue Jan 17 2006 Mikhail Zabaluev 2.0.0-alt2 +- Provide libexpat.so.0 as a symlink for backward compatibility + +* Thu Jan 12 2006 Mikhail Zabaluev 2.0.0-alt1 +- 2.0.0 +- Consolidated documentation in one directory +- Improved summaries and descriptions +- Buildreq + +* Fri Feb 11 2005 Mikhail Zabaluev 1.95.8-alt2 +- Formal rebuild to bring static library to Sisyphus [bug #6087] + +* Mon Jul 26 2004 Mikhail Zabaluev 1.95.8-alt1 +- New upstream release +- Excluded *.la files + +* Thu Oct 23 2003 Mikhail Zabaluev 1.95.7-alt1 +- New upstream release +- Patch0 is now obsolete + +* Tue Apr 01 2003 Mikhail Zabaluev 1.95.6-alt2 +- Relocate an enum declaration for better buildability (Vitaly Lipatov) + [Patch0] + +* Thu Feb 20 2003 Mikhail Zabaluev 1.95.6-alt1 +- 1.95.6 + +* Mon Sep 23 2002 Mikhail Zabaluev 1.95.5-alt1 +- 1.95.5 + +* Tue Sep 03 2002 AEN 1.95.4-alt1 +- new version + +* Mon Sep 02 2002 AEN 1.95.2-alt3 +- rebuilt with gcc-3.2.1 + +* Fri Mar 15 2002 Dmitry V. Levin 1.95.2-alt2 +- Fixed build. + +* Tue Jul 31 2001 Dmitry V. Levin 1.95.2-alt1 +- 1.95.2 +- Libification. + +* Wed Dec 27 2000 Dmitry V. Levin 1.95.1-ipl1 +- 1.95.1 +- Included new summaries and descriptions + (from Alexander Bokovoy ). + +* Sat Dec 09 2000 Dmitry V. Levin 1.1-ipl2 +- RE adaptions. +- FHSification. +- Moved library and headers to devel subpackage. + +* Mon Jan 10 2000 Dmitry V. Levin +- Fandra adaptions. + +* Wed Jul 28 1999 Greg LaPolla +- Made spec file +- Built on redhat 6.0 diff --git a/tests/Makefile.am b/tests/Makefile.am index cb68e11..21b8241 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -54,8 +54,8 @@ runtests_SOURCES = \ runtestspp_SOURCES = \ runtestspp.cpp -runtests_LDADD = libruntests.a ../lib/libexpatinternal.la -runtestspp_LDADD = libruntests.a ../lib/libexpatinternal.la +runtests_LDADD = libruntests.a ../lib/xmltok.lo ../lib/libexpatinternal.la +runtestspp_LDADD = libruntests.a ../lib/xmltok.lo ../lib/libexpatinternal.la runtests_LDFLAGS = @AM_LDFLAGS@ @LIBM@ runtestspp_LDFLAGS = @AM_LDFLAGS@ @LIBM@