[packages/apr-util] Up to 1.6.3; fixes CVE-2022-25147

Wed Feb 1 21:47:40 CET 2023

commit 37a3d5eee4deefd180b8b9904341bd01539dcd8f
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date:   Wed Feb 1 21:47:19 2023 +0100

    Up to 1.6.3; fixes  CVE-2022-25147

 apr-util-libtool.patch | 11 -----------
 apr-util-link.patch    | 14 +++++++++++---
 apr-util.spec          | 11 ++++++-----
 3 files changed, 17 insertions(+), 19 deletions(-)
---

diff --git a/apr-util.spec b/apr-util.spec
index 8bf2ddd..2074e36 100644
--- a/apr-util.spec
+++ b/apr-util.spec
@@ -26,16 +26,16 @@
 Summary:	A companion library to Apache Portable Runtime
 Summary(pl.UTF-8):	Biblioteka towarzysząca Apache Portable Runtime
 Name:		apr-util
-Version:	1.6.1
-Release:	5
+Version:	1.6.3
+Release:	1
 Epoch:		1
 License:	Apache v2.0
 Group:		Libraries
 Source0:	http://www.apache.org/dist/apr/%{name}-%{version}.tar.bz2
-# Source0-md5:	8ff5dc36fa39a2a3db1df196d3ed6086
+# Source0-md5:	b6e8c9b31d938fe5797ceb0d1ff2eb69
 Patch0:		%{name}-link.patch
 Patch1:		%{name}-config-noldap.patch
-Patch2:		%{name}-libtool.patch
+
 Patch3:		%{name}-flags.patch
 URL:		http://apr.apache.org/
 BuildRequires:	apr-devel >= 1:1.6.0
@@ -237,7 +237,7 @@ Statyczna biblioteka apr-util.
 %setup -q
 %patch0 -p1
 %patch1 -p1
-%patch2 -p1
+
 %patch3 -p1
 
 echo '
@@ -260,6 +260,7 @@ echo '
 ' > config.layout
 
 %build
+PYTHON=%{__python3} \
 ./buildconf \
 	--with-apr=%{_datadir}/apr
 
diff --git a/apr-util-libtool.patch b/apr-util-libtool.patch
deleted file mode 100644
index d88d5d3..0000000
--- a/apr-util-libtool.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- apr-util-1.3.4/Makefile.in~	2008-06-13 12:27:19.000000000 +0300
-+++ apr-util-1.3.4/Makefile.in	2008-08-25 17:08:58.625899912 +0300
-@@ -23,7 +23,7 @@
- INSTALL_DATA = @INSTALL_DATA@
- 
- APU_MODULES = @APU_MODULES@
--LINK_MODULE = $(LIBTOOL) $(LTFLAGS) --mode=link $(CC) $(LT_LDFLAGS) $(ALL_CFLAGS) $(ALL_LDFLAGS) $(APRUTIL_LDFLAGS) -release $(APRUTIL_MAJOR_VERSION) -module -rpath $(APU_DSO_LIBDIR)
-+LINK_MODULE = $(LIBTOOL) $(LTFLAGS) --mode=link --tag=CC $(CC) $(LT_LDFLAGS) $(ALL_CFLAGS) $(ALL_LDFLAGS) $(APRUTIL_LDFLAGS) -release $(APRUTIL_MAJOR_VERSION) -module -rpath $(APU_DSO_LIBDIR)
- APU_DSO_LIBDIR = @APU_DSO_LIBDIR@
- 
- LT_VERSION = @APU_LTVERSION@
diff --git a/apr-util-link.patch b/apr-util-link.patch
index 057bc89..4886975 100644
--- a/apr-util-link.patch
+++ b/apr-util-link.patch
@@ -1,16 +1,24 @@
 diff -urNp -x '*.orig' apr-util-1.6.1.org/configure.in apr-util-1.6.1/configure.in
 --- apr-util-1.6.1.org/configure.in	2017-04-02 19:57:23.000000000 +0200
 +++ apr-util-1.6.1/configure.in	2021-10-09 23:46:58.615015473 +0200
-@@ -172,7 +172,12 @@ APU_FIND_ICONV
+@@ -175,14 +175,19 @@ APU_FIND_ICONV
  dnl Enable DSO build; must be last:
  APU_CHECK_UTIL_DSO
  
 +save_LIBS="$LIBS"
 +LIBS=
  AC_SEARCH_LIBS(crypt, crypt ufc)
-+APR_ADDTO(APRUTIL_EXPORT_LIBS, [$LIBS])
-+APR_ADDTO(APRUTIL_LIBS, [$LIBS])
+ case "$ac_cv_search_crypt" in
+ "no"|"none required")
+     ;;
+ *)
+-    APR_ADDTO(APRUTIL_LIBS, [$ac_cv_search_crypt])
++    APR_ADDTO(APRUTIL_EXPORT_LIBS, [$LIBS])
++    APR_ADDTO(APRUTIL_LIBS, [$LIBS])
+     ;;
+ esac
 +LIBS="$save_LIBS $LIBS"
++
  AC_MSG_CHECKING(if system crypt() function is threadsafe)
  if test "x$apu_crypt_threadsafe" = "x1"; then
    AC_DEFINE(APU_CRYPT_THREADSAFE, 1, [Define if the system crypt() function is threadsafe])
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/apr-util.git/commitdiff/37a3d5eee4deefd180b8b9904341bd01539dcd8f

