[packages/apr-util] Up to 1.6.3; fixes CVE-2022-25147
arekm
arekm at pld-linux.org
Wed Feb 1 21:47:40 CET 2023
commit 37a3d5eee4deefd180b8b9904341bd01539dcd8f
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Wed Feb 1 21:47:19 2023 +0100
Up to 1.6.3; fixes CVE-2022-25147
apr-util-libtool.patch | 11 -----------
apr-util-link.patch | 14 +++++++++++---
apr-util.spec | 11 ++++++-----
3 files changed, 17 insertions(+), 19 deletions(-)
---
diff --git a/apr-util.spec b/apr-util.spec
index 8bf2ddd..2074e36 100644
--- a/apr-util.spec
+++ b/apr-util.spec
@@ -26,16 +26,16 @@
Summary: A companion library to Apache Portable Runtime
Summary(pl.UTF-8): Biblioteka towarzysząca Apache Portable Runtime
Name: apr-util
-Version: 1.6.1
-Release: 5
+Version: 1.6.3
+Release: 1
Epoch: 1
License: Apache v2.0
Group: Libraries
Source0: http://www.apache.org/dist/apr/%{name}-%{version}.tar.bz2
-# Source0-md5: 8ff5dc36fa39a2a3db1df196d3ed6086
+# Source0-md5: b6e8c9b31d938fe5797ceb0d1ff2eb69
Patch0: %{name}-link.patch
Patch1: %{name}-config-noldap.patch
-Patch2: %{name}-libtool.patch
+
Patch3: %{name}-flags.patch
URL: http://apr.apache.org/
BuildRequires: apr-devel >= 1:1.6.0
@@ -237,7 +237,7 @@ Statyczna biblioteka apr-util.
%setup -q
%patch0 -p1
%patch1 -p1
-%patch2 -p1
+
%patch3 -p1
echo '
@@ -260,6 +260,7 @@ echo '
' > config.layout
%build
+PYTHON=%{__python3} \
./buildconf \
--with-apr=%{_datadir}/apr
diff --git a/apr-util-libtool.patch b/apr-util-libtool.patch
deleted file mode 100644
index d88d5d3..0000000
--- a/apr-util-libtool.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- apr-util-1.3.4/Makefile.in~ 2008-06-13 12:27:19.000000000 +0300
-+++ apr-util-1.3.4/Makefile.in 2008-08-25 17:08:58.625899912 +0300
-@@ -23,7 +23,7 @@
- INSTALL_DATA = @INSTALL_DATA@
-
- APU_MODULES = @APU_MODULES@
--LINK_MODULE = $(LIBTOOL) $(LTFLAGS) --mode=link $(CC) $(LT_LDFLAGS) $(ALL_CFLAGS) $(ALL_LDFLAGS) $(APRUTIL_LDFLAGS) -release $(APRUTIL_MAJOR_VERSION) -module -rpath $(APU_DSO_LIBDIR)
-+LINK_MODULE = $(LIBTOOL) $(LTFLAGS) --mode=link --tag=CC $(CC) $(LT_LDFLAGS) $(ALL_CFLAGS) $(ALL_LDFLAGS) $(APRUTIL_LDFLAGS) -release $(APRUTIL_MAJOR_VERSION) -module -rpath $(APU_DSO_LIBDIR)
- APU_DSO_LIBDIR = @APU_DSO_LIBDIR@
-
- LT_VERSION = @APU_LTVERSION@
diff --git a/apr-util-link.patch b/apr-util-link.patch
index 057bc89..4886975 100644
--- a/apr-util-link.patch
+++ b/apr-util-link.patch
@@ -1,16 +1,24 @@
diff -urNp -x '*.orig' apr-util-1.6.1.org/configure.in apr-util-1.6.1/configure.in
--- apr-util-1.6.1.org/configure.in 2017-04-02 19:57:23.000000000 +0200
+++ apr-util-1.6.1/configure.in 2021-10-09 23:46:58.615015473 +0200
-@@ -172,7 +172,12 @@ APU_FIND_ICONV
+@@ -175,14 +175,19 @@ APU_FIND_ICONV
dnl Enable DSO build; must be last:
APU_CHECK_UTIL_DSO
+save_LIBS="$LIBS"
+LIBS=
AC_SEARCH_LIBS(crypt, crypt ufc)
-+APR_ADDTO(APRUTIL_EXPORT_LIBS, [$LIBS])
-+APR_ADDTO(APRUTIL_LIBS, [$LIBS])
+ case "$ac_cv_search_crypt" in
+ "no"|"none required")
+ ;;
+ *)
+- APR_ADDTO(APRUTIL_LIBS, [$ac_cv_search_crypt])
++ APR_ADDTO(APRUTIL_EXPORT_LIBS, [$LIBS])
++ APR_ADDTO(APRUTIL_LIBS, [$LIBS])
+ ;;
+ esac
+LIBS="$save_LIBS $LIBS"
++
AC_MSG_CHECKING(if system crypt() function is threadsafe)
if test "x$apu_crypt_threadsafe" = "x1"; then
AC_DEFINE(APU_CRYPT_THREADSAFE, 1, [Define if the system crypt() function is threadsafe])
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/apr-util.git/commitdiff/37a3d5eee4deefd180b8b9904341bd01539dcd8f
More information about the pld-cvs-commit
mailing list