From f1f3807b8c7f89b78e00f39141647f547c5a8783 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Mar 28 2023 09:56:37 +0000 Subject: import cmake-3.20.2-5.el8 --- diff --git a/SOURCES/0001-Tests-Explicitly-allow-usage-of-git-file-based-proto.patch b/SOURCES/0001-Tests-Explicitly-allow-usage-of-git-file-based-proto.patch new file mode 100644 index 0000000..28f02b2 --- /dev/null +++ b/SOURCES/0001-Tests-Explicitly-allow-usage-of-git-file-based-proto.patch @@ -0,0 +1,41 @@ +From f72734ff7712d6aae837f940a45d6e7508bb182c Mon Sep 17 00:00:00 2001 +From: Brad King +Date: Thu, 20 Oct 2022 13:38:20 -0400 +Subject: [PATCH] Tests: Explicitly allow usage of git file-based protocol in + test cases + +Due to CVE-2022-39253, Git 2.30.6 sets `protocol.file.allow=user` by +default. The change has also been backported to other Git versions by +distros. This breaks some of our test cases that use the file-based +protocol locally to simulate real workflows without requiring network +access. In these cases the file protocol is safe, so explicitly enable +it in the tests. + +(cherry picked from commit 79ce0f434e916684d734e136b92e14f472a9d14a) +--- + Tests/CMakeLists.txt | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/Tests/CMakeLists.txt b/Tests/CMakeLists.txt +index 8e7c04fbd0..d011020f99 100644 +--- a/Tests/CMakeLists.txt ++++ b/Tests/CMakeLists.txt +@@ -1540,6 +1540,7 @@ if(BUILD_TESTING) + ) + list(APPEND TEST_BUILD_DIRS "${CMake_BINARY_DIR}/Tests/ExternalProject") + set_tests_properties(ExternalProject PROPERTIES ++ ENVIRONMENT GIT_ALLOW_PROTOCOL=file + RUN_SERIAL 1 + TIMEOUT ${CMAKE_LONG_TEST_TIMEOUT}) + +@@ -2653,6 +2654,7 @@ if(BUILD_TESTING) + -P "${CMake_BINARY_DIR}/Tests/CTestUpdateGIT.cmake" + ) + list(APPEND TEST_BUILD_DIRS "${CMake_BINARY_DIR}/Tests/${CTestUpdateGIT_DIR}") ++ set_property(TEST CTest.UpdateGIT PROPERTY ENVIRONMENT GIT_ALLOW_PROTOCOL=file) + endif() + + # Test CTest Update with HG +-- +2.31.1 + diff --git a/SPECS/cmake.spec b/SPECS/cmake.spec index af1ecd3..a72edcb 100644 --- a/SPECS/cmake.spec +++ b/SPECS/cmake.spec @@ -65,7 +65,7 @@ %{?rcsuf:%global versuf -%{rcsuf}} # For handling bump release by rpmdev-bumpspec and mass rebuild -%global baserelease 4 +%global baserelease 5 # Uncomment if building for EPEL #global name_suffix %%{major_version} @@ -110,6 +110,9 @@ Patch102: %{name}-mingw-dl.patch # so limit it to some reasonable number (4) Patch103: cmake-3.20-CPACK_THREADS.patch +# rhbz#2162696 +Patch105: 0001-Tests-Explicitly-allow-usage-of-git-file-based-proto.patch + # Patch for renaming on EPEL %if 0%{?name_suffix:1} Patch1: %{name}-rename.patch @@ -529,6 +532,9 @@ popd %changelog +* Tue Jan 31 2023 Tom Stellard - 3.20.2-5 +- Fix test case broken by git fix for CVE-2022-39253 + * Fri Jul 09 2021 sguelton@redhat.com - 3.20.2-4 - Fix update (rhbz#1964407)