|
|
e7cf86 |
Summary: Tar file manipulation API
|
|
|
e7cf86 |
Name: libtar
|
|
|
e7cf86 |
Version: 1.2.20
|
|
|
26844e |
Release: 17%{?dist}
|
|
|
e7cf86 |
License: MIT
|
|
|
e7cf86 |
URL: http://repo.or.cz/libtar.git
|
|
|
e7cf86 |
Source: http://repo.or.cz/libtar.git/snapshot/refs/tags/v1.2.20.tar.gz#/libtar-v1.2.20.tar.gz
|
|
|
e7cf86 |
Patch1: libtar-1.2.11-missing-protos.patch
|
|
|
e7cf86 |
Patch4: libtar-1.2.11-mem-deref.patch
|
|
|
e7cf86 |
Patch5: libtar-1.2.20-fix-resource-leaks.patch
|
|
|
e7cf86 |
Patch6: libtar-1.2.11-bz729009.patch
|
|
|
e7cf86 |
Patch7: libtar-1.2.20-no-static-buffer.patch
|
|
|
e7cf86 |
|
|
|
e7cf86 |
# fix programming mistakes detected by static analysis (#1602596)
|
|
|
e7cf86 |
Patch8: libtar-1.2.20-static-analysis.patch
|
|
|
e7cf86 |
|
|
|
26844e |
# fix out-of-bounds read in gnu_long{name,link} (CVE-2021-33643 CVE-2021-33644)
|
|
|
26844e |
Patch9: libtar-1.2.20-CVE-2021-33643-CVE-2021-33644.patch
|
|
|
26844e |
|
|
|
26844e |
# fix memory leaks through gnu_long{name,link} (CVE-2021-33645 CVE-2021-33646)
|
|
|
26844e |
Patch10: libtar-1.2.20-CVE-2021-33645-CVE-2021-33646.patch
|
|
|
26844e |
|
|
|
e7cf86 |
BuildRequires: libtool
|
|
|
e7cf86 |
BuildRequires: zlib-devel
|
|
|
e7cf86 |
|
|
|
e7cf86 |
%description
|
|
|
e7cf86 |
libtar is a C library for manipulating tar archives. It supports both
|
|
|
e7cf86 |
the strict POSIX tar format and many of the commonly-used GNU
|
|
|
e7cf86 |
extensions.
|
|
|
e7cf86 |
|
|
|
e7cf86 |
|
|
|
e7cf86 |
%package devel
|
|
|
e7cf86 |
Summary: Development files for %{name}
|
|
|
e7cf86 |
Requires: %{name} = %{version}-%{release}
|
|
|
e7cf86 |
|
|
|
e7cf86 |
%description devel
|
|
|
e7cf86 |
The %{name}-devel package contains libraries and header files for
|
|
|
e7cf86 |
developing applications that use %{name}.
|
|
|
e7cf86 |
|
|
|
e7cf86 |
|
|
|
e7cf86 |
%prep
|
|
|
e7cf86 |
%autosetup -n libtar-v%{version} -p1
|
|
|
e7cf86 |
|
|
|
e7cf86 |
# set correct version for .so build
|
|
|
e7cf86 |
%global ltversion %(echo %{version} | tr '.' ':')
|
|
|
e7cf86 |
sed -i 's/-rpath $(libdir)/-rpath $(libdir) -version-number %{ltversion}/' \
|
|
|
e7cf86 |
lib/Makefile.in
|
|
|
e7cf86 |
|
|
|
e7cf86 |
autoreconf -iv
|
|
|
e7cf86 |
|
|
|
e7cf86 |
|
|
|
e7cf86 |
%build
|
|
|
e7cf86 |
%configure --disable-static
|
|
|
e7cf86 |
make %{?_smp_mflags}
|
|
|
e7cf86 |
|
|
|
e7cf86 |
|
|
|
e7cf86 |
%install
|
|
|
e7cf86 |
make install DESTDIR=$RPM_BUILD_ROOT
|
|
|
e7cf86 |
# Without this we get no debuginfo and stripping
|
|
|
e7cf86 |
chmod +x $RPM_BUILD_ROOT%{_libdir}/libtar.so.%{version}
|
|
|
e7cf86 |
rm $RPM_BUILD_ROOT%{_libdir}/*.la
|
|
|
e7cf86 |
|
|
|
e7cf86 |
|
|
|
e7cf86 |
%ldconfig_scriptlets
|
|
|
e7cf86 |
|
|
|
e7cf86 |
|
|
|
e7cf86 |
%files
|
|
|
e7cf86 |
%doc COPYRIGHT TODO README ChangeLog*
|
|
|
e7cf86 |
%{_bindir}/%{name}
|
|
|
e7cf86 |
%{_libdir}/lib*.so.*
|
|
|
e7cf86 |
|
|
|
e7cf86 |
%files devel
|
|
|
e7cf86 |
%{_includedir}/libtar.h
|
|
|
e7cf86 |
%{_includedir}/libtar_listhash.h
|
|
|
e7cf86 |
%{_libdir}/lib*.so
|
|
|
e7cf86 |
%{_mandir}/man3/*.3*
|
|
|
e7cf86 |
|
|
|
e7cf86 |
|
|
|
e7cf86 |
%changelog
|
|
|
26844e |
* Mon Dec 19 2022 Kamil Dudka <kdudka@redhat.com> - 1.2.20-17
|
|
|
26844e |
- fix use-after-free bugs introduced by incorrect memleak fixes (CVE-2021-33640)
|
|
|
26844e |
|
|
|
26844e |
* Fri Aug 26 2022 Kamil Dudka <kdudka@redhat.com> - 1.2.20-16
|
|
|
26844e |
- fix memory leaks through gnu_long{name,link} (CVE-2021-33645 CVE-2021-33646)
|
|
|
26844e |
- fix out-of-bounds read in gnu_long{name,link} (CVE-2021-33643 CVE-2021-33644)
|
|
|
26844e |
|
|
|
e7cf86 |
* Wed Nov 07 2018 Kamil Dudka <kdudka@redhat.com> - 1.2.20-15
|
|
|
e7cf86 |
- fix programming mistakes detected by static analysis (#1602596)
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Thu Jul 12 2018 Kamil Dudka <kdudka@redhat.com> - 1.2.20-14
|
|
|
e7cf86 |
- fix source URL and re-download the upstream tarball
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Wed May 30 2018 Kamil Dudka <kdudka@redhat.com> - 1.2.20-13
|
|
|
e7cf86 |
- drop obsolete Group tags
|
|
|
e7cf86 |
- replace dead project URL
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Thu Feb 08 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.2.20-12
|
|
|
e7cf86 |
- Switch to %%ldconfig_scriptlets
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.20-12
|
|
|
e7cf86 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.20-11
|
|
|
e7cf86 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.20-10
|
|
|
e7cf86 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.20-9
|
|
|
e7cf86 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.20-8
|
|
|
e7cf86 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.20-7
|
|
|
e7cf86 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Sat Feb 21 2015 Till Maas <opensource@till.name> - 1.2.20-6
|
|
|
e7cf86 |
- Rebuilt for Fedora 23 Change
|
|
|
e7cf86 |
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.20-5
|
|
|
e7cf86 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.20-4
|
|
|
e7cf86 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Fri Oct 25 2013 Kamil Dudka <kdudka@redhat.com> - 1.2.20-3
|
|
|
e7cf86 |
- avoid using a static buffer in th_get_pathname()
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Wed Oct 16 2013 Kamil Dudka <kdudka@redhat.com> - 1.2.20-2
|
|
|
e7cf86 |
- use the upstream version of resource leak patches
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Thu Oct 10 2013 Kamil Dudka <kdudka@redhat.com> - 1.2.20-1
|
|
|
e7cf86 |
- update to 1.2.20 (latest upstream release)
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Thu Oct 10 2013 Kamil Dudka <kdudka@redhat.com> - 1.2.11-28
|
|
|
e7cf86 |
- fix CVE-2013-4397: buffer overflows by expanding a specially-crafted archive
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Fri Oct 04 2013 Kamil Dudka <kdudka@redhat.com> - 1.2.11-27
|
|
|
e7cf86 |
- fix file descriptor leaks reported by cppcheck (#785760)
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.11-26
|
|
|
e7cf86 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.11-25
|
|
|
e7cf86 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Tue Aug 28 2012 Kamil Dudka <kdudka@redhat.com> - 1.2.11-24
|
|
|
e7cf86 |
- fix specfile issues reported by the fedora-review script
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.11-23
|
|
|
e7cf86 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.11-22
|
|
|
e7cf86 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Tue Aug 09 2011 Kamil Dudka <kdudka@redhat.com> - 1.2.11-21
|
|
|
e7cf86 |
- Allow to extract debug-info from /usr/bin/libtar (#729009)
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.11-20
|
|
|
e7cf86 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Thu May 27 2010 Kamil Dudka <kdudka@redhat.com> - 1.2.11-19
|
|
|
e7cf86 |
- Completed review of memory leaks related patches (#589056)
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Mon May 3 2010 Huzaifa Sidhpurwala <huzaifas@redhat.com> - 1.2.11-18
|
|
|
e7cf86 |
- Fix more memory leaks
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Mon May 3 2010 Huzaifa Sidhpurwala <huzaifas@redhat.com> - 1.2.11-17
|
|
|
e7cf86 |
- Fix lot of memory leaks
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Thu Dec 31 2009 Huzaifa Sidhpurwala <huzaifas@redhat.com> - 1.2.11-16
|
|
|
e7cf86 |
- Fix invalid memory de-reference issue in BZ #551415
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Fri Nov 20 2009 Huzaifa Sidhpurwala <huzaifas@redhat.com> - 1.2.11-15
|
|
|
e7cf86 |
- Fix buffer overflow in BZ #538770
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Tue Sep 22 2009 Stepan Kasal <skasal@redhat.com> - 1.2.11-14
|
|
|
e7cf86 |
- fix up so that it builds again (#511566)
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.11-13
|
|
|
e7cf86 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.11-12
|
|
|
e7cf86 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Thu Apr 3 2008 Hans de Goede <j.w.r.degoede@hhs.nl> 1.2.11-11
|
|
|
e7cf86 |
- Fix missing prototype compiler warnings
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 1.2.11-10
|
|
|
e7cf86 |
- Autorebuild for GCC 4.3
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Mon Aug 13 2007 Hans de Goede <j.w.r.degoede@hhs.nl> 1.2.11-9
|
|
|
e7cf86 |
- Update License tag for new Licensing Guidelines compliance
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Mon Aug 28 2006 Hans de Goede <j.w.r.degoede@hhs.nl> 1.2.11-8
|
|
|
e7cf86 |
- FE6 Rebuild
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Sun Jul 23 2006 Hans de Goede <j.w.r.degoede@hhs.nl> 1.2.11-7
|
|
|
e7cf86 |
- Taking over as maintainer since Anvil has other priorities
|
|
|
e7cf86 |
- Add a bunch of patches from Debian, which build a .so instead of a .a
|
|
|
e7cf86 |
and fix a bunch of memory leaks.
|
|
|
e7cf86 |
- Reinstate a proper devel package as we now build a .so
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Thu Mar 16 2006 Dams <anvil[AT]livna.org> - 1.2.11-6.fc5
|
|
|
e7cf86 |
- Modified URL and added one in Source0
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Sun May 22 2005 Jeremy Katz <katzj@redhat.com> - 1.2.11-5
|
|
|
e7cf86 |
- rebuild on all arches
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Fri Apr 8 2005 Michael Schwendt <mschwendt[AT]users.sf.net>
|
|
|
e7cf86 |
- rebuilt
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Sat Aug 16 2003 Dams <anvil[AT]livna.org> 0:1.2.11-0.fdr.3
|
|
|
e7cf86 |
- Merged devel and main packages
|
|
|
e7cf86 |
- Package provide now libtar-devel
|
|
|
e7cf86 |
|
|
|
e7cf86 |
* Tue Jul 8 2003 Dams <anvil[AT]livna.org>
|
|
|
e7cf86 |
- Initial build.
|