浏览代码

libarchive-3.6.2-1

Tomohiro "Tomo-p" KATO 1 年之前
父节点
当前提交
1d0b0a0932
共有 1 个文件被更改,包括 14 次插入11 次删除
  1. 14 11
      lib/liba/libarchive/libarchive-vl.spec

+ 14 - 11
lib/liba/libarchive/libarchive-vl.spec

@@ -1,7 +1,7 @@
 Name:          libarchive
 Summary:       A library for handling streaming archive formats 
-Version:       3.6.1
-Release:       2%{?_dist_release}
+Version:       3.6.2
+Release:       1%{?_dist_release}
 Group:         system
 Vendor:        Project Vine
 Distribution:  Vine Linux
@@ -10,15 +10,6 @@ License:       BSD
 URL:           https://www.libarchive.org/
 Source0:       https://www.libarchive.org/downloads/%{name}-%{version}.tar.gz
 
-# When configured against OpenSSL 1.1, the RIPEMD-160 support was not detected,
-# so it was not compiled in previously. With OpenSSL 3.0, it's now detected as
-# being available, but it only actually works when the legacy provider is
-# loaded, which breaks the RIPEMD-160 test. This patch disables the RIPEMD-160
-# support explicitly.
-Patch0001:     0001-Drop-rmd160-from-OpenSSL.patch
-# https://github.com/libarchive/libarchive/commit/fd180c36036df7181a64931264732a10ad8cd024
-Patch1000:     CVE-2022-36227.patch
-
 BuildRoot:     %{_tmppath}/%{name}-%{version}-root
 BuildRequires: bzip2-devel
 BuildRequires: libacl-devel
@@ -52,6 +43,13 @@ developing applications that use %{name}.
 %prep
 %autosetup -p1
 
+# When configured against OpenSSL 1.1, the RIPEMD-160 support was not detected,
+# so it was not compiled in previously. With OpenSSL 3.0, it's now detected as
+# being available, but it only actually works when the legacy provider is
+# loaded, which breaks the RIPEMD-160 test. This patch disables the RIPEMD-160
+# support explicitly.
+sed -i -e '/RMD160, OPENSSL, rmd160/d' configure.ac
+
 autoreconf -vif
 
 
@@ -92,6 +90,11 @@ rm -rf $RPM_BUILD_ROOT
 
 
 %changelog
+* Sat Dec 10 2022 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 3.6.2-1
+- new upstream release.
+- dropped Patch0001: maede to get the same effect by sed.
+- dropped Patch1000: fixed in upstream.
+
 * Tue Nov 29 2022 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 3.6.1-2
 - imported Patch1000 from upstream to fix CVE-2022-36227.