forked from microsoft/azurelinux
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathlibarchive.spec
More file actions
163 lines (127 loc) · 5.16 KB
/
libarchive.spec
File metadata and controls
163 lines (127 loc) · 5.16 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
Summary: Multi-format archive and compression library
Name: libarchive
Version: 3.6.1
Release: 8%{?dist}
# Certain files have individual licenses. For more details see contents of "COPYING".
License: BSD AND Public Domain AND (ASL 2.0 OR CC0 1.0 OR OpenSSL)
Vendor: Microsoft Corporation
Distribution: Mariner
URL: https://www.libarchive.org/
Source0: https://github.com/libarchive/libarchive/releases/download/v%{version}/%{name}-%{version}.tar.gz
Patch0: CVE-2022-36227.patch
Patch1: CVE-2024-26256.patch
# Please remove the following patches when upgrading to v3.7.5 and above
Patch2: CVE-2024-20696.patch
Patch3: CVE-2024-48958.patch
Patch4: CVE-2024-48957.patch
Patch5: CVE-2025-25724.patch
Patch6: CVE-2024-48615.patch
Patch7: CVE-2025-5914.patch
Patch8: CVE-2025-5915.patch
Patch9: CVE-2025-5916.patch
Patch10: CVE-2025-5917.patch
Patch11: CVE-2025-5918.patch
Patch12: CVE-2025-60753.patch
Provides: bsdtar = %{version}-%{release}
BuildRequires: xz-libs
BuildRequires: xz-devel
BuildRequires: xz-libs
Requires: xz-libs
%description
Multi-format archive and compression library
%package devel
Summary: Header and development files
Requires: %{name} = %{version}
%description devel
It contains the libraries and header files to create applications
%prep
%autosetup -p1
%build
export CFLAGS="%{optflags}"
autoreconf --force --install
./configure --prefix=%{_prefix} --disable-static
make %{?_smp_mflags}
%install
rm -rf %{buildroot}%{_infodir}
make DESTDIR=%{buildroot} install
find %{buildroot} -type f -name "*.la" -delete -print
%check
make %{?_smp_mflags} check
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%files
%defattr(-,root,root)
%license COPYING
%{_libdir}/*.so.*
%{_bindir}
%exclude %{_libdir}/debug/
%files devel
%defattr(-,root,root)
%{_includedir}
%{_mandir}
%{_libdir}/*.so
%{_libdir}/pkgconfig/*.pc
%changelog
* Mon Jan 19 2026 Azure Linux Security Servicing Account <azurelinux-security@microsoft.com> - 3.6.1-8
- Patch for CVE-2025-60753
* Thu Jun 26 2025 Sumit Jena <v-sumitjena@microsoft.com> - 3.6.1-7
- Patch CVE-2025-5914, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917, CVE-2025-5918
* Mon Apr 07 2025 Kavya Sree Kaitepalli <kkaitepalli@microsoft.com> - 3.6.1-6
- Patch CVE-2024-48615
* Tue Mar 11 2025 Kanishk Bansal <kanbansal@microsoft.com> - 3.6.1-5
- Patch CVE-2025-25724
* Tue Oct 15 2024 Nan Liu <liunan@microsoft.com> - 3.6.1-4
- Patch CVE-2024-48957, CVE-2024-48958, CVE-2024-20696
* Thu Jun 06 2024 Nan Liu <liunan@microsoft.com> - 3.6.1-3
- Patch CVE-2024-26256
* Thu Dec 01 2022 Muhammad Falak <mwani@microsoft.com> - 3.6.1-2
- Patch CVE-2022-36227
* Mon Jun 13 2022 Muhammad Falak <mwani@microsoft.com> - 3.6.1-1
- Bump version to 3.6.1 to address CVE-2022-26280
* Tue Mar 15 2022 Max Brodeur-Urbas <maxbr@microsoft.com> - 3.6.0-1
- Upgrading to v3.6.0
* Thu Feb 03 2022 Muhammad Falak <mwani@microsoft.com> - 3.4.2-5
- Backport patch from upstream to fix 'test_write_disk_secure'
* Fri Apr 02 2021 Thomas Crain <thcrain@microsoft.com> - 3.4.2-4
- Merge the following releases from 1.0 to dev branch
- henry.beberman@microsoft.com, 3.4.2-3: Update Source URL to GitHub instead of libarchive.org
* Mon Sep 28 2020 Ruying Chen <v-ruyche@microsoft.com> 3.4.2-3
- Provide bsdtar for base package
* Sat May 09 2020 Nick Samson <nisamson@microsoft.com> 3.4.2-2
- Added %%license line automatically
* Fri May 01 2020 Pawel Winogrodzki <pawelwi@microsoft.com> 3.4.2-1
- Bumping version up to 3.4.2 to fix following CVEs:
- CVE-2018-1000877,
- CVE-2018-1000878,
- CVE-2018-1000879,
- CVE-2018-1000880,
- CVE-2019-1000019,
- CVE-2019-1000020,
- CVE-2019-18408, and
- CVE-2020-9308.
- Fixed "Source0" and "URL" tags.
- License verified.
* Tue Sep 03 2019 Mateusz Malisz <mamalisz@microsoft.com> 3.3.3-2
- Initial CBL-Mariner import from Photon (license: Apache2).
* Thu Sep 13 2018 Siju Maliakkal <smaliakkal@vmware.com> 3.3.3-1
- Updated to latest version
* Fri Sep 15 2017 Dheeraj Shetty <dheerajs@vmware.com> 3.3.1-2
- Add xz-libs and xz-devel to BuildRequires and Requires
* Mon Apr 03 2017 Divya Thaluru <dthaluru@vmware.com> 3.3.1-1
- Upgrade version to 3.3.1
* Tue Sep 27 2016 Alexey Makhalov <amakhalov@vmware.com> 3.2.1-1
- Update version to 3.2.1
* Thu Sep 22 2016 Anish Swaminathan <anishs@vmware.com> 3.1.2-7
- Adding patch for security fix CVE-2016-6250
* Tue May 24 2016 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 3.1.2-6
- GA - Bump release of all rpms
* Mon Oct 12 2015 Xiaolin Li <xiaolinl@vmware.com> 3.1.2-5
- Moving static lib files to devel package.
* Fri Oct 9 2015 Xiaolin Li <xiaolinl@vmware.com> 3.1.2-4
- Removing la files from packages.
* Fri Aug 14 2015 Alexey Makhalov <amakhalov@vmware.com> 3.1.2-3
- Adding patches for security fixes CVE-2013-2011 and CVE-2015-2304.
* Wed Jul 8 2015 Alexey Makhalov <amakhalov@vmware.com> 3.1.2-2
- Added devel package, dist tag. Use macroses part.
* Fri Jun 5 2015 Touseef Liaqat <tliaqat@vmware.com> 3.1.2-1
- Initial build. First version