From 2e309953cfb0b67a1f89cdbb449eaa6e697566a5 Mon Sep 17 00:00:00 2001 From: Jacob Wang Date: Fri, 9 May 2025 10:10:29 +0800 Subject: [PATCH 1/2] [CVE]update to libsoup-2.62.3-8 to #IC6HAW update to libsoup-2.62.3-8 for CVE-2025-32050 CVE-2025-32052 CVE-2025-32053 CVE-2025-32906 CVE-2025-32911 CVE-2025-32913 CVE-2025-46420 CVE-2025-46421 Project: TC2024080204 Signed-off-by: Jacob Wang --- CVE-2025-32050.patch | 25 +++++++ CVE-2025-32052.patch | 26 +++++++ CVE-2025-32053.patch | 35 ++++++++++ CVE-2025-32906.patch | 65 ++++++++++++++++++ CVE-2025-32911-CVE-2025-32913.patch | 67 +++++++++++++++++++ CVE-2025-46420.patch | 56 ++++++++++++++++ CVE-2025-46421.patch | 32 +++++++++ ...ow-NUL-bytes.patch => CVE-2025-52530.patch | 0 ...nput-when-pa.patch => CVE-2025-52531.patch | 0 ...we-read-data.patch => CVE-2025-52532.patch | 0 libsoup.spec | 50 ++++++++------ test-cert-expiration.patch | 60 +++++++++++++++++ 12 files changed, 395 insertions(+), 21 deletions(-) create mode 100644 CVE-2025-32050.patch create mode 100644 CVE-2025-32052.patch create mode 100644 CVE-2025-32053.patch create mode 100644 CVE-2025-32906.patch create mode 100644 CVE-2025-32911-CVE-2025-32913.patch create mode 100644 CVE-2025-46420.patch create mode 100644 CVE-2025-46421.patch rename 0001-headers-Strictly-don-t-allow-NUL-bytes.patch => CVE-2025-52530.patch (100%) rename 0001-headers-Be-more-robust-against-invalid-input-when-pa.patch => CVE-2025-52531.patch (100%) rename 0001-websocket-process-the-frame-as-soon-as-we-read-data.patch => CVE-2025-52532.patch (100%) create mode 100644 test-cert-expiration.patch diff --git a/CVE-2025-32050.patch b/CVE-2025-32050.patch new file mode 100644 index 0000000..e189bb6 --- /dev/null +++ b/CVE-2025-32050.patch @@ -0,0 +1,25 @@ +From 9bb0a55de55c6940ced811a64fbca82fe93a9323 Mon Sep 17 00:00:00 2001 +From: Patrick Griffis +Date: Mon, 28 Oct 2024 12:29:48 -0500 +Subject: [PATCH] Fix using int instead of size_t for strcspn return + +--- + libsoup/soup-headers.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libsoup/soup-headers.c b/libsoup/soup-headers.c +index 613e1905..a5f7a7f6 100644 +--- a/libsoup/soup-headers.c ++++ b/libsoup/soup-headers.c +@@ -907,7 +907,7 @@ append_param_quoted (GString *string, + const char *name, + const char *value) + { +- int len; ++ gsize len; + + g_string_append (string, name); + g_string_append (string, "=\""); +-- +GitLab + diff --git a/CVE-2025-32052.patch b/CVE-2025-32052.patch new file mode 100644 index 0000000..861731b --- /dev/null +++ b/CVE-2025-32052.patch @@ -0,0 +1,26 @@ +From 1542173d11df64e39e71367f10596e8160481290 Mon Sep 17 00:00:00 2001 +From: Patrick Griffis +Date: Sat, 16 Nov 2024 12:07:30 -0600 +Subject: [PATCH] Fix heap buffer overflow in soup_content_sniffer_sniff + +Co-Author: Ar Jun +--- + libsoup/soup-content-sniffer.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libsoup/soup-content-sniffer.c b/libsoup/soup-content-sniffer.c +index 967ec614..26c65bbd 100644 +--- a/libsoup/soup-content-sniffer.c ++++ b/libsoup/soup-content-sniffer.c +@@ -504,7 +504,7 @@ sniff_unknown (SoupContentSniffer *sniffer, SoupBuffer *buffer, + guint index_pattern = 0; + gboolean skip_row = FALSE; + +- while ((index_stream < resource_length) && ++ while ((index_stream < resource_length - 1) && + (index_pattern <= type_row->pattern_length)) { + /* Skip insignificant white space ("WS" in the spec) */ + if (type_row->pattern[index_pattern] == ' ') { +-- +2.49.0 + diff --git a/CVE-2025-32053.patch b/CVE-2025-32053.patch new file mode 100644 index 0000000..92a7442 --- /dev/null +++ b/CVE-2025-32053.patch @@ -0,0 +1,35 @@ +From 8e1793e2ddd8c2648b9a28f06bf21fd13bd12b39 Mon Sep 17 00:00:00 2001 +From: Ar Jun +Date: Mon, 18 Nov 2024 14:59:51 -0600 +Subject: [PATCH] Fix heap buffer overflow in + soup-content-sniffer.c:sniff_feed_or_html() + +--- + libsoup/soup-content-sniffer.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/libsoup/soup-content-sniffer.c b/libsoup/soup-content-sniffer.c +index 26c65bbd..698d05e4 100644 +--- a/libsoup/soup-content-sniffer.c ++++ b/libsoup/soup-content-sniffer.c +@@ -620,7 +620,7 @@ skip_insignificant_space (const char *resource, int *pos, int resource_length) + (resource[*pos] == '\x0D')) { + *pos = *pos + 1; + +- if (*pos > resource_length) ++ if (*pos >= resource_length) + return TRUE; + } + +@@ -682,7 +682,7 @@ sniff_feed_or_html (SoupContentSniffer *sniffer, SoupBuffer *buffer) + do { + pos++; + +- if (pos > resource_length) ++ if ((pos + 1) > resource_length) + goto text_html; + } while (resource[pos] != '>'); + +-- +2.49.0 + diff --git a/CVE-2025-32906.patch b/CVE-2025-32906.patch new file mode 100644 index 0000000..0dc4c27 --- /dev/null +++ b/CVE-2025-32906.patch @@ -0,0 +1,65 @@ +From 1f509f31b6f8420a3661c3f990424ab7b9164931 Mon Sep 17 00:00:00 2001 +From: Patrick Griffis +Date: Tue, 11 Feb 2025 14:36:26 -0600 +Subject: [PATCH 1/2] headers: Handle parsing edge case + +This version number is specifically crafted to pass sanity checks allowing it to go one byte out of bounds. +--- + libsoup/soup-headers.c | 2 +- + tests/header-parsing-test.c | 12 ++++++++++++ + 2 files changed, 13 insertions(+), 1 deletion(-) + +diff --git a/libsoup/soup-headers.c b/libsoup/soup-headers.c +index 85385cea..9d6d00a3 100644 +--- a/libsoup/soup-headers.c ++++ b/libsoup/soup-headers.c +@@ -225,7 +225,7 @@ soup_headers_parse_request (const char *str, + !g_ascii_isdigit (version[5])) + return SOUP_STATUS_BAD_REQUEST; + major_version = strtoul (version + 5, &p, 10); +- if (*p != '.' || !g_ascii_isdigit (p[1])) ++ if (p + 1 >= str + len || *p != '.' || !g_ascii_isdigit (p[1])) + return SOUP_STATUS_BAD_REQUEST; + minor_version = strtoul (p + 1, &p, 10); + version_end = p; +-- +GitLab + + +From af5b9a4a3945c52b940d5ac181ef51bb12011f1f Mon Sep 17 00:00:00 2001 +From: Patrick Griffis +Date: Wed, 12 Feb 2025 11:30:02 -0600 +Subject: [PATCH 2/2] headers: Handle parsing only newlines + +Closes #404 +Closes #407 +--- + libsoup/soup-headers.c | 4 ++-- + tests/header-parsing-test.c | 13 ++++++++++++- + 2 files changed, 14 insertions(+), 3 deletions(-) + +diff --git a/libsoup/soup-headers.c b/libsoup/soup-headers.c +index 9d6d00a3..52ef2ece 100644 +--- a/libsoup/soup-headers.c ++++ b/libsoup/soup-headers.c +@@ -186,7 +186,7 @@ soup_headers_parse_request (const char *str, + /* RFC 2616 4.1 "servers SHOULD ignore any empty line(s) + * received where a Request-Line is expected." + */ +- while ((*str == '\r' || *str == '\n') && len > 0) { ++ while (len > 0 && (*str == '\r' || *str == '\n')) { + str++; + len--; + } +@@ -371,7 +371,7 @@ soup_headers_parse_response (const char *str, + * after a response, which we then see prepended to the next + * response on that connection. + */ +- while ((*str == '\r' || *str == '\n') && len > 0) { ++ while (len > 0 && (*str == '\r' || *str == '\n')) { + str++; + len--; + } +-- +GitLab + diff --git a/CVE-2025-32911-CVE-2025-32913.patch b/CVE-2025-32911-CVE-2025-32913.patch new file mode 100644 index 0000000..e7fae23 --- /dev/null +++ b/CVE-2025-32911-CVE-2025-32913.patch @@ -0,0 +1,67 @@ +From f2d316341c00a343d0b46edd590efa8c102521c3 Mon Sep 17 00:00:00 2001 +From: Patrick Griffis +Date: Fri, 27 Dec 2024 17:53:50 -0600 +Subject: [PATCH 1/2] soup_message_headers_get_content_disposition: Fix NULL + deref + +--- + libsoup/soup-message-headers.c | 13 +++++++++---- + tests/header-parsing-test.c | 13 +++++++++++++ + 2 files changed, 22 insertions(+), 4 deletions(-) + +diff --git a/libsoup/soup-message-headers.c b/libsoup/soup-message-headers.c +index 5c8c7cb9..ccf31233 100644 +--- a/libsoup/soup-message-headers.c ++++ b/libsoup/soup-message-headers.c +@@ -1443,10 +1443,15 @@ soup_message_headers_get_content_disposition (SoupMessageHeaders *hdrs, + */ + if (params && g_hash_table_lookup_extended (*params, "filename", + &orig_key, &orig_value)) { +- char *filename = strrchr (orig_value, '/'); +- +- if (filename) +- g_hash_table_insert (*params, g_strdup (orig_key), filename + 1); ++ if (orig_value) { ++ char *filename = strrchr (orig_value, '/'); ++ ++ if (filename) ++ g_hash_table_insert (*params, g_strdup (orig_key), filename + 1); ++ } else { ++ /* filename with no value isn't valid. */ ++ g_hash_table_remove (*params, "filename"); ++ } + } + return TRUE; + } +-- +2.49.0 + + +From dd3a245941f117832dd1fdda4f8bc68b44e2810d Mon Sep 17 00:00:00 2001 +From: Patrick Griffis +Date: Fri, 27 Dec 2024 18:00:39 -0600 +Subject: [PATCH 2/2] soup_message_headers_get_content_disposition: strdup + truncated filenames + +This table frees the strings it contains. +--- + libsoup/soup-message-headers.c | 2 +- + tests/header-parsing-test.c | 1 + + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/libsoup/soup-message-headers.c b/libsoup/soup-message-headers.c +index ccf31233..64847e30 100644 +--- a/libsoup/soup-message-headers.c ++++ b/libsoup/soup-message-headers.c +@@ -1447,7 +1447,7 @@ soup_message_headers_get_content_disposition (SoupMessageHeaders *hdrs, + char *filename = strrchr (orig_value, '/'); + + if (filename) +- g_hash_table_insert (*params, g_strdup (orig_key), filename + 1); ++ g_hash_table_insert (*params, g_strdup (orig_key), g_strdup (filename + 1)); + } else { + /* filename with no value isn't valid. */ + g_hash_table_remove (*params, "filename"); +-- +2.49.0 + diff --git a/CVE-2025-46420.patch b/CVE-2025-46420.patch new file mode 100644 index 0000000..c7dfb9e --- /dev/null +++ b/CVE-2025-46420.patch @@ -0,0 +1,56 @@ +From 355d7979ac27c6a83684e079d5bc6cf148e7bc16 Mon Sep 17 00:00:00 2001 +From: Patrick Griffis +Date: Thu, 26 Dec 2024 18:31:42 -0600 +Subject: [PATCH] soup_header_parse_quality_list: Fix leak + +When iterating over the parsed list we now steal the allocated strings that we want and then free_full the list which may contain remaining strings. +--- + libsoup/soup-headers.c | 11 +++++------ + 1 file changed, 5 insertions(+), 6 deletions(-) + +diff --git a/libsoup/soup-headers.c b/libsoup/soup-headers.c +index eec28adf..3e922816 100644 +--- a/libsoup/soup-headers.c ++++ b/libsoup/soup-headers.c +@@ -535,7 +535,7 @@ soup_header_parse_quality_list (const char *header, GSList **unacceptable) + GSList *unsorted; + QualityItem *array; + GSList *sorted, *iter; +- char *item, *semi; ++ char *semi; + const char *param, *equal, *value; + double qval; + int n; +@@ -548,9 +548,8 @@ soup_header_parse_quality_list (const char *header, GSList **unacceptable) + unsorted = soup_header_parse_list (header); + array = g_new0 (QualityItem, g_slist_length (unsorted)); + for (iter = unsorted, n = 0; iter; iter = iter->next) { +- item = iter->data; + qval = 1.0; +- for (semi = strchr (item, ';'); semi; semi = strchr (semi + 1, ';')) { ++ for (semi = strchr (iter->data, ';'); semi; semi = strchr (semi + 1, ';')) { + param = skip_lws (semi + 1); + if (*param != 'q') + continue; +@@ -582,15 +581,15 @@ soup_header_parse_quality_list (const char *header, GSList **unacceptable) + if (qval == 0.0) { + if (unacceptable) { + *unacceptable = g_slist_prepend (*unacceptable, +- item); ++ g_steal_pointer (&iter->data)); + } + } else { +- array[n].item = item; ++ array[n].item = g_steal_pointer (&iter->data); + array[n].qval = qval; + n++; + } + } +- g_slist_free (unsorted); ++ g_slist_free_full (unsorted, g_free); + + qsort (array, n, sizeof (QualityItem), sort_by_qval); + sorted = NULL; +-- +2.49.0 + diff --git a/CVE-2025-46421.patch b/CVE-2025-46421.patch new file mode 100644 index 0000000..18c9093 --- /dev/null +++ b/CVE-2025-46421.patch @@ -0,0 +1,32 @@ +From 4329a7e88c72079ae3eedbb1558b929851507464 Mon Sep 17 00:00:00 2001 +From: Patrick Griffis +Date: Wed, 5 Feb 2025 16:18:10 -0600 +Subject: [PATCH] session: Strip authentication credentails on cross-origin + redirect + +This should match the behavior of Firefox and Safari but not of Chromium. +--- + libsoup/soup-session.c | 6 ++++ + tests/auth-test.c | 77 ++++++++++++++++++++++++++++++++++++++++++ + 2 files changed, 83 insertions(+) + +diff --git a/libsoup/soup-session.c b/libsoup/soup-session.c +index dd3cdc46..82ca8bf9 100644 +--- a/libsoup/soup-session.c ++++ b/libsoup/soup-session.c +@@ -1187,6 +1187,12 @@ soup_session_redirect_message (SoupSession *session, SoupMessage *msg) + SOUP_ENCODING_NONE); + } + ++ /* Strip all credentials on cross-origin redirect. */ ++ if (!soup_uri_host_equal (soup_message_get_uri (msg), new_uri)) { ++ soup_message_headers_remove (msg->request_headers, "Authorization"); ++ soup_message_set_auth (msg, NULL); ++ } ++ + soup_message_set_uri (msg, new_uri); + soup_uri_free (new_uri); + +-- +2.49.0 + diff --git a/0001-headers-Strictly-don-t-allow-NUL-bytes.patch b/CVE-2025-52530.patch similarity index 100% rename from 0001-headers-Strictly-don-t-allow-NUL-bytes.patch rename to CVE-2025-52530.patch diff --git a/0001-headers-Be-more-robust-against-invalid-input-when-pa.patch b/CVE-2025-52531.patch similarity index 100% rename from 0001-headers-Be-more-robust-against-invalid-input-when-pa.patch rename to CVE-2025-52531.patch diff --git a/0001-websocket-process-the-frame-as-soon-as-we-read-data.patch b/CVE-2025-52532.patch similarity index 100% rename from 0001-websocket-process-the-frame-as-soon-as-we-read-data.patch rename to CVE-2025-52532.patch diff --git a/libsoup.spec b/libsoup.spec index c683804..06eb861 100644 --- a/libsoup.spec +++ b/libsoup.spec @@ -1,9 +1,8 @@ -%define anolis_release .0.1 %define glib2_version 2.38.0 Name: libsoup Version: 2.62.3 -Release: 7%{anolis_release}%{?dist} +Release: 8%{?dist} Summary: Soup, an HTTP library implementation License: LGPLv2 @@ -15,9 +14,23 @@ Patch0002: 0002-WebSockets-allow-null-characters-in-text-messages-da.patch Patch0003: 0003-WebSockets-only-poll-IO-stream-when-needed.patch Patch0004: 0004-ntlmv2.patch Patch0005: 0005-WebSockets-do-not-start-the-input-source-when-IO-is-closing.patch -Patch0006: 0001-headers-Strictly-don-t-allow-NUL-bytes.patch -Patch0007: 0001-websocket-process-the-frame-as-soon-as-we-read-data.patch -Patch0008: 0001-headers-Be-more-robust-against-invalid-input-when-pa.patch +Patch0006: CVE-2025-52530.patch +Patch0007: CVE-2025-52531.patch +Patch0008: CVE-2025-52532.patch +# https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/446 +Patch0009: test-cert-expiration.patch +# https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/415 +Patch0010: CVE-2025-32050.patch +Patch0011: CVE-2025-32052.patch +Patch0012: CVE-2025-32053.patch +# https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/440 +Patch0013: CVE-2025-32906.patch +# https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/422 +Patch0014: CVE-2025-32911-CVE-2025-32913.patch +# https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/421 +Patch0015: CVE-2025-46420.patch +# https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/436 +Patch0016: CVE-2025-46421.patch BuildRequires: chrpath BuildRequires: glib2-devel >= %{glib2_version} @@ -33,9 +46,6 @@ BuildRequires: vala Requires: glib2%{?_isa} >= %{glib2_version} Requires: glib-networking%{?_isa} >= %{glib2_version} -Requires: glibc -Requires: libxml2 - %description Libsoup is an HTTP library implementation in C. It was originally part of a SOAP (Simple Object Access Protocol) implementation called Soup, but @@ -55,14 +65,6 @@ Requires: %{name}%{?_isa} = %{version}-%{release} Libsoup is an HTTP library implementation in C. This package allows you to develop applications that use the libsoup library. -%package doc -Summary: Documents for %{name} -BuildArch: noarch -Requires: %{name} = %{version}-%{release} - -%description doc -Doc pages for %{name}. - %prep %autosetup -p1 @@ -86,6 +88,7 @@ chrpath --delete $RPM_BUILD_ROOT%{_libdir}/*.so %files -f libsoup.lang %license COPYING +%doc README NEWS AUTHORS %{_libdir}/lib*.so.* %{_libdir}/girepository-1.0/Soup*2.4.typelib @@ -101,12 +104,17 @@ chrpath --delete $RPM_BUILD_ROOT%{_libdir}/*.so %{_datadir}/vala/vapi/libsoup-2.4.deps %{_datadir}/vala/vapi/libsoup-2.4.vapi -%files doc -%doc README NEWS AUTHORS - %changelog -* Fri Jan 31 2025 Weisson - 2.62.3-7.0.1 -- Add doc sub package +* Thu May 01 2025 Michael Catanzaro - 2.62.3-8 +- Backport patches for various CVEs, plus test improvements + Resolves: RHEL-85887 + Resolves: RHEL-85900 + Resolves: RHEL-85901 + Resolves: RHEL-87039 + Resolves: RHEL-87094 + Resolves: RHEL-87114 + Resolves: RHEL-88348 + Resolves: RHEL-88351 * Tue Jan 28 2025 Michael Catanzaro - 2.62.3-7 - Backport upstream patch for CVE-2024-52531 - buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict diff --git a/test-cert-expiration.patch b/test-cert-expiration.patch new file mode 100644 index 0000000..c48aad8 --- /dev/null +++ b/test-cert-expiration.patch @@ -0,0 +1,60 @@ +From 2dafd907586f52291b38c46362e72c7379558626 Mon Sep 17 00:00:00 2001 +From: "Bernhard M. Wiedemann" +Date: Thu, 18 Feb 2021 09:13:40 +0100 +Subject: [PATCH] Extend test cert to 2049 + +used certtool -u \ + --load-ca-privkey ./tests/test-key.pem \ + --load-ca-certificate ./tests/test-cert.pem \ + --load-certificate ./tests/test-cert.pem + +Without this patch, 3 tests failed in 2027 + 11/29 misc-test FAIL 0.67s (exit status 1) + 21/29 server-test FAIL 0.12s (exit status 1) + 25/29 timeout-test FAIL 4.08s (killed by signal 5 SIGTRAP) + +Background: +As part of my work on reproducible builds for openSUSE, I check that software still gives identical build results in the future. +The usual offset is +15 years, because that is how long I expect some software will be used in some places. +This showed up failing tests in our package build. +See https://reproducible-builds.org/ for why this matters. + +(cherry picked from commit 38a65f080a3168e8af78bdd3e4928debeea2dbd8) +--- + tests/test-cert.pem | 16 ++++++++-------- + 1 file changed, 8 insertions(+), 8 deletions(-) + +diff --git a/tests/test-cert.pem b/tests/test-cert.pem +index ff863b4d1..4b8b180dc 100644 +--- a/tests/test-cert.pem ++++ b/tests/test-cert.pem +@@ -1,6 +1,6 @@ + -----BEGIN CERTIFICATE----- + MIIC2zCCAcOgAwIBAgIJALRbg2WnuAAqMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV +-BAMMCTEyNy4wLjAuMTAeFw0xNzA2MjAxNDI3MzBaFw0yNzA2MTgxNDI3MzBaMBQx ++BAMMCTEyNy4wLjAuMTAeFw0yMTAyMTgwODA3MzBaFw00OTEyMzEwODA3MzRaMBQx + EjAQBgNVBAMMCTEyNy4wLjAuMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC + ggEBAKs4fuRuW77nORhOT9kbbU6BsjKW3GEsMc+ZSmXjINQWpfkES2hV+DQyzhm5 + qh4OLi1vYtXoSbdQNDCbA8ybZJqR8m9F3ed8vobdSSQGxWpPdXTgz27x+TpiAc9P +@@ -8,11 +8,11 @@ w83UuPvlu/0AxHJBFXVAg+id0yFu3wmGWYJHoAtvFi2xeRtAXurNuPtjZyO+gfM9 + BKTRCkGsRSmPpJyGbU2Q96fjxnVfV9oYvQXeugUcSx/pTUCM/kDgD9QZCxG2rflX + NWcqDFY3uO6ZR68Qwi/KouOa8rzrgAcwhFUI6Wz0Zwi1rzRtWK5WqC24aBUYz/tK + hl8i88UDXSMh7spChdYDBGLhZyUCAwEAAaMwMC4wLAYDVR0RBCUwI4IJbG9jYWxo +-b3N0hwR/AAABhxAAAAAAAAAAAAAAAAAAAAABMA0GCSqGSIb3DQEBCwUAA4IBAQBj +-+U8tebwg5/pof5Rht6TMHqeg6Fcr4OJkL2ph2g+T/AMTS7kEGeFIKJN5AZ+S/qIY +-cdoDKHwc8+bCK/mG6DPmJ4z/2Eamb85YhplOLVrLRwfxRebTK9CtnjcjnflAiU9H +-7vPVwXIvkwebhBSQNKTdkBlPXKaTNWXuygeFG2OVQkPf/KAxSdtg2R+owv/s802Z +-HISk26wY9oFIQz6AiXWdrY1QqNOltZ7rlU5iofAH7X+9ryZlxPWj/gHg2YQRvvLl +-dq6nCF+ED0ke7h0lg5nU0beKEygwli8DlLVbu0JK0PkARFp5t7wUtzC9DCjzvfOc +-gxR44PyZX7/2oaTDm4PS ++b3N0hwR/AAABhxAAAAAAAAAAAAAAAAAAAAABMA0GCSqGSIb3DQEBCwUAA4IBAQAz ++/qYTUuBGHgp7T1cfaJPnhx6U1SMfdJRtFoWOXDx+MNCK9GYkdMEabzRGUP5uNHO+ ++PiZP/bMIHlpsbRA5AyyVf9Xv8JCujvYh24qYcBbwgZrfvNTm0D52P9JJm0SalTXS ++kwwTj00DWGVfVzJR+wiwYGHRIlyXbHqQSRzv6+z9f/xY5gXw/KpCNYTuOJcXW7w6 ++JfMrUnc9pphRUpcLkuuzOMKuB0dtWRc0mZIr7PZHt+0gitNZWA0bDYI3JI9tlK17 ++nxBUSpGtJwDgH//b8ek/P0P9a5VzQbBC6lXtQUMdxg7ovfAI//IS8ekBoRKI0Wde ++r2IpM9hKSBU3c2gGXcJC + -----END CERTIFICATE----- +-- +GitLab + -- Gitee From 4aacbf02a8f316ee64d15970acda43fe846f7358 Mon Sep 17 00:00:00 2001 From: Weisson Date: Mon, 18 Jul 2022 10:59:52 +0800 Subject: [PATCH 2/2] spec: add doc sub package Signed-off-by: Weisson --- libsoup.spec | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/libsoup.spec b/libsoup.spec index 06eb861..17921c2 100644 --- a/libsoup.spec +++ b/libsoup.spec @@ -1,8 +1,9 @@ +%define anolis_release .0.1 %define glib2_version 2.38.0 Name: libsoup Version: 2.62.3 -Release: 8%{?dist} +Release: 8%{anolis_release}%{?dist} Summary: Soup, an HTTP library implementation License: LGPLv2 @@ -46,6 +47,9 @@ BuildRequires: vala Requires: glib2%{?_isa} >= %{glib2_version} Requires: glib-networking%{?_isa} >= %{glib2_version} +Requires: glibc +Requires: libxml2 + %description Libsoup is an HTTP library implementation in C. It was originally part of a SOAP (Simple Object Access Protocol) implementation called Soup, but @@ -65,6 +69,14 @@ Requires: %{name}%{?_isa} = %{version}-%{release} Libsoup is an HTTP library implementation in C. This package allows you to develop applications that use the libsoup library. +%package doc +Summary: Documents for %{name} +BuildArch: noarch +Requires: %{name} = %{version}-%{release} + +%description doc +Doc pages for %{name}. + %prep %autosetup -p1 @@ -88,7 +100,6 @@ chrpath --delete $RPM_BUILD_ROOT%{_libdir}/*.so %files -f libsoup.lang %license COPYING -%doc README NEWS AUTHORS %{_libdir}/lib*.so.* %{_libdir}/girepository-1.0/Soup*2.4.typelib @@ -104,7 +115,13 @@ chrpath --delete $RPM_BUILD_ROOT%{_libdir}/*.so %{_datadir}/vala/vapi/libsoup-2.4.deps %{_datadir}/vala/vapi/libsoup-2.4.vapi +%files doc +%doc README NEWS AUTHORS + %changelog +* Fri May 09 2025 Weisson - 2.62.3-8.0.1 +- Add doc sub package + * Thu May 01 2025 Michael Catanzaro - 2.62.3-8 - Backport patches for various CVEs, plus test improvements Resolves: RHEL-85887 -- Gitee