diff --git a/backport-CVE-2020-17525.patch b/backport-CVE-2020-17525.patch deleted file mode 100644 index 7bdf0b0d629ca8815bb0eedcd4b13dd994bed640..0000000000000000000000000000000000000000 --- a/backport-CVE-2020-17525.patch +++ /dev/null @@ -1,26 +0,0 @@ -From: Stefan Sperling -Date: Fri, 29 Jan 2021 13:17:15 +0000 -Subject: Fix a potential NULL dereference in the config file parser. - -* subversion/libsvn_repos/config_file.c - (get_repos_config): svn_repos_find_root_path() may return NULL. - Check the return value accordingly. ---- - subversion/libsvn_repos/config_file.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/subversion/libsvn_repos/config_file.c b/subversion/libsvn_repos/config_file.c -index 9187277..2414db9 100644 ---- a/subversion/libsvn_repos/config_file.c -+++ b/subversion/libsvn_repos/config_file.c -@@ -237,6 +237,10 @@ get_repos_config(svn_stream_t **stream, - { - /* Search for a repository in the full path. */ - repos_root_dirent = svn_repos_find_root_path(dirent, scratch_pool); -+ if (repos_root_dirent == NULL) -+ return svn_error_trace(handle_missing_file(stream, checksum, access, -+ url, must_exist, -+ svn_node_none)); - - /* Attempt to open a repository at repos_root_dirent. */ - SVN_ERR(svn_repos_open3(&access->repos, repos_root_dirent, NULL, diff --git a/subversion-1.12.0-linking.patch b/subversion-1.12.0-linking.patch new file mode 100644 index 0000000000000000000000000000000000000000..f3dcacc41912123426fad8c3f82a98cd80443a34 --- /dev/null +++ b/subversion-1.12.0-linking.patch @@ -0,0 +1,84 @@ + +Fix the way libtool is used to match standard practice: + +a) link ONLY libraries using -rpath $(libdir), not executables + .. this avoids adding an RPATH for $libdir to executables +b) link non-installable test binaries using -no-install + .. only for convenience but should speed up builds slightly(?) + +--- subversion-1.12.0/build.conf.linking ++++ subversion-1.12.0/build.conf +@@ -572,7 +572,7 @@ + path = subversion/bindings/swig/python/libsvn_swig_py + libs = libsvn_client libsvn_wc libsvn_ra libsvn_delta libsvn_subr + apriconv apr python swig +-link-cmd = $(LINK) ++link-cmd = $(LINK_LIB) + install = swig-py-lib + # need special build rule to include -DSWIGPYTHON + compile-cmd = $(COMPILE_SWIG_PY) +@@ -598,7 +598,7 @@ + lang = ruby + path = subversion/bindings/swig/ruby/libsvn_swig_ruby + libs = libsvn_client libsvn_wc libsvn_delta libsvn_subr apriconv apr ruby swig +-link-cmd = $(LINK) $(SWIG_RB_LIBS) ++link-cmd = $(LINK_LIB) $(SWIG_RB_LIBS) + install = swig-rb-lib + # need special build rule to include + compile-cmd = $(COMPILE_SWIG_RB) +@@ -769,6 +769,7 @@ + libs = libsvn_repos libsvn_fs libsvn_delta libsvn_subr aprutil apriconv apr + msvc-static = yes + undefined-lib-symbols = yes ++link-cmd = $(LINK_TEST_LIB) + + # ---------------------------------------------------------------------------- + # Tests for libsvn_fs_base +--- subversion-1.12.0/build/generator/gen_base.py.linking ++++ subversion-1.12.0/build/generator/gen_base.py +@@ -599,7 +599,7 @@ + self.install = options.get('install') + self.compile_cmd = options.get('compile-cmd') + self.sources = options.get('sources', '*.c *.cpp') +- self.link_cmd = options.get('link-cmd', '$(LINK)') ++ self.link_cmd = options.get('link-cmd', '$(LINK_LIB)') + + self.external_lib = options.get('external-lib') + self.external_project = options.get('external-project') +@@ -659,6 +659,14 @@ + + self.msvc_force_static = options.get('msvc-force-static') == 'yes' + ++ if self.install in ['test', 'bdb-test', 'sub-test', ]: ++ self.link_cmd = '$(LINK_TEST)' ++ elif self.install in ['bin', 'tools']: ++ self.link_cmd = '$(LINK_EXE)' ++ elif self.link_cmd == '$(LINK_LIB)': ++ raise GenError('ERROR: Unknown executable link type for ' + self.name + \ ++ ': ' + self.link_cmd + ' (' + self.install + ')') ++ + def add_dependencies(self): + TargetLinked.add_dependencies(self) + +--- subversion-1.12.0/Makefile.in.linking ++++ subversion-1.12.0/Makefile.in +@@ -268,11 +268,14 @@ + COMPILE_SVNXX = $(LT_COMPILE_CXX) $(SVNXX_INCLUDES) -o $@ -c + COMPILE_SVNXX_TEST = $(LT_COMPILE_CXX) $(SVNXX_INCLUDES) $(BOOST_TEST_CPPFLAGS) -o $@ -c + +-LINK = $(LIBTOOL) $(LTFLAGS) --mode=link $(CC) $(LT_LDFLAGS) $(CFLAGS) $(LDFLAGS) -rpath $(libdir) +-LINK_LIB = $(LINK) $(LT_SO_VERSION) +-LINK_CXX = $(LIBTOOL) $(LTCXXFLAGS) --mode=link $(CXX) $(LT_LDFLAGS) $(CXXFLAGS) $(LDFLAGS) -rpath $(libdir) +-LINK_CXX_LIB = $(LINK_CXX) $(LT_SO_VERSION) +-LINK_SVNXX_TEST = $(LINK_CXX) $(BOOST_TEST_LDFLAGS) ++LINK = $(LIBTOOL) $(LTFLAGS) --mode=link $(CC) $(LT_LDFLAGS) $(CFLAGS) $(LDFLAGS) ++LINK_LIB = $(LINK) $(LT_SO_VERSION) -rpath $(libdir) ++LINK_CXX = $(LIBTOOL) $(LTCXXFLAGS) --mode=link $(CXX) $(LT_LDFLAGS) $(CXXFLAGS) $(LDFLAGS) ++LINK_CXX_LIB = $(LINK_CXX) $(LT_SO_VERSION) -rpath $(libdir) ++LINK_SVNXX_TEST = $(LINK_CXX) $(BOOST_TEST_LDFLAGS) -no-install ++LINK_TEST = $(LINK) -no-install ++LINK_TEST_LIB = $(LINK_TEST) -avoid-version ++LINK_EXE = $(LINK) + + # special link rule for mod_dav_svn + LINK_APACHE_MOD = $(LIBTOOL) $(LTFLAGS) --mode=link $(CC) $(LT_LDFLAGS) $(CFLAGS) $(LDFLAGS) -rpath $(APACHE_LIBEXECDIR) -avoid-version -module $(APACHE_LDFLAGS) -shared diff --git a/subversion-1.14.0-soversion.patch b/subversion-1.14.0-soversion.patch new file mode 100644 index 0000000000000000000000000000000000000000..02fe0b4877796918f7b3fc933bc6790108a3f68d --- /dev/null +++ b/subversion-1.14.0-soversion.patch @@ -0,0 +1,19 @@ + +Use the minor version as the revision in the libtool version, so the library +soversion is not always 0.0.0. (Does not influence the soname) + +--- subversion-1.14.0/configure.ac.soversion ++++ subversion-1.14.0/configure.ac +@@ -112,7 +112,11 @@ + SVN_APR_MAJOR_VERSION=1 + fi + AC_SUBST(SVN_APR_MAJOR_VERSION) +-SVN_LT_SOVERSION="-version-info $svn_lib_ver" ++ ++m4_define([svn_ver_minor], m4_bpatsubst(AC_PACKAGE_VERSION, [[0-9]*\.\([0-9]*\)\.[0-9]*], [\1])) ++ ++SVN_LT_SOVERSION="-version-info $svn_lib_ver:svn_ver_minor" ++AC_MSG_NOTICE([SVN_LT_SOVERSION $SVN_LT_SOVERSION]) + AC_SUBST(SVN_LT_SOVERSION) + AC_DEFINE_UNQUOTED(SVN_SOVERSION, $svn_lib_ver, + [Subversion library major verson]) diff --git a/subversion-1.14.0-testwarn.patch b/subversion-1.14.0-testwarn.patch new file mode 100644 index 0000000000000000000000000000000000000000..29f08edb290852fa319eee8c00e3f270af9fa8c5 --- /dev/null +++ b/subversion-1.14.0-testwarn.patch @@ -0,0 +1,14 @@ + +Suppress gcc 10 warning. + +--- subversion-1.14.0/subversion/tests/svn_test.h.testwarn ++++ subversion-1.14.0/subversion/tests/svn_test.h +@@ -128,7 +128,7 @@ + return svn_error_createf(SVN_ERR_TEST_FAILED, NULL, \ + "Strings not equal\n Expected: '%s'\n Found: '%s'" \ + "\n at %s:%d", \ +- tst_str2, tst_str1, __FILE__, __LINE__); \ ++ tst_str2 ? tst_str2 : "(NULL)", tst_str1 ? tst_str1 : "(NULL)", __FILE__, __LINE__); \ + } while(0) + + /** Handy macro for testing integer equality. diff --git a/subversion-1.14.0.tar.bz2 b/subversion-1.14.1.tar.bz2 similarity index 52% rename from subversion-1.14.0.tar.bz2 rename to subversion-1.14.1.tar.bz2 index 74a130fbd93a08c331e17f92cfa7697a531ab771..7a3fce24fba88d387c3e9920b8eeb3c9412b3d2f 100644 Binary files a/subversion-1.14.0.tar.bz2 and b/subversion-1.14.1.tar.bz2 differ diff --git a/subversion-1.8.0-rubybind.patch b/subversion-1.8.0-rubybind.patch new file mode 100644 index 0000000000000000000000000000000000000000..de9288a8de6ad986ddeadd0a453f61ab93e6af3d --- /dev/null +++ b/subversion-1.8.0-rubybind.patch @@ -0,0 +1,24 @@ + +Try a little harder to avoid svnserve() bind failures. + +--- subversion-1.8.0/subversion/bindings/swig/ruby/test/util.rb.rubybind ++++ subversion-1.8.0/subversion/bindings/swig/ruby/test/util.rb +@@ -39,7 +39,8 @@ module SvnTestUtil + @realm = "sample realm" + + @svnserve_host = "127.0.0.1" +- @svnserve_ports = (64152..64282).collect{|x| x.to_s} ++ sport = (50000 + rand(100) * 100) ++ @svnserve_ports = (sport..sport + 99).collect{|x| x.to_s} + + @tmp_path = Dir.mktmpdir + @wc_path = File.join(@tmp_path, "wc") +@@ -252,6 +253,8 @@ realm = #{@realm} + "--listen-port", port, + "-d", "--foreground") + } ++ # wait a while for svnserve to attempt a bind() and possibly fail ++ sleep(1) + pid, status = Process.waitpid2(@svnserve_pid, Process::WNOHANG) + if status and status.exited? + if $DEBUG diff --git a/subversion-1.8.5-swigplWall.patch b/subversion-1.8.5-swigplWall.patch new file mode 100644 index 0000000000000000000000000000000000000000..af66806be6df996b2d4014ba77db2f5b066527ef --- /dev/null +++ b/subversion-1.8.5-swigplWall.patch @@ -0,0 +1,16 @@ + +Don't drop -Wall in the swig Perl bindings, otherwise building with +e.g. -Wformat-security might break. + +https://bugzilla.redhat.com/show_bug.cgi?id=1037341 + +--- subversion-1.8.5/subversion/bindings/swig/perl/native/Makefile.PL.in.swigplWall ++++ subversion-1.8.5/subversion/bindings/swig/perl/native/Makefile.PL.in +@@ -54,7 +54,6 @@ my $includes = ' -I/usr/include/apr-1 + # SWIG is using C++ style comments in an extern "C" code. + $cflags =~ s/-ansi\s+//g; + $cflags =~ s/-std=c89\s+//g; +-$cflags =~ s/-Wall//g; + $cflags =~ s/-Wunused//g; + $cflags =~ s/-Wshadow//g; + $cflags =~ s/-Wstrict-prototypes//g; diff --git a/subversion.spec b/subversion.spec index 25a89a5a46a8dbd16ea6acc5cac1ea9bcdb8483b..93828a339d3eefdd27a7631bfd3e5c90987a6a8b 100644 --- a/subversion.spec +++ b/subversion.spec @@ -9,14 +9,18 @@ Summary: Subversion, a version control system. Name: subversion -Version: 1.14.0 -Release: 5 +Version: 1.14.1 +Release: 1 License: ASL 2.0 URL: https://subversion.apache.org/ Source0: https://www.apache.org/dist/subversion/subversion-%{version}.tar.bz2 -Patch1: backport-CVE-2020-17525.patch +Patch0: subversion-1.12.0-linking.patch +Patch1: subversion-1.14.0-testwarn.patch +Patch2: subversion-1.14.0-soversion.patch +Patch3: subversion-1.8.0-rubybind.patch +Patch4: subversion-1.8.5-swigplWall.patch BuildRequires: autoconf libtool texinfo which swig gettext apr-devel apr-util-devel libserf-devel cyrus-sasl-devel sqlite-devel file-devel utf8proc-devel lz4-devel apr-util-openssl dbus-devel, libsecret-devel httpd-devel Requires: httpd @@ -312,6 +316,12 @@ make check-javahl %endif %changelog +* Tue Dec 28 2021 fuanan - 1.14.1-1 +- Type:enhancement +- ID:NA +- SUG:NA +- DESC:update version to 1.14.1 + * Fri Oct 15 2021 zhangweiguo - 1.14.0-5 - set make parallelization