diff --git a/SOURCES/CVE-2017-5950.patch b/SOURCES/CVE-2017-5950.patch new file mode 100644 index 00000000..3a964329 --- /dev/null +++ b/SOURCES/CVE-2017-5950.patch @@ -0,0 +1,383 @@ +From d540476e31b080aa1f903ad20ec0426dd3838be7 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= +Date: Tue, 25 Apr 2017 20:10:20 -0400 +Subject: [PATCH 1/4] fix stack overflow in HandleNode() (CVE-2017-5950) + +simply set a hardcoded recursion limit to 2000 (inspired by Python's) +to avoid infinitely recursing into arbitrary data structures + +assert() the depth. unsure if this is the right approach, but given +that HandleNode() is "void", I am not sure how else to return an +error. the problem with this approach of course is that it will still +crash the caller, unless they have proper exception handling in place. + +Closes: #459 +--- + src/singledocparser.cpp | 2 ++ + src/singledocparser.h | 2 ++ + 2 files changed, 4 insertions(+) + +diff --git a/src/singledocparser.cpp b/src/singledocparser.cpp +index a27c1c3b..1b4262ee 100644 +--- a/src/singledocparser.cpp ++++ b/src/singledocparser.cpp +@@ -46,6 +46,8 @@ void SingleDocParser::HandleDocument(EventHandler& eventHandler) { + } + + void SingleDocParser::HandleNode(EventHandler& eventHandler) { ++ assert(depth < depth_limit); ++ depth++; + // an empty node *is* a possibility + if (m_scanner.empty()) { + eventHandler.OnNull(m_scanner.mark(), NullAnchor); +diff --git a/src/singledocparser.h b/src/singledocparser.h +index 2b92067c..7046f1e2 100644 +--- a/src/singledocparser.h ++++ b/src/singledocparser.h +@@ -51,6 +51,8 @@ class SingleDocParser : private noncopyable { + anchor_t LookupAnchor(const Mark& mark, const std::string& name) const; + + private: ++ int depth = 0; ++ int depth_limit = 2000; + Scanner& m_scanner; + const Directives& m_directives; + std::unique_ptr m_pCollectionStack; + +From ac00ef937702598aa27739c8c46be37ac5699039 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= +Date: Wed, 26 Apr 2017 10:25:43 -0400 +Subject: [PATCH 2/4] throw an exception instead of using assert() + +assert() may be compiled out in production and is clunkier to catch. + +some ParserException are already thrown elsewhere in the code and it +seems to make sense to reuse the primitive, although it may still +crash improperly configured library consumers, those who do not handle +exceptions explicitly. + +we use the BAD_FILE error message because at this point we do not +exactly know which specific data structure led to the recursion. +--- + src/singledocparser.cpp | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/singledocparser.cpp b/src/singledocparser.cpp +index 1b4262ee..1af13f49 100644 +--- a/src/singledocparser.cpp ++++ b/src/singledocparser.cpp +@@ -46,7 +46,9 @@ void SingleDocParser::HandleDocument(EventHandler& eventHandler) { + } + + void SingleDocParser::HandleNode(EventHandler& eventHandler) { +- assert(depth < depth_limit); ++ if (depth > depth_limit) { ++ throw ParserException(m_scanner.mark(), ErrorMsg::BAD_FILE); ++ } + depth++; + // an empty node *is* a possibility + if (m_scanner.empty()) { + +From e78e3bf6a6d61ca321af90d213dc4435ed5cf602 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= +Date: Wed, 26 Apr 2017 10:39:45 -0400 +Subject: [PATCH 3/4] increase and decrease depth properly on subhandlers + +the original implementation couldn't parse a document with more than +depth_limit entries. now we explicitly increase *and* decrease the +depth on specific handlers like maps, sequences and so on - any +handler that may in turn callback into HandleNode(). + +this is a little clunky - I would have prefered to increment and +decrement the counter in only one place, but there are many different +return points and this is not Golang so I can't think of a better way +to to this. +--- + src/singledocparser.cpp | 13 ++++++++++++- + 1 file changed, 12 insertions(+), 1 deletion(-) + +diff --git a/src/singledocparser.cpp b/src/singledocparser.cpp +index 1af13f49..89234867 100644 +--- a/src/singledocparser.cpp ++++ b/src/singledocparser.cpp +@@ -49,7 +49,6 @@ void SingleDocParser::HandleNode(EventHandler& eventHandler) { + if (depth > depth_limit) { + throw ParserException(m_scanner.mark(), ErrorMsg::BAD_FILE); + } +- depth++; + // an empty node *is* a possibility + if (m_scanner.empty()) { + eventHandler.OnNull(m_scanner.mark(), NullAnchor); +@@ -61,9 +60,11 @@ void SingleDocParser::HandleNode(EventHandler& eventHandler) { + + // special case: a value node by itself must be a map, with no header + if (m_scanner.peek().type == Token::VALUE) { ++ depth++; + eventHandler.OnMapStart(mark, "?", NullAnchor, EmitterStyle::Default); + HandleMap(eventHandler); + eventHandler.OnMapEnd(); ++ depth--; + return; + } + +@@ -98,32 +99,42 @@ void SingleDocParser::HandleNode(EventHandler& eventHandler) { + m_scanner.pop(); + return; + case Token::FLOW_SEQ_START: ++ depth++; + eventHandler.OnSequenceStart(mark, tag, anchor, EmitterStyle::Flow); + HandleSequence(eventHandler); + eventHandler.OnSequenceEnd(); ++ depth--; + return; + case Token::BLOCK_SEQ_START: ++ depth++; + eventHandler.OnSequenceStart(mark, tag, anchor, EmitterStyle::Block); + HandleSequence(eventHandler); + eventHandler.OnSequenceEnd(); ++ depth--; + return; + case Token::FLOW_MAP_START: ++ depth++; + eventHandler.OnMapStart(mark, tag, anchor, EmitterStyle::Flow); + HandleMap(eventHandler); + eventHandler.OnMapEnd(); ++ depth--; + return; + case Token::BLOCK_MAP_START: ++ depth++; + eventHandler.OnMapStart(mark, tag, anchor, EmitterStyle::Block); + HandleMap(eventHandler); + eventHandler.OnMapEnd(); ++ depth--; + return; + case Token::KEY: + // compact maps can only go in a flow sequence + if (m_pCollectionStack->GetCurCollectionType() == + CollectionType::FlowSeq) { ++ depth++; + eventHandler.OnMapStart(mark, tag, anchor, EmitterStyle::Flow); + HandleMap(eventHandler); + eventHandler.OnMapEnd(); ++ depth--; + return; + } + break; + +From 1690cacb3ff6d927286ded92b8fedd37b4045c7c Mon Sep 17 00:00:00 2001 +From: Keith Bennett +Date: Thu, 29 Mar 2018 16:45:11 -0500 +Subject: [PATCH 4/4] use RAII type class to guard against stack depth + recursion instead of error-prone manual increment/check/decrement + +--- + include/yaml-cpp/depthguard.h | 74 +++++++++++++++++++++++++++++++++++ + src/depthguard.cpp | 14 +++++++ + src/singledocparser.cpp | 18 ++------- + src/singledocparser.h | 4 +- + 4 files changed, 94 insertions(+), 16 deletions(-) + create mode 100644 include/yaml-cpp/depthguard.h + create mode 100644 src/depthguard.cpp + +diff --git a/include/yaml-cpp/depthguard.h b/include/yaml-cpp/depthguard.h +new file mode 100644 +index 00000000..6aac81aa +--- /dev/null ++++ b/include/yaml-cpp/depthguard.h +@@ -0,0 +1,74 @@ ++#ifndef DEPTH_GUARD_H_00000000000000000000000000000000000000000000000000000000 ++#define DEPTH_GUARD_H_00000000000000000000000000000000000000000000000000000000 ++ ++#if defined(_MSC_VER) || \ ++ (defined(__GNUC__) && (__GNUC__ == 3 && __GNUC_MINOR__ >= 4) || \ ++ (__GNUC__ >= 4)) // GCC supports "pragma once" correctly since 3.4 ++#pragma once ++#endif ++ ++#include "exceptions.h" ++ ++namespace YAML { ++ ++/** ++ * @brief The DeepRecursion class ++ * An exception class which is thrown by DepthGuard. Ideally it should be ++ * a member of DepthGuard. However, DepthGuard is a templated class which means ++ * that any catch points would then need to know the template parameters. It is ++ * simpler for clients to not have to know at the catch point what was the ++ * maximum depth. ++ */ ++class DeepRecursion : public ParserException { ++ int m_atDepth = 0; ++public: ++ // no custom dtor needed, but virtual dtor necessary to prevent slicing ++ virtual ~DeepRecursion() = default; ++ ++ // construct an exception explaining how deep you were ++ DeepRecursion(int at_depth, const Mark& mark_, const std::string& msg_); ++ ++ // query how deep you were when the exception was thrown ++ int AtDepth() const; ++}; ++ ++/** ++ * @brief The DepthGuard class ++ * DepthGuard takes a reference to an integer. It increments the integer upon ++ * construction of DepthGuard and decrements the integer upon destruction. ++ * ++ * If the integer would be incremented past max_depth, then an exception is ++ * thrown. This is ideally geared toward guarding against deep recursion. ++ * ++ * @param max_depth ++ * compile-time configurable maximum depth. ++ */ ++template ++class DepthGuard final /* final because non-virtual dtor */ { ++ int & m_depth; ++public: ++ DepthGuard(int & depth_, const Mark& mark_, const std::string& msg_) : m_depth(depth_) { ++ ++m_depth; ++ if ( max_depth <= m_depth ) { ++ throw DeepRecursion{m_depth, mark_, msg_}; ++ } ++ } ++ ++ // DepthGuard is neither copyable nor moveable. ++ DepthGuard(const DepthGuard & copy_ctor) = delete; ++ DepthGuard(DepthGuard && move_ctor) = delete; ++ DepthGuard & operator=(const DepthGuard & copy_assign) = delete; ++ DepthGuard & operator=(DepthGuard && move_assign) = delete; ++ ++ ~DepthGuard() { ++ --m_depth; ++ } ++ ++ int current_depth() const { ++ return m_depth; ++ } ++}; ++ ++} // namespace YAML ++ ++#endif // DEPTH_GUARD_H_00000000000000000000000000000000000000000000000000000000 +diff --git a/src/depthguard.cpp b/src/depthguard.cpp +new file mode 100644 +index 00000000..6d47eba3 +--- /dev/null ++++ b/src/depthguard.cpp +@@ -0,0 +1,14 @@ ++#include "yaml-cpp/depthguard.h" ++ ++namespace YAML { ++ ++DeepRecursion::DeepRecursion(int at_depth, const Mark& mark_, const std::string& msg_) ++ : ParserException(mark_, msg_), ++ m_atDepth(at_depth) { ++} ++ ++int DeepRecursion::AtDepth() const { ++ return m_atDepth; ++} ++ ++} // namespace YAML +diff --git a/src/singledocparser.cpp b/src/singledocparser.cpp +index 89234867..37cc1f51 100644 +--- a/src/singledocparser.cpp ++++ b/src/singledocparser.cpp +@@ -7,6 +7,7 @@ + #include "singledocparser.h" + #include "tag.h" + #include "token.h" ++#include "yaml-cpp/depthguard.h" + #include "yaml-cpp/emitterstyle.h" + #include "yaml-cpp/eventhandler.h" + #include "yaml-cpp/exceptions.h" // IWYU pragma: keep +@@ -46,9 +47,8 @@ void SingleDocParser::HandleDocument(EventHandler& eventHandler) { + } + + void SingleDocParser::HandleNode(EventHandler& eventHandler) { +- if (depth > depth_limit) { +- throw ParserException(m_scanner.mark(), ErrorMsg::BAD_FILE); +- } ++ DepthGuard depthguard(depth, m_scanner.mark(), ErrorMsg::BAD_FILE); ++ + // an empty node *is* a possibility + if (m_scanner.empty()) { + eventHandler.OnNull(m_scanner.mark(), NullAnchor); +@@ -60,11 +60,9 @@ void SingleDocParser::HandleNode(EventHandler& eventHandler) { + + // special case: a value node by itself must be a map, with no header + if (m_scanner.peek().type == Token::VALUE) { +- depth++; + eventHandler.OnMapStart(mark, "?", NullAnchor, EmitterStyle::Default); + HandleMap(eventHandler); + eventHandler.OnMapEnd(); +- depth--; + return; + } + +@@ -99,42 +97,32 @@ void SingleDocParser::HandleNode(EventHandler& eventHandler) { + m_scanner.pop(); + return; + case Token::FLOW_SEQ_START: +- depth++; + eventHandler.OnSequenceStart(mark, tag, anchor, EmitterStyle::Flow); + HandleSequence(eventHandler); + eventHandler.OnSequenceEnd(); +- depth--; + return; + case Token::BLOCK_SEQ_START: +- depth++; + eventHandler.OnSequenceStart(mark, tag, anchor, EmitterStyle::Block); + HandleSequence(eventHandler); + eventHandler.OnSequenceEnd(); +- depth--; + return; + case Token::FLOW_MAP_START: +- depth++; + eventHandler.OnMapStart(mark, tag, anchor, EmitterStyle::Flow); + HandleMap(eventHandler); + eventHandler.OnMapEnd(); +- depth--; + return; + case Token::BLOCK_MAP_START: +- depth++; + eventHandler.OnMapStart(mark, tag, anchor, EmitterStyle::Block); + HandleMap(eventHandler); + eventHandler.OnMapEnd(); +- depth--; + return; + case Token::KEY: + // compact maps can only go in a flow sequence + if (m_pCollectionStack->GetCurCollectionType() == + CollectionType::FlowSeq) { +- depth++; + eventHandler.OnMapStart(mark, tag, anchor, EmitterStyle::Flow); + HandleMap(eventHandler); + eventHandler.OnMapEnd(); +- depth--; + return; + } + break; +diff --git a/src/singledocparser.h b/src/singledocparser.h +index 7046f1e2..f1676c43 100644 +--- a/src/singledocparser.h ++++ b/src/singledocparser.h +@@ -16,6 +16,8 @@ + + namespace YAML { + class CollectionStack; ++template class DepthGuard; // depthguard.h ++class DeepRecursion; // an exception which may be thrown from excessive call stack recursion, see depthguard.h + class EventHandler; + class Node; + class Scanner; +@@ -51,8 +53,8 @@ class SingleDocParser : private noncopyable { + anchor_t LookupAnchor(const Mark& mark, const std::string& name) const; + + private: ++ using DepthGuard = YAML::DepthGuard<2000>; + int depth = 0; +- int depth_limit = 2000; + Scanner& m_scanner; + const Directives& m_directives; + std::unique_ptr m_pCollectionStack; diff --git a/SOURCES/yaml-cpp-include_dir.patch b/SOURCES/yaml-cpp-include_dir.patch new file mode 100644 index 00000000..4de7320f --- /dev/null +++ b/SOURCES/yaml-cpp-include_dir.patch @@ -0,0 +1,12 @@ +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -335,8 +335,7 @@ else() + endif() + endif() + +-file(RELATIVE_PATH REL_INCLUDE_DIR "${CMAKE_INSTALL_PREFIX}/${INSTALL_CMAKE_DIR}" "${CMAKE_INSTALL_PREFIX}/${INCLUDE_INSTALL_ROOT_DIR}") +-set(CONFIG_INCLUDE_DIRS "\${YAML_CPP_CMAKE_DIR}/${REL_INCLUDE_DIR}") ++set(CONFIG_INCLUDE_DIRS "${CMAKE_INSTALL_PREFIX}/${INCLUDE_INSTALL_DIR}") + + configure_file(${CMAKE_CURRENT_SOURCE_DIR}/yaml-cpp-config.cmake.in + "${PROJECT_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/${YAML_TARGET}-config.cmake" @ONLY) diff --git a/SOURCES/yaml-cpp-static.patch b/SOURCES/yaml-cpp-static.patch new file mode 100644 index 00000000..5ae46f49 --- /dev/null +++ b/SOURCES/yaml-cpp-static.patch @@ -0,0 +1,116 @@ +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -274,16 +274,20 @@ set(_INSTALL_DESTINATIONS + ### + ### Library + ### +-add_library(yaml-cpp ${library_sources}) +-set_target_properties(yaml-cpp PROPERTIES +- COMPILE_FLAGS "${yaml_c_flags} ${yaml_cxx_flags}" +-) +- +-set_target_properties(yaml-cpp PROPERTIES ++if(BUILD_SHARED_LIBS) ++ add_library(yaml-cpp SHARED ${library_sources}) ++ set_target_properties(yaml-cpp PROPERTIES + VERSION "${YAML_CPP_VERSION}" + SOVERSION "${YAML_CPP_VERSION_MAJOR}.${YAML_CPP_VERSION_MINOR}" + PROJECT_LABEL "yaml-cpp ${LABEL_SUFFIX}" ++ COMPILE_FLAGS "${yaml_c_flags} ${yaml_cxx_flags}" + ) ++else() ++ add_library(yaml-cpp STATIC ${library_sources}) ++ set_target_properties(yaml-cpp PROPERTIES ++ COMPILE_FLAGS "${yaml_c_flags} ${yaml_cxx_flags}" ++ ) ++endif() + + if(IPHONE) + set_target_properties(yaml-cpp PROPERTIES +@@ -303,48 +307,56 @@ if(MSVC) + endif() + endif() + +-install(TARGETS yaml-cpp EXPORT yaml-cpp-targets ${_INSTALL_DESTINATIONS}) + install( + DIRECTORY ${header_directory} + DESTINATION ${INCLUDE_INSTALL_DIR} + FILES_MATCHING PATTERN "*.h" + ) + +-export( +- TARGETS yaml-cpp +- FILE "${PROJECT_BINARY_DIR}/yaml-cpp-targets.cmake") +-export(PACKAGE yaml-cpp) +-set(EXPORT_TARGETS yaml-cpp CACHE INTERNAL "export targets") ++if(BUILD_SHARED_LIBS) ++ set(YAML_TARGET "yaml-cpp") ++else() ++ set(YAML_TARGET "yaml-cpp-static") ++endif() + ++install(TARGETS yaml-cpp EXPORT ${YAML_TARGET}-targets ${_INSTALL_DESTINATIONS}) ++export(TARGETS yaml-cpp ++ FILE "${PROJECT_BINARY_DIR}/${YAML_TARGET}-targets.cmake") ++set(EXPORT_TARGETS yaml-cpp CACHE INTERNAL "export targets") + set(CONFIG_INCLUDE_DIRS "${YAML_CPP_SOURCE_DIR}/include") + configure_file(${CMAKE_CURRENT_SOURCE_DIR}/yaml-cpp-config.cmake.in +- "${PROJECT_BINARY_DIR}/yaml-cpp-config.cmake" @ONLY) ++ "${PROJECT_BINARY_DIR}/${YAML_TARGET}-config.cmake" @ONLY) + ++if(NOT INSTALL_CMAKE_DIR) + if(WIN32 AND NOT CYGWIN) + set(INSTALL_CMAKE_DIR CMake) + else() +- set(INSTALL_CMAKE_DIR ${LIB_INSTALL_DIR}/cmake/yaml-cpp) ++ set(INSTALL_CMAKE_DIR ${LIB_INSTALL_DIR}/cmake/) ++endif() + endif() + + file(RELATIVE_PATH REL_INCLUDE_DIR "${CMAKE_INSTALL_PREFIX}/${INSTALL_CMAKE_DIR}" "${CMAKE_INSTALL_PREFIX}/${INCLUDE_INSTALL_ROOT_DIR}") + set(CONFIG_INCLUDE_DIRS "\${YAML_CPP_CMAKE_DIR}/${REL_INCLUDE_DIR}") +-configure_file(${CMAKE_CURRENT_SOURCE_DIR}/yaml-cpp-config.cmake.in +- "${PROJECT_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/yaml-cpp-config.cmake" @ONLY) + ++configure_file(${CMAKE_CURRENT_SOURCE_DIR}/yaml-cpp-config.cmake.in ++ "${PROJECT_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/${YAML_TARGET}-config.cmake" @ONLY) + configure_file(${CMAKE_CURRENT_SOURCE_DIR}/yaml-cpp-config-version.cmake.in +- "${PROJECT_BINARY_DIR}/yaml-cpp-config-version.cmake" @ONLY) +- ++ "${PROJECT_BINARY_DIR}/${YAML_TARGET}-config-version.cmake" @ONLY) + install(FILES +- "${PROJECT_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/yaml-cpp-config.cmake" +- "${PROJECT_BINARY_DIR}/yaml-cpp-config-version.cmake" +- DESTINATION "${INSTALL_CMAKE_DIR}" COMPONENT dev) +-install(EXPORT yaml-cpp-targets DESTINATION ${INSTALL_CMAKE_DIR}) ++ "${PROJECT_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/${YAML_TARGET}-config.cmake" ++ "${PROJECT_BINARY_DIR}/${YAML_TARGET}-config-version.cmake" ++ DESTINATION "${INSTALL_CMAKE_DIR}${YAML_TARGET}" COMPONENT dev) ++install(EXPORT ${YAML_TARGET}-targets DESTINATION ${INSTALL_CMAKE_DIR}${YAML_TARGET}) + + if(UNIX) +- set(PC_FILE ${CMAKE_BINARY_DIR}/yaml-cpp.pc) +- configure_file("yaml-cpp.pc.cmake" ${PC_FILE} @ONLY) +- install(FILES ${PC_FILE} DESTINATION ${LIB_INSTALL_DIR}/pkgconfig) ++if(BUILD_SHARED_LIBS) ++ set(PC_FILE ${CMAKE_BINARY_DIR}/yaml-cpp.pc) ++else() ++ set(PC_FILE ${CMAKE_BINARY_DIR}/yaml-cpp-static.pc) + endif() ++configure_file("yaml-cpp.pc.cmake" ${PC_FILE} @ONLY) ++install(FILES ${PC_FILE} DESTINATION ${LIB_INSTALL_DIR}/pkgconfig) ++endif(UNIX) + + + ### +--- a/yaml-cpp-config.cmake.in ++++ b/yaml-cpp-config.cmake.in +@@ -8,7 +8,7 @@ get_filename_component(YAML_CPP_CMAKE_DI + set(YAML_CPP_INCLUDE_DIR "@CONFIG_INCLUDE_DIRS@") + + # Our library dependencies (contains definitions for IMPORTED targets) +-include("${YAML_CPP_CMAKE_DIR}/yaml-cpp-targets.cmake") ++include("${YAML_CPP_CMAKE_DIR}/@YAML_TARGET@-targets.cmake") + + # These are IMPORTED targets created by yaml-cpp-targets.cmake + set(YAML_CPP_LIBRARIES "@EXPORT_TARGETS@") diff --git a/SPECS/yaml-cpp.spec b/SPECS/yaml-cpp.spec new file mode 100644 index 00000000..07240ceb --- /dev/null +++ b/SPECS/yaml-cpp.spec @@ -0,0 +1,231 @@ +%global sover 0.6 + +Name: yaml-cpp +Version: 0.6.2 +Release: 3%{?dist} +Summary: A YAML parser and emitter for C++ +License: MIT +URL: https://github.com/jbeder/yaml-cpp +Source0: https://github.com/jbeder/yaml-cpp/archive/%{name}-%{version}.tar.gz + +Patch0: yaml-cpp-static.patch +Patch1: yaml-cpp-include_dir.patch +Patch2: CVE-2017-5950.patch + +BuildRequires: cmake gcc gcc-c++ + +%description +yaml-cpp is a YAML parser and emitter in C++ written around the YAML 1.2 spec. + + +%package devel +Summary: Development files for %{name} +License: MIT +Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: pkgconfig + +%description devel +The %{name}-devel package contains libraries and header files for +developing applications that use %{name}. + + +%package static +Summary: Static library for %{name} +License: MIT +Requires: %{name}-devel%{?_isa} = %{version}-%{release} + +%description static +The %{name}-static package contains the static library for %{name}. + + +%prep +%autosetup -p1 -n %{name}-%{name}-%{version} + + +%build +rm -rf build_shared && mkdir build_shared +rm -rf build_static && mkdir build_static + +pushd build_shared +%cmake -DYAML_CPP_BUILD_TOOLS=OFF \ + -DBUILD_SHARED_LIBS=ON \ + -DYAML_CPP_BUILD_TESTS=OFF \ + ../ +%make_build +popd + +pushd build_static +%cmake -DYAML_CPP_BUILD_TOOLS=OFF \ + -DBUILD_SHARED_LIBS=OFF \ + -DYAML_CPP_BUILD_TESTS=OFF \ + ../ +%make_build + + +%install +pushd build_shared +%make_install +popd +pushd build_static +%make_install yaml-cpp + + +%post -p /sbin/ldconfig +%postun -p /sbin/ldconfig + + +%files +%doc CONTRIBUTING.md README.md +%license LICENSE +%{_libdir}/*.so.%{sover}* + +%files devel +%{_includedir}/yaml-cpp/ +%{_libdir}/*.so +%{_libdir}/cmake/%{name} +%{_libdir}/pkgconfig/%{name}.pc + +%files static +%license LICENSE +%{_libdir}/*.a +%{_libdir}/cmake/%{name}-static +%{_libdir}/pkgconfig/%{name}-static.pc + + +%changelog +* Sat Jul 27 2019 Fedora Release Engineering - 0.6.2-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Sun Jun 09 2019 Till Hofmann - 0.6.2-2 +- Remove unused boost dependency + +* Sun Jun 09 2019 Till Hofmann - 0.6.2-1 +- Update to 0.6.2 + +* Sun Feb 03 2019 Fedora Release Engineering - 0.6.1-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Thu Jan 24 2019 Jonathan Wakely - 0.6.1-5 +- Rebuilt for Boost 1.69 + +* Sun Sep 16 2018 Richard Shaw - 0.6.1-4 +- Add patch for CVE-2017-5950. + +* Sat Jul 14 2018 Fedora Release Engineering - 0.6.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Mon Apr 09 2018 Richard Shaw - 0.6.1-2 +- Fixes improperly generated cmake config files, RHBZ#1558637. + +* Sun Feb 18 2018 Richard Shaw - 0.6.1-1 +- Update to 0.6.1. + +* Sun Feb 11 2018 Richard Shaw - 0.6.0-1 +- Update to 0.6.0. +- Add static library subpackage. + +* Fri Feb 09 2018 Fedora Release Engineering - 0.5.3-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Wed Jan 31 2018 Richard Shaw - 0.5.3-9 +- Install yaml cmake files, fixes RHBZ#1509421. + +* Tue Jan 23 2018 Jonathan Wakely - 0.5.3-8 +- Rebuilt for Boost 1.66 + +* Thu Jul 27 2017 Fedora Release Engineering - 0.5.3-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Wed Jul 19 2017 Jonathan Wakely - 0.5.3-6 +- Rebuilt for s390x binutils bug + +* Tue Jul 04 2017 Jonathan Wakely - 0.5.3-5 +- Rebuilt for Boost 1.64 + +* Sat Feb 11 2017 Fedora Release Engineering - 0.5.3-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Fri Jan 27 2017 Jonathan Wakely - 0.5.3-3 +- Rebuilt for Boost 1.63 + +* Fri Jan 27 2017 Jonathan Wakely - 0.5.3-2 +- Rebuilt for Boost 1.63 + +* Tue Aug 23 2016 Richard Shaw - 0.5.3-1 +- Update to latest upstream release. + +* Fri Feb 05 2016 Fedora Release Engineering - 0.5.1-13 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Sat Jan 16 2016 Jonathan Wakely - 0.5.1-12 +- Rebuilt for Boost 1.60 + +* Thu Aug 27 2015 Jonathan Wakely - 0.5.1-11 +- Rebuilt for Boost 1.59 + +* Wed Jul 29 2015 Fedora Release Engineering - 0.5.1-10 +- Rebuilt for https://fedoraproject.org/wiki/Changes/F23Boost159 + +* Wed Jul 22 2015 David Tardon - 0.5.1-9 +- rebuild for Boost 1.58 + +* Fri Jun 19 2015 Fedora Release Engineering - 0.5.1-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Sat May 02 2015 Kalev Lember - 0.5.1-7 +- Rebuilt for GCC 5 C++11 ABI change + +* Thu Feb 26 2015 Guido Grazioli - 0.5.1-6 +- Rebuild for gcc switching default to -std=gnu11 + +* Tue Jan 27 2015 Petr Machata - 0.5.1-5 +- Rebuild for boost 1.57.0 + +* Mon Aug 18 2014 Fedora Release Engineering - 0.5.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sat Jun 07 2014 Fedora Release Engineering - 0.5.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Fri May 23 2014 Petr Machata - 0.5.1-2 +- Rebuild for boost 1.55.0 + +* Thu Nov 14 2013 Richard Shaw - 0.5.1-1 +- Update to latest upstream release. + +* Sun Aug 04 2013 Fedora Release Engineering - 0.3.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Fri Feb 15 2013 Fedora Release Engineering - 0.3.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Sun Jul 22 2012 Fedora Release Engineering - 0.3.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Fri Feb 10 2012 Richard Shaw - 0.3.0-1 +- Update to latest release. + +* Sat Jan 14 2012 Fedora Release Engineering +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Fri Sep 30 2011 Guido Grazioli - 0.2.7-1 +- Update to 0.2.7 +- Remove gcc 4.6 patch fixed upstream + +* Mon May 09 2011 Guido Grazioli - 0.2.6-1 +- Upstream 0.2.6 + +* Tue Feb 08 2011 Fedora Release Engineering - 0.2.5-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Fri Apr 02 2010 Guido Grazioli - 0.2.5-1 +- Upstream 0.2.5 + +* Fri Jan 15 2010 Guido Grazioli - 0.2.4-1 +- Upstream 0.2.4 + +* Sat Oct 17 2009 Guido Grazioli - 0.2.2-2 +- Remove duplicate file + +* Wed Oct 14 2009 Guido Grazioli - 0.2.2-1 +- Initial packaging