Browse Source

libcdio package update

Signed-off-by: tuibuilder_pel7x64builder0 <tuibuilder@powerel.org>
master
tuibuilder_pel7x64builder0 5 years ago
parent
commit
c90952089b
  1. 24
      SOURCES/CVE-2017-18198-part1.patch
  2. 26
      SOURCES/CVE-2017-18198-part2.patch
  3. 37
      SOURCES/CVE-2017-18198-part3.patch
  4. 116
      SOURCES/CVE-2017-18198-part4.patch
  5. 286
      SOURCES/CVE-2017-18201.patch
  6. 29
      SOURCES/cdio_config.h
  7. 4
      SOURCES/libcdio-no_date_footer.hml
  8. 319
      SPECS/libcdio.spec

24
SOURCES/CVE-2017-18198-part1.patch

@ -0,0 +1,24 @@
From f6f9c48fb40b8a1e8218799724b0b61a7161eb1d Mon Sep 17 00:00:00 2001
From: "R. Bernstein" <rocky@gnu.org>
Date: Fri, 22 Dec 2017 16:06:57 -0500
Subject: [PATCH] Fix double free courtesy of Chris Clayton

---
lib/driver/_cdio_generic.c | 1 -
1 file changed, 1 deletion(-)

diff --git a/lib/driver/_cdio_generic.c b/lib/driver/_cdio_generic.c
index d40ac0d9..ae820d25 100644
--- a/lib/driver/_cdio_generic.c
+++ b/lib/driver/_cdio_generic.c
@@ -296,7 +296,6 @@ get_cdtext_generic (void *p_user_data)
if(len <= 0 || 0 != cdtext_data_init (p_env->cdtext, &p_cdtext_data[4], len)) {
p_env->b_cdtext_error = true;
- cdtext_destroy (p_env->cdtext);
free(p_env->cdtext);
p_env->cdtext = NULL;
}
--
2.14.3

26
SOURCES/CVE-2017-18198-part2.patch

@ -0,0 +1,26 @@
From dec2f876c2d7162da213429bce1a7140cdbdd734 Mon Sep 17 00:00:00 2001
From: "R. Bernstein" <rocky@gnu.org>
Date: Sat, 23 Dec 2017 12:19:29 -0500
Subject: [PATCH] Removed wrong line

---
configure.ac | 2 +-
lib/driver/_cdio_generic.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/driver/_cdio_generic.c b/lib/driver/_cdio_generic.c
index ae820d25..4a7fcadf 100644
--- a/lib/driver/_cdio_generic.c
+++ b/lib/driver/_cdio_generic.c
@@ -296,7 +296,7 @@ get_cdtext_generic (void *p_user_data)
if(len <= 0 || 0 != cdtext_data_init (p_env->cdtext, &p_cdtext_data[4], len)) {
p_env->b_cdtext_error = true;
- free(p_env->cdtext);
+ cdtext_destroy (p_env->cdtext);
p_env->cdtext = NULL;
}
--
2.14.3

37
SOURCES/CVE-2017-18198-part3.patch

@ -0,0 +1,37 @@
--- ./libcdio-0.92/include/cdio/bytesex.h 2018-06-05 18:05:16.183586450 +0200
+++ ../libcdio-fedora/libcdio-0.94/include/cdio/bytesex.h 2015-05-09 00:27:50.000000000 +0200
@@ -197,19 +197,31 @@
}
/** Convert from ISO 9660 7.3.3 format to uint32_t */
-static CDIO_INLINE uint32_t
+static CDIO_INLINE uint32_t
from_733 (uint64_t p)
{
if (uint64_swap_le_be (p) != p)
cdio_warn ("from_733: broken byte order");
-
+
+ return (UINT32_C(0xFFFFFFFF) & p);
+}
+
+static CDIO_INLINE uint32_t
+from_733_with_err (uint64_t p, bool *err)
+{
+ if (uint64_swap_le_be (p) != p) {
+ cdio_warn ("from_733: broken byte order");
+ *err = true;
+ } else {
+ *err = false;
+ }
return (UINT32_C(0xFFFFFFFF) & p);
}
#endif /* CDIO_BYTESEX_H_ */
-/*
+/*
* Local variables:
* c-file-style: "gnu"
* tab-width: 8

116
SOURCES/CVE-2017-18198-part4.patch

@ -0,0 +1,116 @@
--- ./libcdio-0.92/lib/iso9660/iso9660_fs.c 2018-06-06 11:52:23.464809984 +0200
+++ ../libcdio-fedora/libcdio-0.94/lib/iso9660/iso9660_fs.c 2018-06-05 18:18:31.235215219 +0200
@@ -714,6 +714,7 @@
iso711_t i_fname;
unsigned int stat_len;
iso9660_stat_t *p_stat;
+ bool err;
if (!dir_len) return NULL;
@@ -730,8 +731,16 @@
}
p_stat->type = (p_iso9660_dir->file_flags & ISO_DIRECTORY)
? _STAT_DIR : _STAT_FILE;
- p_stat->lsn = from_733 (p_iso9660_dir->extent);
- p_stat->size = from_733 (p_iso9660_dir->size);
+ p_stat->lsn = from_733_with_err (p_iso9660_dir->extent, &err);
+ if (err) {
+ free(p_stat);
+ return NULL;
+ }
+ p_stat->size = from_733_with_err (p_iso9660_dir->size, &err);
+ if (err) {
+ free(p_stat);
+ return NULL;
+ }
p_stat->secsize = _cdio_len2blocks (p_stat->size, ISO_BLOCKSIZE);
p_stat->rr.b3_rock = dunno; /*FIXME should do based on mask */
p_stat->b_xa = false;
@@ -754,6 +763,7 @@
if (!p_stat_new)
{
cdio_warn("Couldn't calloc(1, %d)", (int)(sizeof(iso9660_stat_t)+i_rr_fname+2));
+ free(p_stat);
return NULL;
}
memcpy(p_stat_new, p_stat, stat_len);
@@ -1098,6 +1108,12 @@
p_stat = _iso9660_dir_to_statbuf (p_iso9660_dir, p_iso->b_xa,
p_iso->u_joliet_level);
+ if (!p_stat) {
+ cdio_warn("Bad directory information for %s", splitpath[0]);
+ free(_dirbuf);
+ return NULL;
+ }
+
cmp = strcmp(splitpath[0], p_stat->filename);
if ( 0 != cmp && 0 == p_iso->u_joliet_level
@@ -1283,12 +1299,15 @@
if (!_dirbuf)
{
cdio_warn("Couldn't calloc(1, %d)", p_stat->secsize * ISO_BLOCKSIZE);
+ _cdio_list_free (retval, true);
return NULL;
}
if (cdio_read_data_sectors (p_cdio, _dirbuf, p_stat->lsn,
- ISO_BLOCKSIZE, p_stat->secsize))
- return NULL;
+ ISO_BLOCKSIZE, p_stat->secsize)) {
+ _cdio_list_free (retval, true);
+ return NULL;
+ }
while (offset < (p_stat->secsize * ISO_BLOCKSIZE))
{
@@ -1401,14 +1417,14 @@
}
free (_dirbuf);
+ free(p_stat->rr.psz_symlink);
- if (offset != (p_stat->secsize * ISO_BLOCKSIZE)) {
- free (p_stat);
+ if (offset != (p_stat->secsize * ISO_BLOCKSIZE)) {
+ free (p_stat);
_cdio_list_free (retval, true);
return NULL;
}
- free (p_stat->rr.psz_symlink);
free (p_stat);
return retval;
}
@@ -1528,6 +1563,16 @@
}
/*!
+ Free the passed iso9660_stat_t structure.
+ */
+void
+iso9660_stat_free(iso9660_stat_t *p_stat)
+{
+ if (p_stat != NULL)
+ free(p_stat);
+}
+
+/*!
Return true if ISO 9660 image has extended attrributes (XA).
*/
bool
@@ -1580,11 +1625,11 @@
if ( have_rr != yep) {
have_rr = iso_have_rr_traverse (p_iso, p_stat, &splitpath[1], pu_file_limit);
}
+ free(p_stat);
if (have_rr != nope) {
free (_dirbuf);
return have_rr;
}
- free(p_stat);
offset += iso9660_get_dir_len(p_iso9660_dir);
*pu_file_limit = (*pu_file_limit)-1;

286
SOURCES/CVE-2017-18201.patch

@ -0,0 +1,286 @@
From e73a8bb23a4405b32cc7708771833f6c4e6b2426 Mon Sep 17 00:00:00 2001
From: "R. Bernstein" <rocky@gnu.org>
Date: Tue, 26 Sep 2017 16:29:15 -0400
Subject: [PATCH] handle bad iso 9660 better. Fixes bug #52091

src/iso-info.c: reflect errors in getting information back in exit code
lib/iso9660_fs.c: bail when we there is bad stat info for a directory
change interface to report failure
src/util.h: bump copyright
test/data/bad-dir.iso: bad ISO 9660
test/check_bad_iso.sh: test program
test/check_iso.sh.in: expect nonzero RC on failures
---
lib/iso9660/iso9660_fs.c | 6 +++++-
src/iso-info.c | 27 +++++++++++++++++----------
src/util.c | 4 ++--
test/Makefile.am | 3 ++-
test/check_bad_iso.sh | 46 ++++++++++++++++++++++++++++++++++++++++++++++
test/check_iso.sh.in | 19 ++++++++++++-------
test/data/Makefile.am | 1 +
test/data/bad-dir.iso | Bin 0 -> 49152 bytes
8 files changed, 85 insertions(+), 21 deletions(-)
create mode 100755 test/check_bad_iso.sh
create mode 100644 test/data/bad-dir.iso

diff --git a/lib/iso9660/iso9660_fs.c b/lib/iso9660/iso9660_fs.c
index 8758a234..d3fb4069 100644
--- a/lib/iso9660/iso9660_fs.c
+++ b/lib/iso9660/iso9660_fs.c
@@ -1,5 +1,5 @@
/*
- Copyright (C) 2003-2008, 2011-2013 Rocky Bernstein <rocky@gnu.org>
+ Copyright (C) 2003-2008, 2011-2015, 2017 Rocky Bernstein <rocky@gnu.org>
Copyright (C) 2001 Herbert Valerio Riedel <hvr@gnu.org>
This program is free software: you can redistribute it and/or modify
@@ -1394,6 +1394,10 @@ iso9660_ifs_readdir (iso9660_t *p_iso, const char psz_path[])
if (p_iso9660_stat)
_cdio_list_append (retval, p_iso9660_stat);
+ else {
+ cdio_warn("Invalid directory stat at offset %lu", (unsigned long)offset);
+ break;
+ }
offset += iso9660_get_dir_len(p_iso9660_dir);
}
diff --git a/src/iso-info.c b/src/iso-info.c
index 212ab335..b8a360e0 100644
--- a/src/iso-info.c
+++ b/src/iso-info.c
@@ -1,5 +1,6 @@
/*
- Copyright (C) 2004-2006, 2008, 2012-2013 Rocky Bernstein <rocky@gnu.org>
+ Copyright (C) 2004-2006, 2008, 2012-2014, 2017 Rocky Bernstein
+ <rocky@gnu.org>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -212,7 +213,7 @@ _log_handler (cdio_log_level_t level, const char message[])
gl_default_cdio_log_handler (level, message);
}
-static void
+static int
print_iso9660_recurse (iso9660_t *p_iso, const char psz_path[])
{
CdioList_t *entlist;
@@ -222,6 +223,7 @@ print_iso9660_recurse (iso9660_t *p_iso, const char psz_path[])
char *translated_name = (char *) malloc(4096);
size_t translated_name_size = 4096;
entlist = iso9660_ifs_readdir (p_iso, psz_path);
+ int rc = 0;
if (opts.print_iso9660) {
printf ("%s:\n", psz_path);
@@ -231,7 +233,7 @@ print_iso9660_recurse (iso9660_t *p_iso, const char psz_path[])
free(translated_name);
free(dirlist);
report( stderr, "Error getting above directory information\n" );
- return;
+ return 1;
}
/* Iterate over files in this directory */
@@ -241,13 +243,16 @@ print_iso9660_recurse (iso9660_t *p_iso, const char psz_path[])
iso9660_stat_t *p_statbuf = _cdio_list_node_data (entnode);
char *psz_iso_name = p_statbuf->filename;
char _fullname[4096] = { 0, };
- if (strlen(psz_iso_name) >= translated_name_size) {
+ if (strlen(psz_iso_name) == 0)
+ continue;
+
+ if (strlen(psz_iso_name) >= translated_name_size) {
translated_name_size = strlen(psz_iso_name)+1;
free(translated_name);
translated_name = (char *) malloc(translated_name_size);
if (!translated_name) {
report( stderr, "Error allocating memory\n" );
- return;
+ return 2;
}
}
@@ -297,16 +302,17 @@ print_iso9660_recurse (iso9660_t *p_iso, const char psz_path[])
{
char *_fullname = _cdio_list_node_data (entnode);
- print_iso9660_recurse (p_iso, _fullname);
+ rc += print_iso9660_recurse (p_iso, _fullname);
}
_cdio_list_free (dirlist, true);
+ return rc;
}
-static void
+static int
print_iso9660_fs (iso9660_t *iso)
{
- print_iso9660_recurse (iso, "/");
+ return print_iso9660_recurse (iso, "/");
}
static void
@@ -429,6 +435,7 @@ main(int argc, char *argv[])
iso9660_t *p_iso=NULL;
iso_extension_mask_t iso_extension_mask = ISO_EXTENSION_ALL;
+ int rc = EXIT_SUCCESS;
init();
@@ -498,7 +505,7 @@ main(int argc, char *argv[])
printf("Note: both -f and -l options given -- "
"-l (long listing) takes precidence\n");
}
- print_iso9660_fs(p_iso);
+ rc = print_iso9660_fs(p_iso);
} else if (opts.print_udf) {
print_udf_fs();
}
@@ -508,5 +515,5 @@ main(int argc, char *argv[])
iso9660_close(p_iso);
/* Not reached:*/
free(program_name);
- return(EXIT_SUCCESS);
+ return(rc);
}
diff --git a/src/util.c b/src/util.c
index 4062ee2a..ad44a97c 100644
--- a/src/util.c
+++ b/src/util.c
@@ -1,5 +1,5 @@
/*
- Copyright (C) 2003-2010, 2012-2013 Rocky Bernstein <rocky@gnu.org>
+ Copyright (C) 2003-2010, 2012-2014, 2017 Rocky Bernstein <rocky@gnu.org>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -56,7 +56,7 @@ print_version (char *program_name, const char *version,
if (no_header == 0) {
report( stdout,
"%s version %s\n"
- "Copyright (c) 2003-2005, 2007-2008, 2011-2013 "
+ "Copyright (c) 2003-2005, 2007-2008, 2011-2015, 2017 "
"R. Bernstein\n",
program_name, version);
report( stdout,
diff --git a/test/Makefile.am b/test/Makefile.am
index a2c57de2..cd370745 100644
--- a/test/Makefile.am
+++ b/test/Makefile.am
@@ -47,7 +47,8 @@ test_lib_driver_util_CFLAGS = -DDATA_DIR=\"$(DATA_DIR)\"
testpregap_CFLAGS = -DDATA_DIR=\"$(DATA_DIR)\"
check_SCRIPTS = check_nrg.sh check_cue.sh check_cd_read.sh check_udf.sh \
- check_iso.sh check_fuzzyiso.sh check_opts.sh \
+ check_iso.sh check_bad_iso.sh \
+ check_fuzzyiso.sh check_opts.sh \
check_iso_read.sh
check_udf.sh: @abs_top_builddir@/example/extract$(EXEEXT)
diff --git a/test/check_bad_iso.sh b/test/check_bad_iso.sh
new file mode 100755
index 00000000..1ca3b6ca
--- /dev/null
+++ b/test/check_bad_iso.sh
@@ -0,0 +1,46 @@
+#!/bin/sh
+
+if test "X$abs_top_srcdir" = "X" ; then
+ abs_top_srcdir=/src/external-vcs/savannah/libcdio
+fi
+
+if test -z $srcdir ; then
+ srcdir=$(pwd)
+fi
+
+if test "X$top_builddir" = "X" ; then
+ top_builddir=$(pwd)/..
+fi
+
+. ${top_builddir}/test/check_common_fn
+
+if test ! -x ../src/iso-info ; then
+ exit 77
+fi
+
+BASE=$(basename $0 .sh)
+fname=bad-dir
+
+RC=0
+
+opts="--quiet ${abs_top_srcdir}/test/data/${fname}.iso"
+cmdname=iso-info
+cmd=../src/iso-info
+if ! "${cmd}" --no-header ${opts} 2>&1 ; then
+ echo "$0: unexpected failure"
+ RC=1
+fi
+
+opts="--quiet ${abs_top_srcdir}/test/data/${fname}.iso --iso9660"
+if "${cmd}" --no-header ${opts} 2>&1 ; then
+ ((RC+=1))
+else
+ echo "$0: expected failure"
+fi
+
+exit $RC
+
+#;;; Local Variables: ***
+#;;; mode:shell-script ***
+#;;; eval: (sh-set-shell "bash") ***
+#;;; End: ***
diff --git a/test/check_iso.sh.in b/test/check_iso.sh.in
index c3e219b8..7ccf82cf 100755
--- a/test/check_iso.sh.in
+++ b/test/check_iso.sh.in
@@ -1,11 +1,11 @@
-#!/bin/sh
+#!@SHELL@
if test -z $srcdir ; then
- srcdir=`pwd`
+ srcdir=$(pwd)
fi
if test "X$top_builddir" = "X" ; then
- top_builddir=`pwd`/..
+ top_builddir=$(pwd)/..
fi
. ${top_builddir}/test/check_common_fn
@@ -14,7 +14,7 @@ if test ! -x ../src/iso-info@EXEEXT@ ; then
exit 77
fi
-BASE=`basename $0 .sh`
+BASE=$(basename $0 .sh)
fname=copying
opts="--quiet ${srcdir}/data/${fname}.iso --iso9660 "
@@ -46,7 +46,7 @@ if test -n "@HAVE_ROCK@"; then
fi
if test -n "@HAVE_JOLIET@" ; then
- BASE=`basename $0 .sh`
+ BASE=$(basename $0 .sh)
fname=joliet
opts="--quiet ${srcdir}/data/${fname}.iso --iso9660 "
test_iso_info "$opts" ${fname}-nojoliet.dump ${srcdir}/${fname}.right
diff --git a/test/data/Makefile.am b/test/data/Makefile.am
index 5e913cf9..1b8a5655 100644
--- a/test/data/Makefile.am
+++ b/test/data/Makefile.am
@@ -5,6 +5,7 @@ check_DATA = \
bad-cat2.toc \
bad-cat3.cue \
bad-cat3.toc \
+ bad-dir.iso \
bad-file.toc \
bad-mode1.cue \
bad-mode1.toc \

29
SOURCES/cdio_config.h

@ -0,0 +1,29 @@
/*
* Kluge to support multilib installation of both 32- and 64-bit RPMS:
* we need to arrange that header files that appear in both RPMs are
* identical. Hence, this file is architecture-independent and calls
* in an arch-dependent file that will appear in just one RPM.
*
* To avoid breaking arches not explicitly supported by Red Hat, we
* use this indirection file *only* on known multilib arches.
*
* Note: this may well fail if user tries to use gcc's -I- option.
* But that option is deprecated anyway.
*/
#if defined(__x86_64__)
#include "cdio_config_x86_64.h"
#elif defined(__i386__)
#include "cdio_config_i386.h"
#elif defined(__ppc64__) || defined(__powerpc64__)
#include "cdio_config_ppc64.h"
#elif defined(__ppc__) || defined(__powerpc__)
#include "cdio_config_ppc.h"
#elif defined(__s390x__)
#include "cdio_config_s390x.h"
#elif defined(__s390__)
#include "cdio_config_s390.h"
#elif defined(__sparc__) && defined(__arch64__)
#include "cdio_config_sparc64.h"
#elif defined(__sparc__)
#include "cdio_config_sparc.h"
#endif

4
SOURCES/libcdio-no_date_footer.hml

@ -0,0 +1,4 @@
<hr size="1"><address style="text-align: right;"><small>
Generated for $projectname by&nbsp;<a href="http://www.doxygen.org/
index.html"><img src="doxygen.png" alt="doxygen" align="middle" border="0"></a>
$doxygenversion</small></address></body></html>

319
SPECS/libcdio.spec

@ -0,0 +1,319 @@
Name: libcdio
Version: 0.92
Release: 3%{?dist}
Summary: CD-ROM input and control library
Group: System Environment/Libraries
License: GPLv3+
URL: http://www.gnu.org/software/libcdio/
Source0: http://ftp.gnu.org/gnu/libcdio/libcdio-0.92.tar.gz
Source1: http://ftp.gnu.org/gnu/libcdio/libcdio-0.92.tar.gz.sig
Source2: libcdio-no_date_footer.hml
Source3: cdio_config.h
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: pkgconfig doxygen
BuildRequires: ncurses-devel
BuildRequires: help2man
Requires(post): /sbin/ldconfig
Requires(post): /sbin/install-info
Requires(preun): /sbin/install-info
BuildRequires: gettext-devel
BuildRequires: chrpath


Patch0: CVE-2017-18201.patch
#Following patches (1-4) also fix CVE-2017-18199
Patch1: CVE-2017-18198-part1.patch
Patch2: CVE-2017-18198-part2.patch
Patch3: CVE-2017-18198-part3.patch
Patch4: CVE-2017-18198-part4.patch

%description
This library provides an interface for CD-ROM access. It can be used
by applications that need OS- and device-independent access to CD-ROM
devices.

%package devel
Summary: Header files and libraries for %{name}
Group: Development/Libraries
Requires: %{name} = %{version}-%{release}

%description devel
This package contains header files and libraries for %{name}.


%prep
%setup -q
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p3
%patch4 -p3

f=src/cd-paranoia/doc/ja/cd-paranoia.1.in
iconv -f euc-jp -t utf-8 -o $f.utf8 $f && mv $f.utf8 $f
iconv -f ISO88591 -t utf-8 -o THANKS.utf8 THANKS && mv THANKS.utf8 THANKS

%build
%configure \
--disable-vcd-info \
--disable-dependency-tracking \
--disable-cddb \
--disable-static \
--disable-rpath
make %{?_smp_mflags}

# another multilib fix; remove the architecture information from version.h
sed -i -e "s,%{version}.*$,%{version}\\\",g" include/cdio/version.h

cd doc/doxygen
sed -i -e "s,HTML_FOOTER.*$,HTML_FOOTER = libcdio-no_date_footer.hml,g; \
s,EXCLUDE .*$,EXCLUDE = ../../include/cdio/cdio_config.h,g;" Doxyfile
cp %{SOURCE2} .
./run_doxygen

%install
rm -rf $RPM_BUILD_ROOT
make install DESTDIR=$RPM_BUILD_ROOT

# multilib header hack; taken from postgresql.spec
case `uname -i` in
i386 | x86_64 | ppc | ppc64 | s390 | s390x | sparc | sparc64 )
mv $RPM_BUILD_ROOT%{_includedir}/cdio/cdio_config.h $RPM_BUILD_ROOT%{_includedir}/cdio/cdio_config_`uname -i`.h
install -m 644 %{SOURCE3} $RPM_BUILD_ROOT%{_includedir}/cdio
;;
*)
;;
esac

rm -f $RPM_BUILD_ROOT%{_infodir}/dir
find $RPM_BUILD_ROOT -type f -name "*.la" -exec rm -f {} ';'

rm -rf examples
mkdir -p examples/C++
cp -a example/{*.c,README} examples
cp -a example/C++/{*.cpp,README} examples/C++

# fix timestamps of generated man-pages
for i in cd-info iso-read iso-info cd-read cd-drive; do
# remove build architecture information from man pages
sed -i -e 's, version.*linux-gnu,,g' $RPM_BUILD_ROOT%{_mandir}/man1/$i.1
# remove libtool leftover from man pages
sed -i -e 's,lt-,,g;s,LT-,,g' $RPM_BUILD_ROOT%{_mandir}/man1/$i.1
# fix timestamps to be the same in all packages
touch -r src/$i.help2man $RPM_BUILD_ROOT%{_mandir}/man1/$i.1
done

# remove rpath
chrpath --delete $RPM_BUILD_ROOT%{_bindir}/*
chrpath --delete $RPM_BUILD_ROOT%{_libdir}/*.so.*

%check
# disable test using local CDROM
%{__sed} -i -e "s,testiso9660\$(EXEEXT),,g" \
-e "s,testisocd\$(EXEEXT),,g" \
-e "s,check_paranoia.sh check_opts.sh, check_opts.sh,g" \
test/Makefile
make check


%clean
rm -rf $RPM_BUILD_ROOT


%post
/sbin/ldconfig
/sbin/install-info %{_infodir}/%{name}.info %{_infodir}/dir 2>/dev/null || :

%preun
if [ $1 = 0 ]; then
/sbin/install-info --delete %{_infodir}/%{name}.info \
%{_infodir}/dir 2>/dev/null || :
fi

%postun -p /sbin/ldconfig


%files
%defattr(-,root,root,-)
%doc AUTHORS COPYING NEWS README README.libcdio THANKS TODO
%{_bindir}/*
%{_libdir}/*.so.*
%{_infodir}/*
%{_mandir}/man1/*


%files devel
%defattr(-,root,root,-)
%doc doc/doxygen/html examples
%{_includedir}/cdio
%{_includedir}/cdio++
%{_libdir}/*.so
%{_libdir}/pkgconfig/*.pc


%changelog
* Mon Jun 18 2018 Jakub Martisko <jamartis@redhat.com> - 0.92-3
- fix CVE-2017-18198 and CVE-2017-18199
- Resolves: rhbz#1553769
- Resolves: rhbz#1553604

* Mon Jun 18 2018 Jakub Martisko <jamartis@redhat.com> - 0.92-2
- fix CVE-2017-18201
- Resolves: rhbz#1553621

* Mon Dec 16 2013 Adrian Reber <adrian@lisas.de> - 0.92-1
- updated to 0.92
- Resolves: rhbz#1065642

* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.90-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild

* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.90-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild

* Thu Nov 22 2012 Adrian Reber <adrian@lisas.de> - 0.90-1
- updated to 0.90

* Tue Jul 24 2012 Adrian Reber <adrian@lisas.de> - 0.83-5
- fixed #477288 (libcdio-devel multilib conflict) again

* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.83-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

* Fri Mar 23 2012 Adrian Reber <adrian@lisas.de> - 0.83-3
- fixed #804484 (/usr/bin/cd-info was killed by signal 11)

* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.83-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

* Sun Nov 13 2011 Adrian Reber <adrian@lisas.de> - 0.83-1
- updated to 0.83

* Mon May 30 2011 Honza Horak <hhorak@redhat.com> - 0.82-5
- applied patch to fix issues found by static analyses

* Thu May 19 2011 Honza Horak <hhorak@redhat.com> - 0.82-4
- fixed #705673 buffer overflow and other unprotected sprintf calls

* Mon Feb 07 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.82-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

* Thu Jan 28 2010 Adrian Reber <adrian@lisas.de> - 0.82-2
- disabled building of static libraries (#556064)
- removed "Requires: pkgconfig" (rpm adds it automatically)

* Wed Jan 20 2010 Roman Rakus rrakus@redhat.com 0.82-1
- Update to 0.82
- removed rpath
- converted THANKS to utf8

* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.81-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.81-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

* Tue Oct 07 2008 Adrian Reber <adrian@lisas.de> - 0.81-1
- updated to 0.81
- license changed to GPLv3+
- fixed #477288 (libcdio-devel multilib conflict)
- applied patch to fix endless loop in mock

* Tue Oct 07 2008 Adrian Reber <adrian@lisas.de> - 0.80-5
- fixed #462125 (Multilib conflict) - really, really, really
(also remove architecture information from man pages)

* Thu Oct 02 2008 Adrian Reber <adrian@lisas.de> - 0.80-4
- fixed #462125 (Multilib conflict) - this time for real

* Fri Sep 12 2008 Adrian Reber <adrian@lisas.de> - 0.80-3
- fixed #462125 (Multilib conflict)

* Wed Jun 4 2008 Tomas Bzatek <tbzatek@redhat.com> - 0.80-2
- added patch enabling libcdio_paranoia.pc

* Thu May 29 2008 Adrian Reber <adrian@lisas.de> - 0.80-1
- updated to 0.80
- removed upstreamed patches
- last GPLv2+ release

* Thu Feb 14 2008 Adrian Reber <adrian@lisas.de> - 0.79-3
- added patch to compile with gcc43

* Fri Jan 04 2008 Adrian Reber <adrian@lisas.de> - 0.79-2
- fixed security fix (was off by two)

* Wed Jan 02 2008 Adrian Reber <adrian@lisas.de> - 0.79-1
- updated to 0.79
- fixes #427197 (Long Joliet file name overflows cdio's buffer)
- fixes #341981 (multiarch conflicts in libcdio)

* Fri Aug 24 2007 Adrian Reber <adrian@lisas.de> - 0.78.2-3
- rebuilt

* Mon Jul 23 2007 Adrian Reber <adrian@lisas.de> - 0.78.2-2
- updated to 0.78.2 (#221359) (this time for real)

* Thu Jan 04 2007 Adrian Reber <adrian@lisas.de> - 0.78.2-1
- updated to 0.78.2 (#221359)

* Thu Oct 05 2006 Adrian Reber <adrian@lisas.de> - 0.77-3
- disabled iso9660 test case (fails for some reason with date problems)
this seems to be a known problem according to the ChangeLog

* Thu Oct 05 2006 Christian Iseli <Christian.Iseli@licr.org> 0.77-2
- rebuilt for unwind info generation, broken in gcc-4.1.1-21

* Fri Sep 22 2006 Adrian Reber <adrian@lisas.de> - 0.77-1
- Updated to 0.77

* Mon Sep 18 2006 Adrian Reber <adrian@lisas.de> - 0.76-3
- Rebuilt

* Mon Sep 26 2005 Adrian Reber <adrian@lisas.de> - 0.76-2
- Rebuilt

* Mon Sep 26 2005 Adrian Reber <adrian@lisas.de> - 0.76-1
- Updated to 0.76.
- Included doxygen generated documentation into -devel
- Included examples into -devel

* Mon Aug 01 2005 Adrian Reber <adrian@lisas.de> - 0.75-4
- disable test accessing local CDROM drive (#164266)

* Wed Jul 27 2005 Adrian Reber <adrian@lisas.de> - 0.75-3
- Rebuilt without libcddb dependency (#164270)

* Tue Jul 26 2005 Adrian Reber <adrian@lisas.de> - 0.75-2
- Rebuilt

* Thu Jul 14 2005 Adrian Reber <adrian@lisas.de> - 0.75-1
- Updated to 0.75.

* Fri Jun 03 2005 Adrian Reber <adrian@lisas.de> - 0.74-2
- Updated to 0.74.

* Sun Apr 24 2005 Ville Skyttä <ville.skytta at iki.fi> - 0.73-2
- BuildRequire ncurses-devel (for cdda-player and cd-paranoia).
- Run test suite during build.
- Install Japanese man pages.

* Sun Apr 24 2005 Adrian Reber <adrian@lisas.de> - 0.73-1
- Updated to 0.73.

* Fri Mar 18 2005 Ville Skyttä <ville.skytta at iki.fi> - 0.70-2
- Fix FC4 build (#151468).
- Build with dependency tracking disabled.

* Sun Sep 5 2004 Marius L. Jøhndal <mariuslj at ifi.uio.no> - 0:0.70-0.fdr.1
- Updated to 0.70.

* Sat Jul 17 2004 Marius L. Jøhndal <mariuslj at ifi.uio.no> - 0:0.69-0.fdr.1
- Updated to 0.69.
- Removed broken iso-read.
- Split Requires(pre,post).
- Added BuildReq pkgconfig.

* Mon Mar 29 2004 Marius L. Jøhndal <mariuslj at ifi.uio.no> - 0:0.68-0.fdr.1
- Initial RPM release.

Loading…
Cancel
Save