Package libssh2: Specfile
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 | %define _unpackaged_files_terminate_build 1 Name: libssh2 Version: 1.11.0 Release: alt2 Summary: A library implementing the SSH2 protocol Group: Networking/Remote access License: BSD Url: https://www.libssh2.org/ VCS: https://github.com/libssh2/libssh2.git Source: %name-%version.tar Patch0001: 0001-scp-fix-missing-cast-for-targets-without-large-file-support.patch Patch0002: 0002-autotools-skip-tests-requiring-static-lib-if---disable-static-1072.patch Patch0003: 0003-autotools-improve-libz-position.patch Patch0004: 0004-test_sshdtest-set-a-safe-PID-directory-1089.patch Patch0005: 0005-Dont-put-LIBS-in-pc-file.patch Patch0006: 0006-upstream-CVE-2023-48795-fix.patch BuildRequires: libssl-devel zlib-devel # for tests BuildRequires: /proc /dev/pts openssh-server /usr/bin/man %description libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS(22), SECSH-USERAUTH(25), SECSH-CONNECTION(23), SECSH-ARCH(20), SECSH-FILEXFER(06)*, SECSH-DHGEX(04), and SECSH-NUMBERS(10). %package devel Summary: Development files for %name Group: Development/C Requires: %name = %version-%release %description devel This package contains libraries and header files for developing applications that use %name. %package docs Summary: Documentation for %name Group: Development/C BuildArch: noarch Requires: %name = %version-%release %description docs This package contains manual pages and examples for developing applications that use %name. %prep %setup %autopatch -p1 %build # set version ./maketgz %version only %autoreconf %configure --disable-static --enable-shared --disable-docker-tests %make_build %install %makeinstall_std %check echo "PrintLastLog no" >> tests/openssh_server/sshd_config echo "UsePAM no" >> tests/openssh_server/sshd_config echo "StrictModes no" >> tests/openssh_server/sshd_config LC_ALL=en_US.UTF-8 %make -C tests check %files %doc docs/AUTHORS README RELEASE-NOTES COPYING %_libdir/*.so.* %files docs %doc docs/BINDINGS.md docs/HACKING.md docs/TODO %_man3dir/*.3* %files devel %_includedir/* %_libdir/*.so %_pkgconfigdir/*.pc %changelog * Tue Jan 30 2024 Anton Farygin <rider@altlinux.ru> 1.11.0-alt2 - Applied security fix from upstream (Fixes: CVE-2023-48795). * Mon Jul 03 2023 Alexey Shabalin <shaba@altlinux.org> 1.11.0-alt1 - New version 1.11.0. - Backport some patches from upstream master. * Fri Nov 12 2021 Alexey Shabalin <shaba@altlinux.org> 1.10.0-alt1 - new version 1.10.0 * Fri Oct 02 2020 Aleksei Nikiforov <darktemplar@altlinux.org> 1.9.0-alt2 - Applied security fixes from upstream (Fixes: CVE-2019-17498). * Wed Jul 17 2019 Alexey Shabalin <shaba@altlinux.org> 1.9.0-alt1 - 1.9.0 (Fixes: CVE-2019-13115) * Wed Apr 03 2019 Alexey Shabalin <shaba@altlinux.org> 1.8.2-alt1 - 1.8.2 * Sun Mar 24 2019 Alexey Shabalin <shaba@altlinux.org> 1.8.1-alt1 - 1.8.1 - Fixes for the following security vulnerabilities: + Fixed possible integer overflow when reading a specially crafted packet (CVE-2019-3855) + Fixed possible integer overflow in userauth_keyboard_interactive with a number of extremely long prompt strings (CVE-2019-3863) + Fixed possible integer overflow if the server sent an extremely large number of keyboard prompts (CVE-2019-3856) + Fixed possible out of bounds read when processing a specially crafted packet (CVE-2019-3861) + Fixed possible integer overflow when receiving a specially crafted exit signal message channel packet (CVE-2019-3857) + Fixed possible out of bounds read when receiving a specially crafted exit status message channel packet (CVE-2019-3862) + Fixed possible zero byte allocation when reading a specially crafted SFTP packet (CVE-2019-3858) + Fixed possible out of bounds reads when processing specially crafted SFTP packets (CVE-2019-3860) + Fixed possible out of bounds reads in _libssh2_packet_require(v) (CVE-2019-3859) * Fri Aug 31 2018 Alexey Shabalin <shaba@altlinux.org> 1.8.0-alt1 - 1.8.0 - build with openssl-1.1 * Wed Nov 25 2015 Anton V. Boyarshinov <boyarsh@altlinux.org> 1.4.3-alt2 - CVE-2015-1782 fixed * Mon Dec 03 2012 Slava Dubrovskiy <dubrsl@altlinux.org> 1.4.3-alt1 - New version * Mon Jun 11 2012 Slava Dubrovskiy <dubrsl@altlinux.org> 1.4.2-alt1 - New version * Fri Feb 03 2012 Slava Dubrovskiy <dubrsl@altlinux.org> 1.4.0-alt1 - New version * Thu Sep 29 2011 Slava Dubrovskiy <dubrsl@altlinux.org> 1.3.0-alt1 - New version * Sat Sep 03 2011 Slava Dubrovskiy <dubrsl@altlinux.org> 1.2.9-alt1 - New version - Remove configure-fix-VERSION.patch (in upstream) * Wed Apr 27 2011 Slava Dubrovskiy <dubrsl@altlinux.org> 1.2.8-alt1 - New version - Add configure-fix-VERSION.patch * Wed Mar 09 2011 Dmitry V. Levin <ldv@altlinux.org> 1.2.7-alt3 - Rebuilt for soname set-versions and debuginfo. * Fri Oct 01 2010 Dmitry V. Levin <ldv@altlinux.org> 1.2.7-alt2 - Fixed packaging of documentation. - Enabled SMP build support. - Moved test suite to %%check. - Uncompressed tarball. - Cleaned up specfile. - Built with libcrypto.so.10. * Sun Sep 26 2010 Slava Dubrovskiy <dubrsl@altlinux.org> 1.2.7-alt1 - New version * Tue Aug 03 2010 Slava Dubrovskiy <dubrsl@altlinux.org> 1.2.6-alt1 - New version * Thu Feb 11 2010 Slava Dubrovskiy <dubrsl@altlinux.org> 1.2.3-alt1 - New version * Sat Sep 12 2009 Slava Dubrovskiy <dubrsl@altlinux.org> 1.2-alt1 - New version * Wed May 27 2009 Slava Dubrovskiy <dubrsl@altlinux.ru> 1.1-alt1 - Build for ALT |