public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed
From: Robert Scheck <robert@fedoraproject.org>
To: git-commits@fedoraproject.org
Subject: [rpms/pxz] epel10: Update to GIT 20220509 (#2043515)
Date: Mon, 15 Jun 2026 21:56:11 GMT [thread overview]
Message-ID: <178156057131.1.16295157932880835408.rpms-pxz-729d4b917c9b@fedoraproject.org> (raw)
A new commit has been pushed.
Repo : rpms/pxz
Branch : epel10
Commit : 729d4b917c9b18a6d1ce0687acb51ead920b5e9e
Author : Robert Scheck <robert@fedoraproject.org>
Date : 2022-05-10T11:13:12+02:00
Stats : +20/-111 in 5 file(s)
URL : https://src.fedoraproject.org/rpms/pxz/c/729d4b917c9b18a6d1ce0687acb51ead920b5e9e?branch=epel10
Log:
Update to GIT 20220509 (#2043515)
---
diff --git a/.gitignore b/.gitignore
index 6909b1e..877b6d3 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
+/pxz-*.tar.gz
/pxz-*.tar.xz
diff --git a/pxz-4.999.9-cve-2015-1200.patch b/pxz-4.999.9-cve-2015-1200.patch
deleted file mode 100644
index 236aac9..0000000
--- a/pxz-4.999.9-cve-2015-1200.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From eb233cfadd2480ca30e5853644bb63c97956ed88 Mon Sep 17 00:00:00 2001
-From: Robert Scheck <robert@fedoraproject.org>
-Date: Wed, 22 Apr 2020 00:02:18 +0200
-Subject: [PATCH] CVE-2015-1200: Race condition in setting permissions on
- output file
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Race condition in pxz 4.999.99 Beta 3 uses weak file permissions
-for the output file when compressing a file before changing the
-permission to match the original file, which allows local users
-to bypass the intended access restrictions.
-
-Patch by Moritz Mühlenhoff <jmm@inutil.org>
-
-See also:
- - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1200
- - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775306
- - https://bugzilla.redhat.com/show_bug.cgi?id=1182024
----
- pxz.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/pxz.c b/pxz.c
-index 4240b6e..1119ed7 100644
---- a/pxz.c
-+++ b/pxz.c
-@@ -312,6 +312,7 @@ int main( int argc, char **argv, char **envp ) {
- }
-
- fo = stdout;
-+ umask(077);
- if ( std_in ) {
- fi = stdin;
- } else {
diff --git a/pxz-4.999.9-revert-fa3194e.patch b/pxz-4.999.9-revert-fa3194e.patch
deleted file mode 100644
index e63cd7a..0000000
--- a/pxz-4.999.9-revert-fa3194e.patch
+++ /dev/null
@@ -1,65 +0,0 @@
-Revert https://github.com/jnovy/pxz/commit/fa3194ea0bf87ce377d5cec30fdcdb96db750896
-as it actually makes pxz quite unusable, see https://github.com/jnovy/pxz/issues/34
-
-diff --git a/pxz.c b/pxz.c
-index 74c7eae..be07845 100644
---- a/pxz.c
-+++ b/pxz.c
-@@ -132,13 +132,13 @@ const struct option long_opts[] = {
- { NULL, 0, NULL, 0 }
- };
-
--void __attribute__((noreturn)) run_xz( char **argv, char **envp ) {
-- execve(XZ_BINARY, argv, envp);
-+void __attribute__((noreturn)) run_xz( char **argv ) {
-+ execvp(XZ_BINARY, argv);
- error(0, errno, "execution of "XZ_BINARY" binary failed");
- exit(EXIT_FAILURE);
- }
-
--void parse_args( int argc, char **argv, char **envp ) {
-+void parse_args( int argc, char **argv ) {
- int c;
-
- opterr = 0;
-@@ -184,11 +184,11 @@ void parse_args( int argc, char **argv, char **envp ) {
- " -D, --context-size per-thread compression context size as a multiple\n"
- " of dictionary size. Default is 3.\n\n"
- "Usage and other options are same as in XZ:\n\n");
-- run_xz(argv, envp);
-+ run_xz(argv);
- break;
- case 'V':
- printf("Parallel PXZ "PXZ_VERSION" (build "PXZ_BUILD_DATE")\n");
-- run_xz(argv, envp);
-+ run_xz(argv);
- break;
- case 'g':
- opt_lzma_check = LZMA_CHECK_CRC32;
-@@ -197,7 +197,7 @@ void parse_args( int argc, char **argv, char **envp ) {
- case 't':
- case 'l':
- case '?':
-- run_xz(argv, envp);
-+ run_xz(argv);
- default:
- break;
- }
-@@ -246,7 +246,7 @@ int close_stream( FILE *f ) {
- return 0;
- }
-
--int main( int argc, char **argv, char **envp ) {
-+int main( int argc, char **argv ) {
- int i;
- uint64_t p, threads, chunk_size;
- uint8_t *m;
-@@ -271,7 +271,7 @@ int main( int argc, char **argv, char **envp ) {
- }
- snprintf(xzcmd, xzcmd_max, XZ_BINARY);
-
-- parse_args(argc, argv, envp);
-+ parse_args(argc, argv);
-
- lzma_lzma_preset(&lzma_options, opt_complevel);
-
diff --git a/pxz.spec b/pxz.spec
index e86f995..7d74e78 100644
--- a/pxz.spec
+++ b/pxz.spec
@@ -1,4 +1,6 @@
-%global git_date 20200421
+%global commit 136e5c25daf545753329d7cee1b06ae482fb9c44
+%global shortcommit %(c=%{commit}; echo ${c:0:7})
+%global git_date 20220509
Summary: Parallel LZMA compressor using XZ
Name: pxz
@@ -6,13 +8,11 @@ Version: 4.999.9
Release: 23.beta.%{git_date}git%{?dist}
License: GPLv2+
URL: https://jnovy.fedorapeople.org/pxz/
-# source created as "make dist" in checked out GIT tree: git clone git://github.com/jnovy/pxz.git
-Source0: https://jnovy.fedorapeople.org/%{name}/%{name}-%{version}beta.%{git_date}git.tar.xz
-Patch0: pxz-4.999.9-cve-2015-1200.patch
-Patch1: pxz-4.999.9-revert-fa3194e.patch
+Source0: https://github.com/jnovy/%{name}/archive/%{commit}/%{name}-%{version}beta.%{git_date}git%{shortcommit}.tar.gz
BuildRequires: gcc
BuildRequires: make
BuildRequires: xz-devel
+Requires: %{_bindir}/xz
%description
Parallel XZ is a compression utility that takes advantage of running
@@ -21,23 +21,32 @@ multiple cores and processors. This significantly speeds up compression
time.
%prep
-%setup -q -n %{name}-%{version}beta
-%patch0 -p1 -b .cve-2015-1200
-%patch1 -p1 -b .revert-fa3194e
+%setup -q -n %{name}-%{commit}
%build
-export CFLAGS="%{optflags} -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE"
+export CFLAGS="%{optflags} -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -DXZ_BINARY='\"%{_bindir}/xz\"'"
+export LDFLAGS="%{?__global_ldflags}"
%make_build
%install
%make_install
+%check
+# https://github.com/jnovy/pxz/pull/14
+./pxz -3 -c COPYING > test.xz
+xz -dc test.xz > COPYING.test
+cmp COPYING COPYING.test
+./pxz -dc test.xz > /dev/null
+
%files
%license COPYING
%{_bindir}/%{name}
%{_mandir}/man1/%{name}.1*
%changelog
+* Tue May 10 2022 Robert Scheck <robert@fedoraproject.org> 4.999.9-24.beta.20220509git
+- Update to GIT 20220509 (#2043515)
+
* Fri Jan 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 4.999.9-23.beta.20200421git
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
diff --git a/sources b/sources
index 4ec93b4..2882177 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (pxz-4.999.9beta.20200421git.tar.xz) = d7f47be278444991375336e6736dcf67d19452c951c73565cd26a0482f1af00d41101b435d937e20a003a22adefdda92e1f8737fe83b753d395b64a6ecba6f50
+SHA512 (pxz-4.999.9beta.20220509git136e5c2.tar.gz) = b1de877d2b8ee9ea5190af4c1a0dc97f7777c35a084137db6d86e23de99b332ea361a82ed995ac2ea12b7bf0670ae92a822235be3b19a1145b6cf5604074f960
reply other threads:[~2026-06-15 21:56 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=178156057131.1.16295157932880835408.rpms-pxz-729d4b917c9b@fedoraproject.org \
--to=robert@fedoraproject.org \
--cc=git-commits@fedoraproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox