From e8b5e666d00d896c7558b9568093eb657b1685a3 Mon Sep 17 00:00:00 2001 From: Andy Caldwell Date: Fri, 30 Sep 2022 19:14:23 +0100 Subject: [PATCH 1/5] Ensure `python3-rpm` pulls in appropriate libs --- SPECS/rpm/rpm.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/SPECS/rpm/rpm.spec b/SPECS/rpm/rpm.spec index b53dd34f7ec..c5bd475ad12 100644 --- a/SPECS/rpm/rpm.spec +++ b/SPECS/rpm/rpm.spec @@ -20,11 +20,13 @@ Patch1: define-RPM_LD_FLAGS.patch Patch2: fix_RPM_GNUC_DEPRECATED_headers.patch BuildRequires: autoconf BuildRequires: automake +BuildRequires: awk BuildRequires: debugedit BuildRequires: elfutils-devel BuildRequires: file-devel BuildRequires: gettext BuildRequires: libarchive-devel +BuildRequires: libtool BuildRequires: libcap-devel BuildRequires: libselinux-devel BuildRequires: lua-devel @@ -106,7 +108,8 @@ These are the additional language files of rpm. %package -n python3-rpm Summary: Python 3 bindings for rpm. Group: Development/Libraries -Requires: %{name}-build-libs +Requires: %{name}-build-libs >= %{version}-%{release} +Requires: %{name}-libs >= %{version}-%{release} Requires: python3 Provides: %{name}-python3 = %{version}-%{release} From 7a6b78caebeab70f58c4073e0fd4773063232ed8 Mon Sep 17 00:00:00 2001 From: Andy Caldwell Date: Fri, 30 Sep 2022 19:17:45 +0100 Subject: [PATCH 2/5] Declare release for fix --- SPECS/rpm/rpm.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/SPECS/rpm/rpm.spec b/SPECS/rpm/rpm.spec index c5bd475ad12..3a5bf3c4d6b 100644 --- a/SPECS/rpm/rpm.spec +++ b/SPECS/rpm/rpm.spec @@ -1,7 +1,7 @@ Summary: Package manager Name: rpm Version: 4.18.0 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ AND LGPLv2+ AND BSD Vendor: Microsoft Corporation Distribution: Mariner @@ -284,6 +284,9 @@ popd %{python3_sitelib}/* %changelog +* Fri Sep 30 2022 Andy Caldwell - 4.18.0-2 +- Create versioned dependency from `python3-rpm` -> `rpm-libs` to ensure ABI compatibility + * Wed Sep 21 2022 Daniel McIlvaney - 4.18.0-1 - Update to 4.18.0 to resolve CVE-2021-35938, CVE-2021-35939, and CVE-2021-3521 From 47881781d9d9778cb3bd8d757d7b392e5aaf8b1b Mon Sep 17 00:00:00 2001 From: Andy Caldwell Date: Fri, 30 Sep 2022 19:23:57 +0100 Subject: [PATCH 3/5] Add rpm-build-libs -> rpm-libs dependency too --- SPECS/rpm/rpm.spec | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/SPECS/rpm/rpm.spec b/SPECS/rpm/rpm.spec index 3a5bf3c4d6b..4fa580cae78 100644 --- a/SPECS/rpm/rpm.spec +++ b/SPECS/rpm/rpm.spec @@ -67,6 +67,7 @@ Requires: zstd-libs Shared libraries librpm and librpmio %package build-libs +Requires: %{name}-libs = %{version}-%{release} Summary: Librpmbuild.so.* libraries needed to build rpms. %description build-libs @@ -108,8 +109,8 @@ These are the additional language files of rpm. %package -n python3-rpm Summary: Python 3 bindings for rpm. Group: Development/Libraries -Requires: %{name}-build-libs >= %{version}-%{release} -Requires: %{name}-libs >= %{version}-%{release} +Requires: %{name}-build-libs = %{version}-%{release} +Requires: %{name}-libs = %{version}-%{release} Requires: python3 Provides: %{name}-python3 = %{version}-%{release} @@ -285,7 +286,7 @@ popd %changelog * Fri Sep 30 2022 Andy Caldwell - 4.18.0-2 -- Create versioned dependency from `python3-rpm` -> `rpm-libs` to ensure ABI compatibility +- Create versioned dependencies from `python3-rpm` -> `rpm-build-libs` -> `rpm-libs` to ensure ABI compatibility * Wed Sep 21 2022 Daniel McIlvaney - 4.18.0-1 - Update to 4.18.0 to resolve CVE-2021-35938, CVE-2021-35939, and CVE-2021-3521 From c5990841356d42f6f81622cffd14921cd9a6d94e Mon Sep 17 00:00:00 2001 From: Andy Caldwell Date: Fri, 30 Sep 2022 19:36:37 +0100 Subject: [PATCH 4/5] Update toolchain version references --- .../manifests/package/pkggen_core_aarch64.txt | 12 ++++++------ .../manifests/package/pkggen_core_x86_64.txt | 12 ++++++------ .../manifests/package/toolchain_aarch64.txt | 16 ++++++++-------- .../manifests/package/toolchain_x86_64.txt | 16 ++++++++-------- 4 files changed, 28 insertions(+), 28 deletions(-) diff --git a/toolkit/resources/manifests/package/pkggen_core_aarch64.txt b/toolkit/resources/manifests/package/pkggen_core_aarch64.txt index acb696d3592..8e2450379ef 100644 --- a/toolkit/resources/manifests/package/pkggen_core_aarch64.txt +++ b/toolkit/resources/manifests/package/pkggen_core_aarch64.txt @@ -175,12 +175,12 @@ libcap-devel-2.60-1.cm2.aarch64.rpm debugedit-5.0-1.cm2.aarch64.rpm libarchive-3.6.1-1.cm2.aarch64.rpm libarchive-devel-3.6.1-1.cm2.aarch64.rpm -rpm-4.18.0-1.cm2.aarch64.rpm -rpm-build-4.18.0-1.cm2.aarch64.rpm -rpm-build-libs-4.18.0-1.cm2.aarch64.rpm -rpm-devel-4.18.0-1.cm2.aarch64.rpm -rpm-lang-4.18.0-1.cm2.aarch64.rpm -rpm-libs-4.18.0-1.cm2.aarch64.rpm +rpm-4.18.0-2.cm2.aarch64.rpm +rpm-build-4.18.0-2.cm2.aarch64.rpm +rpm-build-libs-4.18.0-2.cm2.aarch64.rpm +rpm-devel-4.18.0-2.cm2.aarch64.rpm +rpm-lang-4.18.0-2.cm2.aarch64.rpm +rpm-libs-4.18.0-2.cm2.aarch64.rpm cpio-2.13-4.cm2.aarch64.rpm cpio-lang-2.13-4.cm2.aarch64.rpm e2fsprogs-libs-1.46.5-3.cm2.aarch64.rpm diff --git a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt index f16a5d228d0..df8c780a4b3 100644 --- a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt +++ b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt @@ -175,12 +175,12 @@ libcap-devel-2.60-1.cm2.x86_64.rpm debugedit-5.0-1.cm2.x86_64.rpm libarchive-3.6.1-1.cm2.x86_64.rpm libarchive-devel-3.6.1-1.cm2.x86_64.rpm -rpm-4.18.0-1.cm2.x86_64.rpm -rpm-build-4.18.0-1.cm2.x86_64.rpm -rpm-build-libs-4.18.0-1.cm2.x86_64.rpm -rpm-devel-4.18.0-1.cm2.x86_64.rpm -rpm-lang-4.18.0-1.cm2.x86_64.rpm -rpm-libs-4.18.0-1.cm2.x86_64.rpm +rpm-4.18.0-2.cm2.x86_64.rpm +rpm-build-4.18.0-2.cm2.x86_64.rpm +rpm-build-libs-4.18.0-2.cm2.x86_64.rpm +rpm-devel-4.18.0-2.cm2.x86_64.rpm +rpm-lang-4.18.0-2.cm2.x86_64.rpm +rpm-libs-4.18.0-2.cm2.x86_64.rpm cpio-2.13-4.cm2.x86_64.rpm cpio-lang-2.13-4.cm2.x86_64.rpm e2fsprogs-libs-1.46.5-3.cm2.x86_64.rpm diff --git a/toolkit/resources/manifests/package/toolchain_aarch64.txt b/toolkit/resources/manifests/package/toolchain_aarch64.txt index 42b5eca6175..14dd7f6308e 100644 --- a/toolkit/resources/manifests/package/toolchain_aarch64.txt +++ b/toolkit/resources/manifests/package/toolchain_aarch64.txt @@ -518,20 +518,20 @@ python3-markupsafe-2.1.0-1.cm2.aarch64.rpm python3-newt-0.52.21-4.cm2.aarch64.rpm python3-pip-3.9.14-1.cm2.noarch.rpm python3-pygments-2.4.2-7.cm2.noarch.rpm -python3-rpm-4.18.0-1.cm2.aarch64.rpm +python3-rpm-4.18.0-2.cm2.aarch64.rpm python3-setuptools-3.9.14-1.cm2.noarch.rpm python3-test-3.9.14-1.cm2.aarch64.rpm python3-tools-3.9.14-1.cm2.aarch64.rpm readline-8.1-1.cm2.aarch64.rpm readline-debuginfo-8.1-1.cm2.aarch64.rpm readline-devel-8.1-1.cm2.aarch64.rpm -rpm-4.18.0-1.cm2.aarch64.rpm -rpm-build-4.18.0-1.cm2.aarch64.rpm -rpm-build-libs-4.18.0-1.cm2.aarch64.rpm -rpm-debuginfo-4.18.0-1.cm2.aarch64.rpm -rpm-devel-4.18.0-1.cm2.aarch64.rpm -rpm-lang-4.18.0-1.cm2.aarch64.rpm -rpm-libs-4.18.0-1.cm2.aarch64.rpm +rpm-4.18.0-2.cm2.aarch64.rpm +rpm-build-4.18.0-2.cm2.aarch64.rpm +rpm-build-libs-4.18.0-2.cm2.aarch64.rpm +rpm-debuginfo-4.18.0-2.cm2.aarch64.rpm +rpm-devel-4.18.0-2.cm2.aarch64.rpm +rpm-lang-4.18.0-2.cm2.aarch64.rpm +rpm-libs-4.18.0-2.cm2.aarch64.rpm sed-4.8-2.cm2.aarch64.rpm sed-debuginfo-4.8-2.cm2.aarch64.rpm sed-lang-4.8-2.cm2.aarch64.rpm diff --git a/toolkit/resources/manifests/package/toolchain_x86_64.txt b/toolkit/resources/manifests/package/toolchain_x86_64.txt index 3d649961902..3bc03c4cdd2 100644 --- a/toolkit/resources/manifests/package/toolchain_x86_64.txt +++ b/toolkit/resources/manifests/package/toolchain_x86_64.txt @@ -518,20 +518,20 @@ python3-markupsafe-2.1.0-1.cm2.x86_64.rpm python3-newt-0.52.21-4.cm2.x86_64.rpm python3-pip-3.9.14-1.cm2.noarch.rpm python3-pygments-2.4.2-7.cm2.noarch.rpm -python3-rpm-4.18.0-1.cm2.x86_64.rpm +python3-rpm-4.18.0-2.cm2.x86_64.rpm python3-setuptools-3.9.14-1.cm2.noarch.rpm python3-test-3.9.14-1.cm2.x86_64.rpm python3-tools-3.9.14-1.cm2.x86_64.rpm readline-8.1-1.cm2.x86_64.rpm readline-debuginfo-8.1-1.cm2.x86_64.rpm readline-devel-8.1-1.cm2.x86_64.rpm -rpm-4.18.0-1.cm2.x86_64.rpm -rpm-build-4.18.0-1.cm2.x86_64.rpm -rpm-build-libs-4.18.0-1.cm2.x86_64.rpm -rpm-debuginfo-4.18.0-1.cm2.x86_64.rpm -rpm-devel-4.18.0-1.cm2.x86_64.rpm -rpm-lang-4.18.0-1.cm2.x86_64.rpm -rpm-libs-4.18.0-1.cm2.x86_64.rpm +rpm-4.18.0-2.cm2.x86_64.rpm +rpm-build-4.18.0-2.cm2.x86_64.rpm +rpm-build-libs-4.18.0-2.cm2.x86_64.rpm +rpm-debuginfo-4.18.0-2.cm2.x86_64.rpm +rpm-devel-4.18.0-2.cm2.x86_64.rpm +rpm-lang-4.18.0-2.cm2.x86_64.rpm +rpm-libs-4.18.0-2.cm2.x86_64.rpm sed-4.8-2.cm2.x86_64.rpm sed-debuginfo-4.8-2.cm2.x86_64.rpm sed-lang-4.8-2.cm2.x86_64.rpm From 8955dafdf9f65288f4036e77647f0031237f8a47 Mon Sep 17 00:00:00 2001 From: Andy Caldwell Date: Fri, 30 Sep 2022 19:44:02 +0100 Subject: [PATCH 5/5] Spec linter changes --- SPECS/rpm/rpm.spec | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/SPECS/rpm/rpm.spec b/SPECS/rpm/rpm.spec index 4fa580cae78..7771560a59c 100644 --- a/SPECS/rpm/rpm.spec +++ b/SPECS/rpm/rpm.spec @@ -26,9 +26,9 @@ BuildRequires: elfutils-devel BuildRequires: file-devel BuildRequires: gettext BuildRequires: libarchive-devel -BuildRequires: libtool BuildRequires: libcap-devel BuildRequires: libselinux-devel +BuildRequires: libtool BuildRequires: lua-devel BuildRequires: openssl-devel BuildRequires: popt-devel @@ -67,8 +67,8 @@ Requires: zstd-libs Shared libraries librpm and librpmio %package build-libs -Requires: %{name}-libs = %{version}-%{release} Summary: Librpmbuild.so.* libraries needed to build rpms. +Requires: %{name}-libs = %{version}-%{release} %description build-libs %{summary} @@ -155,7 +155,7 @@ popd sed -i 's/@MAJORVER-PROVIDES-VERSIONS@/%{python3_version}/' %{SOURCE3} # Fix the interpreter path for python replacing the first line -sed -i '1 s:.*:#!/usr/bin/python3:' %{SOURCE5} +sed -i '1 s:.*:#!%{_bindir}/python3:' %{SOURCE5} %check make check TESTSUITEFLAGS=-j%{_smp_build_ncpus}