Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package nekohtml for openSUSE:Factory checked in at 2022-04-25 23:35:16 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/nekohtml (Old) and /work/SRC/openSUSE:Factory/.nekohtml.new.1538 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "nekohtml" Mon Apr 25 23:35:16 2022 rev:3 rq:972549 version:1.9.22.noko2 Changes: -------- --- /work/SRC/openSUSE:Factory/nekohtml/nekohtml.changes 2022-03-23 20:20:22.738530670 +0100 +++ /work/SRC/openSUSE:Factory/.nekohtml.new.1538/nekohtml.changes 2022-04-25 23:35:24.398406310 +0200 @@ -1,0 +2,13 @@ +Mon Apr 25 07:38:49 UTC 2022 - Fridrich Strba <fst...@suse.com> + +- Use the security patched fork at + https://github.com/sparklemotion/nekohtml +- Upgrade to version 1.9.22.neko2 + * fixes bsc#1198739, CVE-2022-28366, bsc#1198404, CVE-2022-24839 +- Fetch tarball using source service +- Modified patches: + * 0002-Jar-paths.patch -> 0001-Jar-paths.patch + * 0003-Add-OSGi-attributes.patch -> 0002-Add-OSGi-attributes.patch + + rebase to changed context + +------------------------------------------------------------------- Old: ---- 0002-Jar-paths.patch 0003-Add-OSGi-attributes.patch nekohtml-1.9.22.pom nekohtml-1.9.22.tar.xz New: ---- 0001-Jar-paths.patch 0002-Add-OSGi-attributes.patch _service nekohtml-1.9.22.noko2.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ nekohtml.spec ++++++ --- /var/tmp/diff_new_pack.2teUoe/_old 2022-04-25 23:35:25.078407263 +0200 +++ /var/tmp/diff_new_pack.2teUoe/_new 2022-04-25 23:35:25.086407275 +0200 @@ -18,33 +18,26 @@ Name: nekohtml -Version: 1.9.22 +Version: 1.9.22.noko2 Release: 0 Summary: HTML scanner and tag balancer License: Apache-2.0 Group: Development/Libraries/Java -URL: http://nekohtml.sourceforge.net/ -# No upstream tarball for this release -# svn export svn://svn.code.sf.net/p/nekohtml/code/branches/nekohtml-1.9.22 nekohtml-1.9.22 -# find nekohtml-1.9.22 -name '*.jar' -delete -# tar cJf nekohtml-1.9.22.tar.xz nekohtml-1.9.22/ +URL: https://github.com/sparklemotion/nekohtml Source0: %{name}-%{version}.tar.xz Source2: nekohtml-component-info.xml -Source3: https://repo1.maven.org/maven2/net/sourceforge/%{name}/%{name}/%{version}/%{name}-%{version}.pom -Patch1: 0002-Jar-paths.patch +Patch1: 0001-Jar-paths.patch # Add proper attributes to MANIFEST.MF file so bundle can be used by other OSGI bundles. -Patch2: 0003-Add-OSGi-attributes.patch +Patch2: 0002-Add-OSGi-attributes.patch BuildRequires: ant -BuildRequires: ant-junit BuildRequires: bcel BuildRequires: fdupes BuildRequires: java-devel >= 1.8 BuildRequires: javapackages-local BuildRequires: xerces-j2 >= 2.7.1 BuildRequires: xml-apis -BuildRequires: xmvn-install -BuildRequires: xmvn-resolve Requires: bcel +Requires: javapackages-tools Requires: xerces-j2 >= 2.7.1 Requires: xml-apis BuildArch: noarch @@ -88,44 +81,48 @@ # cannonization test fails on some whitespace, TODO investigate rm data/meta/test-meta-encoding3.html -%{mvn_alias} net.sourceforge.%{name}:%{name} %{name}:%{name} -%{mvn_package} net.sourceforge.%{name}:%{name}-samples demo -%{mvn_file} ':{*}' @1 - %build -export CLASSPATH=$(build-classpath bcel xerces-j2 xml-apis) +mkdir -p lib +build-jar-repository -p -s lib bcel xerces-j2 xml-apis %{ant} \ -Dcompile.source=1.8 -Dcompile.target=1.8 \ - -Dbuild.sysclasspath=first \ - -Dlib.dir=%{_javadir} \ -Djar.file=%{name}.jar \ -Djar.xni.file=%{name}-xni.jar \ -Djar.samples.file=%{name}-samples.jar \ - -Dbcel.javadoc=%{_javadocdir}/bcel \ - -Dj2se.javadoc=%{_javadocdir}/java \ - -Dxni.javadoc=%{_javadocdir}/xerces-j2-xni \ - -Dxerces.javadoc=%{_javadocdir}/xerces-j2-impl \ clean jar jar-xni doc -# test - disabled because it makes the build failing -%{mvn_artifact} %{SOURCE3} %{name}.jar +%{mvn_artifact} pom.xml %{name}.jar %{mvn_artifact} net.sourceforge.%{name}:%{name}-xni:%{version} %{name}-xni.jar %{mvn_artifact} net.sourceforge.%{name}:%{name}-samples:%{version} %{name}-samples.jar %install -%mvn_install -J build/doc/javadoc +# jar +install -dm 0755 %{buildroot}%{_javadir} +install -pm 0644 %{name}.jar %{buildroot}%{_javadir}/%{name}.jar +install -pm 0644 %{name}-xni.jar %{buildroot}%{_javadir}/%{name}-xni.jar +install -pm 0644 %{name}-samples.jar %{buildroot}%{_javadir}/%{name}-samples.jar +# pom +install -dm 0755 %{buildroot}%{_mavenpomdir}/ +install -pm 0644 pom.xml %{buildroot}%{_mavenpomdir}/%{name}.pom +%add_maven_depmap %{name}.pom %{name}.jar -a %{name}:%{name} +%add_maven_depmap net.sourceforge.%{name}:%{name}-xni:%{version} %{name}-xni.jar +%add_maven_depmap net.sourceforge.%{name}:%{name}-samples:%{version} %{name}-samples.jar -f demo +# javadoc +install -dm 0755 %{buildroot}%{_javadocdir}/%{name} +cp -pr build/doc/javadoc/* %{buildroot}%{_javadocdir}/%{name}/ %fdupes -s %{buildroot}%{_javadocdir} # Scripts -%jpackage_script org.cyberneko.html.filters.Writer "" "" "nekohtml:xerces-j2" nekohtml-filter true +%jpackage_script org.cyberneko.html.filters.Writer "" "" "nekohtml:xerces-j2" %{name}-filter true %files -f .mfiles %license LICENSE.txt %doc README.txt doc/*.html %{_bindir}/%{name}-filter -%files javadoc -f .mfiles-javadoc - %files demo -f .mfiles-demo +%files javadoc +%{_javadocdir}/%{name} + %changelog ++++++ 0002-Jar-paths.patch -> 0001-Jar-paths.patch ++++++ --- /work/SRC/openSUSE:Factory/nekohtml/0002-Jar-paths.patch 2019-11-13 13:28:40.795719730 +0100 +++ /work/SRC/openSUSE:Factory/.nekohtml.new.1538/0001-Jar-paths.patch 2022-04-25 23:35:24.286406153 +0200 @@ -1,26 +1,26 @@ -From 03b255b50250861a630cd72cb3fae30c7f0f5987 Mon Sep 17 00:00:00 2001 +From c4e8813644a76df380965d2b6de02d280af76bbf Mon Sep 17 00:00:00 2001 From: Michael Simacek <msima...@redhat.com> Date: Tue, 14 Jul 2015 11:20:59 +0200 -Subject: [PATCH 2/3] Jar paths +Subject: [PATCH 1/2] Jar paths --- - build.xml | 20 +++++++++++--------- - 1 file changed, 11 insertions(+), 9 deletions(-) + build.xml | 18 +++++++++--------- + 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/build.xml b/build.xml -index d36f42b..1f00059 100644 +index 73e064f..36b922b 100644 --- a/build.xml +++ b/build.xml -@@ -54,7 +54,7 @@ +@@ -49,7 +49,7 @@ <property name="maven-staging-repository-url" value="https://oss.sonatype.org/service/local/staging/deploy/maven2/"; /> <!-- DEPENDENCIES --> - <available property='bcel.available' file='${lib.dir}/bcel-5.2.jar' /> + <available property='bcel.available' file='${lib.dir}/bcel.jar' /> - <property name="xerces.version" value="2.9.1"/> + <property name="xerces.version" value="2.12.2"/> -@@ -83,7 +83,7 @@ +@@ -78,7 +78,7 @@ source='${compile.source}' target='${compile.target}' includeAntRuntime='false'> <classpath> @@ -29,7 +29,7 @@ </classpath> <src path='${src.dir}' /> <src path='${build.src.dir}' /> -@@ -94,7 +94,7 @@ +@@ -89,7 +89,7 @@ source='${compile.source}' target='${compile.target}' includeAntRuntime='false'> <classpath> @@ -38,66 +38,45 @@ </classpath> <src path='${src.dir}' /> <src path='${build.src.dir}' /> -@@ -108,12 +108,14 @@ - unless="compile.skip"> - <mkdir dir="${build.classes.dir}"/> - -+ <!-- - <compileWith xercesVersion="2.0.2" bridge="2_0"/> - <compileWith xercesVersion="2.1.0" bridge="2_1"/> - <compileWith xercesVersion="2.2.1" bridge="2_2"/> - <compileWith xercesVersion="2.3.0" bridge="2_3"/> - <compileWith xercesVersion="2.8.1" bridge="2_3"/> - <compileWith xercesVersion="2.9.1" bridge="2_3"/> -+ --> - <compileWith xercesVersion="2.10.0" bridge="2_3"/> - - <copy todir="${build.classes.dir}"> -@@ -236,7 +238,7 @@ public class Version { +@@ -174,7 +174,7 @@ + doctitle="${Name}" encoding="ISO-8859-1" + bottom="${copyright}"> + <classpath> +- <fileset dir='${lib.dir}/xerces-${xerces.version}' includes='*.jar' /> ++ <fileset dir='${lib.dir}' includes='*.jar' /> + </classpath> + </javadoc> + </target> +@@ -224,7 +224,7 @@ public class Version { <java classname='org.apache.tools.ant.Main'> <classpath> <pathelement path='${java.class.path}' /> - <pathelement location='${lib.dir}/bcel-5.2.jar' /> -+ <pathelement location='${lib.dir}/bcel.jar' /> ++ <pathelement location='${lib.dir}/bcel.jar' /> </classpath> <arg value='x-minimal' /> </java> -@@ -277,7 +279,7 @@ public class Version { - source='${compile.source}' target='${compile.target}' +@@ -266,7 +266,7 @@ public class Version { includeAntRuntime='true'> <classpath> -- <fileset dir='${lib.dir}' includes='xml-apis.jar,xerces*.jar, junit*.jar' /> -+ <fileset dir='${lib.dir}' includes='xml-commons-apis.jar,xerces-j2.jar, junit.jar' /> + <fileset dir='${lib.dir}' includes='junit*.jar' /> +- <fileset dir='${lib.dir}/xerces-${xerces.version}' includes='xml-apis*.jar,xerces*.jar' /> ++ <fileset dir='${lib.dir}' includes='xml-apis*.jar,xerces*.jar' /> <pathelement location='${build.classes.dir}' /> </classpath> <src path='${src.test.dir}' /> -@@ -298,8 +300,8 @@ public class Version { +@@ -287,8 +287,8 @@ public class Version { <classpath> <pathelement path='${build.test-classes.dir}'/> <pathelement location='${build.classes.dir}' /> - <fileset dir='${lib.dir}' includes='junit*.jar' /> - <fileset dir='${lib.dir}/xerces-@{xercesVersion}' includes='*.jar' /> + <fileset dir='${lib.dir}' includes='junit.jar' /> -+ <fileset dir='${lib.dir}' includes='xerces-j2.jar' /> ++ <fileset dir='${lib.dir}' includes='xerces-j2.jar' /> </classpath> <formatter type="xml"/> -@@ -318,13 +320,13 @@ public class Version { - <mkdir dir="${build.dir}/junit"/> - - <testWith xercesVersion="2.11.0"/> -+ <!-- - <testWith xercesVersion="2.10.0"/> - <testWith xercesVersion="2.9.1"/> - <testWith xercesVersion="2.8.1"/> - <testWith xercesVersion="2.3.0"/> - <testWith xercesVersion="2.2.1"/> - <testWith xercesVersion="minimal"/> -- <!-- - <testWith xercesVersion="2.1.0"/> - <testWith xercesVersion="2.0.2"/> - --> -@@ -397,7 +399,7 @@ public class Version { +@@ -376,7 +376,7 @@ public class Version { </target> <target name="-defineMavenAntTasks"> @@ -107,5 +86,5 @@ classpathref="maven-ant-tasks.classpath" /> <artifact:pom id="maven.project" file="pom.xml" /> -- -2.1.0 +2.36.0 ++++++ 0003-Add-OSGi-attributes.patch -> 0002-Add-OSGi-attributes.patch ++++++ --- /work/SRC/openSUSE:Factory/nekohtml/0003-Add-OSGi-attributes.patch 2019-11-13 13:28:40.815719751 +0100 +++ /work/SRC/openSUSE:Factory/.nekohtml.new.1538/0002-Add-OSGi-attributes.patch 2022-04-25 23:35:24.294406165 +0200 @@ -1,17 +1,17 @@ -From 1cbc54dc98b762c4ba3b1daffc2cf5a1116732ef Mon Sep 17 00:00:00 2001 +From 93df8b4732f0fe801db62f268da4de0e3a87f993 Mon Sep 17 00:00:00 2001 From: Michael Simacek <msima...@redhat.com> Date: Tue, 14 Jul 2015 11:21:21 +0200 -Subject: [PATCH 3/3] Add OSGi attributes +Subject: [PATCH 2/2] Add OSGi attributes --- build.xml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/build.xml b/build.xml -index 1f00059..194b0bf 100644 +index 36b922b..ba0585f 100644 --- a/build.xml +++ b/build.xml -@@ -129,6 +129,10 @@ +@@ -116,6 +116,10 @@ <jar jarfile='${jar.file}'> <manifest> <attribute name="Built-By" value="${author}"/> @@ -23,5 +23,5 @@ <attribute name="Specification-Title" value="Hyper-Text Markup Language (HTML)" /> <attribute name="Specification-Version" value="4.01" /> -- -2.1.0 +2.36.0 ++++++ _service ++++++ <services> <service name="tar_scm" mode="disabled"> <param name="scm">git</param> <param name="url">https://github.com/sparklemotion/nekohtml.git</param> <param name="revision">1.9.22.noko2</param> <param name="versionformat">@PARENT_TAG@</param> </service> <service name="recompress" mode="disabled"> <param name="file">*.tar</param> <param name="compression">xz</param> </service> <service name="set_version" mode="disabled"/> </services>
