rpms
/
librsvg2
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: rpms:i10c-beta
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i10cs
rpms:cs10
rpms:i9c-beta
rpms:c9-beta
rpms:i8c
rpms:c8
rpms:i8
rpms:i9c
rpms:c9
...
pull from: rpms:c9
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i10cs
rpms:cs10
rpms:i9c-beta
rpms:c9-beta
rpms:i8c
rpms:c8
rpms:i8
rpms:i9c
rpms:c9

No commits in common. 'i10c-beta' and 'c9' have entirely different histories.
i10c-beta ... c9

5 changed files with 462 additions and 272 deletions
Show Stats

3
.gitignore vendored
Unescape View File

@ -1,2 +1 @@
SOURCES/librsvg-2.57.1-vendor.tar.xz SOURCES/librsvg-2.50.7.tar.xz
SOURCES/librsvg-2.57.1.tar.xz

3
.librsvg2.metadata
Unescape View File

@ -1,2 +1 @@
9234a431e27355e213e8b36bfe398b07a68e7b47 SOURCES/librsvg-2.57.1-vendor.tar.xz 0e0674c386d7711a0782646b2051a2d305c3f4c8 SOURCES/librsvg-2.50.7.tar.xz
a1dab8fe621f970093d1b5c9cf8836e45560c98b SOURCES/librsvg-2.57.1.tar.xz

25
SOURCES/0001-skip-broken-reference-tests.patch
Unescape View File

@ -1,25 +0,0 @@
From cf65d5f1bb3e4ccef9b85d7663922af9a66613d7 Mon Sep 17 00:00:00 2001
From: Fabio Valentini <decathorpe@gmail.com>
Date: Tue, 4 Jun 2024 23:32:24 +0200
Subject: [PATCH] skip broken reference tests
---
rsvg/tests/reference.rs | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/rsvg/tests/reference.rs b/rsvg/tests/reference.rs
index 08d9110..e603827 100644
--- a/rsvg/tests/reference.rs
+++ b/rsvg/tests/reference.rs
@@ -226,7 +226,7 @@ mod tests {
t!(include_compressed_svg, "include-compressed.svg");
t!(include_fallback_svg, "include-fallback.svg");
t!(include_text_svg, "include-text.svg");
- t!(rtl_tspan_svg, "rtl-tspan.svg");
+ //t!(rtl_tspan_svg, "rtl-tspan.svg");
t!(specificity_svg, "specificity.svg");
t!(structural_pseudo_classes_svg, "structural-pseudo-classes.svg");
t!(style_with_xml_comments_svg, "style-with-xml-comments.svg");
--
2.45.2

414
SOURCES/librsvg2-CVE-2023-38633.patch
Unescape View File

@ -0,0 +1,414 @@
From d1f066bf2198bd46c5ba80cb5123b768ec16e37d Mon Sep 17 00:00:00 2001
From: Federico Mena Quintero <federico@gnome.org>
Date: Thu, 20 Jul 2023 11:12:53 -0600
Subject: [PATCH] (#996): Fix arbitrary file read when href has special
characters
In UrlResolver::resolve_href() we now explicitly disallow URLs that
have a query string ("?") or a fragment identifier ("#").
We also explicitly check for a base URL and not resolving to a path,
for example, "file:///base/foo.svg" + "." would resolve to
"file:///base/" - this is technically correct, but we don't want to
resolve to directories.
Also, we pass a canonicalized path name as a URL upstream, so that
g_file_new_from_url() will consume it later, instead of passing the
original and potentially malicious URL.
Fixes https://gitlab.gnome.org/GNOME/librsvg/-/issues/996
---
librsvg/rsvg-handle.c | 6 +-
rsvg_internals/src/allowed_url.rs | 229 +++++++++++++-----
.../src/filters/component_transfer.rs | 2 +-
tests/Makefile.am | 1 +
tests/fixtures/loading/bar.svg | 1 +
tests/fixtures/loading/foo.svg | 1 +
tests/fixtures/loading/subdir/baz.svg | 1 +
7 files changed, 180 insertions(+), 61 deletions(-)
create mode 100644 tests/fixtures/loading/bar.svg
create mode 100644 tests/fixtures/loading/foo.svg
create mode 100644 tests/fixtures/loading/subdir/baz.svg
diff --git a/librsvg/rsvg-handle.c b/librsvg/rsvg-handle.c
index 95364db34..f49e4d30e 100644
--- a/librsvg/rsvg-handle.c
+++ b/librsvg/rsvg-handle.c
@@ -78,7 +78,11 @@
* </listitem>
*
* <listitem>
- * All other URL schemes in references require a base URL. For
+ * URLs with queries ("?") or fragment identifiers ("#") are not allowed.
+ * </listitem>
+ *
+ * <listitem>
+ * All other URL schemes other than data: in references require a base URL. For
* example, this means that if you load an SVG with
* rsvg_handle_new_from_data() without calling rsvg_handle_set_base_uri(),
* then any referenced files will not be allowed (e.g. raster images to be
diff --git a/rsvg_internals/src/allowed_url.rs b/rsvg_internals/src/allowed_url.rs
index 3a99e00b8..ffa9a2315 100644
--- a/rsvg_internals/src/allowed_url.rs
+++ b/rsvg_internals/src/allowed_url.rs
@@ -2,9 +2,7 @@
use std::error;
use std::fmt;
-use std::io;
use std::ops::Deref;
-use std::path::{Path, PathBuf};
use url::Url;
use crate::error::HrefError;
@@ -37,6 +35,12 @@ pub enum AllowedUrlError {
/// or in one directory below the base file.
NotSiblingOrChildOfBaseFile,
+ /// Loaded file:// URLs cannot have a query part, e.g. `file:///foo?blah`
+ NoQueriesAllowed,
+
+ /// URLs may not have fragment identifiers at this stage
+ NoFragmentIdentifierAllowed,
+
/// Error when obtaining the file path or the base file path
InvalidPath,
@@ -59,6 +63,17 @@ impl AllowedUrl {
return Ok(AllowedUrl(url));
}
+ // Queries are not allowed.
+ if url.query().is_some() {
+ return Err(AllowedUrlError::NoQueriesAllowed);
+ }
+
+ // Fragment identifiers are not allowed. They should have been stripped
+ // upstream, by NodeId.
+ if url.fragment().is_some() {
+ return Err(AllowedUrlError::NoFragmentIdentifierAllowed);
+ }
+
// All other sources require a base url
if base_url.is_none() {
return Err(AllowedUrlError::BaseRequired);
@@ -81,6 +96,26 @@ impl AllowedUrl {
return Err(AllowedUrlError::DisallowedScheme);
}
+ // The rest of this function assumes file: URLs; guard against
+ // incorrect refactoring.
+ assert!(url.scheme() == "file");
+
+ // If we have a base_uri of "file:///foo/bar.svg", and resolve an href of ".",
+ // Url.parse() will give us "file:///foo/". We don't want that, so check
+ // if the last path segment is empty - it will not be empty for a normal file.
+
+ if let Some(segments) = url.path_segments() {
+ if segments
+ .last()
+ .expect("URL path segments always contain at last 1 element")
+ .is_empty()
+ {
+ return Err(AllowedUrlError::NotSiblingOrChildOfBaseFile);
+ }
+ } else {
+ unreachable!("the file: URL cannot have an empty path");
+ }
+
// We have two file: URIs. Now canonicalize them (remove .. and symlinks, etc.)
// and see if the directories match
@@ -98,13 +133,17 @@ impl AllowedUrl {
let base_parent = base_parent.unwrap();
- let url_canon =
- canonicalize(&url_path).map_err(|_| AllowedUrlError::CanonicalizationError)?;
- let parent_canon =
- canonicalize(&base_parent).map_err(|_| AllowedUrlError::CanonicalizationError)?;
-
- if url_canon.starts_with(parent_canon) {
- Ok(AllowedUrl(url))
+ let path_canon = url_path
+ .canonicalize()
+ .map_err(|_| AllowedUrlError::CanonicalizationError)?;
+ let parent_canon = base_parent
+ .canonicalize()
+ .map_err(|_| AllowedUrlError::CanonicalizationError)?;
+
+ if path_canon.starts_with(parent_canon) {
+ // Finally, convert the canonicalized path back to a URL.
+ let path_to_url = Url::from_file_path(path_canon).unwrap();
+ Ok(AllowedUrl(path_to_url))
} else {
Err(AllowedUrlError::NotSiblingOrChildOfBaseFile)
}
@@ -129,32 +168,22 @@ impl error::Error for AllowedUrlError {}
impl fmt::Display for AllowedUrlError {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
- match *self {
- AllowedUrlError::HrefParseError(e) => write!(f, "href parse error: {}", e),
- AllowedUrlError::BaseRequired => write!(f, "base required"),
- AllowedUrlError::DifferentURISchemes => write!(f, "different URI schemes"),
- AllowedUrlError::DisallowedScheme => write!(f, "disallowed scheme"),
- AllowedUrlError::NotSiblingOrChildOfBaseFile => {
- write!(f, "not sibling or child of base file")
- }
- AllowedUrlError::InvalidPath => write!(f, "invalid path"),
- AllowedUrlError::BaseIsRoot => write!(f, "base is root"),
- AllowedUrlError::CanonicalizationError => write!(f, "canonicalization error"),
+ use AllowedUrlError::*;
+ match self {
+ HrefParseError(e) => write!(f, "URL parse error: {e}"),
+ BaseRequired => write!(f, "base required"),
+ DifferentUriSchemes => write!(f, "different URI schemes"),
+ DisallowedScheme => write!(f, "disallowed scheme"),
+ NotSiblingOrChildOfBaseFile => write!(f, "not sibling or child of base file"),
+ NoQueriesAllowed => write!(f, "no queries allowed"),
+ NoFragmentIdentifierAllowed => write!(f, "no fragment identifier allowed"),
+ InvalidPath => write!(f, "invalid path"),
+ BaseIsRoot => write!(f, "base is root"),
+ CanonicalizationError => write!(f, "canonicalization error"),
}
}
}
-// For tests, we don't want to touch the filesystem. In that case,
-// assume that we are being passed canonical file names.
-#[cfg(not(test))]
-fn canonicalize<P: AsRef<Path>>(path: P) -> Result<PathBuf, io::Error> {
- path.as_ref().canonicalize()
-}
-#[cfg(test)]
-fn canonicalize<P: AsRef<Path>>(path: P) -> Result<PathBuf, io::Error> {
- Ok(path.as_ref().to_path_buf())
-}
-
/// Parsed result of an href from an SVG or CSS file
///
/// Sometimes in SVG element references (e.g. the `href` in the `<feImage>` element) we
@@ -234,6 +263,8 @@ impl Href {
mod tests {
use super::*;
+ use std::path::PathBuf;
+
#[test]
fn disallows_relative_file_with_no_base_file() {
assert_eq!(
@@ -284,56 +315,136 @@ mod tests {
);
}
+ fn url_from_test_fixtures(filename_relative_to_librsvg_srcdir: &str) -> Url {
+ let path = PathBuf::from(filename_relative_to_librsvg_srcdir);
+ let absolute = path
+ .canonicalize()
+ .expect("files from test fixtures are supposed to canonicalize");
+ Url::from_file_path(absolute).unwrap()
+ }
+
#[test]
fn allows_relative() {
- assert_eq!(
- AllowedUrl::from_href(
- "foo.svg",
- Some(Url::parse("file:///example/bar.svg").unwrap()).as_ref()
- )
- .unwrap()
- .as_ref(),
- "file:///example/foo.svg",
- );
+ let resolved = AllowedUrl::from_href(
+ "foo.svg",
+ Some(url_from_test_fixtures("../tests/fixtures/loading/bar.svg")).as_ref()
+ ).unwrap();
+
+ let resolved_str = resolved.as_str();
+ assert!(resolved_str.ends_with("/loading/foo.svg"));
}
#[test]
fn allows_sibling() {
- assert_eq!(
- AllowedUrl::from_href(
- "file:///example/foo.svg",
- Some(Url::parse("file:///example/bar.svg").unwrap()).as_ref()
- )
- .unwrap()
- .as_ref(),
- "file:///example/foo.svg",
- );
+ let sibling = url_from_test_fixtures("../tests/fixtures/loading/foo.svg");
+ let resolved = AllowedUrl::from_href(
+ sibling.as_str(),
+ Some(url_from_test_fixtures("../tests/fixtures/loading/bar.svg")).as_ref()
+ ).unwrap();
+
+ let resolved_str = resolved.as_str();
+ assert!(resolved_str.ends_with("/loading/foo.svg"));
}
#[test]
fn allows_child_of_sibling() {
- assert_eq!(
- AllowedUrl::from_href(
- "file:///example/subdir/foo.svg",
- Some(Url::parse("file:///example/bar.svg").unwrap()).as_ref()
- )
- .unwrap()
- .as_ref(),
- "file:///example/subdir/foo.svg",
- );
+ let child_of_sibling = url_from_test_fixtures("../tests/fixtures/loading/subdir/baz.svg");
+ let resolved = AllowedUrl::from_href(
+ child_of_sibling.as_str(),
+ Some(url_from_test_fixtures("../tests/fixtures/loading/bar.svg")).as_ref()
+ ).unwrap();
+
+ let resolved_str = resolved.as_str();
+ assert!(resolved_str.ends_with("/loading/subdir/baz.svg"));
}
+ // Ignore on Windows since we test for /etc/passwd
+ #[cfg(unix)]
#[test]
fn disallows_non_sibling() {
assert_eq!(
AllowedUrl::from_href(
"file:///etc/passwd",
- Some(Url::parse("file:///example/bar.svg").unwrap()).as_ref()
+ Some(url_from_test_fixtures("../tests/fixtures/loading/bar.svg")).as_ref()
),
Err(AllowedUrlError::NotSiblingOrChildOfBaseFile)
);
}
+ #[test]
+ fn disallows_queries() {
+ assert!(matches!(
+ AllowedUrl::from_href(
+ ".?../../../../../../../../../../etc/passwd",
+ Some(url_from_test_fixtures("../tests/fixtures/loading/bar.svg")).as_ref(),
+ ),
+ Err(AllowedUrlError::NoQueriesAllowed)
+ ));
+ }
+
+ #[test]
+ fn disallows_weird_relative_uris() {
+ let base_url = url_from_test_fixtures("../tests/fixtures/loading/bar.svg");
+
+ assert!(
+ AllowedUrl::from_href(
+ ".@../../../../../../../../../../etc/passwd",
+ Some(&base_url),
+ ).is_err()
+ );
+ assert!(
+ AllowedUrl::from_href(
+ ".$../../../../../../../../../../etc/passwd",
+ Some(&base_url),
+ ).is_err()
+ );
+ assert!(
+ AllowedUrl::from_href(
+ ".%../../../../../../../../../../etc/passwd",
+ Some(&base_url),
+ ).is_err()
+ );
+ assert!(
+ AllowedUrl::from_href(
+ ".*../../../../../../../../../../etc/passwd",
+ Some(&base_url),
+ ).is_err()
+ );
+ assert!(
+ AllowedUrl::from_href(
+ "~/../../../../../../../../../../etc/passwd",
+ Some(&base_url),
+ ).is_err()
+ );
+ }
+
+ #[test]
+ fn disallows_dot_sibling() {
+ println!("cwd: {:?}", std::env::current_dir());
+ let base_url = url_from_test_fixtures("../tests/fixtures/loading/bar.svg");
+
+ assert!(matches!(
+ AllowedUrl::from_href(".", Some(&base_url)),
+ Err(AllowedUrlError::NotSiblingOrChildOfBaseFile)
+ ));
+ assert!(matches!(
+ AllowedUrl::from_href(".#../../../../../../../../../../etc/passwd", Some(&base_url)),
+ Err(AllowedUrlError::NoFragmentIdentifierAllowed)
+ ));
+ }
+
+ #[test]
+ fn disallows_fragment() {
+ // AllowedUrl::from_href() explicitly disallows fragment identifiers.
+ // This is because they should have been stripped before calling that function,
+ // by the Iri machinery.
+
+ assert!(matches!(
+ AllowedUrl::from_href("bar.svg#fragment", Some(Url::parse("https://example.com/foo.svg").unwrap()).as_ref()),
+ Err(AllowedUrlError::NoFragmentIdentifierAllowed)
+ ));
+ }
+
#[test]
fn parses_href() {
assert_eq!(
diff --git a/rsvg_internals/src/filters/component_transfer.rs b/rsvg_internals/src/filters/component_transfer.rs
index 235435ffa..6845eac18 100644
--- a/rsvg_internals/src/filters/component_transfer.rs
+++ b/rsvg_internals/src/filters/component_transfer.rs
@@ -261,7 +261,7 @@ macro_rules! func_or_default {
}
}
_ => &$func_default,
- };
+ }
};
}
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 13c2d51f2..b3faf2da5 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -82,6 +82,7 @@ dist_installed_test_data = \
$(wildcard $(srcdir)/fixtures/errors/*) \
$(wildcard $(srcdir)/fixtures/infinite-loop/*) \
$(wildcard $(srcdir)/fixtures/loading/*) \
+ $(wildcard $(srcdir)/fixtures/loading/subdir/*) \
$(wildcard $(srcdir)/fixtures/reftests/*.css) \
$(wildcard $(srcdir)/fixtures/reftests/*.svg) \
$(wildcard $(srcdir)/fixtures/reftests/*.png) \
diff --git a/tests/fixtures/loading/bar.svg b/tests/fixtures/loading/bar.svg
new file mode 100644
index 000000000..304670099
--- /dev/null
+++ b/tests/fixtures/loading/bar.svg
@@ -0,0 +1 @@
+<!-- Empty file, used just to test URL validation -->
diff --git a/tests/fixtures/loading/foo.svg b/tests/fixtures/loading/foo.svg
new file mode 100644
index 000000000..304670099
--- /dev/null
+++ b/tests/fixtures/loading/foo.svg
@@ -0,0 +1 @@
+<!-- Empty file, used just to test URL validation -->
diff --git a/tests/fixtures/loading/subdir/baz.svg b/tests/fixtures/loading/subdir/baz.svg
new file mode 100644
index 000000000..304670099
--- /dev/null
+++ b/tests/fixtures/loading/subdir/baz.svg
@@ -0,0 +1 @@
+<!-- Empty file, used just to test URL validation -->
--
GitLab

289
SPECS/librsvg2.spec
Unescape View File

@ -1,15 +1,3 @@
## START: Set by rpmautospec
## (rpmautospec version 0.6.5)
## RPMAUTOSPEC: autorelease, autochangelog
%define autorelease(e:s:pb:n) %{?-p:0.}%{lua:
release_number = 7;
base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}"));
print(release_number + base_release_number - 1);
}%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}}
## END: Set by rpmautospec
%bcond_without check
# https://github.com/rust-lang/rust/issues/47714 # https://github.com/rust-lang/rust/issues/47714
%undefine _strict_symbol_defs_build %undefine _strict_symbol_defs_build
@ -18,53 +6,23 @@
# Use bundled deps as we don't ship the exact right versions for all the # Use bundled deps as we don't ship the exact right versions for all the
# required rust libraries # required rust libraries
%if 0%{?rhel}
%global bundled_rust_deps 1 %global bundled_rust_deps 1
%else
%global bundled_rust_deps 0
%endif
%global cairo_version 1.16.0 %global cairo_version 1.16.0
Name: librsvg2 Name: librsvg2
Summary: An SVG library based on cairo Summary: An SVG library based on cairo
Version: 2.57.1 Version: 2.50.7
Release: %autorelease Release: 2%{?dist}
# librsvg itself is LGPL-2.1-or-later
SourceLicense: LGPL-2.1-or-later
# ... and its crate dependencies are:
# (Apache-2.0 OR MIT) AND BSD-3-Clause
# (MIT OR Apache-2.0) AND Unicode-DFS-2016
# Apache-2.0
# Apache-2.0 OR MIT
# BSD-3-Clause
# LGPL-2.1-or-later
# MIT
# MIT OR Apache-2.0
# MIT OR Apache-2.0 OR Zlib
# MPL-2.0
# Unlicense OR MIT
# Zlib OR Apache-2.0 OR MIT
License: Apache-2.0 AND (Apache-2.0 OR MIT) AND BSD-3-Clause AND LGPL-2.1-or-later AND MIT AND (MIT OR Apache-2.0) AND (MIT OR Apache-2.0 OR Zlib) AND MPL-2.0 AND Unicode-DFS-2016 AND (Unlicense OR MIT) AND (Zlib OR Apache-2.0 OR MIT)
URL: https://wiki.gnome.org/Projects/LibRsvg
Source0: https://download.gnome.org/sources/librsvg/2.57/librsvg-%{version}.tar.xz
# upstream dropped vendoring since 2.55.0 (GNOME/librsvg#718), to create:
# tar xf librsvg-%%{version}.tar.xz ; pushd librsvg-%%{version} ; \
# cargo vendor && tar Jcvf ../librsvg-%%{version}-vendor.tar.xz vendor/ ; popd
Source1: librsvg-%{version}-vendor.tar.xz
%if ! 0%{?bundled_rust_deps}
# Patches to build with Fedora-packaged rust crates
Patch: 0001-Fedora-Drop-dependencies-required-for-benchmarking.patch
%endif
# skip a reference test where the reference image appears to have font issues License: LGPLv2+
Patch: 0001-skip-broken-reference-tests.patch URL: https://wiki.gnome.org/Projects/LibRsvg
Source0: https://download.gnome.org/sources/librsvg/2.50/librsvg-%{version}.tar.xz
# https://bugzilla.redhat.com/show_bug.cgi?id=2224947
Patch0: librsvg2-CVE-2023-38633.patch
BuildRequires: chrpath BuildRequires: chrpath
BuildRequires: gcc BuildRequires: gcc
BuildRequires: gi-docgen
BuildRequires: gobject-introspection-devel BuildRequires: gobject-introspection-devel
BuildRequires: make BuildRequires: make
BuildRequires: pkgconfig(cairo) >= %{cairo_version} BuildRequires: pkgconfig(cairo) >= %{cairo_version}
@ -80,16 +38,19 @@ BuildRequires: pkgconfig(libxml-2.0)
BuildRequires: pkgconfig(pangocairo) BuildRequires: pkgconfig(pangocairo)
BuildRequires: pkgconfig(pangoft2) BuildRequires: pkgconfig(pangoft2)
BuildRequires: vala BuildRequires: vala
BuildRequires: /usr/bin/rst2man
%if 0%{?bundled_rust_deps} %if 0%{?bundled_rust_deps}
BuildRequires: rust-toolset BuildRequires: cargo
BuildRequires: rust
%else %else
BuildRequires: rust-packaging BuildRequires: rust-packaging
%endif %endif
# For Patch0.
BuildRequires: autoconf automake gettext-devel
Requires: cairo%{?_isa} >= %{cairo_version} Requires: cairo%{?_isa} >= %{cairo_version}
Requires: cairo-gobject%{?_isa} >= %{cairo_version} Requires: cairo-gobject%{?_isa} >= %{cairo_version}
Requires: rsvg-pixbuf-loader # We install a gdk-pixbuf svg loader
Requires: gdk-pixbuf2%{?_isa}
%description %description
An SVG library based on cairo. An SVG library based on cairo.
@ -102,14 +63,6 @@ Requires: %{name}%{?_isa} = %{version}-%{release}
This package provides the necessary development libraries and include This package provides the necessary development libraries and include
files to allow you to develop with librsvg. files to allow you to develop with librsvg.
%package -n rsvg-pixbuf-loader
Summary: SVG image loader for gdk-pixbuf
Requires: gdk-pixbuf2%{?_isa}
Requires: %{name}%{?_isa} = %{version}-%{release}
%description -n rsvg-pixbuf-loader
This package provides a gdk-pixbuf plugin for loading SVG images in GTK apps.
%package tools %package tools
Summary: Extra tools for librsvg Summary: Extra tools for librsvg
Requires: %{name}%{?_isa} = %{version}-%{release} Requires: %{name}%{?_isa} = %{version}-%{release}
@ -118,65 +71,57 @@ Requires: %{name}%{?_isa} = %{version}-%{release}
This package provides extra utilities based on the librsvg library. This package provides extra utilities based on the librsvg library.
%prep %prep
%autosetup -n librsvg-%{version} -p1 %{?bundled_rust_deps:-a1} %autosetup -n librsvg-%{version} -p1
%if 0%{?bundled_rust_deps} %if 0%{?bundled_rust_deps}
# Use the bundled deps # Use the bundled deps
%cargo_prep -v vendor
%else %else
# No bundled deps # No bundled deps
rm -vrf vendor .cargo Cargo.lock rm -vrf vendor .cargo Cargo.lock
sed -i Makefile.am -e 's/$(CARGO) --locked/$(CARGO)/' pushd rsvg_internals
%cargo_prep %cargo_prep
mv .cargo ..
popd
%endif %endif
%if ! 0%{?bundled_rust_deps} %if ! 0%{?bundled_rust_deps}
%generate_buildrequires %generate_buildrequires
%cargo_generate_buildrequires pushd rsvg_internals >/dev/null
%cargo_generate_buildrequires
popd >/dev/null
%endif %endif
%build %build
export CARGO="%__cargo" # For Patch0.
autoreconf --force --install
%configure --disable-static \ %configure --disable-static \
--enable-gtk-doc \ --disable-gtk-doc \
--docdir=%{_pkgdocdir} \
--enable-introspection \ --enable-introspection \
--enable-vala --enable-vala
%make_build %make_build
%cargo_license_summary
%{cargo_license} > LICENSE.dependencies
%if 0%{?bundled_rust_deps}
%cargo_vendor_manifest
%endif
%install %install
%make_install %make_install
find %{buildroot} -type f -name '*.la' -print -delete find %{buildroot} -type f -name '*.la' -print -delete
%find_lang librsvg
# Remove lib64 rpaths # Remove lib64 rpaths
chrpath --delete %{buildroot}%{_bindir}/rsvg-convert chrpath --delete %{buildroot}%{_bindir}/rsvg-convert
chrpath --delete %{buildroot}%{_libdir}/gdk-pixbuf-2.0/*/loaders/libpixbufloader-svg.so chrpath --delete %{buildroot}%{_libdir}/gdk-pixbuf-2.0/*/loaders/libpixbufloader-svg.so
# Not useful in this package. # we install own docs
rm -f %{buildroot}%{_pkgdocdir}/COMPILING.md rm -vrf %{buildroot}%{_datadir}/doc
%if %{with check} %files -f librsvg.lang
%ifnarch s390x %doc CONTRIBUTING.md README.md
%check
%make_build check
%endif
%endif
%files
%doc code-of-conduct.md NEWS README.md
%license COPYING.LIB %license COPYING.LIB
%license LICENSE.dependencies
%if 0%{?bundled_rust_deps}
%license cargo-vendor.txt
%endif
%{_libdir}/librsvg-2.so.* %{_libdir}/librsvg-2.so.*
%{_libdir}/gdk-pixbuf-2.0/*/loaders/libpixbufloader-svg.so
%dir %{_libdir}/girepository-1.0 %dir %{_libdir}/girepository-1.0
%{_libdir}/girepository-1.0/Rsvg-2.0.typelib %{_libdir}/girepository-1.0/Rsvg-2.0.typelib
%dir %{_datadir}/thumbnailers
%{_datadir}/thumbnailers/librsvg.thumbnailer
%files devel %files devel
%{_libdir}/librsvg-2.so %{_libdir}/librsvg-2.so
@ -187,174 +132,33 @@ rm -f %{buildroot}%{_pkgdocdir}/COMPILING.md
%dir %{_datadir}/vala %dir %{_datadir}/vala
%dir %{_datadir}/vala/vapi %dir %{_datadir}/vala/vapi
%{_datadir}/vala/vapi/librsvg-2.0.vapi %{_datadir}/vala/vapi/librsvg-2.0.vapi
%{_docdir}/Rsvg-2.0 %dir %{_datadir}/gtk-doc
%dir %{_datadir}/gtk-doc/html
%files -n rsvg-pixbuf-loader %{_datadir}/gtk-doc/html/rsvg-2.0
%{_libdir}/gdk-pixbuf-2.0/*/loaders/libpixbufloader-svg.so
%dir %{_datadir}/thumbnailers
%{_datadir}/thumbnailers/librsvg.thumbnailer
%files tools %files tools
%{_bindir}/rsvg-convert %{_bindir}/rsvg-convert
%{_mandir}/man1/rsvg-convert.1* %{_mandir}/man1/rsvg-convert.1*
%changelog %changelog
* Tue Nov 26 2024 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 2.57.1-7 * Thu Aug 10 2023 David King <amigadave@amigadave.com> - 2.50.7-2
- Rebuilt for MSVSphere 10 - Fix CVE-2023-38633 (#2224947)
## START: Generated by rpmautospec
* Wed Jul 31 2024 Brian Stinson <bstinson@redhat.com> - 2.57.1-7
- Backport a patch from rawhide disabling broken tests
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 2.57.1-6
- Bump release for June 2024 mass rebuild
* Fri Jun 14 2024 Tomas Pelka <tpelka@redhat.com> - 2.57.1-5
- Add gating.yaml via API
* Thu Feb 01 2024 Yaakov Selkowitz <yselkowi@redhat.com> - 2.57.1-4
- Update Rust macro usage
* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.57.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.57.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Dec 15 2023 Kalev Lember <klember@redhat.com> - 2.57.1-1
- Update to 2.57.1
* Mon Nov 13 2023 Yaakov Selkowitz <yselkowi@redhat.com> - 2.57.0-4
- Fix RHEL build
* Wed Oct 04 2023 Kalev Lember <klember@redhat.com> - 2.57.0-3
- Move thumbnailer to rsvg-pixbuf-loader subpackage
* Wed Oct 04 2023 Kalev Lember <klember@redhat.com> - 2.57.0-2 * Tue Aug 24 2021 Kalev Lember <klember@redhat.com> - 2.50.7-1
- Update the license tag to reflect the licenses of all rust dependencies
- Use cargo_license_summary and cargo_license macros
- Convert to SPDX identifiers
* Sun Oct 01 2023 Kalev Lember <klember@redhat.com> - 2.57.0-1
- Update to 2.57.0
- Backport upstream patch to fix self tests with newer pango
* Tue Aug 22 2023 Kalev Lember <klember@redhat.com> - 2.56.92-1
- Update to 2.56.92
* Tue Aug 01 2023 Yaakov Selkowitz <yselkowi@redhat.com> - 2.56.90-10
- Fix RHEL build
* Tue Aug 01 2023 Kalev Lember <klember@redhat.com> - 2.56.90-9
- Run make check
* Mon Jul 24 2023 Michael Catanzaro <mcatanzaro@redhat.com> - 2.56.90-8
- Requires: rsvg-pixbuf-loader to ensure it's always installed
* Sat Jul 22 2023 Adam Williamson <awilliam@redhat.com> - 2.56.90-7
- Rebuild with no changes on a side tag to resolve test issues
* Fri Jul 21 2023 Michael Catanzaro <mcatanzaro@redhat.com> - 2.56.90-6
- Add missing Requires to new subpackage
* Fri Jul 21 2023 Adam Williamson <awilliam@redhat.com> - 2.56.90-5
- Rebuild to see if this somehow fixes weird openQA failure
* Fri Jul 21 2023 Michael Catanzaro <mcatanzaro@redhat.com> - 2.56.90-4
- Split gdk-pixbuf loader into a subpackage
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.56.90-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Sat Jul 01 2023 Kalev Lember <klember@redhat.com> - 2.56.2-1
- Update to 2.56.2
* Wed May 31 2023 Kalev Lember <klember@redhat.com> - 2.56.1-1
- Update to 2.56.1
* Thu Apr 27 2023 Yaakov Selkowitz <yselkowi@redhat.com> - 2.56.0-2
- Use bundled dependencies in RHEL builds
* Wed Mar 29 2023 Kalev Lember <klember@redhat.com> - 2.56.0-1
- Update to 2.56.0
* Thu Mar 02 2023 Kalev Lember <klember@redhat.com> - 2.55.90-1
- Update to 2.55.90
* Sun Feb 05 2023 Fabio Valentini <decathorpe@gmail.com> - 2.55.1-5
- Rebuild for fixed frame pointer compiler flags in Rust RPM macros.
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.55.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Nov 25 2022 Kalev Lember <klember@redhat.com> - 2.55.1-3
- Build against rust-lopdf 0.29.0 and rust-yeslogic-fontconfig-sys 4.0.1
* Mon Nov 21 2022 Kalev Lember <klember@redhat.com> - 2.55.1-2
- Switch to packaged rust deps
* Tue Sep 06 2022 Kalev Lember <klember@redhat.com> - 2.55.1-1
- Update to 2.55.1
* Sun Aug 28 2022 Kalev Lember <klember@redhat.com> - 2.54.5-1
- Update to 2.54.5
* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.54.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jun 14 2022 David King <amigadave@amigadave.com> - 2.54.4-1
- Update to 2.54.4
* Sat May 14 2022 David King <amigadave@amigadave.com> - 2.54.3-1
- Update to 2.54.3
* Fri May 13 2022 David King <amigadave@amigadave.com> - 2.54.2-1
- Update to 2.54.2
* Sun Apr 24 2022 David King <amigadave@amigadave.com> - 2.54.1-1
- Update to 2.54.1
* Thu Mar 17 2022 David King <amigadave@amigadave.com> - 2.54.0-1
- Update to 2.54.0
* Mon Mar 14 2022 David King <amigadave@amigadave.com> - 2.53.2-1
- Update to 2.53.2
* Mon Feb 14 2022 David King <amigadave@amigadave.com> - 2.53.1-1
- Update to 2.53.1
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.53.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Sun Jan 09 2022 David King <amigadave@amigadave.com> - 2.53.0-1
- Update to 2.53.0
* Mon Jan 03 2022 David King <amigadave@amigadave.com> - 2.52.5-1
- Update to 2.52.5
* Sat Nov 13 2021 Kalev Lember <klember@redhat.com> - 2.52.4-1
- Update to 2.52.4
* Wed Oct 27 2021 Kalev Lember <klember@redhat.com> - 2.52.3-1
- Update to 2.52.3
* Tue Oct 05 2021 Kalev Lember <klember@redhat.com> - 2.52.1-1
- Update to 2.52.1
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.50.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Mon Jun 21 2021 Kalev Lember <klember@redhat.com> - 2.50.7-1
- Update to 2.50.7 - Update to 2.50.7
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.50.6-2
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Tue May 25 2021 Kalev Lember <klember@redhat.com> - 2.50.6-1 * Tue May 25 2021 Kalev Lember <klember@redhat.com> - 2.50.6-1
- Update to 2.50.6 - Update to 2.50.6
* Wed May 05 2021 Kalev Lember <klember@redhat.com> - 2.50.5-1 * Wed May 05 2021 Kalev Lember <klember@redhat.com> - 2.50.5-1
- Update to 2.50.5 - Update to 2.50.5
* Tue Apr 13 2021 Kalev Lember <klember@redhat.com> - 2.50.4-1 * Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.50.3-2
- Update to 2.50.4 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Thu Jan 28 2021 Kalev Lember <klember@redhat.com> - 2.50.3-1 * Thu Jan 28 2021 Kalev Lember <klember@redhat.com> - 2.50.3-1
- Update to 2.50.3 - Update to 2.50.3
@ -1081,4 +885,3 @@ rm -f %{buildroot}%{_pkgdocdir}/COMPILING.md
* Wed Apr 26 2000 Ramiro Estrugo <ramiro@eazel.com> * Wed Apr 26 2000 Ramiro Estrugo <ramiro@eazel.com>
- created this thing - created this thing
## END: Generated by rpmautospec

Write Preview
Loading…
Cancel
Save