updated 5 packages

busybox-1.32.1-2

cairo-1.16.0-2

dnsmasq-2.84-2

openssl-1.1.1k-1

python-pygments-2.8.1-1

b/busybox/busybox-vl.spec

@@ -1,7 +1,7 @@
 Summary: Statically linked binary providing simplified versions of system commands
 Name: busybox
 Version: 1.32.1
-Release: 1%{?_dist_release}
+Release: 2%{?_dist_release}
 Group: system
 Vendor: Project Vine
 Distribution: Vine Linux
@@ -11,6 +11,8 @@ URL: https://www.busybox.net/
 Source: https://www.busybox.net/downloads/%{name}-%{version}.tar.bz2
 Source10: busybox-static.config
 Source11: busybox-anaconda.config
+Patch1000: CVE-2021-28831.patch
+
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
 BuildRequires: uClibc-ng-devel
 
@@ -35,6 +37,7 @@ normal use.
 
 %prep
 %setup -q
+%autopatch -p1
 
 
 %build
@@ -111,6 +114,9 @@ install -m 644 docs/busybox.anaconda.1 $RPM_BUILD_ROOT/%{_mandir}/man1/busybox.a
 
 
 %changelog
+* Fri Mar 26 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.32.1-2
+- imported Patch1000 from upstream to fix CVE-2021-28831.
+
 * Thu Mar 25 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.32.1-1
 - new upstream release.
 

c/cairo/cairo-vl.spec

@@ -1,26 +1,30 @@
+%bcond_with check
+
 Summary:	Cairo - multi-platform 2D graphics library.
 Summary(ja):	Cairo - マルチプラットフォーム 2D グラフィックスライブラリ
 Name:		cairo
 Version:	1.16.0
-Release:	1%{?_dist_release}
+Release:	2%{?_dist_release}
+Group:		system
+Vendor:		Project Vine
+Distribution:	Vine Linux
+
 License:	LGPL/MPL
-Group:		System Environment/Libraries
 URL:		https://cairographics.org/
 Source0:	https://cairographics.org/releases/%{name}-%{version}.tar.xz
-
 # don't use serverside gradients, most drivers don't handle those and are
 # really slow, should workaround performances issues for ati, nouveau and nvidia
 # https://launchpad.net/ubuntu/maverick/+source/cairo/1.10.0-1ubuntu1
 Patch1:		cairo-1.10.0-dont_use_server_side_gradients.patch
-
 # https://gitlab.freedesktop.org/cairo/cairo/merge_requests/1
-Patch4:         0001-Set-default-LCD-filter-to-FreeType-s-default.patch
-
+Patch4:		0001-Set-default-LCD-filter-to-FreeType-s-default.patch
 # https://gitlab.freedesktop.org/cairo/cairo/merge_requests/5
-Patch5:         0001-ft-Use-FT_Done_MM_Var-instead-of-free-when-available.patch
-
+Patch5:		0001-ft-Use-FT_Done_MM_Var-instead-of-free-when-available.patch
 # https://github.com/matthiasclasen/cairo/commit/79ad01724161502e8d9d2bd384ff1f0174e5df6e
-Patch6:         cairo-composite_color_glyphs.patch
+Patch6:		cairo-composite_color_glyphs.patch
+
+# security fixes
+Patch1000:	CVE-2020-35492.patch
 
 BuildRoot:	%{_tmppath}/%{name}-%{version}-root
 
@@ -36,14 +40,12 @@ BuildRequires: gtk-doc
 BuildRequires: librsvg2-devel
 BuildRequires: mesa-libGL-devel
 BuildRequires: mesa-libEGL-devel
+BuildRequires: git
 
 BuildConflicts: XOrg-compat70-devel
 
 %define build_compat32 %{?_with_compat32:1}%{!?_with_compat32:0}
 
-Vendor: Project Vine
-Distribution: Vine Linux
-
 %description
 Cairo provides anti-aliased vector-based rendering for X. Paths
 consist of line segments and cubic splines and can be rendered at any
@@ -67,8 +69,8 @@ OpenGL are currently being planned.
 %package -n compat32-%{name}
 Summary:	Cairo - multi-platform 2D graphics library.
 Summary(ja):	Cairo - マルチプラットフォーム 2D グラフィックスライブラリ
-Group:		System Environment/Libraries
-Requires:       %{name} = %{version}
+Group:		system,legacy
+Requires:	%{name} = %{version}
 
 %description -n compat32-%{name}
 Cairo provides anti-aliased vector-based rendering for X. Paths
@@ -90,27 +92,29 @@ writing, Xc allows Cairo to target X drawables as well as generic
 image buffers. Future backends such as PostScript, PDF, and perhaps
 OpenGL are currently being planned.
 
+
 %package devel
 Summary:	Development files for Cairo library.
 Summary(ja):	Cairo ライブラリの開発用ファイル
-Group:		Development/Libraries
+Group:		programming
 Provides:	lib%{name}-devel = %{version}-%{release}
-Requires:       %{name} = %{version}
-Requires:       libpng-devel
-Requires:       freetype2-devel
+Requires:	%{name} = %{version}
+Requires:	libpng-devel
+Requires:	freetype2-devel
 Requires:	fontconfig-devel
-Requires:       libX11-devel
-Requires:       libXrender-devel
-Requires:       pixman-devel
-Requires:       glib2-devel
-Requires:       mesa-libEGL-devel
+Requires:	libX11-devel
+Requires:	libXrender-devel
+Requires:	pixman-devel
+Requires:	glib2-devel
+Requires:	mesa-libEGL-devel
 
 %description devel
 Development files for Cairo library.
 
+
 %package tools
 Summary: Development tools for cairo
-Group: Development/Tools
+Group: programming
 
 %description tools
 Cairo is a 2D graphics library designed to provide high-quality display
@@ -120,8 +124,13 @@ This package contains tools for working with the cairo graphics library.
  * cairo-trace: Record cairo library calls for later playback
 
 
+%debug_package
+
+
 %prep
-%autosetup -p1
+%autosetup -S git -p1
+./autogen.sh
+
 
 %build
 %configure --disable-static \
@@ -140,20 +149,16 @@ sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
 
 make %{?_smp_mflags}
 
-%install
-rm -rf $RPM_BUILD_ROOT
 
+%install
 %makeinstall
 find $RPM_BUILD_ROOT -name '*.la' -exec rm -f {} \;
 
-%clean
-rm -rf $RPM_BUILD_ROOT
 
-%post	-p /sbin/ldconfig
-%postun	-p /sbin/ldconfig
-
-%post	-n compat32-%{name} -p /sbin/ldconfig
-%postun	-n compat32-%{name} -p /sbin/ldconfig
+%if %{with check}
+%check
+make check
+%endif
 
 
 %files 
@@ -182,7 +187,12 @@ rm -rf $RPM_BUILD_ROOT
 %{_libdir}/lib*.so.*
 %endif
 
+
 %changelog
+* Fri Mar 26 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.16.0-1
+- imported Patch1000 from upstream to fix CVE-2020-35492.
+- dropped ldconfig scriptlets.
+
 * Fri Oct 18 2019 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.16.0-1
 - new upstream release.
 - imported Patch4-6 from rawhide.

d/dnsmasq/dnsmasq-vl.spec

@@ -2,7 +2,7 @@
 
 Name:           dnsmasq
 Version:        2.84
-Release:        1%{?_dist_release}%{?with_systemd:.systemd}
+Release:        2%{?_dist_release}%{?with_systemd:.systemd}
 Summary:        A lightweight DHCP/caching DNS server
 Summary(ja):    軽量 DHCP/DNSキャッシュサーバ
 Group:          servers
@@ -84,6 +84,14 @@ cat << EOF >> dnsmasq.conf.example
 conf-dir=%{_sysconfdir}/dnsmasq.d,.rpmnew,.rpmsave,.rpmorig
 EOF
 
+sed -i \
+  -e '/^#interface=/a # Listen only on localhost by default\ninterface=lo\n' \
+  -e '/^#no-dhcp-interface=/a \\n# Serve DNS and DHCP only to networks directly connected to this machine.\n# Any interface= line will override it.\n#local-service\n' \
+  -e '/^#bind-interfaces/a #\n# To listen only on localhost and do not receive packets on other\n# interfaces, bind only to lo device. Comment out to bind on single\n# wildcard socket.\nbind-interfaces\n' \
+  -e '/^#bind-interfaces/d' \
+  -e 's|/var/lib/misc/|/var/lib/dnsmasq/|' \
+  dnsmasq.conf.example
+
 
 %build
 make %{?_smp_mflags} CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_LD_FLAGS"
@@ -212,6 +220,9 @@ fi
 
 
 %changelog
+* Thu Mar 25 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.84-2
+- updated the configuration file to fix CVE-2020-14312.
+
 * Thu Jan 28 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.84-1
 - new upstream release.
 

o/openssl/openssl-vl.spec

@@ -9,7 +9,7 @@
 
 Summary: Secure Sockets Layer Toolkit
 Name: openssl
-Version: 1.1.1j
+Version: 1.1.1k
 Release: 1%{_dist_release}
 Group: system,security
 Vendor: Project Vine
@@ -17,7 +17,7 @@ Distribution: Vine Linux
 Packager: daisuke, iwamoto
 
 License: BSDish
-URL: https://www.openssl.org//
+URL: https://www.openssl.org/
 # We have to remove certain patented algorithms from the openssl source
 # tarball with the hobble-openssl script which is included below.
 # The original openssl upstream tarball cannot be shipped in the .src.rpm.
@@ -461,14 +461,11 @@ export LD_LIBRARY_PATH
 %endif
 
 
-%post -p /sbin/ldconfig
-%postun -p /sbin/ldconfig
-
-%post -n compat32-%{name} -p /sbin/ldconfig
-%postun -n compat32-%{name} -p /sbin/ldconfig
-
-
 %changelog
+* Fri Mar 26 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.1.1k-1
+- new upstream release.
+- dropped ldconfig scriptlets.
+
 * Wed Feb 17 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.1.1j-1
 - new upstream release.
 

p/python-pygments/python-pygments-vl.spec

@@ -4,7 +4,7 @@
 %global srcname pygments
 
 Name:           python-pygments
-Version:        2.6.1
+Version:        2.8.1
 Release:        1%{?_dist_release}
 Summary:        A syntax highlighting engine written in Python
 Group:          programming
@@ -116,6 +116,9 @@ make test PYTHON=%{__python3}
 
 
 %changelog
+* Fri Mar 26 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 2.8.1-1
+- new upstream release.
+
 * Sun Aug 16 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 2.6.1-1
 - new upstream release.
 - built with python3 only.