rebuild vine5.2 packages

git-svn-id: http://trac.vinelinux.org/repos/projects/specs@2401 ec354946-7b23-47d6-9f5a-488ba84defc7

a/apache2/apache2-vl.spec

@@ -6,7 +6,7 @@
 Summary: Apache HTTP Server
 Name: %{pkgname}
 Version: 2.2.14
-Release: 6%{_dist_release}
+Release: 7%{_dist_release}
 URL: http://httpd.apache.org/
 
 Vendor: Project Vine
@@ -48,6 +48,7 @@ Patch60: httpd-2.2.3-sslusername.patch
 # Security fixes
 Patch100: apache2-2.2.14-CVE-2010-0408.patch
 Patch110: httpd-2.2.x-CVE-2010-0434.diff
+Patch120: httpd-2.2.x-CVE-2010-1452.diff
 
 License: Apache Software License
 Group: System Environment/Daemons
@@ -128,6 +129,7 @@ Security (TLS) protocols.
 
 %patch100 -p4 -b .CVE-2010-0408
 %patch110 -p0 -b .CVE-2010-0434
+%patch120 -p0 -b .CVE-2010-1452
 
 # copy across the migration guide and sed it's location into apachectl
 cp $RPM_SOURCE_DIR/migration.{html,css} .
@@ -495,6 +497,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_libdir}/apache2/build/*.sh
 
 %changelog
+* Sat Aug 21 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp>
+- add  patch120 for fix CVE-2010-1452 (mod_dav/mod_cache) from mdk2010
+
 * Wed Aug 18 2010 Daisuke SUZUKI <daisuke@linux.or.jp> 2.2.14-6
 - add R(post): alternatives
 

m/man/man-vl.spec

@@ -5,10 +5,10 @@ Summary(ja):  ドキュメンテーション・ツール: man, apropos, whatis
 
 Name:         man
 Version:      1.5o
-Release:      5%{?_dist_release}
+Release:      6%{?_dist_release}
 
 Group:        System Environment/Base
-License:      GPL
+License:      GPLv2
 
 Source0:      http://www.kernel.org/pub/linux/utils/man/man-%{version}.tar.bz2
 Source1:      makewhatis.cronweekly
@@ -32,12 +32,25 @@ Patch108:     man-1.5m2-no-mansearch.patch
 Patch110:     man-1.5o-tmpcache.patch
 Patch120:     man-1.5o-convert-manpage-to-utf8.patch
 Patch130:     man-1.5o-utf8-msgs.patch
+Patch140:     man-1.5o-utf8-makewhatis.patch
 
 Buildroot:    %{_tmppath}/%{name}-%{version}-root
-BuildRequires: bzip2, gzip
-Requires:      groff, less, findutils, coreutils
+BuildRequires: bzip2
+BuildRequires: gzip
+Requires:      bzip2
+Requires:      coreutils
+Requires:      findutils
+Requires:      gawk
+Requires:      grep
+Requires:      groff
+Requires:      gzip
 Requires:      nkf
-Requires:      bzip2, gzip
+# pager
+%if %{?_dist_release} == "vl5"
+Requires:      lv
+%else
+Requires:      less
+%endif
 Requires(post): coreutils
 
 Vendor:       Project Vine
@@ -57,16 +70,16 @@ The man package should be installed on your system because it is the
 primary way to find documentation on a Linux system.
 
 %description -l ja
-マニュアルページを表示するためのプログラム man の日本語対応版です.
-日本語対応の groffパッケージが必要です. 特定のキーワードに関連する文書
-を探すための whatis や apropos も含んでいます.
+マニュアルページを表示するためのプログラム man の日本語対応版です．
+日本語対応の groff パッケージが必要です．特定のキーワードに関連する文書
+を探すための whatis や apropos も含んでいます．
 環境変数 LANG=ja_JP.* の時には、
 
     1.JMANプロジェクトまたはオリジナルソースに付随する日本語マニュアル
     2.オリジナル・ソースに付随する英語マニュアル
 
-という順でマニュアルの検索がなされます。英語マニュアルを見る場合は、
-LANG=C man などとして利用してください。
+という順でマニュアルの検索がなされます．英語マニュアルを見る場合は、
+LANG=C man などとして利用してください．
 
 %package -n man2html
 Summary:	manroff to HTML converter
@@ -78,7 +91,7 @@ Requires:	%{name} = %{version}-%{release}
 This package contains manroff to HTML converter.
 
 %description -n man2html -l ja
-このパッケージには、manroff から HTMLへのコンバータが含まれています。
+このパッケージには、manroff から HTML へのコンバータが含まれています．
 
 %prep
 %setup -q
@@ -101,6 +114,7 @@ This package contains manroff to HTML converter.
 %patch110 -p1 -b .tmpcache
 %patch120 -p1 -b .convert-man-to-utf8
 %patch130 -p1 -b .utf8-msgs
+%patch140 -p1 -b .utf8-makewhatis
 
 pushd msgs
 %__mv mess.ja mess.ja_JP.eucJP
@@ -115,19 +129,22 @@ make CC="gcc $RPM_OPT_FLAGS -D_GNU_SOURCE"
 
 pushd src
 mv man.conf man.conf.orig
+%if %{?_dist_release} == "vl5"
+sed -e 's/less -is/lv -c/g' man.conf.orig > man.conf
+%else
 sed -e 's/less -is/less -isMr/g' man.conf.orig > man.conf
-#sed -e 's/less -is/lv -c/g' man.conf.orig > man.conf
+%endif
 popd
 
 %install
 rm -rf $RPM_BUILD_ROOT
-mkdir -p %{buildroot}%{_sysconfdir}/cron.{daily,weekly}
+mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/cron.{daily,weekly}
 make install PREFIX=$RPM_BUILD_ROOT
-%__mv %{buildroot}%{_mandir}/man5/man.conf.5 %{buildroot}%{_mandir}/man5/man.config.5
-%__mv %{buildroot}%{_mandir}/ja/man5/man.conf.5 %{buildroot}%{_mandir}/ja/man5/man.config.5
+%__mv $RPM_BUILD_ROOT%{_mandir}/man5/man.conf.5 $RPM_BUILD_ROOT%{_mandir}/man5/man.config.5
+%__mv $RPM_BUILD_ROOT%{_mandir}/ja/man5/man.conf.5 $RPM_BUILD_ROOT%{_mandir}/ja/man5/man.config.5
 
-install -m755 %{_sourcedir}/makewhatis.cronweekly %{buildroot}%{_sysconfdir}/cron.weekly/makewhatis.cron
-	install -m755 %{_sourcedir}/makewhatis.crondaily %{buildroot}%{_sysconfdir}/cron.daily/makewhatis.cron
+install -m755 %{_sourcedir}/makewhatis.cronweekly $RPM_BUILD_ROOT%{_sysconfdir}/cron.weekly/makewhatis.cron
+install -m755 %{_sourcedir}/makewhatis.crondaily $RPM_BUILD_ROOT%{_sysconfdir}/cron.daily/makewhatis.cron
 
 mkdir -p $RPM_BUILD_ROOT/var/cache
 mkdir -p $RPM_BUILD_ROOT/var/cache/man/local
@@ -241,6 +258,10 @@ rm -rf $RPM_BUILD_ROOT
 %endif
 
 %changelog
+* Sun Sep 26 2010 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 1.5o-6
+- added Patch140 to convert /var/cache/man/whatis encodings to UTF-8 <BTS:846>
+- added Requires: gawk, grep (used at apropos, makewhatis)
+
 * Fri Sep 24 2010 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 1.5o-5
 - used less as pager again
 - fixed SOURCE1, 2 <BTS:846>

o/openssl/openssl-vl.spec

@@ -1,7 +1,7 @@
 %define build_compat32 %{?_with_compat32:1}%{!?_with_compat32:0}
 %define soversion 6
-%define version 0.9.8m
-%define release 2%{_dist_release}
+%define version 0.9.8p
+%define release 1%{_dist_release}
 
 Summary: Secure Sockets Layer Toolkit
 Name: openssl
@@ -14,16 +14,18 @@ Source5: make-dummy-cert
 Source6: openssl-%{version}.pc
 Patch0: openssl-0.9.8b-soversion.patch
 Patch2: openssl-0.9.8e-rpm_opt.patch
-Patch4: openssl-0.9.8m-enginesdir.patch
+Patch4: openssl-0.9.8p-enginesdir.patch
 
 # security fix
-# nothing ;-)
+# Patch10: openssl-0.9.8k-dtls-dos.patch
+# Patch11: openssl-0.9.8-CVE-2009-4355.patch
+# Patch12: openssl-0.9.8k_CVE-2009-3555.patch
 
 License: BSDish
 Group: System Environment/Libraries
 URL: http://www.openssl.org/
 BuildRoot: %{_tmppath}/%{name}-%{version}-root
-BuildRequires: perl, sed
+BuildPreReq: perl, sed
 Requires: mktemp
 Packager: Daisuke SUZUKI <daisuke@linux.or.jp>
 Vendor: Project Vine
@@ -63,7 +65,6 @@ from other formats to those used by OpenSSL.
 Summary: Secure Sockets Layer Toolkit
 Group: System Environment/Libraries
 Requires: %{name} = %{version}-%{release}
-
 %description -n compat32-%{name}
 The OpenSSL certificate management tool and the shared libraries that
 provide various cryptographic algorithms and protocols.
@@ -72,7 +73,6 @@ provide various cryptographic algorithms and protocols.
 Summary: OpenSSL libraries and development headers.
 Group: Development/Libraries
 Requires: compat32-%{name} = %{version}-%{release}
-
 %description -n compat32-%{name}-devel
 The static libraries and include files needed to compile apps
 with support for various the cryptographic algorithms and protocols
@@ -85,7 +85,9 @@ supported by OpenSSL.
 %patch4 -p1 -b .enginesdir
 
 # security fix
-# nothing ;-)
+# %patch10 -p1 -b .dtls-dos
+# %patch11 -p1 -b .CVE-2009-4355
+# %patch12 -p1 -b .CVE-2009-3555
 
 chmod 644 FAQ LICENSE CHANGES NEWS INSTALL README
 chmod 644 doc/README doc/c-indentation.el doc/openssl.txt
@@ -294,18 +296,10 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/pkgconfig/openssl.pc.tmp
 %postun -n compat32-%{name} -p /sbin/ldconfig
 
 %changelog
-* Mon Sep 20 2010 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 0.9.8m-2
-- rebuilt with rpm-4.8.1
-
-* Thu Mar 18 2010 IWAI, Masaharu <iwai@alib.jp> 0.9.8m-1
-- new upstream release
-- update enginsdir patch (Patch4)
-- drop unnecessary patch: upstream fixed
-  - dtls dos patch (Patch10)
-  - CVE-2009-4355 (memory leak) patch (Patch11)
-  - CVE-2009-3555 (renegotiation) patch (Patch12)
-- update SOURCE6 for pkgconfig
-- replace BuildPreReq to BuildRequires
+* Wed Nov 17 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 0.9.8p-1
+- new upstream release with security fix (CVE-2010-3864)
+- drop patches included in new release
+- update patch4
 
 * Sun Jan 17 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 0.9.8k-5
 - add patch12 for fix CVE-2009-3555 (renegotiation)

p/proftpd/proftpd-vl.spec

@@ -2,8 +2,8 @@
 %define _localstatedir	/var/run
 %define _sysconfdir	/etc
 %define _rundir		/var/run/proftpd
-%define tarballversion	1.3.2c
-%define origversion	1.3.2c
+%define tarballversion	1.3.2e
+%define origversion	1.3.2e
 
 Summary: ProFTPd -- Professional FTP Server.
 Summary(ja): ProFTPd -- プロフェッショナル FTP サーバ
@@ -33,8 +33,12 @@ Patch300: proftpd-1.3.1-iconv.patch.bz2
 # fix build on recent kernel headers
 # Patch400: proftpd-1.3.1-umode.patch
 
+# security fix
+Patch1000: proftpd/proftpd-1.3.2e-CVE-2010-4221.patch
+
 BuildRoot: %{_tmppath}/%{name}-%{version}-root
 BuildRequires: pam-devel, openldap-devel, openssl-devel
+BuildRequires: ncurses-devel, libcap-devel, libacl-devel
 Requires: pam > 0.59
 Obsoletes: wu-ftpd, anonftp
 Provides: ftpserver
@@ -71,6 +75,9 @@ find . -type d -name CVS | xargs -r rm -frv
 # fix build on recent kernel headers
 # %patch400 -p0
 
+# security fixes
+%patch1000 -p1 -b .ZDI-CAN-925
+
 %build
 # Disable stripping in order to get useful debuginfo packages
 %{__perl} -pi -e 's|"-s"|""|g' configure
@@ -171,6 +178,11 @@ rm -rf %{buildroot}
 
 
 %changelog
+* Fri Nov  5 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.3.2e-1
+- new upstream release
+- add patch1000 for CVE-2010-4221 (TELNET_IAC)
+- add BRs: ncurses-devel, libcap-devel, libacl-devel
+
 * Mon Dec 28 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.3.2c-1
 - new upstream release with security fix (CVE-2009-3555)
 

s/sudo/sudo-vl.spec

@@ -2,7 +2,7 @@ Summary: Allows command execution as root for specified users
 Summary(ja): スーパーユーザ権限でのコマンドの実行
 Name: sudo
 Version: 1.7.2p7
-Release: 1%{?_dist_release}
+Release: 2%{?_dist_release}
 License: ISC-style
 Group: Applications/System
 URL: http://www.sudo.ws/
@@ -15,6 +15,9 @@ Patch2: sudo-1.7.2-login.patch
 Patch3: sudo-1.7.2p4-getgrouplist.patch
 Patch4: sudo-1.7.1-envdebug.patch
 Patch5: sudo-1.7.1-libtool.patch
+# security
+Patch100: sudo-1.7.2p7_CVE-2010-2956.patch
+
 
 Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root
 BuildRequires: pam-devel
@@ -46,6 +49,8 @@ sudo は、特定のユーザや特定のグループに所属するユーザが
 %patch4 -p1 -b .envdebug
 %patch5 -p1 -b .libtool
 
+%patch100 -p1 -b .CVE-2010-2956
+
 libtoolize --force && rm acsite.m4 && mv aclocal.m4 acinclude.m4 && autoreconf
 
 %build
@@ -66,7 +71,7 @@ libtoolize --force && rm acsite.m4 && mv aclocal.m4 acinclude.m4 && autoreconf
   --with-passprompt="[sudo] password for %p: " \
   --with-secure-path="/sbin:/bin:/usr/sbin:/usr/bin" \
   --without-interfaces
-make 
+make %{?_smp_mflags}
 
 %install
 rm -rf $RPM_BUILD_ROOT
@@ -101,7 +106,8 @@ rm -rf $RPM_BUILD_ROOT
 
 %files
 %defattr(-,root,root)
-%doc BUGS CHANGES HISTORY LICENSE README* TROUBLESHOOTING UPGRADE
+%doc HISTORY LICENSE README* TROUBLESHOOTING UPGRADE
+%doc ChangeLog
 %doc *.pod schema.* sudoers2ldif sample.*
 %attr(0440,root,root) %config(noreplace) /etc/sudoers
 %config(noreplace) /etc/pam.d/sudo
@@ -120,6 +126,11 @@ rm -rf $RPM_BUILD_ROOT
 /bin/chmod 0440 /etc/sudoers || :
 
 %changelog
+* Wed Sep  8 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p7-2
+- add Patch100 for fix CVE-2010-2956 (sudo Runas)
+- add _smp_mflags flag into make section
+- fix doc filelist (no longer exist BUGS, CHANGSE)
+
 * Sun Jun 20 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p7-1
 - new upstream release with security fix (CVE-2010-1646) 
 - change specfile name (-vl)