Hello community, here is the log from the commit of package upx for openSUSE:Factory checked in at 2018-11-10 16:57:33 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/upx (Old) and /work/SRC/openSUSE:Factory/.upx.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "upx" Sat Nov 10 16:57:33 2018 rev:13 rq:645492 version:3.95 Changes: -------- --- /work/SRC/openSUSE:Factory/upx/upx.changes 2017-11-19 11:16:54.923319718 +0100 +++ /work/SRC/openSUSE:Factory/.upx.new/upx.changes 2018-11-10 16:57:56.727858675 +0100 @@ -1,0 +2,30 @@ +Tue Oct 30 09:54:31 UTC 2018 - Jan Engelhardt <[email protected]> + +- Trim bias from description. + +------------------------------------------------------------------- +Sun Oct 28 18:27:40 UTC 2018 - Luigi Baldoni <[email protected]> + +- Update to version 3.95 + * Flag --force-pie when ET_DYN main program is not marked as + DF_1_PIE + * Better compatibility with varying layout of address space on + Linux + * Support for 4 PT_LOAD layout in ELF generated by binutils-2.31 + * bug fixes, particularly better diagnosis of malformed input + * bug fixes - see https://github.com/upx/upx/milestone/4 + +- Dropped 0001-Protect-against-bad-crafted-input.patch, + 0002-Protect-against-bad-crafted-input.patch and + 0001-Mach-o-defend-against-bad-crafted-input.patch (merged + upstream) + +- Drop lzma922.tar.bz2 (which wasn't being used in the first + place) and lzma-x-endian.patch which no longer applies to + the integrated lzma-sdk. The in-tree lzma-sdk is actually a fork + from an older version but recommended by the author, see + src/stub/src/c/Makevars.lzma + +- Spec cleanup + +------------------------------------------------------------------- Old: ---- 0001-Mach-o-defend-against-bad-crafted-input.patch 0001-Protect-against-bad-crafted-input.patch 0002-Protect-against-bad-crafted-input.patch lzma-x-endian.patch lzma922.tar.bz2 upx-3.94-src.tar.xz New: ---- upx-3.95-src.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ upx.spec ++++++ --- /var/tmp/diff_new_pack.qoFAza/_old 2018-11-10 16:57:59.515855264 +0100 +++ /var/tmp/diff_new_pack.qoFAza/_new 2018-11-10 16:57:59.515855264 +0100 @@ -1,7 +1,7 @@ # # spec file for package upx # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,72 +12,52 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # Name: upx -Version: 3.94 +Version: 3.95 Release: 0 Summary: The Ultimate Packer for eXecutables -License: GPL-2.0+ +License: GPL-2.0-or-later Group: Development/Tools/Other -Url: https://upx.github.io/ - +URL: https://upx.github.io/ Source: https://github.com/upx/upx/releases/download/v%{version}/upx-%{version}-src.tar.xz -Source1: http://downloads.sf.net/sevenzip/lzma922.tar.bz2 +Patch0: upx-aarch64.patch +Patch1: upx-endiantests.patch BuildRequires: gcc-c++ BuildRequires: libucl1-devel BuildRequires: zlib-devel -BuildRoot: %{_tmppath}/%{name}-%{version}-build -Patch0: upx-aarch64.patch -Patch1: upx-endiantests.patch -Patch2: lzma-x-endian.patch -Patch3: 0001-Protect-against-bad-crafted-input.patch -Patch4: 0002-Protect-against-bad-crafted-input.patch -Patch5: 0001-Mach-o-defend-against-bad-crafted-input.patch %description -UPX is a free, portable, extendable, high-performance executable packer -for several different executable formats. It achieves an excellent -compression ratio and offers very fast decompression. Your executables -suffer no memory overhead or other drawbacks. +UPX is a compressor for several different executable formats. +Programs receive a stub that makes them self-runnable. When run, +decompression either happens in memory in-place if possible, or to a +temporary file, the latter of which does not support setuid programs, +or the proper name in argv[0]. %prep %setup -q -n %{name}-%{version}-src %patch0 -p1 %patch1 -p1 -mkdir "%_builddir/lzma-x" -pushd "%_builddir/lzma-x" -tar -xf "%{S:1}" -%patch2 -p1 -popd -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -# BSD-4 clause licensed file, remove just in case bnc#753791 +# BSD-4-Clause licensed file, remove just in case bnc#753791 rm src/stub/src/i386-dos32.djgpp2-stubify.asm %build -export UPX_LZMADIR="%{_builddir}/lzma-x" -export UPX_LZMA_VERSION=0x922 -export UPX_UCLDIR=%{_prefix} -export CXX=g++ -# silly whitespace checker runs over all files and chokes on upx.out -make %{?_smp_mflags} -C src CHECK_WHITESPACE=/bin/true \ - CXXFLAGS_OPTIMIZE="%{optflags} -fvisibility=hidden -fvisibility-inlines-hidden" -make -C doc +make %{?_smp_mflags} -C src CXXFLAGS_OPTIMIZE="%{optflags}" +make %{?_smp_mflags} -C doc %install install -D -m 0755 src/upx.out %{buildroot}%{_bindir}/upx install -D -m 0644 doc/upx.1 %{buildroot}%{_mandir}/man1/upx.1 %files -%defattr(-, root, root) -%doc BUGS COPYING LICENSE NEWS PROJECTS README README.SRC THANKS +%license COPYING LICENSE +%doc BUGS NEWS PROJECTS README README.SRC THANKS %doc doc/upx.html -%doc %{_mandir}/man1/* -%{_bindir}/* +%{_bindir}/%{name} +%{_mandir}/man1/%{name}.1%{?ext_man} %changelog ++++++ upx-3.94-src.tar.xz -> upx-3.95-src.tar.xz ++++++ ++++ 79379 lines of diff (skipped)
