summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZach van Rijn <me@zv.io>2023-02-28 15:35:22 -0600
committerZach van Rijn <me@zv.io>2023-02-28 15:41:22 -0600
commit63450261bb3df8fc53a9e4797075407ea995b328 (patch)
tree346b1abe45bd4438653037167f1365a1fcb247e3
parent930e09988d6d8dec09bff0870d9f45a5c877bdba (diff)
downloadpackages-63450261bb3df8fc53a9e4797075407ea995b328.tar.gz
packages-63450261bb3df8fc53a9e4797075407ea995b328.tar.bz2
packages-63450261bb3df8fc53a9e4797075407ea995b328.tar.xz
packages-63450261bb3df8fc53a9e4797075407ea995b328.zip
system/cmake: bump { 3.23.1 --> 3.23.5 }. add patch for 'git' file protocol.
CVE-2022-39253 is mitigated in 'git' >= v2.30.6, v2.31.5, v2.32.4, v2.33.5, v2.34.5, v2.35.5, v2.36.3, v2.37.4, v2.38.1 by changing some default protocol permissions. Two CMake tests fail without git config changes: * ExternalProject * CTest.UpdateGIT We backport CMake commit 79ce0f434e916684d734e136b92e14f472a9d14a to enable these tests to pass when using a more recent version of 'git'. CMake is also bumped to include minor internal bugfixes. Fixes #967.
-rw-r--r--system/cmake/APKBUILD9
-rw-r--r--system/cmake/fix-tests-git-file-protocol-permission.patch21
2 files changed, 27 insertions, 3 deletions
diff --git a/system/cmake/APKBUILD b/system/cmake/APKBUILD
index 6369839ad..2491baa30 100644
--- a/system/cmake/APKBUILD
+++ b/system/cmake/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Valery Kartel <valery.kartel@gmail.com>
# Maintainer: A. Wilcox <awilfox@adelielinux.org>
pkgname=cmake
-pkgver=3.23.1
+pkgver=3.23.5
pkgrel=0
pkgdesc="Cross-platform build system"
url="https://cmake.org"
@@ -18,7 +18,9 @@ case $pkgver in
*.*.*) _v=v${pkgver%.*};;
esac
-source="https://cmake.org/files/$_v/cmake-${pkgver}.tar.gz"
+source="https://cmake.org/files/$_v/cmake-${pkgver}.tar.gz
+ fix-tests-git-file-protocol-permission.patch
+ "
_parallel_opt() {
local i n
@@ -62,4 +64,5 @@ package() {
make DESTDIR="$pkgdir" install
}
-sha512sums="94893f888c0cbfc58e54a0bd65d6c0697fe4a0e95c678b7cb35e7dc8854d57eb360bfc952750f97983348817f847f6df85903f21a5857b1a3880b2a7eb6cc029 cmake-3.23.1.tar.gz"
+sha512sums="298f02cd4a0b332184b3e49f343d8a03dcfa637004b0ee9d0a81f72b1ee568aca9caa7322dbf9fe82d9660a8c617f572404cef0c34b2f63297e9211e953cca12 cmake-3.23.5.tar.gz
+353cae903076760c77a902256ea6c61102ada60c1ebd05227670cb2bb9aa8f49a4e9946513650f4e58ff94f9a1d108c427d88340b9a633df5376e8036498245e fix-tests-git-file-protocol-permission.patch"
diff --git a/system/cmake/fix-tests-git-file-protocol-permission.patch b/system/cmake/fix-tests-git-file-protocol-permission.patch
new file mode 100644
index 000000000..c43d9a146
--- /dev/null
+++ b/system/cmake/fix-tests-git-file-protocol-permission.patch
@@ -0,0 +1,21 @@
+Backported: https://github.com/Kitware/CMake/commit/79ce0f434e916684d734e136b92e14f472a9d14a
+
+diff -ur a/Tests/CMakeLists.txt b/Tests/CMakeLists.txt
+--- a/Tests/CMakeLists.txt 2022-11-01 08:36:33.000000000 -0500
++++ b/Tests/CMakeLists.txt 2023-02-28 15:24:14.294747915 -0600
+@@ -1586,6 +1586,7 @@
+ )
+ list(APPEND TEST_BUILD_DIRS "${CMake_BINARY_DIR}/Tests/ExternalProject")
+ set_tests_properties(ExternalProject PROPERTIES
++ ENVIRONMENT GIT_ALLOW_PROTOCOL=file
+ RUN_SERIAL 1
+ TIMEOUT ${CMAKE_LONG_TEST_TIMEOUT})
+
+@@ -2678,6 +2679,7 @@
+ -P "${CMake_BINARY_DIR}/Tests/CTestUpdateGIT.cmake"
+ )
+ list(APPEND TEST_BUILD_DIRS "${CMake_BINARY_DIR}/Tests/${CTestUpdateGIT_DIR}")
++ set_property(TEST CTest.UpdateGIT PROPERTY ENVIRONMENT GIT_ALLOW_PROTOCOL=file)
+ endif()
+
+ # Test CTest Update with HG