diff options
| author | Wouter Deconinck <wdconinc@gmail.com> | 2024-12-03 06:26:04 -0600 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-12-03 13:26:04 +0100 |
| commit | c3de3b0b6f299285ef4d7438ead50b38e689621c (patch) | |
| tree | 4508fb25fa461acf197211b866a4cb7789ca4e4c | |
| parent | 6da9bf226a8d3872b0e5469f46f573bd5b60b678 (diff) | |
| download | spack-c3de3b0b6f299285ef4d7438ead50b38e689621c.tar.gz spack-c3de3b0b6f299285ef4d7438ead50b38e689621c.tar.bz2 spack-c3de3b0b6f299285ef4d7438ead50b38e689621c.tar.xz spack-c3de3b0b6f299285ef4d7438ead50b38e689621c.zip | |
tar: add v1.35 (fix CVEs) (#47426)
| -rw-r--r-- | var/spack/repos/builtin/packages/tar/package.py | 64 |
1 files changed, 38 insertions, 26 deletions
diff --git a/var/spack/repos/builtin/packages/tar/package.py b/var/spack/repos/builtin/packages/tar/package.py index 5fadb4229b..c293f62037 100644 --- a/var/spack/repos/builtin/packages/tar/package.py +++ b/var/spack/repos/builtin/packages/tar/package.py @@ -21,16 +21,18 @@ class Tar(AutotoolsPackage, GNUMirrorPackage): license("GPL-3.0-or-later") + version("1.35", sha256="14d55e32063ea9526e057fbf35fcabd53378e769787eff7919c3755b02d2b57e") version("1.34", sha256="03d908cf5768cfe6b7ad588c921c6ed21acabfb2b79b788d1330453507647aed") - version("1.32", sha256="b59549594d91d84ee00c99cf2541a3330fed3a42c440503326dab767f2fbb96c") - version("1.31", sha256="b471be6cb68fd13c4878297d856aebd50551646f4e3074906b1a74549c40d5a2") - version("1.30", sha256="4725cc2c2f5a274b12b39d1f78b3545ec9ebb06a6e48e8845e1995ac8513b088") - version("1.29", sha256="cae466e6e58c7292355e7080248f244db3a4cf755f33f4fa25ca7f9a7ed09af0") - version("1.28", sha256="6a6b65bac00a127a508533c604d5bf1a3d40f82707d56f20cefd38a05e8237de") + with default_args(deprecated=True): + # https://nvd.nist.gov/vuln/detail/CVE-2019-9923 + version("1.32", sha256="b59549594d91d84ee00c99cf2541a3330fed3a42c440503326dab767f2fbb96c") + version("1.31", sha256="b471be6cb68fd13c4878297d856aebd50551646f4e3074906b1a74549c40d5a2") + version("1.30", sha256="4725cc2c2f5a274b12b39d1f78b3545ec9ebb06a6e48e8845e1995ac8513b088") + version("1.29", sha256="cae466e6e58c7292355e7080248f244db3a4cf755f33f4fa25ca7f9a7ed09af0") + version("1.28", sha256="6a6b65bac00a127a508533c604d5bf1a3d40f82707d56f20cefd38a05e8237de") - depends_on("c", type="build") # generated + depends_on("c", type="build") - # A saner default than gzip? variant( "zip", default="pigz", @@ -52,12 +54,16 @@ class Tar(AutotoolsPackage, GNUMirrorPackage): patch("se-selinux.patch", when="@:1.29") patch("argp-pgi.patch", when="@:1.29") patch("gnutar-configure-xattrs.patch", when="@1.28") + # The NVIDIA compilers do not currently support some GNU builtins. # Detect this case and use the fallback path. - patch("nvhpc-1.30.patch", when="@1.30:1.32 %nvhpc") - patch("nvhpc-1.34.patch", when="@1.34 %nvhpc") - # Workaround bug where __LONG_WIDTH__ is not defined - patch("nvhpc-long-width.patch", when="@1.34 %nvhpc") + with when("%nvhpc"): + patch("nvhpc-1.30.patch", when="@1.30:1.32") + patch("nvhpc-1.34.patch", when="@1.34") + # Workaround bug where __LONG_WIDTH__ is not defined + patch("nvhpc-long-width.patch", when="@1.34:") + # Newer versions are marked as conflict for now + conflicts("@1.35:", msg="NVHPC not yet supported for 1.35") @classmethod def determine_version(cls, exe): @@ -65,29 +71,35 @@ class Tar(AutotoolsPackage, GNUMirrorPackage): match = re.search(r"tar \(GNU tar\) (\S+)", output) return match.group(1) if match else None + def flag_handler(self, name, flags): + if name == "ldflags" and self.spec.satisfies("@1.35"): + # https://savannah.gnu.org/bugs/?64441 + flags.append("-liconv") + return (flags, None, None) + def configure_args(self): - spec = self.spec # Note: compression programs are passed by abs path, # so that tar can locate them when invoked without spack load. args = [ - "--with-xz={0}".format(spec["xz"].prefix.bin.xz), - "--with-lzma={0}".format(spec["xz"].prefix.bin.lzma), - "--with-bzip2={0}".format(spec["bzip2"].prefix.bin.bzip2), + "--disable-nls", + f"--with-xz={self.spec['xz'].prefix.bin.xz}", + f"--with-lzma={self.spec['xz'].prefix.bin.lzma}", + f"--with-bzip2={self.spec['bzip2'].prefix.bin.bzip2}", ] - if spec["iconv"].name == "libiconv": - args.append(f"--with-libiconv-prefix={spec['iconv'].prefix}") - else: - args.append("--without-libiconv-prefix") - - if "^zstd" in spec: - args.append("--with-zstd={0}".format(spec["zstd"].prefix.bin.zstd)) + if self.spec.dependencies("zstd"): + args.append(f"--with-zstd={self.spec['zstd'].prefix.bin.zstd}") # Choose gzip/pigz - zip = spec.variants["zip"].value + zip = self.spec.variants["zip"].value if zip == "gzip": - gzip_path = spec["gzip"].prefix.bin.gzip + gzip_path = self.spec["gzip"].prefix.bin.gzip elif zip == "pigz": - gzip_path = spec["pigz"].prefix.bin.pigz - args.append("--with-gzip={}".format(gzip_path)) + gzip_path = self.spec["pigz"].prefix.bin.pigz + args.append(f"--with-gzip={gzip_path}") + + if self.spec["iconv"].name == "libiconv": + args.append(f"--with-libiconv-prefix={self.spec['iconv'].prefix}") + else: + args.append("--without-libiconv-prefix") return args |