[libyaml-libyaml-perl] 01/14: use system-wide libyaml instead of a bundled copy

Damyan Ivanov dmn at moszumanska.debian.org
Sun Jan 21 22:27:42 UTC 2018 

This is an automated email from the git hooks/post-receive script.

dmn pushed a commit to branch master
in repository libyaml-libyaml-perl.

commit fbaa17a40bf7a90e84403577c45f7b0bacdb8dd3
Author: Damyan Ivanov <dmn at debian.org>
Date:   Sun Jan 21 14:33:46 2018 +0000

    use system-wide libyaml instead of a bundled copy
    
    the bundled copy is removed from upstream sources via repackaging
---
 debian/copyright                               | 47 +++++++-------------------
 debian/libyaml-libyaml-perl.lintian-overrides  |  5 ---
 debian/patches/libyaml-node-id-hardening.patch | 34 -------------------
 debian/patches/series                          |  2 +-
 debian/patches/system-libyaml.patch            | 31 +++++++++++++++++
 debian/rules                                   |  2 ++
 6 files changed, 46 insertions(+), 75 deletions(-)

diff --git a/debian/copyright b/debian/copyright
index 57b8036..029cbd4 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -2,6 +2,18 @@ Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
 Upstream-Name: YAML-LibYAML
 Upstream-Contact: Ingy döt Net <ingy at cpan.org>
 Source: https://metacpan.org/release/YAML-LibYAML
+Files-Excluded:
+ LibYAML/api.c
+ LibYAML/config.h
+ LibYAML/dumper.c
+ LibYAML/emitter.c
+ LibYAML/loader.c
+ LibYAML/parser.c
+ LibYAML/reader.c
+ LibYAML/scanner.c
+ LibYAML/writer.c
+ LibYAML/yaml.h
+ LibYAML/yaml_private.h
 
 Files: *
 Copyright: 2007-2016, Ingy döt Net <ingy at cpan.org>
@@ -22,21 +34,6 @@ Copyright: 2004-2009, Marcus Holland-Moritz <mhx-cpan at gmx.net>
  1999, Kenneth Albanowski <kjahds at kjahds.com> (Version 1.x)
 License: Artistic or GPL-1+
 
-Files:
- LibYAML/api.c
- LibYAML/config.h
- LibYAML/dumper.c
- LibYAML/emitter.c
- LibYAML/loader.c
- LibYAML/parser.c
- LibYAML/reader.c
- LibYAML/scanner.c
- LibYAML/writer.c
- LibYAML/yaml.h
- LibYAML/yaml_private.h
-Copyright: 2006, Kirill Simonov
-License: Expat
-
 Files: debian/*
 Copyright: 2009, Ryan Niebur <ryan at debian.org>
  2010, Jonathan Yu <jawnsy at cpan.org>
@@ -60,23 +57,3 @@ License: GPL-1+
  .
  On Debian systems, the complete text of version 1 of the GNU General
  Public License can be found in `/usr/share/common-licenses/GPL-1'.
-
-License: Expat
- Permission is hereby granted, free of charge, to any person obtaining a copy of
- this software and associated documentation files (the "Software"), to deal in
- the Software without restriction, including without limitation the rights to
- use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
- of the Software, and to permit persons to whom the Software is furnished to do
- so, subject to the following conditions:
- .
- The above copyright notice and this permission notice shall be included in all
- copies or substantial portions of the Software.
- .
- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- SOFTWARE.
-
diff --git a/debian/libyaml-libyaml-perl.lintian-overrides b/debian/libyaml-libyaml-perl.lintian-overrides
deleted file mode 100644
index 19fdc60..0000000
--- a/debian/libyaml-libyaml-perl.lintian-overrides
+++ /dev/null
@@ -1,5 +0,0 @@
-# (overriding since this is an ftp-master auto-reject reason)
-# lintian is correct here but the embedded library is not a regression
-# and we're working on getting rid of it:
-# https://bugs.debian.org/664224 and https://github.com/ingydotnet/yaml-libyaml-pm/issues/49
-libyaml-libyaml-perl: embedded-library usr/lib/*/YAML/XS/LibYAML/LibYAML.so: libyaml
diff --git a/debian/patches/libyaml-node-id-hardening.patch b/debian/patches/libyaml-node-id-hardening.patch
deleted file mode 100644
index c92d372..0000000
--- a/debian/patches/libyaml-node-id-hardening.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-Description: CVE-2013-6393: yaml_stack_extend: guard against integer overflow
- This is a hardening patch also from Florian Weimer
- <fweimer at redhat.com>.  It is not required to fix this CVE however it
- improves the robustness of the code against future issues by avoiding
- large node ID's in a central place.
-Origin: https://bugzilla.redhat.com/show_bug.cgi?id=1033990
-Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1033990
-Last-Update: 2014-01-29
----
-# HG changeset patch
-# User Florian Weimer <fweimer at redhat.com>
-# Date 1389274355 -3600
-#      Thu Jan 09 14:32:35 2014 +0100
-# Node ID 034d7a91581ac930e5958683f1a06f41e96d24a2
-# Parent  a54d7af707f25dc298a7be60fd152001d2b3035b
-yaml_stack_extend: guard against integer overflow
-
-diff --git a/src/api.c b/src/api.c
---- a/LibYAML/api.c
-+++ b/LibYAML/api.c
-@@ -117,7 +117,12 @@
- YAML_DECLARE(int)
- yaml_stack_extend(void **start, void **top, void **end)
- {
--    void *new_start = yaml_realloc(*start, ((char *)*end - (char *)*start)*2);
-+    void *new_start;
-+
-+    if ((char *)*end - (char *)*start >= INT_MAX / 2)
-+	return 0;
-+
-+    new_start = yaml_realloc(*start, ((char *)*end - (char *)*start)*2);
- 
-     if (!new_start) return 0;
- 
diff --git a/debian/patches/series b/debian/patches/series
index 43edb66..8c3691c 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,3 @@
 disable-update.sh.patch
-libyaml-node-id-hardening.patch
 Load-B-Deparse-at-runtime.patch
+system-libyaml.patch
diff --git a/debian/patches/system-libyaml.patch b/debian/patches/system-libyaml.patch
new file mode 100644
index 0000000..b0818b9
--- /dev/null
+++ b/debian/patches/system-libyaml.patch
@@ -0,0 +1,31 @@
+--- a/LibYAML/Makefile.PL
++++ b/LibYAML/Makefile.PL
+@@ -11,7 +11,7 @@ my $obj_files = join ' ', map {
+     my $c = $_;
+     $c =~ s/\.c$/$Config::Config{_o}/;
+     $c;
+-} glob("*.c"), 'LibYAML.c';
++} glob("*.c");
+ 
+ my $DEFINE = $^O eq 'MSWin32'
+ ? '-DHAVE_CONFIG_H -DYAML_DECLARE_EXPORT'
+@@ -24,7 +24,7 @@ WriteMakefile(
+     # CCFLAGS => '-pedantic -Wall',
+     # CCFLAGS => '-Wall',
+     DEFINE => $DEFINE,
+-    LIBS => [''], # e.g., '-lm'
++    LIBS => ['-lyaml'], # e.g., '-lm'
+     INC => '-I.',
+     OBJECT => $obj_files,
+     ABSTRACT_FROM => 'lib/YAML/XS/LibYAML.pm',
+--- a/LibYAML/perl_libyaml.c
++++ b/LibYAML/perl_libyaml.c
+@@ -659,6 +659,8 @@ dump_document(perl_yaml_dumper_t *dumper
+     yaml_emitter_emit(&dumper->emitter, &event_document_start);
+     dump_node(dumper, node);
+     yaml_document_end_event_initialize(&event_document_end, 1);
++    // suppress end-of-document marker ('...')
++    dumper->emitter.open_ended = 0;
+     yaml_emitter_emit(&dumper->emitter, &event_document_end);
+ }
+ 
diff --git a/debian/rules b/debian/rules
index 73c5dbc..d8ba275 100755
--- a/debian/rules
+++ b/debian/rules
@@ -2,5 +2,7 @@
 
 export DEB_BUILD_MAINT_OPTIONS = hardening=+bindnow
 
+export USE_SYSTEM_LIBYAML = 1
+
 %:
 	dh $@

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-perl/packages/libyaml-libyaml-perl.git

More information about the Pkg-perl-cvs-commits mailing list