Fix CVE-2023-4759

(cherry picked from commit 5e2dfb168f00d4ddeefa93723b50a2b88df12a37)
2025-02-17 17:36:44 +08:00 · 2025-02-17 17:36:44 +08:00 · 9fe87b5bd0
commit 9fe87b5bd0
parent fff682fa15
2 changed files with 1703 additions and 1 deletions
--- a/CVE-2023-4759.patch
+++ b/CVE-2023-4759.patch
--- a/eclipse-jgit.spec
+++ b/eclipse-jgit.spec
@ -1,13 +1,14 @@
 %global gittag 5.11.0.202103091610-r
 Name:                eclipse-jgit
 Version:             5.11.0
-Release:             1
+Release:             2
 Summary:             Eclipse JGit
 License:             BSD
 URL:                 https://www.eclipse.org/jgit/
 Source0:             https://git.eclipse.org/c/jgit/jgit.git/snapshot/jgit-%{gittag}.tar.xz
 Patch0:              0001-Ensure-the-correct-classpath-is-set-for-the-jgit-com.patch
 Patch1:              0002-Don-t-embed-versions-of-third-party-libs-use-feature.patch
+Patch2:              CVE-2023-4759.patch
 BuildArch:           noarch
 ExcludeArch:         s390 %{arm} %{ix86}
 BuildRequires:       tycho jgit = %{version}
@ -19,6 +20,7 @@ A pure Java implementation of the Git version control system.
 %setup -n jgit-%{gittag} -q
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1
 rm .mvn/maven.config
 for p in $(find org.eclipse.jgit.packaging -name pom.xml) ; do
  grep -q dependencies $p && %pom_xpath_remove "pom:dependencies" $p
@ -48,6 +50,9 @@ popd
 %doc README.md

 %changelog
+* Mon Feb 17 2025 wangkai <13474090681@163.com> - 5.11.0-2
+- Fix CVE-2023-4759
+
 * Sat Nov 26 2022 yaoxin <yaoxin30@h-partners.com> - 5.11.0-1
 - Update to 5.11.0