6.3.0

0001-CVE-2021-43618.patch

@@ -1,34 +0,0 @@
-From 561a9c25298e17bb01896801ff353546c6923dbd Mon Sep 17 00:00:00 2001
-From: Marco Bodrato <bodrato@mail.dm.unipi.it>
-Date: Thu, 21 Oct 2021 19:06:49 +0200
-Subject: [PATCH] CVE-2021-43618: GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.
-
-This patch fixes it by avoiding bit size overflows
-
-CVE-2021-43618
-https://nvd.nist.gov/vuln/detail/CVE-2021-43618
-
----
- mpz/inp_raw.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/mpz/inp_raw.c b/mpz/inp_raw.c
-index 378c42b..f88fea9 100644
---- a/mpz/inp_raw.c
-+++ b/mpz/inp_raw.c
-@@ -88,8 +88,11 @@ mpz_inp_raw (mpz_ptr x, FILE *fp)
- 
-   abs_csize = ABS (csize);
- 
-+  if (UNLIKELY (abs_csize > ~(mp_bitcnt_t) 0 / 8))
-+    return 0; /* Bit size overflows */
-+
-   /* round up to a multiple of limbs */
--  abs_xsize = BITS_TO_LIMBS (abs_csize*8);
-+  abs_xsize = BITS_TO_LIMBS ((mp_bitcnt_t) abs_csize * 8);
- 
-   if (abs_xsize != 0)
-     {
--- 
-2.27.0
-

gmp.spec

@@ -1,15 +1,13 @@
 Name: gmp
-Version: 6.2.1
-Release: 3
+Version: 6.3.0
+Release: 1
 Epoch: 1
 URL: https://gmplib.org
-Source0: https://gmplib.org/download/gmp/gmp-%{version}.tar.bz2
+Source0: https://gmplib.org/download/gmp/gmp-%{version}.tar.xz
 License: LGPLv3 and GPLv2
-BuildRequires: autoconf automake libtool gcc gcc-c++ perl-Carp
+BuildRequires: gcc gcc-c++ make m4
 Summary: A GNU multiple precision arithmetic library
 
-Patch1	:0001-CVE-2021-43618.patch
-
 %description
 GMP is a portable library written in C for arbitrary precision arithmetic
 on integers, rational numbers, and floating-point numbers. It aims to provide
@@ -36,7 +34,6 @@ GMP dependent library for C++ applications.
 %autosetup -p1
 
 %build
-autoreconf -ifv
 if as --help | grep -q execstack; then
   export CCAS="gcc -c -Wa,--noexecstack"
 fi
@@ -53,11 +50,11 @@ sed -e 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' \
     -e 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' \
     -i libtool
 export LD_LIBRARY_PATH=`pwd`/.libs
-make %{?_smp_mflags}
+%make_build
 
 %install
 export LD_LIBRARY_PATH=`pwd`/.libs
-make install DESTDIR=$RPM_BUILD_ROOT
+%make_install
 install -m 644 gmp-mparam.h ${RPM_BUILD_ROOT}%{_includedir}
 rm -f $RPM_BUILD_ROOT%{_infodir}/dir
 rm -f $RPM_BUILD_ROOT%{_libdir}/lib{gmp,mp,gmpxx}.la
@@ -71,13 +68,7 @@ basearch=i386
 
 %check
 export LD_LIBRARY_PATH=`pwd`/.libs
-make %{?_smp_mflags} check
-
-%post -p /sbin/ldconfig
-%postun -p /sbin/ldconfig
-
-%post c++ -p /sbin/ldconfig
-%postun c++ -p /sbin/ldconfig
+%make_build check
 
 %files
 %{!?_licensedir:%global license %%doc}
@@ -99,10 +90,13 @@ make %{?_smp_mflags} check
 %{_libdir}/pkgconfig/gmpxx.pc
 
 %changelog
-* Tue Dec 7 2021 zhouwenpei <zhouwenpei1@huawei.com> - 6.2.1-3
+* Mon Jul 31 2023 Funda Wang <fundawang@yeah.net> - 1:6.3.0-1
+- New version 6.3.0
+
+* Tue Dec 7 2021 zhouwenpei <zhouwenpei1@huawei.com> - 1:6.2.1-3
 - fix CVE-2021-43618
 
-* Fri Jul 30 2021 chenyanpanHW <chenyanpan@huawei.com> - 6.2.1-2
+* Fri Jul 30 2021 chenyanpanHW <chenyanpan@huawei.com> - 1:6.2.1-2
 - DESC: delete -S git from %autosetup, and delete BuildRequires git
 
 * Sat Jan 30 2021 xinghe <xinghe1@huawei.com> - 1:6.2.1-1