New upstream version 1.3.21.

Fixes CVE-2021-3622 limit recursion in ri-records.

(cherry picked from commit 7bcdf7c91f)
(cherry picked from commit 345326a9d5)

.gitignore

@@ -1,9 +1,4 @@
 /.build-*
 /clog
 /hivex-*.tar.gz
-/hivex-1.3.14.tar.gz.sig
-/hivex-1.3.15.tar.gz.sig
-/hivex-1.3.16.tar.gz.sig
-/hivex-1.3.17.tar.gz.sig
-/hivex-1.3.18.tar.gz.sig
-/hivex-1.3.19.tar.gz.sig
+/hivex-*.tar.gz.sig

hivex.spec

@@ -9,8 +9,8 @@
 %global verify_tarball_signature 1
 
 Name:           hivex
-Version:        1.3.19
-Release:        4%{?dist}
+Version:        1.3.21
+Release:        1%{?dist}
 Summary:        Read and write Windows Registry binary hive files
 
 License:        LGPLv2
@@ -62,6 +62,7 @@ BuildRequires:  libxml2-devel
 %if 0%{verify_tarball_signature}
 BuildRequires: gnupg2
 %endif
+BuildRequires: make
 
 # https://fedoraproject.org/wiki/Packaging:No_Bundled_Libraries#Packages_granted_exceptions
 Provides:      bundled(gnulib)
@@ -109,6 +110,7 @@ Requires:       pkgconfig
 for %{name}.
 
 
+%if !0%{?rhel}
 %package static
 Summary:        Statically linked library for %{name}
 Requires:       %{name} = %{version}-%{release}
@@ -117,6 +119,7 @@ Requires:       %{name} = %{version}-%{release}
 %description static
 %{name}-static contains the statically linked library
 for %{name}.
+%endif
 
 
 %if %{with ocaml}
@@ -186,6 +189,9 @@ ruby-%{name} contains Ruby bindings for %{name}.
     PYTHON=%{__python3} \
 %if !%{with ocaml}
     --disable-ocaml \
+%endif
+%if 0%{?rhel}
+    --disable-static \
 %endif
     %{nil}
 make V=1 INSTALLDIRS=vendor %{?_smp_mflags}
@@ -209,8 +215,9 @@ rm $RPM_BUILD_ROOT%{python3_sitearch}/libhivexmod.la
 
 
 %check
-# Disable some gnulib tests which fail on Arm and POWER (2020-07):
-for f in test-float test-perror2 test-strerror_r; do
+# Disable some gnulib tests which fail on Arm and POWER and S/390
+# (2020-07, 2020-12):
+for f in test-float test-perror2 test-pthread_sigmask1 test-strerror_r; do
     pushd gnulib/tests
     make $f
     rm -f $f
@@ -248,9 +255,11 @@ fi
 %{_libdir}/pkgconfig/hivex.pc
 
 
+%if !0%{?rhel}
 %files static
 %doc LICENSE
 %{_libdir}/libhivex.a
+%endif
 
 
 %if %{with ocaml}
@@ -293,6 +302,17 @@ fi
 
 
 %changelog
+* Mon Aug  2 2021 Richard W.M. Jones <rjones@redhat.com> - 1.3.21-1
+- New upstream version 1.3.21.
+- Fixes CVE-2021-3622 limit recursion in ri-records.
+
+* Mon May  3 2021 Richard W.M. Jones <rjones@redhat.com> - 1.3.20-1
+- New upstream version 1.3.20.
+- Fixes CVE-2021-3504 missing bounds check in hivex_open.
+
+* Wed Sep 02 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.19-4.1
+- Bump release and rebuild.
+
 * Tue Sep 01 2020 Richard W.M. Jones <rjones@redhat.com> - 1.3.19-4
 - OCaml 4.11.1 rebuild
 

sources

@@ -1,2 +1,2 @@
-SHA512 (hivex-1.3.19.tar.gz) = dc271349c6efa7b55ba144617e57fe4e7ce855ec1f4ef9f84ee86eeefd3a34cb6b26078786e1568f3008b922a31b758ff2c2734e599b67e0e210aa72e9f41177
-SHA512 (hivex-1.3.19.tar.gz.sig) = 8b9c8c9b6cef47036df70f79219ed91d592dbc8ae1de8f1378cdd0f18ab043fb2d16c6907d05240cb3d015360c721c922df198bd383e79e54b83c218c8c565fb
+SHA512 (hivex-1.3.21.tar.gz) = e893d9fa77655540d29ef6657764f701f9cddb33d11b2bfef36ce0c2caebab92b55a32b7e1c99efbab0d53f558a44bf1c4c6f6da13daa37d568ff96d7d28f842
+SHA512 (hivex-1.3.21.tar.gz.sig) = f70ff14ef374d1d64a9c0a95928a5c8f38f4e75671abf544850239e322ab3a3cc6788fd8be58c61c96ed3b1a34e176f01f5b027a4cf9946182e847d45a3a9ba8