xz: update and regen files

fosslinux · fosslinux · commit e0de928afe03 · 2025-02-16T14:53:37.000+11:00
5.4.1 -&gt; 5.6.4

regenerate/delete files (this would have detected the infamous xz
backdoor)
diff --git a/steps/SHA256SUMS.pkgs b/steps/SHA256SUMS.pkgs
@@ -125,5 +125,5 @@ d4fe9460ca561fc2f546f9730f19f541b17dac0bcc42eb190abba856588c3593  tcc-0.9.27_3.t
 b34002b84a9ff4a719301a1b78f960e8039996ad321daf8aa3b2990f50933e48  texinfo-6.7_0.tar.bz2
 eccc75a240729327a3210bdc87b35293be8413623a98d0af1f62c01f574acaf6  util-linux-2.19.1_0.tar.bz2
 a0b6dd21894593b2ebcbfc9f62b1bd0205bba9e593442e307f02300964248550  which-2.21_0.tar.bz2
-4e775a6b9e31941c7a9cb2012d16fabb353659134f640688a82690e21fa9a120  xz-5.4.1_0.tar.bz2
+ebf9fa677485cd22d5f97ee41edd54525317b95c9e627481018b46baa0ad5c41  xz-5.6.4_0.tar.bz2
 ca8ec9876a7334f5f87e1159e0efe343b8b497ffb0dea8b548223035ecd67f9e  zlib-1.2.13_0.tar.bz2
diff --git a/steps/manifest b/steps/manifest
@@ -141,7 +141,7 @@ build: curl-8.5.0
 improve: get_network ( CHROOT == False )
 build: bash-5.2.15
 improve: open_console ( CONSOLES == True )
-build: xz-5.4.1
+build: xz-5.6.4
 build: file-5.44
 build: libtool-2.4.7
 build: tar-1.34
diff --git a/steps/xz-5.4.1/pass1.sh b/steps/xz-5.4.1/pass1.sh
diff --git a/steps/xz-5.4.1/sources b/steps/xz-5.4.1/sources
diff --git a/steps/xz-5.6.4/pass1.sh b/steps/xz-5.6.4/pass1.sh
@@ -0,0 +1,58 @@
+# SPDX-FileCopyrightText: 2021 Andrius Štikonas <andrius@stikonas.eu>
+# SPDX-FileCopyrightText: 2025 fosslinux <fosslinux@aussies.space>
+#
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+# sources note: Unfortunately, xz's xz tarballs use SHA-256 checksum, which
+# is not widely supported (including by xz), so we use bz2 tarball instead.
+
+src_prepare() {
+    # Delete translation catalogs
+    rm po/*.gmo
+
+    # Delete generated documentation
+    rm -rf po4a/man
+
+    # Would have detected the xz backdoor
+    rm tests/files/*.{x,l}z
+
+    # Regenerate these c files/headers
+    rm src/liblzma/rangecoder/price_table.c src/liblzma/lzma/fastpos_table.c \
+        src/liblzma/lz/lz_encoder_hash_table.h \
+        src/liblzma/check/crc{32,64}_table_*.h
+
+    pushd src/liblzma/rangecoder
+    gcc -std=c99 -o price_tablegen price_tablegen.c
+    ./price_tablegen > price_table.c
+    popd
+
+    pushd src/liblzma/lzma
+    gcc -std=c99 -o fastpos_tablegen fastpos_tablegen.c
+    ./fastpos_tablegen > fastpos_table.c
+    popd
+
+    pushd src/liblzma/check
+    gcc -std=c99 -o crc32_tablegen_le crc32_tablegen.c
+    ./crc32_tablegen_le > crc32_table_le.h
+    gcc -std=c99 -DWORDS_BIGENDIAN -o crc32_tablegen_be crc32_tablegen.c
+    ./crc32_tablegen_be > crc32_table_be.h
+    gcc -std=c99 -DLZ_HASH_TABLE -o crc32_tablegen_hashtable crc32_tablegen.c
+    ./crc32_tablegen_hashtable > ../lz/lz_encoder_hash_table.h
+
+    gcc -std=c99 -o crc64_tablegen_le crc64_tablegen.c
+    ./crc64_tablegen_le > crc64_table_le.h
+    gcc -std=c99 -DWORDS_BIGENDIAN -o crc64_tablegen_be crc64_tablegen.c
+    ./crc64_tablegen_be > crc64_table_be.h
+    popd
+
+    AUTOMAKE=automake-1.15 ACLOCAL=aclocal-1.15 AUTOCONF=autoconf-2.69 AUTOM4TE=autom4te-2.69 autoreconf-2.69 -f
+}
+
+src_configure() {
+    ./configure \
+        --prefix="${PREFIX}" \
+        --disable-shared \
+        --disable-nls \
+        --build=i386-unknown-linux-musl \
+        --libdir="${LIBDIR}"
+}
diff --git a/steps/xz-5.6.4/sources b/steps/xz-5.6.4/sources
@@ -0,0 +1 @@
+https://github.com/tukaani-project/xz/releases/download/v5.6.4/xz-5.6.4.tar.bz2 176d510c30d80a23b8050bbc048f2ecaacb823ae48b6821727ed6591f0df9200

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+https://github.com/tukaani-project/xz/releases/download/v5.6.4/xz-5.6.4.tar.bz2 176d510c30d80a23b8050bbc048f2ecaacb823ae48b6821727ed6591f0df9200`