centos&rocky 升级 xz,需要和目前系统对比每个xz包,和每个xz包内的文件有哪些;然后,根据不同类型的包(base, devel, lib),三个进行打包操作。

下载curl源码包

升级至少需要更新至 xz 5.4.6 ,首先从官网下载源码包 [1]

将xz作为rpm

下面是 rpm 的规格文件

spec
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82

Name:           xz
Version:        5.4.6
Release:        1%{?dist}
Summary:        LZMA compression utilities

License:        MIT
URL:            https://tukaani.org/xz
Source0:        xz-5.4.6.tar.gz

BuildRequires:  glibc

%package libs
Summary: Libraries for decoding LZMA compression
Group: xz
Vendor: Cylon
URL: https://tukaani.org/xz/
BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot

%package devel
Summary: Devel libraries for decoding LZMA compression
Group: xz
Vendor: Cylon
URL: https://tukaani.org/xz/
BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot

%description
XZ Utils are a complete C99 implementation of the .xz file format. XZ Utils were originally written for POSIX systems but have been ported to a few non-POSIX systems as well.

%description libs
Libraries for decoding files compressed with LZMA or XZ utils.

%description devel
Devel libraries and headers for liblzma.

%prep
%autosetup -p1

%build
%configure \
        --libdir=/usr/lib64/ \
        --bindir=/usr/bin/ \
        --docdir=/usr/share/doc/ \
        --mandir=/usr/share/man/

make %{?_smp_mflags}

%install
make install DESTDIR=%{buildroot}

%files
%defattr(-,root,root,-)
%attr(0755,root,root) /usr/bin/*
%attr(0755,root,root) /usr/share/man/*
%attr(0755,root,root) /usr/share/doc/AUTHORS
%attr(0755,root,root) /usr/share/doc/COPYING
%attr(0755,root,root) /usr/share/doc/COPYING.GPLv2
%attr(0755,root,root) /usr/share/doc/NEWS
%attr(0755,root,root) /usr/share/doc/README
%attr(0755,root,root) /usr/share/doc/THANKS
%attr(0755,root,root) /usr/share/doc/TODO

%files libs
%defattr(-,root,root,-)
%attr(0755,root,root) /usr/lib64/liblzma.so.5
%attr(0755,root,root) /usr/lib64/liblzma.so.5.4.6
%attr(0755,root,root) /usr/share/doc/AUTHORS
%attr(0755,root,root) /usr/share/doc/COPYING
%attr(0755,root,root) /usr/share/doc/COPYING.GPLv2
%attr(0755,root,root) /usr/share/doc/NEWS
%attr(0755,root,root) /usr/share/doc/README
%attr(0755,root,root) /usr/share/doc/THANKS
%attr(0755,root,root) /usr/share/doc/TODO

%files devel
%defattr(-,root,root,-)
%attr(0755,root,root) /usr/lib64/liblzma.so
%attr(0644,root,root) /usr/include/*
%attr(0644,root,root) /usr/lib64/pkgconfig/liblzma.pc

%changelog
* Tue Nov 01 2024 Cylon <cylonchau@outlook.com> - 5.4.6
- Initial package release

执行对应的更新操作

bash
1
2
3
4

rpmbuild \
	--define "_topdir `pwd`/rpmbuild" \
	--define="PMackaged_files_terminate_build 0" \
	-ba `pwd`/rpmbuild/SPECS/xz.spec

Reference

[1] XZ data compression

[2] CVE-2022-1271 Detail