mirror of
https://github.com/microsoft/vcpkg.git
synced 2024-12-28 00:37:49 +08:00
ce1916404f
Resolves https://github.com/microsoft/vcpkg/issues/37839 Reverts #37199 See https://www.openwall.com/lists/oss-security/2024/03/29/4 Note that the version database is unmodified, only the baseline is changed. Because vcpkg builds liblzma from cmake sources downloaded from github and this backdoor required modifications only present in the release tarballs, it is our belief that vcpkg customers are not affected by this problem. However, we are reverting this version out of an abundance of caution as the threat actor clearly has broad access to liblzma infrastructure, and because we believe customers will start flagging this package by version as being a problem.
21 lines
608 B
Diff
21 lines
608 B
Diff
diff --git a/CMakeLists.txt b/CMakeLists.txt
|
|
index 52439b3..0b5e371 100644
|
|
--- a/CMakeLists.txt
|
|
+++ b/CMakeLists.txt
|
|
@@ -574,6 +574,7 @@ if(HAVE_GETOPT_LONG)
|
|
|
|
install(TARGETS xzdec
|
|
RUNTIME DESTINATION "${CMAKE_INSTALL_BINDIR}"
|
|
+ BUNDLE DESTINATION "${CMAKE_INSTALL_BINDIR}"
|
|
COMPONENT xzdec)
|
|
|
|
if(UNIX)
|
|
@@ -701,6 +702,7 @@ if(NOT MSVC AND HAVE_GETOPT_LONG)
|
|
|
|
install(TARGETS xz
|
|
RUNTIME DESTINATION "${CMAKE_INSTALL_BINDIR}"
|
|
+ BUNDLE DESTINATION "${CMAKE_INSTALL_BINDIR}"
|
|
COMPONENT xz)
|
|
|
|
if(UNIX)
|