microsoft
diff --git a/‎SPECS/fcgi/CVE-2012-6687.patch‎
Lines changed: 0 additions & 80 deletions b/‎SPECS/fcgi/CVE-2012-6687.patch‎
Lines changed: 0 additions & 80 deletions
diff --git a/‎SPECS/fcgi/fcgi-EOF.patch‎
Lines changed: 0 additions & 11 deletions b/‎SPECS/fcgi/fcgi-EOF.patch‎
Lines changed: 0 additions & 11 deletions
diff --git a/‎SPECS/fcgi/fcgi.signatures.json‎
Lines changed: 1 addition & 1 deletion b/‎SPECS/fcgi/fcgi.signatures.json‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎SPECS/fcgi/fcgi.spec‎
Lines changed: 35 additions & 22 deletions b/‎SPECS/fcgi/fcgi.spec‎
Lines changed: 35 additions & 22 deletions
diff --git a/‎cgmanifest.json‎
Lines changed: 2 additions & 2 deletions b/‎cgmanifest.json‎
Lines changed: 2 additions & 2 deletions
@@ -1,5 +1,5 @@
 {
  "Signatures": {
-  "fcgi-2.4.0.tar.gz": "66fc45c6b36a21bf2fbbb68e90f780cc21a9da1fffbae75e76d2b4402d3f05b9"
+  "fcgi-2.4.5.tar.gz": "92b0111a98d8636e06c128444a3d4d7a720bdd54e6ee4dd0c7b67775b1b0abff"
  }
 }
@@ -1,13 +1,11 @@
 Summary:        FastCGI development kit
 Name:           fcgi
-Version:        2.4.0
-Release:        7%{?dist}
+Version:        2.4.5
+Release:        1%{?dist}
 License:        OML
 # NOTE: below is an archive of FastCGI. The original project web page (http://www.fastcgi.com) is no longer online.
 URL:            https://fastcgi-archives.github.io
-Source0:        https://src.fedoraproject.org/lookaside/extras/%{name}/%{name}-%{version}.tar.gz/d15060a813b91383a9f3c66faf84867e/%{name}-%{version}.tar.gz
-Patch0:         fcgi-EOF.patch
-Patch1:         CVE-2012-6687.patch
+Source0:        https://github.com/FastCGI-Archives/fcgi2/archive/refs/tags/%{version}.tar.gz#/%{name}-%{version}.tar.gz
 Group:          Development/Libraries/C and C++
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
@@ -25,11 +23,10 @@ FastCGI is a language independent, scalable, open extension to CGI that
 provides high performance without the limitations of server specific APIs.
 
 %prep
-%setup -q
-%patch0 -p1
-%patch1 -p1
+%autosetup -n %{name}2-%{version} -p1
 
 %build
+./autogen.sh
 %configure \
    --disable-static
 make
@@ -48,28 +45,44 @@ make check
 
 %files
 %defattr(-,root,root)
-%license LICENSE.TERMS
+%license LICENSE
 %{_bindir}/*
 %{_libdir}/libfcgi*.so*
+%doc %{_mandir}/man1/cgi-fcgi.1*
+%doc %{_mandir}/man3/FCGI_Accept.3*
+%doc %{_mandir}/man3/FCGI_Finish.3*
+%doc %{_mandir}/man3/FCGI_SetExitStatus.3*
+%doc %{_mandir}/man3/FCGI_StartFilterData.3*
 
 %files devel
 %defattr(-,root,root)
 %{_includedir}/*
+%{_libdir}/pkgconfig/fcgi*.pc
 
 %changelog
+* Tue Apr 22 2025 Kanishk Bansal <kanbansal@microsoft.com> - 2.4.5-1
+- Upgrade to 2.4.5 to fix CVE-2025-23016
+- Remove patch of CVE-2012-6687, fcgi-EOF
+- Added missing man pages and pkgconfig files to package
+
 * Sat May 09 2020 Nick Samson <nisamson@microsoft.com> - 2.4.0-7
 - Added %%license line automatically
 
-*   Mon Apr 27 2020 Pawel Winogrodzki <pawelwi@microsoft.com> 2.4.0-6
--   Fixed 'Source0' and 'URL' tags.
--   License verified.
-*   Thu Feb 27 2020 Henry Beberman <hebeberm@microsoft.com> 2.4.0-5
--   Glob to include libfcgi++ as well as libfcgi in RPM
-*   Tue Sep 03 2019 Mateusz Malisz <mamalisz@microsoft.com> 2.4.0-4
--   Initial CBL-Mariner import from Photon (license: Apache2).
-*   Fri Oct 13 2017 Alexey Makhalov <amakhalov@vmware.com> 2.4.0-3
--   Use standard configure macros
-*   Wed May 24 2017 Dheeraj Shetty <dheerajs@vmware.com> 2.4.0-2
--   Patch for CVE-2012-6687
-*   Fri Dec 16 2016 Dheeraj Shetty <dheerajs@vmware.com> 2.4.0-1
--   Initial build. First version
+* Mon Apr 27 2020 Pawel Winogrodzki <pawelwi@microsoft.com> 2.4.0-6
+- Fixed 'Source0' and 'URL' tags.
+- License verified.
+
+* Thu Feb 27 2020 Henry Beberman <hebeberm@microsoft.com> 2.4.0-5
+- Glob to include libfcgi++ as well as libfcgi in RPM
+
+* Tue Sep 03 2019 Mateusz Malisz <mamalisz@microsoft.com> 2.4.0-4
+- Initial CBL-Mariner import from Photon (license: Apache2).
+
+* Fri Oct 13 2017 Alexey Makhalov <amakhalov@vmware.com> 2.4.0-3
+- Use standard configure macros
+
+* Wed May 24 2017 Dheeraj Shetty <dheerajs@vmware.com> 2.4.0-2
+- Patch for CVE-2012-6687
+
+* Fri Dec 16 2016 Dheeraj Shetty <dheerajs@vmware.com> 2.4.0-1
+- Initial build. First version
@@ -3498,8 +3498,8 @@
         "type": "other",
         "other": {
           "name": "fcgi",
-          "version": "2.4.0",
-          "downloadUrl": "https://src.fedoraproject.org/lookaside/extras/fcgi/fcgi-2.4.0.tar.gz/d15060a813b91383a9f3c66faf84867e/fcgi-2.4.0.tar.gz"
+          "version": "2.4.5",
+          "downloadUrl": "https://github.com/FastCGI-Archives/fcgi2/archive/refs/tags/2.4.5.tar.gz"
         }
       }
     },
Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,5 @@`
`1`	`1`	`{`
`2`	`2`	`"Signatures": {`
`3`		`- "fcgi-2.4.0.tar.gz": "66fc45c6b36a21bf2fbbb68e90f780cc21a9da1fffbae75e76d2b4402d3f05b9"`
	`3`	`+ "fcgi-2.4.5.tar.gz": "92b0111a98d8636e06c128444a3d4d7a720bdd54e6ee4dd0c7b67775b1b0abff"`
`4`	`4`	`}`
`5`	`5`	`}`
Original file line number	Diff line number	Diff line change
`@@ -3498,8 +3498,8 @@`
`3498`	`3498`	`"type": "other",`
`3499`	`3499`	`"other": {`
`3500`	`3500`	`"name": "fcgi",`
`3501`		`- "version": "2.4.0",`
`3502`		`- "downloadUrl": "https://src.fedoraproject.org/lookaside/extras/fcgi/fcgi-2.4.0.tar.gz/d15060a813b91383a9f3c66faf84867e/fcgi-2.4.0.tar.gz"`
	`3501`	`+ "version": "2.4.5",`
	`3502`	`+ "downloadUrl": "https://github.com/FastCGI-Archives/fcgi2/archive/refs/tags/2.4.5.tar.gz"`
`3503`	`3503`	`}`
`3504`	`3504`	`}`
`3505`	`3505`	`},`