bzip2-1.0.8-160000.2.2

- Build AVX2 enabled hwcaps library for x86_64-v3

- Port rpmlintrc format to rpmlint 2.x.

- Drop --with-pic (no effect with --disable-static)
- Use %autosetup (rediff bzip2-1.0.6.2-autoconfiscated.patch to p1)

- Use correct version in autotools patchset
  M bzip2-1.0.6.2-autoconfiscated.patch

- Update to version 1.0.8:
  * Accept as many selectors as the file format allows.
    This relaxes the fix for CVE-2019-12900 from 1.0.7
    so that bzip2 allows decompression of bz2 files that
    use (too) many selectors again.
  * Fix handling of large (> 4GB) files on Windows.
  * Cleanup of bzdiff and bzgrep scripts so they don't use
    any bash extensions and handle multiple archives correctly.
- remove (applied upstream)
  * bzip2-1.0.6-fix-bashisms.patch
  * bzip2-1.0.6-bzgrep_return_value.patch
- use a new Source url

- Update bug reference
- Fix downloaded patches

- Update to version 1.0.7:
  * Fix undefined behavior in the macros SET_BH, CLEAR_BH, &
    ISSET_BH.
  * bzip2: Fix return value when combining --test,-t and -q.
  * bzip2recover: Fix buffer overflow for large argv[0].
  * bzip2recover: Fix use after free issue with outFile
    (CVE-2016-3189).
  * Make sure nSelectors is not out of range (CVE-2019-12900
    bsc#1139083)
- Drop patches fixed upstream:
  * bzip2-unsafe_strcpy.patch.
  * bzip2-1.0.6-CVE-2016-3189.patch.
- Refresh patches with quilt.

- add bzip2-1.0.6-CVE-2016-3189.patch to fix a heap use after
  free vulnerability that was reported in bzip2recover [bsc#985657]
  [CVE-2016-3189]

- Replace the URL. The bzip.org owner changed [bsc#1104445].
- Remove the URL from the 'Source' line. The 1.0.6 version is not
  available.
- Run spec-cleaner.

- Update autotools patchset:
  D bzip2-1.0.6-autoconfiscated.patch
  A bzip2-1.0.6.2-autoconfiscated.patch