xz-5.8.1-160000.2.2

- Update to 5.8.1:
  * Multithreaded .xz decoder (lzma_stream_decoder_mt()):
  - Fix a bug that could at least result in a crash with
    invalid input. (bsc#1240414, CVE-2025-31115)
  - Fix a performance bug: Only one thread was used if the whole
    input file was provided at once to lzma_code(), the output
    buffer was big enough, timeout was disabled, and LZMA_FINISH
    was used. There are no bug reports about this, thus it's
    possible that no real-world application was affected.
  * Avoid <stdalign.h> even with C11/C17 compilers. This fixes the
    build with Oracle Developer Studio 12.6 on Solaris 10 when the
    compiler is in C11 mode (the header doesn't exist).
  * Autotools: Restore compatibility with GNU make versions older
    than 4.0 by creating the package using GNU gettext 0.23.1
    infrastructure instead of 0.24.
  * Update Croatian translation.
- 5.8.0 changelog:
  * liblzma on 32/64-bit x86: When possible, use SSE2 intrinsics
    instead of memcpy() in the LZMA/LZMA2 decoder. In typical cases,
    this may reduce decompression time by 0-5 %. However, when built
    against musl libc, over 15 % time reduction was observed with
    highly compressed files.
  * CMake: Make the feature test macros match the Autotools-based
    build on NetBSD, Darwin, and mingw-w64.
  * Update the Croatian, Italian, Portuguese, and Romanian
    translations.
  * Update the German, Italian, Korean, Romanian, Serbian, and
    Ukrainian man page translations.
- Summary of changes in the 5.7.x development releases:
  * Mark the following LZMA Utils script aliases as deprecated:
    lzcmp, lzdiff, lzless, lzmore, lzgrep, lzegrep, and lzfgrep.
  * liblzma:
  - Improve LZMA/LZMA2 encoder speed on 64-bit PowerPC (both
    endiannesses) and those 64-bit RISC-V processors that
    support fast unaligned access.
  - Add low-level APIs for RISC-V, ARM64, and x86 BCJ filters
    to lzma/bcj.h. These are primarily for erofs-utils.
  - x86/x86-64/E2K CLMUL CRC code was rewritten.
  - Use the CRC32 instructions on LoongArch.
  * xz:
  - Synchronize the output file and its directory using fsync()
    before deleting the input file. No syncing is done when xz
    isn't going to delete the input file.
  - Add --no-sync to disable the sync-before-delete behavior.
  - Make --single-stream imply --keep.
  * xz, xzdec, lzmainfo: When printing messages, replace
    non-printable characters with question marks.
  * xz and xzdec on Linux: Support Landlock ABI versions 5 and 6.
  * CMake: Revise the configuration variables and some of their
    options, and document them in the file INSTALL. CMake support
    is no longer experimental. (It was already not experimental
    when building for native Windows.)
  * Add build-aux/license-check.sh.

- update to 5.6.4:
  * liblzma: Fix LZMA/LZMA2 encoder on big endian ARM64.
  * xz: Fix --filters= and --filters1= ... --filters9= options
    parsing. They require an argument, thus "xz --filters lzma2"
    should work in addition to "xz --filters=lzma2".
  * Updates to documentation, translations, build system files
- package license files in all packages

- Update to 5.6.3:
  * liblzma:
  - Fix x86-64 inline assembly compatibility with GNU Binutils
    older than 2.27.
  - Fix the build with GCC 4.2 on OpenBSD/sparc64.
  * xzdec: Display an error instead of failing silently if the
    unsupported option -M is specified.
  * lzmainfo: Fix integer overflows when rounding the dictionary and
    uncompressed sizes to the nearest mebibyte.
  * Autotools-based build:
  - Fix feature checks with link-time optimization (-flto).
  - Solaris: Fix a compatibility issue in version.sh. It matters
    if one wants to regenerate configure by running autoconf.
  * CMake:
  - Use paths relative to ${prefix} in liblzma.pc when possible.
    This is done only with CMake >= 3.20.
  - Prefer a C11 compiler over a C99 compiler but accept both.
  - Link Threads::Threads against liblzma using PRIVATE so that
  - pthread and such flags won't unnecessarily get included in
    the usage requirements of shared liblzma. That is,
    target_link_libraries(foo PRIVATE liblzma::liblzma) no
    longer adds -pthread if using POSIX threads and linking
    against shared liblzma. The threading flags are still added
    if linking against static liblzma.
  * Updated translations: Catalan, Chinese (simplified), and
    Brazilian Portuguese.

- Update to 5.6.2:
  * Remove the backdoor (CVE-2024-3094).
  * Not changed: Memory sanitizer (MSAN) has a false positive
    in the CRC CLMUL code which also makes OSS Fuzz unhappy.
    Valgrind is smarter and doesn't complain.
    A revision to the CLMUL code is coming anyway and this issue
    will be cleaned up as part of it. It won't be backported to
    5.6.x or 5.4.x because the old code isn't wrong. There is
    no reason to risk introducing regressions in old branches
    just to silence a false positive.
  * liblzma:
  - lzma_index_decoder() and lzma_index_buffer_decode(): Fix
    a missing output pointer initialization (*i = NULL) if the
    functions are called with invalid arguments. The API docs
    say that such an initialization is always done. In practice
    this matters very little because the problem can only occur
    if the calling application has a bug and these functions
    return LZMA_PROG_ERROR.
  - lzma_str_to_filters(): Fix a missing output pointer
    initialization (*error_pos = 0). This is very similar
    to the fix above.
  - Fix C standard conformance with function pointer types.
  - Remove GNU indirect function (IFUNC) support. This is *NOT*
    done for security reasons even though the backdoor relied on
    this code. The performance benefits of IFUNC are too tiny in
    this project to make the extra complexity worth it.
  - FreeBSD on ARM64: Add error checking to CRC32 instruction
    support detection.
  - Fix building with NVIDIA HPC SDK.
  * xz:
  - Fix a C standard conformance issue in --block-list parsing
    (arithmetic on a null pointer).
  - Fix a warning from GNU groff when processing the man page:
    "warning: cannot select font 'CW'"
  * xzdec: Add support for Linux Landlock ABI version 4. xz already
    had the v3-to-v4 change but it had been forgotten from xzdec.

- revert the switch to tar_scm which dropped the signature
  validation
- switch back to tarballs because the upstream tarballs are not
  gone
- reinstanciate keyring from Lasse
- go back to the last release signed by Lasse (5.4.2)
- revert multibuild, drop service and rpmlintrc
- use real_ver for the Source, move everything else back to
  %version like before the hectic XZ downgrade
- remove payload setting, we are using zstd now

- Switch to using tar_scm for fetching the sources as the upstream
  tarballs on github are gone
- introduce _multibuild to allow building the translations outside
  of Ring0 and everything else in Ring0
- add rpmlintrc to silence harmless warnings

- restore a bigger version number so that update works

- Build static library on SLE

- update to 5.4.6:
  * Fixed a bug involving internal function pointers in liblzma
    not being initialized to NULL. The bug can only be
    triggered if lzma_filters_update() is called on a LZMA1
    encoder, so it does not affect xz or any application known
    to us that uses liblzma.
  * Fixed a regression introduced in 5.4.2 that caused
    encoding in the raw format to unnecessarily fail if --suffix
    was not used. For instance, the following command no longer
    reports that --suffix must be used:
    echo foo | xz --format=raw --lzma2 | wc -c
  * Fixed an issue on MinGW-w64 builds that prevented
    reading from or writing to non-terminal character devices
    like NUL.
  * Added a new test.

- Update to version 5.4.5:
  * liblzma:
  - Fixed an assertion failure that could be triggered by a large
    unpadded_size argument. It was verified that there was no
    other bug than the assertion failure.
  - Fixed a bug that prevented building with Windows Vista
    threading when __attribute__((__constructor__)) is not
    supported.
  * xz now properly handles special files such as "con" or "nul" on
    Windows. Before this fix, the following wrote "foo" to the
    console and deleted the input file "con_xz":
    echo foo | xz > con_xz
    xz --suffix=_xz --decompress con_xz
  * Small fixes and improvements to the tests.
  * Updated translations: Chinese (simplified) and Esperanto.