The yajl package provides a JSON library.
Required patch: https://gitlab.archlinux.org/archlinux/packaging/packages/yajl/-/raw/main/yajl-2.1.0-CVE-2017-16516.patch
Required patch: https://gitlab.archlinux.org/archlinux/packaging/packages/yajl/-/raw/main/yajl-2.1.0-CVE-2022-24795.patch
Required patch: https://gitlab.archlinux.org/archlinux/packaging/packages/yajl/-/raw/main/yajl-2.1.0-memory_leak.patch
Required patch: https://github.com/lloyd/yajl/commit/6fe59ca50dfd65bdb3d1c87a27245b2dd1a072f9.patch
Since the last commit to this package is almost a decade old, issues have came up and need to be fixed before building. Apply required patches to fix the important ones:
patch -Np1 -i ../yajl-2.1.0-CVE-2017-16516.patch && patch -Np1 -i ../yajl-2.1.0-CVE-2022-24795.patch && patch -Np1 -i ../yajl-2.1.0-memory_leak.patch
Fix building with CMake-4.0.0:
patch -Np1 -i ../6fe59ca50dfd65bdb3d1c87a27245b2dd1a072f9.patch
Install yajl by running the following commands:
mkdir build && cd build && cmake -D CMAKE_INSTALL_PREFIX=/usr \ -D CMAKE_BUILD_TYPE=Release \ -D BUILD_SHARED_LIBS=ON \ -D CMAKE_SKIP_INSTALL_RPATH=ON \ -W no-dev -G Ninja .. && ninja
Now, as the root
user:
ninja install && rm -vf /usr/lib/libyajl_s.a
-D
CMAKE_SKIP_INSTALL_RPATH=ON
: This switch makes
cmake remove
hardcoded library search paths (rpath) when installing a binary
executable file or a shared library. This package does not need
rpath once it's installed into the standard location, and rpath may
sometimes cause unwanted effects or even security issues.
rm -vf /usr/lib/libyajl_s.a: This command removes a useless static library.