NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/oniguruma: security bump to version 6.9.6

Browse Source 
Drop patch (already in version)

Fixed many problems found by OSS-Fuzz
Fixed many problems found by Coverity

https://github.com/kkos/oniguruma/releases/tag/v6.9.6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Fabrice Fontaine 2020-11-05 07:36:04 +01:00 committed by Peter Korsgaard
parent 5b79a9cc47
commit 969fe10855
3 changed files with 2 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
package/oniguruma/0001-207-Out-of-bounds-write.patch
View File

@ -1,25 +0,0 @@
From cbe9f8bd9cfc6c3c87a60fbae58fa1a85db59df0 Mon Sep 17 00:00:00 2001
From: "K.Kosako" <kkosako0@gmail.com>
Date: Mon, 21 Sep 2020 12:58:29 +0900
Subject: [PATCH] #207: Out-of-bounds write
[Retrieved from:
https://github.com/kkos/oniguruma/commit/cbe9f8bd9cfc6c3c87a60fbae58fa1a85db59df0]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
src/regcomp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/regcomp.c b/src/regcomp.c
index f6494b6d..a0a68561 100644
--- a/src/regcomp.c
+++ b/src/regcomp.c
@@ -6257,7 +6257,7 @@ concat_opt_exact_str(OptStr* to, UChar* s, UChar* end, OnigEncoding enc)
for (i = to->len, p = s; p < end && i < OPT_EXACT_MAXLEN; ) {
len = enclen(enc, p);
- if (i + len > OPT_EXACT_MAXLEN) break;
+ if (i + len >= OPT_EXACT_MAXLEN) break;
for (j = 0; j < len && p < end; j++)
to->s[i++] = *p++;
}

2
package/oniguruma/oniguruma.hash
View File

@ -1,3 +1,3 @@
# Locally calculated
sha256 2f25cc3165e6da4b12dcabdb6b77c48f436d835e127ec2e3cad7abae9ea8e9a6 onig-6.9.5.tar.gz
sha256 bd0faeb887f748193282848d01ec2dad8943b5dfcb8dc03ed52dcc963549e819 onig-6.9.6.tar.gz
sha256 6c7038393e8f30fee16257e713f77e383712f1465d6d25929596746b10b42bd3 COPYING

5
package/oniguruma/oniguruma.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
ONIGURUMA_VERSION = 6.9.5
ONIGURUMA_VERSION = 6.9.6
ONIGURUMA_SITE = \
https://github.com/kkos/oniguruma/releases/download/v$(ONIGURUMA_VERSION)
ONIGURUMA_SOURCE = onig-$(ONIGURUMA_VERSION).tar.gz
@ -12,7 +12,4 @@ ONIGURUMA_LICENSE = BSD-2-Clause
ONIGURUMA_LICENSE_FILES = COPYING
ONIGURUMA_INSTALL_STAGING = YES
# 0001-207-Out-of-bounds-write.patch
ONIGURUMA_IGNORE_CVES += CVE-2020-26159
$(eval $(autotools-package))