summaryrefslogtreecommitdiffstats
path: root/oniguruma.spec
diff options
context:
space:
mode:
authorRemi Collet <remi@remirepo.net>2019-07-15 15:47:22 +0200
committerRemi Collet <remi@remirepo.net>2019-07-15 15:47:22 +0200
commit558251d3ce37b751b4d3e263577e4252b441a92b (patch)
treedd3ff28d074ba25c8b52e5155476a4167c160631 /oniguruma.spec
parent7af69d0e975f27cd4141ebf2f365032ac17c5150 (diff)
add security fixes from Fedora
Diffstat (limited to 'oniguruma.spec')
-rw-r--r--oniguruma.spec28
1 files changed, 26 insertions, 2 deletions
diff --git a/oniguruma.spec b/oniguruma.spec
index 82e042d..03d8dd2 100644
--- a/oniguruma.spec
+++ b/oniguruma.spec
@@ -23,13 +23,21 @@ Name: %{libname}
%else
Name: %{libname}%{soname}
%endif
-Version: 6.9.1
-Release: 1%{?dist}
+Version: 6.9.2
+Release: 2%{?dist}
Summary: Regular expressions library
License: BSD
URL: https://github.com/kkos/oniguruma/
Source0: https://github.com/kkos/oniguruma/releases/download/v%{version}/onig-%{version}.tar.gz
+# upstream patches
+Patch10: 0010-Fix-CVE-2019-13225-problem-in-converting-if-then-els.patch
+#Patch11: 0011-Fix-CVE-2019-13224-don-t-allow-different-encodings-f.patch
+# Not use Patch11 for F-30 and below, this is almost API change (deprecation of API) in
+# onig_new_deluxe() and this change should be avoided (if possible) in stable
+# branch
+# Instead use another fix
+Patch101: 0101-onig_new_deluxe-don-t-free-new-pattern-if-success.patch
BuildRequires: gcc
@@ -80,6 +88,10 @@ for f in \
done
%endif
+%patch10 -p1 -b .CVE-2019-13225
+#%%patch11 -p1 -b .CVE-2019-13224
+%patch101 -p1 -b .CVE-2019-13224
+
%build
%configure \
@@ -125,6 +137,8 @@ find $RPM_BUILD_ROOT -name '*.la' \
%doc doc/CALLOUTS.BUILTIN
%doc doc/FAQ
%doc doc/RE
+%doc doc/SYNTAX.md
+%doc doc/UNICODE_PROPERTIES
%lang(ja) %doc doc/API.ja
%lang(ja) %doc doc/CALLOUTS.API.ja
%lang(ja) %doc doc/CALLOUTS.BUILTIN.ja
@@ -139,6 +153,16 @@ find $RPM_BUILD_ROOT -name '*.la' \
%changelog
+* Mon Jul 15 2019 Remi Collet <remi@remirepo.net> -6.9.2-2
+- add security fixes from Fedora
+
+* Fri Jul 12 2019 Mamoru TASAKA <mtasaka@fedoraproject.org> - 6.9.2-2
+- Upstream patch for CVE-2019-13225 (#1728966)
+- NON-upstream patch for CVE-2019-13224 (#1728971)
+
+* Mon May 13 2019 Remi Collet <remi@remirepo.net> -6.9.2-1
+- update to 6.9.2
+
* Mon Apr 1 2019 Remi Collet <remi@remirepo.net> -6.9.1-1
- rename to oniguruma5 to allow parallel installation
beside old oniguruma version