Hello community, here is the log from the commit of package ki18n for openSUSE:Factory checked in at 2016-05-19 12:07:38 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ki18n (Old) and /work/SRC/openSUSE:Factory/.ki18n.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ki18n" Changes: -------- --- /work/SRC/openSUSE:Factory/ki18n/ki18n.changes 2016-04-12 19:18:12.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.ki18n.new/ki18n.changes 2016-05-19 12:07:39.000000000 +0200 @@ -1,0 +2,8 @@ +Sat May 7 18:31:57 UTC 2016 - [email protected] + +- Update to 5.22.0 (boo#980066) + * libgettext: Fix potential use-after-free using non-g++ compilers + * For more details please see: + https://www.kde.org/announcements/kde-frameworks-5.22.0.php + +------------------------------------------------------------------- Old: ---- ki18n-5.21.0.tar.xz New: ---- ki18n-5.22.0.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ki18n.spec ++++++ --- /var/tmp/diff_new_pack.1Xl85U/_old 2016-05-19 12:07:40.000000000 +0200 +++ /var/tmp/diff_new_pack.1Xl85U/_new 2016-05-19 12:07:40.000000000 +0200 @@ -18,9 +18,9 @@ %bcond_without lang %define lname libKF5I18n5 -%define _tar_path 5.21 +%define _tar_path 5.22 Name: ki18n -Version: 5.21.0 +Version: 5.22.0 Release: 0 BuildRequires: cmake >= 2.8.12 BuildRequires: extra-cmake-modules >= %{_tar_path} ++++++ ki18n-5.21.0.tar.xz -> ki18n-5.22.0.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ki18n-5.21.0/CMakeLists.txt new/ki18n-5.22.0/CMakeLists.txt --- old/ki18n-5.21.0/CMakeLists.txt 2016-04-03 22:53:40.000000000 +0200 +++ new/ki18n-5.22.0/CMakeLists.txt 2016-05-07 17:14:29.000000000 +0200 @@ -4,7 +4,7 @@ # ECM setup include(FeatureSummary) -find_package(ECM 5.21.0 NO_MODULE) +find_package(ECM 5.22.0 NO_MODULE) set_package_properties(ECM PROPERTIES TYPE REQUIRED DESCRIPTION "Extra CMake Modules." URL "https://projects.kde.org/projects/kdesupport/extra-cmake-modules";) feature_summary(WHAT REQUIRED_PACKAGES_NOT_FOUND FATAL_ON_MISSING_REQUIRED_PACKAGES) @@ -16,7 +16,7 @@ include(ECMSetupVersion) include(ECMGenerateHeaders) -set(KF5_VERSION "5.21.0") # handled by release scripts +set(KF5_VERSION "5.22.0") # handled by release scripts ecm_setup_version( ${KF5_VERSION} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ki18n-5.21.0/src/gettext.h new/ki18n-5.22.0/src/gettext.h --- old/ki18n-5.21.0/src/gettext.h 2016-04-03 22:53:40.000000000 +0200 +++ new/ki18n-5.22.0/src/gettext.h 2016-05-07 17:14:29.000000000 +0200 @@ -110,6 +110,7 @@ size_t msgctxt_len = strlen(msgctxt) + 1; size_t msgid_len = strlen(msgid) + 1; const char *translation; + int translation_found; #if _LIBGETTEXT_HAVE_VARIABLE_SIZE_ARRAYS char msg_ctxt_id[msgctxt_len + msgid_len]; #else @@ -125,12 +126,14 @@ msg_ctxt_id[msgctxt_len - 1] = '\004'; memcpy(msg_ctxt_id + msgctxt_len, msgid, msgid_len); translation = dgettext(domain, msg_ctxt_id); + /* Test must occur before msg_ctxt_id freed */ + translation_found = translation != msg_ctxt_id; #if !_LIBGETTEXT_HAVE_VARIABLE_SIZE_ARRAYS if (msg_ctxt_id != buf) { free(msg_ctxt_id); } #endif - if (translation != msg_ctxt_id) { + if (translation_found) { return translation; } } @@ -160,6 +163,7 @@ #if _LIBGETTEXT_HAVE_VARIABLE_SIZE_ARRAYS char msg_ctxt_id[msgctxt_len + msgid_len]; #else + int translation_found; char buf[1024]; char *msg_ctxt_id = (msgctxt_len + msgid_len <= sizeof(buf) @@ -172,12 +176,14 @@ msg_ctxt_id[msgctxt_len - 1] = '\004'; memcpy(msg_ctxt_id + msgctxt_len, msgid, msgid_len); translation = dngettext(domain, msg_ctxt_id, msgid_plural, n); + /* Test must occur before msg_ctxt_id freed */ + translation_found = !(translation == msg_ctxt_id || translation == msgid_plural); #if !_LIBGETTEXT_HAVE_VARIABLE_SIZE_ARRAYS if (msg_ctxt_id != buf) { free(msg_ctxt_id); } #endif - if (!(translation == msg_ctxt_id || translation == msgid_plural)) { + if (translation_found) { return translation; } }
