[arch-commits] Commit in pcre/trunk (01-CVE-2016-1283.patch PKGBUILD)
Date: Friday, June 17, 2016 @ 23:36:55 Author: seblu Revision: 270161 upgpkg: pcre 8.39-1 Modified: pcre/trunk/PKGBUILD Deleted: pcre/trunk/01-CVE-2016-1283.patch + 01-CVE-2016-1283.patch | 18 -- PKGBUILD | 12 +--- 2 files changed, 5 insertions(+), 25 deletions(-) Deleted: 01-CVE-2016-1283.patch === --- 01-CVE-2016-1283.patch 2016-06-17 21:18:22 UTC (rev 270160) +++ 01-CVE-2016-1283.patch 2016-06-17 23:36:55 UTC (rev 270161) @@ -1,18 +0,0 @@ -Index: pcre_compile.c -=== a/pcre_compile.c (revision 1635) -+++ b/pcre_compile.c (revision 1636) -@@ -7311,7 +7311,12 @@ - so far in order to get the number. If the name is not found, leave - the value of recno as 0 for a forward reference. */ - -- else -+ /* This patch (removing "else") fixes a problem when a reference is -+ to multiple identically named nested groups from within the nest. -+ Once again, it is not the "proper" fix, and it results in an -+ over-allocation of memory. */ -+ -+ /* else */ - { - ng = cd->named_groups; - for (i = 0; i < cd->names_found; i++, ng++) Modified: PKGBUILD === --- PKGBUILD2016-06-17 21:18:22 UTC (rev 270160) +++ PKGBUILD2016-06-17 23:36:55 UTC (rev 270161) @@ -5,8 +5,8 @@ # Contributor: John Proctorpkgname=pcre -pkgver=8.38 -pkgrel=3 +pkgver=8.39 +pkgrel=1 pkgdesc='A library that implements Perl 5-style regular expressions' arch=('i686' 'x86_64') url='http://www.pcre.org/' @@ -13,11 +13,9 @@ license=('BSD') depends=('gcc-libs' 'readline' 'zlib' 'bzip2' 'bash') validpgpkeys=('45F68D54BBE23FB3039B46E59766E084FB0F43D8') # Philip Hazel -source=("ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/$pkgname-$pkgver.tar.bz2"{,.sig} -'01-CVE-2016-1283.patch') -md5sums=('00aabbfe56d5a48b270f999b508c5ad2' - 'SKIP' - '722aba6455a3f0240eaa22289f0176a0') +source=("ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/$pkgname-$pkgver.tar.bz2"{,.sig}) +md5sums=('e3fca7650a0556a2647821679d81f585' + 'SKIP') prepare() { cd $pkgname-$pkgver
[arch-commits] Commit in pcre/trunk (01-CVE-2016-1283.patch PKGBUILD)
Date: Saturday, March 12, 2016 @ 16:27:40 Author: seblu Revision: 261359 upgpkg: pcre 8.38-3 Added: pcre/trunk/01-CVE-2016-1283.patch Modified: pcre/trunk/PKGBUILD + 01-CVE-2016-1283.patch | 18 ++ PKGBUILD | 14 +++--- 2 files changed, 29 insertions(+), 3 deletions(-) Added: 01-CVE-2016-1283.patch === --- 01-CVE-2016-1283.patch (rev 0) +++ 01-CVE-2016-1283.patch 2016-03-12 15:27:40 UTC (rev 261359) @@ -0,0 +1,18 @@ +Index: pcre_compile.c +=== +--- a/pcre_compile.c (revision 1635) b/pcre_compile.c (revision 1636) +@@ -7311,7 +7311,12 @@ + so far in order to get the number. If the name is not found, leave + the value of recno as 0 for a forward reference. */ + +- else ++ /* This patch (removing "else") fixes a problem when a reference is ++ to multiple identically named nested groups from within the nest. ++ Once again, it is not the "proper" fix, and it results in an ++ over-allocation of memory. */ ++ ++ /* else */ + { + ng = cd->named_groups; + for (i = 0; i < cd->names_found; i++, ng++) Modified: PKGBUILD === --- PKGBUILD2016-03-12 12:02:27 UTC (rev 261358) +++ PKGBUILD2016-03-12 15:27:40 UTC (rev 261359) @@ -6,7 +6,7 @@ pkgname=pcre pkgver=8.38 -pkgrel=2 +pkgrel=3 pkgdesc='A library that implements Perl 5-style regular expressions' arch=('i686' 'x86_64') url='http://www.pcre.org/' @@ -13,10 +13,18 @@ license=('BSD') depends=('gcc-libs' 'readline' 'zlib' 'bzip2' 'bash') validpgpkeys=('45F68D54BBE23FB3039B46E59766E084FB0F43D8') # Philip Hazel -source=("ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/$pkgname-$pkgver.tar.bz2"{,.sig}) +source=("ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/$pkgname-$pkgver.tar.bz2"{,.sig} +'01-CVE-2016-1283.patch') md5sums=('00aabbfe56d5a48b270f999b508c5ad2' - 'SKIP') + 'SKIP' + '722aba6455a3f0240eaa22289f0176a0') +prepare() { + for _f in "${source[@]}"; do +[[ "$_f" =~ \.patch$ ]] && { msg2 "$_f"; patch -p1 -d $pkgname-$pkgver < "$_f"; } + done + : +} build() { cd $pkgname-$pkgver