diff options
author | BuildTools | 2016-03-18 04:36:02 -0700 |
---|---|---|
committer | BuildTools | 2016-03-18 04:36:02 -0700 |
commit | 330bad919e31fd5b1ce8b4aa8486916b70622cd2 (patch) | |
tree | 00dee0818c7f5c1193b2a51d5cbe2b319bb0243f | |
parent | 4eb0c658029a67c7a23fd438636f1665ddaf1aff (diff) | |
download | aur-330bad919e31fd5b1ce8b4aa8486916b70622cd2.tar.gz |
patch 01-CVE-2016-1283 added
-rw-r--r-- | .SRCINFO | 6 | ||||
-rw-r--r-- | 01-CVE-2016-1283.patch | 18 | ||||
-rw-r--r-- | PKGBUILD | 20 |
3 files changed, 39 insertions, 5 deletions
@@ -1,9 +1,9 @@ # Generated by mksrcinfo v8 -# Tue Dec 8 01:08:27 UTC 2015 +# Fri Mar 18 11:35:17 UTC 2016 pkgbase = mingw-w64-pcre pkgdesc = A library that implements Perl 5-style regular expressions (mingw-w64) pkgver = 8.38 - pkgrel = 1 + pkgrel = 2 url = http://www.pcre.org/ arch = any license = BSD @@ -14,8 +14,10 @@ pkgbase = mingw-w64-pcre options = !buildflags source = ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.38.tar.bz2 source = ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.38.tar.bz2.sig + source = 01-CVE-2016-1283.patch md5sums = 00aabbfe56d5a48b270f999b508c5ad2 md5sums = SKIP + md5sums = 722aba6455a3f0240eaa22289f0176a0 pkgname = mingw-w64-pcre diff --git a/01-CVE-2016-1283.patch b/01-CVE-2016-1283.patch new file mode 100644 index 000000000000..2c2dad29e929 --- /dev/null +++ b/01-CVE-2016-1283.patch @@ -0,0 +1,18 @@ +Index: pcre_compile.c +=================================================================== +--- a/pcre_compile.c (revision 1635) ++++ b/pcre_compile.c (revision 1636) +@@ -7311,7 +7311,12 @@ + so far in order to get the number. If the name is not found, leave + the value of recno as 0 for a forward reference. */ + +- else ++ /* This patch (removing "else") fixes a problem when a reference is ++ to multiple identically named nested groups from within the nest. ++ Once again, it is not the "proper" fix, and it results in an ++ over-allocation of memory. */ ++ ++ /* else */ + { + ng = cd->named_groups; + for (i = 0; i < cd->names_found; i++, ng++) @@ -1,6 +1,6 @@ pkgname=mingw-w64-pcre pkgver=8.38 -pkgrel=1 +pkgrel=2 pkgdesc="A library that implements Perl 5-style regular expressions (mingw-w64)" arch=(any) url="http://www.pcre.org/" @@ -8,13 +8,27 @@ license=("BSD") makedepends=(mingw-w64-configure) depends=(mingw-w64-crt) options=(staticlibs !strip !buildflags) -source=("ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-$pkgver.tar.bz2"{,.sig}) +source=("ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-$pkgver.tar.bz2"{,.sig} +"01-CVE-2016-1283.patch") validpgpkeys=('45F68D54BBE23FB3039B46E59766E084FB0F43D8') # Philip Hazel md5sums=('00aabbfe56d5a48b270f999b508c5ad2' - 'SKIP') + 'SKIP' + '722aba6455a3f0240eaa22289f0176a0') _architectures="i686-w64-mingw32 x86_64-w64-mingw32" +prepare() { + cd "$srcdir/pcre-$pkgver" + # apply patch from the source array (should be a pacman feature) + local filename + for filename in "${source[@]}"; do + if [[ "$filename" =~ \.patch$ ]]; then + patch -p1 -N -i "$srcdir/$filename" + fi + done + : +} + build() { cd "$srcdir/pcre-$pkgver" for _arch in ${_architectures}; do |