packages/aspell
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!19 fix CVE-2019-20433

Browse Source 
From: @starlet-dx
Reviewed-by: @small_leek
Signed-off-by: @small_leek
This commit is contained in:
openeuler-ci-bot 2021-09-29 01:26:18 +00:00 committed by Gitee
commit a390485c50
3 changed files with 1269 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1207
CVE-2019-20433-1.patch Normal file
View File

File diff suppressed because it is too large Load Diff

56
CVE-2019-20433-2.patch Normal file
View File

@ -0,0 +1,56 @@
From cefd447e5528b08bb0cd6656bc52b4255692cefc Mon Sep 17 00:00:00 2001
From: Kevin Atkinson <kevina@gnu.org>
Date: Sat, 17 Aug 2019 20:25:21 -0400
Subject: [PATCH] Increment library version to reflect API changes.
---
Makefile.am | 24 +++++++++++++++++-------
1 file changed, 17 insertions(+), 7 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index 950319d..3bbadb7 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -93,10 +93,24 @@ libaspell_la_SOURCES =\
libaspell_la_LIBADD = $(LTLIBINTL) $(PTHREAD_LIB)
+## The version string is current[:revision[:age]]
+##
+## Before a release that has changed the source code at all
+## increment revision.
+##
+## After merging changes that have changed the API in a backwards
+## comptable way set revision to 0 and bump both current and age.
+##
+## Do not change the API in a backwards incompatible way.
+##
+## See "Libtool: Updating version info"
+## (https://www.gnu.org/software/libtool/manual/html_node/Updating-version-info.html)
+## for more into
+##
if INCREMENTED_SONAME
-libaspell_la_LDFLAGS = -version-info 16:5:0 -no-undefined
+libaspell_la_LDFLAGS = -version-info 19:0:3 -no-undefined
else
-libaspell_la_LDFLAGS = -version-info 16:5:1 -no-undefined
+libaspell_la_LDFLAGS = -version-info 18:0:3 -no-undefined
endif
if PSPELL_COMPATIBILITY
@@ -104,11 +118,7 @@ libpspell_la_SOURCES = lib/dummy.cpp
libpspell_la_LIBADD = libaspell.la
-if INCREMENTED_SONAME
-libpspell_la_LDFLAGS = -version-info 16:5:0 -no-undefined
-else
-libpspell_la_LDFLAGS = -version-info 16:5:1 -no-undefined
-endif
+libpspell_la_LDFLAGS = $(libaspell_la_LDFLAGS)
endif
--
2.27.0

7
aspell.spec
View File

@ -1,6 +1,6 @@
Name: aspell Name: aspell
Version: 0.60.6.1 Version: 0.60.6.1
Release: 28 Release: 29
Summary: Spell checker Summary: Spell checker
Epoch: 12 Epoch: 12
License: LGPLv2+ and LGPLv2 and GPLv2+ and BSD License: LGPLv2+ and LGPLv2 and GPLv2+ and BSD
@ -18,6 +18,8 @@ Patch0007: aspell-0.60.6.1-gcc7-fixes.patch
Patch0008: aspell-0.60.6.1-fix-back-on-empty-vector.patch Patch0008: aspell-0.60.6.1-fix-back-on-empty-vector.patch
Patch0009: CVE-2019-17544.patch Patch0009: CVE-2019-17544.patch
Patch0010: CVE-2019-25051.patch Patch0010: CVE-2019-25051.patch
Patch0011: CVE-2019-20433-1.patch
Patch0012: CVE-2019-20433-2.patch
BuildRequires: chrpath gettext ncurses-devel pkgconfig perl-interpreter gcc-c++ BuildRequires: chrpath gettext ncurses-devel pkgconfig perl-interpreter gcc-c++
@ -112,6 +114,9 @@ rm -rf ${RPM_BUILD_ROOT}%{_mandir}/man1/aspell-import.1
%{_mandir}/man1/pspell-config.1* %{_mandir}/man1/pspell-config.1*
%changelog %changelog
* Tue Sep 28 2021 yaoxin<yaoxin30@huawei.com> - 12:0.60.6.1-29
- fix CVE-2019-20433
* Thu Sep 23 2021 liwu<liwu13@huawei.com> - 12:0.60.6.1-28 * Thu Sep 23 2021 liwu<liwu13@huawei.com> - 12:0.60.6.1-28
- fix CVE-2019-25051 - fix CVE-2019-25051