diff --git a/0002-Check-codepoint-validity-in-punycode_decode-and-puny.patch b/0002-Check-codepoint-validity-in-punycode_decode-and-puny.patch deleted file mode 100644 index 28f49b6..0000000 --- a/0002-Check-codepoint-validity-in-punycode_decode-and-puny.patch +++ /dev/null @@ -1,39 +0,0 @@ -From bd4d04075fa126552b31cd11aaa50dad72119e6a Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Tim=20R=C3=BChsen?= -Date: Fri, 6 Jul 2018 13:05:56 +0200 -Subject: [PATCH 2/3] Check codepoint validity in punycode_decode() and - punycode_decode() - -These functions were able to generate invalid unicode values resp. -invalid punycode. This is undocumented/unexpected behavior that can -lead to security vulns. - -Reported-by: Mike Schiffman (Farsight Security, Inc.) ---- - lib/punycode.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/lib/punycode.c b/lib/punycode.c -index d475b6d..f7c63e6 100644 ---- a/lib/punycode.c -+++ b/lib/punycode.c -@@ -228,6 +228,8 @@ punycode_encode (size_t input_length, - output[out++] = case_flags ? - encode_basic (input[j], case_flags[j]) : (char) input[j]; - } -+ else if (input[j] > 0x10FFFF) -+ return punycode_bad_input; - /* else if (input[j] < n) return punycode_bad_input; */ - /* (not needed for Punycode with unsigned code points) */ - } -@@ -418,6 +420,8 @@ punycode_decode (size_t input_length, - if (i / (out + 1) > maxint - n) - return punycode_overflow; - n += i / (out + 1); -+ if (n > 0x10FFFF) -+ return punycode_bad_input; - i %= (out + 1); - - /* Insert n at position i of the output: */ --- -1.8.3.1 diff --git a/0003-Fix-unlikely-memory-leak-in-idna_to_unicode_4z4z.patch b/0003-Fix-unlikely-memory-leak-in-idna_to_unicode_4z4z.patch deleted file mode 100644 index 70217f5..0000000 --- a/0003-Fix-unlikely-memory-leak-in-idna_to_unicode_4z4z.patch +++ /dev/null @@ -1,27 +0,0 @@ -From c0374862fc911c88febfab36aedfceaa9e5d7d50 Mon Sep 17 00:00:00 2001 -From: Miroslav Lichvar -Date: Tue, 10 Jul 2018 16:09:19 +0200 -Subject: [PATCH 3/3] Fix unlikely memory leak in idna_to_unicode_4z4z - ---- - lib/idna.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/lib/idna.c b/lib/idna.c -index 91e34f5..fae707c 100644 ---- a/lib/idna.c -+++ b/lib/idna.c -@@ -658,7 +658,10 @@ idna_to_unicode_4z4z (const uint32_t * input, uint32_t ** output, int flags) - buflen = (size_t) (end - start); - buf = malloc (sizeof (buf[0]) * (buflen + 1)); - if (!buf) -- return IDNA_MALLOC_ERROR; -+ { -+ free (out); -+ return IDNA_MALLOC_ERROR; -+ } - - /* don't check return code as per specification! */ - idna_to_unicode_44i (start, (size_t) (end - start), --- -1.8.3.1 diff --git a/0004-Fix-build-failure-in-csharp.patch b/0004-Fix-build-failure-in-csharp.patch deleted file mode 100644 index 2eb2169..0000000 --- a/0004-Fix-build-failure-in-csharp.patch +++ /dev/null @@ -1,68 +0,0 @@ -From fc03b00ddf68ef2075aa56dbaa0d1bbb19c5f7e1 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Tim=20R=C3=BChsen?= -Date: Fri, 24 May 2019 13:03:11 +0200 -Subject: Fix build failure in csharp/ - ---- - csharp/Makefile.am | 6 +++--- - lib/punycode.c | 7 +++++-- - 2 files changed, 8 insertions(+), 5 deletions(-) - -diff --git a/csharp/Makefile.am b/csharp/Makefile.am -index 7afdea9..4625738 100644 ---- a/csharp/Makefile.am -+++ b/csharp/Makefile.am -@@ -59,15 +59,15 @@ GenerateTables.exe: $(SOURCES_GENERATE) - `for src in $(SOURCES_GENERATE); do echo $(srcdir)/$$src; done` - if ! test -f rfc3454.txt; then \ - ln -s $(SPEC)/rfc3454.txt . \ -- || cp $(SPEC)/rfc3454.txt .; \ -+ || cp $(SPEC)/rfc3454.txt . || true; \ - fi - if ! test -f UnicodeData.txt; then \ - ln -s $(SPEC)/UnicodeData-3.2.0.txt UnicodeData.txt \ -- || cp $(SPEC)/UnicodeData-3.2.0.txt UnicodeData.txt; \ -+ || cp $(SPEC)/UnicodeData-3.2.0.txt UnicodeData.txt || true; \ - fi - if ! test -f CompositionExclusions.txt; then \ - ln -s $(SPEC)/CompositionExclusions-3.2.0.txt CompositionExclusions.txt \ -- || cp $(SPEC)/CompositionExclusions-3.2.0.txt CompositionExclusions.txt; \ -+ || cp $(SPEC)/CompositionExclusions-3.2.0.txt CompositionExclusions.txt || true; \ - fi - - RFC3454.cs CombiningClass.cs DecompositionKeys.cs DecompositionMappings.cs Composition.cs: $(GEN_SOURCES) -diff --git a/lib/punycode.c b/lib/punycode.c -index f7c63e6..bb5f34b 100644 ---- a/lib/punycode.c -+++ b/lib/punycode.c -@@ -228,7 +228,7 @@ punycode_encode (size_t input_length, - output[out++] = case_flags ? - encode_basic (input[j], case_flags[j]) : (char) input[j]; - } -- else if (input[j] > 0x10FFFF) -+ else if (input[j] > 0x10FFFF || (input[j] >= 0xD800 && input[j] <= 0xDBFF)) - return punycode_bad_input; - /* else if (input[j] < n) return punycode_bad_input; */ - /* (not needed for Punycode with unsigned code points) */ -@@ -378,6 +378,9 @@ punycode_decode (size_t input_length, - return punycode_bad_input; - output[out++] = input[j]; - } -+ for (j = b + (b > 0); j < input_length; ++j) -+ if (!basic (input[j])) -+ return punycode_bad_input; - - /* Main decoding loop: Start just after the last delimiter if any */ - /* basic code points were copied; start at the beginning otherwise. */ -@@ -420,7 +423,7 @@ punycode_decode (size_t input_length, - if (i / (out + 1) > maxint - n) - return punycode_overflow; - n += i / (out + 1); -- if (n > 0x10FFFF) -+ if (n > 0x10FFFF || (n >= 0xD800 && n <= 0xDBFF)) - return punycode_bad_input; - i %= (out + 1); - --- -cgit v1.0-41-gc330 - diff --git a/libidn-1.35.tar.gz b/libidn-1.35.tar.gz deleted file mode 100644 index 31edbc8..0000000 Binary files a/libidn-1.35.tar.gz and /dev/null differ diff --git a/libidn-1.36.tar.gz b/libidn-1.36.tar.gz new file mode 100644 index 0000000..f1d590f Binary files /dev/null and b/libidn-1.36.tar.gz differ diff --git a/libidn.spec b/libidn.spec index 0485d5a..56b7f83 100644 --- a/libidn.spec +++ b/libidn.spec @@ -1,17 +1,12 @@ %bcond_with java Name: libidn -Version: 1.35 -Release: 8 +Version: 1.36 +Release: 1 Summary: GNU IDN Library - Libidn License: LGPLv2+ and GPLv3+ and GFDL URL: http://www.gnu.org/software/libidn/ Source0: http://ftp.gnu.org/gnu/libidn/libidn-%{version}.tar.gz -Patch6000: 0002-Check-codepoint-validity-in-punycode_decode-and-puny.patch -#patch from RedHat fix memory leak -Patch6001: 0003-Fix-unlikely-memory-leak-in-idna_to_unicode_4z4z.patch -Patch6002: 0004-Fix-build-failure-in-csharp.patch - BuildRequires: autoconf autoconf-archive automake libtool texinfo BuildRequires: gcc gettext gettext-devel pkgconfig help2man emacs @@ -123,6 +118,12 @@ rm -rf $RPM_BUILD_ROOT%{_javadir}/libidn*.jar %{_infodir}/%{name}.info.gz %changelog +* Tue Jul 28 2020 yang_zhuang_zhuang - 1.36-1 +- Type:enhancement +- ID:NA +- SUG:NA +- DESC:update version to 1.36 + * Wed Jan 8 2020 chengquan - 1.35-9 - Type:NA - ID:NA