update version to 1.36

0002-Check-codepoint-validity-in-punycode_decode-and-puny.patch

@@ -1,39 +0,0 @@
-From bd4d04075fa126552b31cd11aaa50dad72119e6a Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
-Date: Fri, 6 Jul 2018 13:05:56 +0200
-Subject: [PATCH 2/3] Check codepoint validity in punycode_decode() and
- punycode_decode()
-
-These functions were able to generate invalid unicode values resp.
-invalid punycode. This is undocumented/unexpected behavior that can
-lead to security vulns.
-
-Reported-by: Mike Schiffman (Farsight Security, Inc.)
----
- lib/punycode.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/lib/punycode.c b/lib/punycode.c
-index d475b6d..f7c63e6 100644
---- a/lib/punycode.c
-+++ b/lib/punycode.c
-@@ -228,6 +228,8 @@ punycode_encode (size_t input_length,
- 	  output[out++] = case_flags ?
- 	    encode_basic (input[j], case_flags[j]) : (char) input[j];
- 	}
-+      else if (input[j] > 0x10FFFF)
-+	return punycode_bad_input;
-       /* else if (input[j] < n) return punycode_bad_input; */
-       /* (not needed for Punycode with unsigned code points) */
-     }
-@@ -418,6 +420,8 @@ punycode_decode (size_t input_length,
-       if (i / (out + 1) > maxint - n)
- 	return punycode_overflow;
-       n += i / (out + 1);
-+      if (n > 0x10FFFF)
-+	return punycode_bad_input;
-       i %= (out + 1);
- 
-       /* Insert n at position i of the output: */
--- 
-1.8.3.1

0003-Fix-unlikely-memory-leak-in-idna_to_unicode_4z4z.patch

@@ -1,27 +0,0 @@
-From c0374862fc911c88febfab36aedfceaa9e5d7d50 Mon Sep 17 00:00:00 2001
-From: Miroslav Lichvar <mlichvar@redhat.com>
-Date: Tue, 10 Jul 2018 16:09:19 +0200
-Subject: [PATCH 3/3] Fix unlikely memory leak in idna_to_unicode_4z4z
-
----
- lib/idna.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/lib/idna.c b/lib/idna.c
-index 91e34f5..fae707c 100644
---- a/lib/idna.c
-+++ b/lib/idna.c
-@@ -658,7 +658,10 @@ idna_to_unicode_4z4z (const uint32_t * input, uint32_t ** output, int flags)
-       buflen = (size_t) (end - start);
-       buf = malloc (sizeof (buf[0]) * (buflen + 1));
-       if (!buf)
--	return IDNA_MALLOC_ERROR;
-+	{
-+	  free (out);
-+	  return IDNA_MALLOC_ERROR;
-+	}
- 
-       /* don't check return code as per specification! */
-       idna_to_unicode_44i (start, (size_t) (end - start),
--- 
-1.8.3.1

0004-Fix-build-failure-in-csharp.patch

@@ -1,68 +0,0 @@
-From fc03b00ddf68ef2075aa56dbaa0d1bbb19c5f7e1 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
-Date: Fri, 24 May 2019 13:03:11 +0200
-Subject: Fix build failure in csharp/
-
----
- csharp/Makefile.am | 6 +++---
- lib/punycode.c     | 7 +++++--
- 2 files changed, 8 insertions(+), 5 deletions(-)
-
-diff --git a/csharp/Makefile.am b/csharp/Makefile.am
-index 7afdea9..4625738 100644
---- a/csharp/Makefile.am
-+++ b/csharp/Makefile.am
-@@ -59,15 +59,15 @@ GenerateTables.exe: $(SOURCES_GENERATE)
- 		`for src in $(SOURCES_GENERATE); do echo $(srcdir)/$$src; done`
- 	if ! test -f rfc3454.txt; then \
- 		ln -s $(SPEC)/rfc3454.txt . \
--		|| cp $(SPEC)/rfc3454.txt .; \
-+		|| cp $(SPEC)/rfc3454.txt . || true; \
- 	fi
- 	if ! test -f UnicodeData.txt; then \
- 		ln -s $(SPEC)/UnicodeData-3.2.0.txt UnicodeData.txt \
--		|| cp $(SPEC)/UnicodeData-3.2.0.txt UnicodeData.txt; \
-+		|| cp $(SPEC)/UnicodeData-3.2.0.txt UnicodeData.txt || true; \
- 	fi
- 	if ! test -f CompositionExclusions.txt; then \
- 		ln -s $(SPEC)/CompositionExclusions-3.2.0.txt CompositionExclusions.txt \
--		|| cp $(SPEC)/CompositionExclusions-3.2.0.txt CompositionExclusions.txt; \
-+		|| cp $(SPEC)/CompositionExclusions-3.2.0.txt CompositionExclusions.txt || true; \
- 	fi
- 
- RFC3454.cs CombiningClass.cs DecompositionKeys.cs DecompositionMappings.cs Composition.cs: $(GEN_SOURCES)
-diff --git a/lib/punycode.c b/lib/punycode.c
-index f7c63e6..bb5f34b 100644
---- a/lib/punycode.c
-+++ b/lib/punycode.c
-@@ -228,7 +228,7 @@ punycode_encode (size_t input_length,
- 	  output[out++] = case_flags ?
- 	    encode_basic (input[j], case_flags[j]) : (char) input[j];
- 	}
--      else if (input[j] > 0x10FFFF)
-+      else if (input[j] > 0x10FFFF || (input[j] >= 0xD800 && input[j] <= 0xDBFF))
- 	return punycode_bad_input;
-       /* else if (input[j] < n) return punycode_bad_input; */
-       /* (not needed for Punycode with unsigned code points) */
-@@ -378,6 +378,9 @@ punycode_decode (size_t input_length,
- 	return punycode_bad_input;
-       output[out++] = input[j];
-     }
-+  for (j = b + (b > 0);  j < input_length;  ++j)
-+    if (!basic (input[j]))
-+      return punycode_bad_input;
- 
-   /* Main decoding loop:  Start just after the last delimiter if any  */
-   /* basic code points were copied; start at the beginning otherwise. */
-@@ -420,7 +423,7 @@ punycode_decode (size_t input_length,
-       if (i / (out + 1) > maxint - n)
- 	return punycode_overflow;
-       n += i / (out + 1);
--      if (n > 0x10FFFF)
-+      if (n > 0x10FFFF  || (n >= 0xD800 && n <= 0xDBFF))
- 	return punycode_bad_input;
-       i %= (out + 1);
- 
--- 
-cgit v1.0-41-gc330
-

libidn.spec

@@ -1,17 +1,12 @@
 %bcond_with java 
 Name:     libidn
-Version:  1.35
-Release:  8
+Version:  1.36
+Release:  1
 Summary:  GNU IDN Library - Libidn
 License:  LGPLv2+ and GPLv3+ and GFDL
 URL:	  http://www.gnu.org/software/libidn/
 Source0:  http://ftp.gnu.org/gnu/libidn/libidn-%{version}.tar.gz
 
-Patch6000: 0002-Check-codepoint-validity-in-punycode_decode-and-puny.patch
-#patch from RedHat fix memory leak
-Patch6001: 0003-Fix-unlikely-memory-leak-in-idna_to_unicode_4z4z.patch
-Patch6002: 0004-Fix-build-failure-in-csharp.patch
-
 BuildRequires: autoconf autoconf-archive automake libtool texinfo
 BuildRequires: gcc gettext gettext-devel pkgconfig help2man emacs
 
@@ -123,6 +118,12 @@ rm -rf $RPM_BUILD_ROOT%{_javadir}/libidn*.jar
 %{_infodir}/%{name}.info.gz
 
 %changelog
+* Tue Jul 28 2020 yang_zhuang_zhuang <yangzhuangzhuang1@huawei.com> - 1.36-1
+- Type:enhancement
+- ID:NA
+- SUG:NA
+- DESC:update version to 1.36
+
 * Wed Jan 8 2020 chengquan <chengquan3@huawei.com> - 1.35-9
 - Type:NA
 - ID:NA