diff options
author | Mike Frysinger <vapier@gentoo.org> | 2016-03-30 19:29:53 -0400 |
---|---|---|
committer | Mike Frysinger <vapier@gentoo.org> | 2016-03-30 19:47:43 -0400 |
commit | 6ef97cb24a97b21cf46d077f8ba9dd363db4e44d (patch) | |
tree | 328b6df8a5bcba41e154fc44202c1800709a79d2 /dev-libs/libpcre/files | |
parent | dev-libs/libpwquality: drop old <1.3.0 versions (diff) | |
download | gentoo-6ef97cb24a97b21cf46d077f8ba9dd363db4e44d.tar.gz gentoo-6ef97cb24a97b21cf46d077f8ba9dd363db4e44d.tar.bz2 gentoo-6ef97cb24a97b21cf46d077f8ba9dd363db4e44d.zip |
dev-libs/libpcre: drop old 8.3[567] versions
Diffstat (limited to 'dev-libs/libpcre/files')
-rw-r--r-- | dev-libs/libpcre/files/libpcre-8.37-CVE-2015-3210.patch | 91 | ||||
-rw-r--r-- | dev-libs/libpcre/files/libpcre-8.37-CVE-2015-5073.patch | 72 |
2 files changed, 0 insertions, 163 deletions
diff --git a/dev-libs/libpcre/files/libpcre-8.37-CVE-2015-3210.patch b/dev-libs/libpcre/files/libpcre-8.37-CVE-2015-3210.patch deleted file mode 100644 index 8199b0838d8f..000000000000 --- a/dev-libs/libpcre/files/libpcre-8.37-CVE-2015-3210.patch +++ /dev/null @@ -1,91 +0,0 @@ -https://bugs.exim.org/show_bug.cgi?id=1636 -https://bugs.gentoo.org/551240 -https://bugzilla.redhat.com/1236659 - -From 68ff1beb43bb3d4d8838f3285c97023d1e50513a Mon Sep 17 00:00:00 2001 -From: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15> -Date: Fri, 15 May 2015 17:17:03 +0000 -Subject: [PATCH] Fix buffer overflow for named recursive back reference when - the name is duplicated. -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Upstream commit ported to pcre-8.37: - -commit 4b79af6b4cbeb5326ae5e4d83f3e935e00286c19 -Author: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15> -Date: Fri May 15 17:17:03 2015 +0000 - - Fix buffer overflow for named recursive back reference when the name is - duplicated. - - git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1558 2f5784b3-3f2a-0410-8824-cb99058d5e15 - -This fixes CVE-2015-3210. - -Signed-off-by: Petr Písař <ppisar@redhat.com> ---- - pcre_compile.c | 16 ++++++++++++++-- - testdata/testinput2 | 2 ++ - testdata/testoutput2 | 2 ++ - 3 files changed, 18 insertions(+), 2 deletions(-) - -diff --git a/pcre_compile.c b/pcre_compile.c -index 0efad26..6f06912 100644 ---- a/pcre_compile.c -+++ b/pcre_compile.c -@@ -7173,14 +7173,26 @@ for (;; ptr++) - number. If the name is not found, set the value to 0 for a forward - reference. */ - -+ recno = 0; - ng = cd->named_groups; - for (i = 0; i < cd->names_found; i++, ng++) - { - if (namelen == ng->length && - STRNCMP_UC_UC(name, ng->name, namelen) == 0) -- break; -+ { -+ open_capitem *oc; -+ recno = ng->number; -+ if (is_recurse) break; -+ for (oc = cd->open_caps; oc != NULL; oc = oc->next) -+ { -+ if (oc->number == recno) -+ { -+ oc->flag = TRUE; -+ break; -+ } -+ } -+ } - } -- recno = (i < cd->names_found)? ng->number : 0; - - /* Count named back references. */ - -diff --git a/testdata/testinput2 b/testdata/testinput2 -index 58fe53b..83bb471 100644 ---- a/testdata/testinput2 -+++ b/testdata/testinput2 -@@ -4152,4 +4152,6 @@ backtracking verbs. --/ - - /((?2){73}(?2))((?1))/ - -+"(?J)(?'d'(?'d'\g{d}))" -+ - /-- End of testinput2 --/ -diff --git a/testdata/testoutput2 b/testdata/testoutput2 -index b718df0..7dff52a 100644 ---- a/testdata/testoutput2 -+++ b/testdata/testoutput2 -@@ -14423,4 +14423,6 @@ Failed: lookbehind assertion is not fixed length at offset 17 - - /((?2){73}(?2))((?1))/ - -+"(?J)(?'d'(?'d'\g{d}))" -+ - /-- End of testinput2 --/ --- -2.4.3 - diff --git a/dev-libs/libpcre/files/libpcre-8.37-CVE-2015-5073.patch b/dev-libs/libpcre/files/libpcre-8.37-CVE-2015-5073.patch deleted file mode 100644 index a97ea392fab4..000000000000 --- a/dev-libs/libpcre/files/libpcre-8.37-CVE-2015-5073.patch +++ /dev/null @@ -1,72 +0,0 @@ -https://bugs.exim.org/show_bug.cgi?id=1651 -https://bugs.gentoo.org/553300 -https://bugzilla.redhat.com/1237224 - -From 354e1f8e921dcb9cf2f3a5eac93cd826d01a7d8a Mon Sep 17 00:00:00 2001 -From: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15> -Date: Tue, 23 Jun 2015 16:34:53 +0000 -Subject: [PATCH] Fix buffer overflow for forward reference within backward - assertion with excess closing parenthesis. Bugzilla 1651. -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This is upstream commit ported to 8.37: - -commit 764692f9aea9eab50fdba6cb537441d8b34c6c37 -Author: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15> -Date: Tue Jun 23 16:34:53 2015 +0000 - - Fix buffer overflow for forward reference within backward assertion with excess - closing parenthesis. Bugzilla 1651. - - git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1571 2f5784b3-3f2a-0410-8824-cb99058d5e15 - -It fixes CVE-2015-5073. - -Signed-off-by: Petr Písař <ppisar@redhat.com> ---- - pcre_compile.c | 2 +- - testdata/testinput2 | 2 ++ - testdata/testoutput2 | 3 +++ - 3 files changed, 6 insertions(+), 1 deletion(-) - -diff --git a/pcre_compile.c b/pcre_compile.c -index 6f06912..b66b1f6 100644 ---- a/pcre_compile.c -+++ b/pcre_compile.c -@@ -9392,7 +9392,7 @@ OP_RECURSE that are not fixed length get a diagnosic with a useful offset. The - exceptional ones forgo this. We scan the pattern to check that they are fixed - length, and set their lengths. */ - --if (cd->check_lookbehind) -+if (errorcode == 0 && cd->check_lookbehind) - { - pcre_uchar *cc = (pcre_uchar *)codestart; - -diff --git a/testdata/testinput2 b/testdata/testinput2 -index 83bb471..5cc9ce6 100644 ---- a/testdata/testinput2 -+++ b/testdata/testinput2 -@@ -4154,4 +4154,6 @@ backtracking verbs. --/ - - "(?J)(?'d'(?'d'\g{d}))" - -+/(?=di(?<=(?1))|(?=(.))))/ -+ - /-- End of testinput2 --/ -diff --git a/testdata/testoutput2 b/testdata/testoutput2 -index 7dff52a..4decb8d 100644 ---- a/testdata/testoutput2 -+++ b/testdata/testoutput2 -@@ -14425,4 +14425,7 @@ Failed: lookbehind assertion is not fixed length at offset 17 - - "(?J)(?'d'(?'d'\g{d}))" - -+/(?=di(?<=(?1))|(?=(.))))/ -+Failed: unmatched parentheses at offset 23 -+ - /-- End of testinput2 --/ --- -2.4.3 - |