diff options
-rw-r--r-- | main/pcre/APKBUILD | 27 | ||||
-rw-r--r-- | main/pcre/CVE-2015-3210.patch | 87 | ||||
-rw-r--r-- | main/pcre/CVE-2015-3217.patch | 59 | ||||
-rw-r--r-- | main/pcre/CVE-2015-5073.patch | 14 |
4 files changed, 7 insertions, 180 deletions
diff --git a/main/pcre/APKBUILD b/main/pcre/APKBUILD index 3e67bdea67..650ead8682 100644 --- a/main/pcre/APKBUILD +++ b/main/pcre/APKBUILD @@ -1,18 +1,14 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=pcre -pkgver=8.37 -pkgrel=2 +pkgver=8.38 +pkgrel=0 pkgdesc="Perl-compatible regular expression library" url="http://pcre.sourceforge.net" arch="all" license="BSD" depends= makedepends="" -source="ftp://ftp.csx.cam.ac.uk/pub/software/programming/$pkgname/$pkgname-$pkgver.tar.bz2 - CVE-2015-3210.patch - CVE-2015-3217.patch - CVE-2015-5073.patch - " +source="ftp://ftp.csx.cam.ac.uk/pub/software/programming/$pkgname/$pkgname-$pkgver.tar.bz2" subpackages="$pkgname-dev $pkgname-doc $pkgname-tools libpcrecpp libpcre16 libpcre32" @@ -26,7 +22,7 @@ prepare() { done } -build() { +build() { cd "$_builddir" ./configure \ --build=$CBUILD \ @@ -75,15 +71,6 @@ tools() { mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ } -md5sums="ed91be292cb01d21bc7e526816c26981 pcre-8.37.tar.bz2 -7d59ff55389d5df2a000594d8aba2593 CVE-2015-3210.patch -ebb29968952dae14ed8fde9cbb701619 CVE-2015-3217.patch -d49dfd30eacbb5ce0e6e1a90144fa723 CVE-2015-5073.patch" -sha256sums="51679ea8006ce31379fb0860e46dd86665d864b5020fc9cd19e71260eef4789d pcre-8.37.tar.bz2 -a11c73e5bcd977bc331896326cf8e3c8a63ece9a7ab6c307522bc84466a04c09 CVE-2015-3210.patch -47a162e734c9e2054f2ab2f8e78f1e9950338352c02020a11424a6176b06a53b CVE-2015-3217.patch -24ac18ca955a0961242ef71e565c2afa7b67209753f7043fc9a2405443558eeb CVE-2015-5073.patch" -sha512sums="19344c9add2ebbd26c528505d07d3b028d79bc3e6103d51453a449cebd76bc76f5bc7ddd9ef0de41f98c50be74a2d9a65db539ed60f1add1086d99bde8a81466 pcre-8.37.tar.bz2 -4705296239db0b04567f77ae15c68203b9e9be7f7294568cbff096a069ea53fcd8428eb187b1dd39e469d55318410052995782b94bfeb5837ba4a02c7466a31d CVE-2015-3210.patch -4eef9271b4fab53e3b69d4602c4f57086ec22ec69a1c12edfd391d0bfaf69a4bb5a190e3061871e86565c58e9da10ad72fa543f1c13d9c09d3c21f2c1c0dd9c6 CVE-2015-3217.patch -5e7921d81e23a11df02648d90a7b4817e29e440662408a14b5c1dc4d227b217beecd788fa90ee4fddfaa47475badba78ce8f8521533bacf6a362e716ed6ad5b8 CVE-2015-5073.patch" +md5sums="00aabbfe56d5a48b270f999b508c5ad2 pcre-8.38.tar.bz2" +sha256sums="b9e02d36e23024d6c02a2e5b25204b3a4fa6ade43e0a5f869f254f49535079df pcre-8.38.tar.bz2" +sha512sums="ad3412ceee8f992787a3e7cbe0155ffba67affd4b2dfece6c4501dc8d2012f52dcc1ee1f56759362e04bbbd10ea9370b3e46f238e2f75005cb69f6c8439e52c0 pcre-8.38.tar.bz2" diff --git a/main/pcre/CVE-2015-3210.patch b/main/pcre/CVE-2015-3210.patch deleted file mode 100644 index c97849fb70..0000000000 --- a/main/pcre/CVE-2015-3210.patch +++ /dev/null @@ -1,87 +0,0 @@ -From 68ff1beb43bb3d4d8838f3285c97023d1e50513a Mon Sep 17 00:00:00 2001 -From: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15> -Date: Fri, 15 May 2015 17:17:03 +0000 -Subject: [PATCH] Fix buffer overflow for named recursive back reference when - the name is duplicated. -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Upstream commit ported to pcre-8.37: - -commit 4b79af6b4cbeb5326ae5e4d83f3e935e00286c19 -Author: ph10 <ph10@2f5784b3-3f2a-0410-8824-cb99058d5e15> -Date: Fri May 15 17:17:03 2015 +0000 - - Fix buffer overflow for named recursive back reference when the name is - duplicated. - - git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1558 2f5784b3-3f2a-0410-8824-cb99058d5e15 - -This fixes CVE-2015-3210. - -Signed-off-by: Petr Písař <ppisar@redhat.com> ---- - pcre_compile.c | 16 ++++++++++++++-- - testdata/testinput2 | 2 ++ - testdata/testoutput2 | 2 ++ - 3 files changed, 18 insertions(+), 2 deletions(-) - -diff --git a/pcre_compile.c b/pcre_compile.c -index 0efad26..6f06912 100644 ---- a/pcre_compile.c -+++ b/pcre_compile.c -@@ -7173,14 +7173,26 @@ for (;; ptr++) - number. If the name is not found, set the value to 0 for a forward - reference. */ - -+ recno = 0; - ng = cd->named_groups; - for (i = 0; i < cd->names_found; i++, ng++) - { - if (namelen == ng->length && - STRNCMP_UC_UC(name, ng->name, namelen) == 0) -- break; -+ { -+ open_capitem *oc; -+ recno = ng->number; -+ if (is_recurse) break; -+ for (oc = cd->open_caps; oc != NULL; oc = oc->next) -+ { -+ if (oc->number == recno) -+ { -+ oc->flag = TRUE; -+ break; -+ } -+ } -+ } - } -- recno = (i < cd->names_found)? ng->number : 0; - - /* Count named back references. */ - -diff --git a/testdata/testinput2 b/testdata/testinput2 -index 58fe53b..83bb471 100644 ---- a/testdata/testinput2 -+++ b/testdata/testinput2 -@@ -4152,4 +4152,6 @@ backtracking verbs. --/ - - /((?2){73}(?2))((?1))/ - -+"(?J)(?'d'(?'d'\g{d}))" -+ - /-- End of testinput2 --/ -diff --git a/testdata/testoutput2 b/testdata/testoutput2 -index b718df0..7dff52a 100644 ---- a/testdata/testoutput2 -+++ b/testdata/testoutput2 -@@ -14423,4 +14423,6 @@ Failed: lookbehind assertion is not fixed length at offset 17 - - /((?2){73}(?2))((?1))/ - -+"(?J)(?'d'(?'d'\g{d}))" -+ - /-- End of testinput2 --/ --- -2.4.3 - diff --git a/main/pcre/CVE-2015-3217.patch b/main/pcre/CVE-2015-3217.patch deleted file mode 100644 index 8e74a99dad..0000000000 --- a/main/pcre/CVE-2015-3217.patch +++ /dev/null @@ -1,59 +0,0 @@ -https://bugs.exim.org/show_bug.cgi?id=1638 - -Index: pcre_compile.c -=================================================================== ---- a/pcre_compile.c (revision 1558) -+++ b/pcre_compile.c (revision 1562) -@@ -1799,7 +1799,7 @@ - case OP_ASSERTBACK: - case OP_ASSERTBACK_NOT: - do cc += GET(cc, 1); while (*cc == OP_ALT); -- cc += PRIV(OP_lengths)[*cc]; -+ cc += 1 + LINK_SIZE; - break; - - /* Skip over things that don't match chars */ -@@ -7187,15 +7187,15 @@ - open_capitem *oc; - recno = ng->number; - if (is_recurse) break; -- for (oc = cd->open_caps; oc != NULL; oc = oc->next) -- { -- if (oc->number == recno) -- { -- oc->flag = TRUE; -+ for (oc = cd->open_caps; oc != NULL; oc = oc->next) -+ { -+ if (oc->number == recno) -+ { -+ oc->flag = TRUE; - break; -- } -- } -- } -+ } -+ } -+ } - } - - /* Count named back references. */ -@@ -7207,6 +7207,19 @@ - 16-bit data item. */ - - *lengthptr += IMM2_SIZE; -+ -+ /* If this is a forward reference and we are within a (?|...) group, -+ the reference may end up as the number of a group which we are -+ currently inside, that is, it could be a recursive reference. In the -+ real compile this will be picked up and the reference wrapped with -+ OP_ONCE to make it atomic, so we must space in case this occurs. */ -+ -+ /* In fact, this can happen for a non-forward reference because -+ another group with the same number might be created later. This -+ issue is fixed "properly" in PCRE2. As PCRE1 is now in maintenance -+ only mode, we finesse the bug by allowing more memory always. */ -+ -+ /* if (recno == 0) */ *lengthptr += 2 + 2*LINK_SIZE; - } - - /* In the real compile, search the name table. We check the name diff --git a/main/pcre/CVE-2015-5073.patch b/main/pcre/CVE-2015-5073.patch deleted file mode 100644 index e6981ecb2c..0000000000 --- a/main/pcre/CVE-2015-5073.patch +++ /dev/null @@ -1,14 +0,0 @@ -Index: pcre_compile.c -=================================================================== ---- a/pcre_compile.c (revision 1569) -+++ b/pcre_compile.c (revision 1575) -@@ -9449,7 +9449,7 @@ - exceptional ones forgo this. We scan the pattern to check that they are fixed - length, and set their lengths. */ - --if (cd->check_lookbehind) -+if (errorcode == 0 && cd->check_lookbehind) - { - pcre_uchar *cc = (pcre_uchar *)codestart; - - |