Pullup ticket #5893 - requested by taca

textproc/uriparser: security fix

Revisions pulled up:
- textproc/uriparser/Makefile                                   1.12
- textproc/uriparser/distinfo                                   1.10

---
   Module Name:	pkgsrc
   Committed By:	bsiegert
   Date:		Sun Jan  6 13:47:20 UTC 2019

   Modified Files:
   	pkgsrc/textproc/uriparser: Makefile distinfo

   Log Message:
   Update uriparser to 0.9.1.

   >>>>>>>>>>>>> SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
     * Fixed:
         Out-of-bounds read in uriParse*Ex* for incomplete URIs with IPv6
         addresses with embedded IPv4 address, e.g. "//[::44.1";
         mitigated if passed parameter <afterLast> points to readable memory
         containing a '\0' byte.
         Thanks to Joergen Ibsen for the report!
   >>>>>>>>>>>>> SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
     * Fixed: When parsing a malformed URI with an IPvFuture address
         (e.g. "http://[vA.123456" missing "]"), errorPos would point to the first
         character after "v" than the actual position of the error (here: the end
         of the string)
     * Fixed: uriToStringCharsRequired* reported 1 more byte than actually needed
         for IPv4 address URIs (GitHub #41); Thanks to @gyh007 for the patch!
     * Fixed: Compilation with MinGW
         Thanks to Sandro Mani for the patch!
     * Fixed: Drop use of asprintf from the test suite for MinGW (GitHub #40)
     * Improved: For parse errors, waterproof errorPos <= afterLast
     * Soname: 1:24:0

   Via email from Sebastian Pipping.

0 files changed, 0 insertions, 0 deletions