diff options
| -rw-r--r-- | devel/pcre/Makefile | 4 | ||||
| -rw-r--r-- | devel/pcre/distinfo | 13 | ||||
| -rw-r--r-- | devel/pcre/patches/patch-CVE-2014-8964 | 20 | ||||
| -rw-r--r-- | devel/pcre/patches/patch-aa | 6 | ||||
| -rw-r--r-- | devel/pcre/patches/patch-ab | 10 |
5 files changed, 37 insertions, 16 deletions
diff --git a/devel/pcre/Makefile b/devel/pcre/Makefile index 7fbb262b464..c2341f9e6a7 100644 --- a/devel/pcre/Makefile +++ b/devel/pcre/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.72 2014/06/10 19:45:17 wiz Exp $ +# $NetBSD: Makefile,v 1.72.4.1 2014/12/04 19:28:20 tron Exp $ -DISTNAME= pcre-8.35 +DISTNAME= pcre-8.36 PKGREVISION= 1 CATEGORIES= devel MASTER_SITES= ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/ \ diff --git a/devel/pcre/distinfo b/devel/pcre/distinfo index 174e7a4885c..37e220e9603 100644 --- a/devel/pcre/distinfo +++ b/devel/pcre/distinfo @@ -1,8 +1,9 @@ -$NetBSD: distinfo,v 1.53 2014/06/10 19:45:17 wiz Exp $ +$NetBSD: distinfo,v 1.53.4.1 2014/12/04 19:28:20 tron Exp $ -SHA1 (pcre-8.35.tar.bz2) = a10e0040475644bfc97f7d0c0556988acfc52c6f -RMD160 (pcre-8.35.tar.bz2) = 85565cfb183fdef1408309b9f02d19c4d85ff458 -Size (pcre-8.35.tar.bz2) = 1522220 bytes -SHA1 (patch-aa) = 02c03145827eaf5ce5d267836d0a4c5f6c00ba99 -SHA1 (patch-ab) = 2e680087b9b302cf2ba2fbafc758820dfd85d9e1 +SHA1 (pcre-8.36.tar.bz2) = 9a074e9cbf3eb9f05213fd9ca5bc188644845ccc +RMD160 (pcre-8.36.tar.bz2) = e13ce590fbb12aaa375645edeea6fa4938d31efb +Size (pcre-8.36.tar.bz2) = 1533818 bytes +SHA1 (patch-CVE-2014-8964) = 4779bf53dd08d7be070c3860c35ab896a26d29e9 +SHA1 (patch-aa) = ed20cfb5ca7b1e620e368c8e41a7f691d6f93282 +SHA1 (patch-ab) = 0b8fbde09c27e2716e5bfa32abce8ee4a79fb7fb SHA1 (patch-doc_pcredemo.3) = 90f9b3a021f58973149d839735d40c5e2e245912 diff --git a/devel/pcre/patches/patch-CVE-2014-8964 b/devel/pcre/patches/patch-CVE-2014-8964 new file mode 100644 index 00000000000..3fecc399211 --- /dev/null +++ b/devel/pcre/patches/patch-CVE-2014-8964 @@ -0,0 +1,20 @@ +$NetBSD: patch-CVE-2014-8964,v 1.1.2.2 2014/12/04 19:28:20 tron Exp $ + +patch for CVE-2014-8964 taken from +http://bugs.exim.org/show_bug.cgi?id=1546 + +--- pcre_exec.c.orig 2014-09-15 13:48:59.000000000 +0000 ++++ pcre_exec.c +@@ -1404,8 +1404,11 @@ for (;;) + condition = TRUE; + + /* Advance ecode past the assertion to the start of the first branch, +- but adjust it so that the general choosing code below works. */ ++ but adjust it so that the general choosing code below works. If the ++ assertion has a quantifier that allows zero repeats we must skip over ++ the BRAZERO. This is a lunatic thing to do, but somebody did! */ + ++ if (*ecode == OP_BRAZERO) ecode++; + ecode += GET(ecode, 1); + while (*ecode == OP_ALT) ecode += GET(ecode, 1); + ecode += 1 + LINK_SIZE - PRIV(OP_lengths)[condcode]; diff --git a/devel/pcre/patches/patch-aa b/devel/pcre/patches/patch-aa index 9b5c4367b5e..522bf099bfe 100644 --- a/devel/pcre/patches/patch-aa +++ b/devel/pcre/patches/patch-aa @@ -1,10 +1,10 @@ -$NetBSD: patch-aa,v 1.15 2012/03/02 15:24:48 wiz Exp $ +$NetBSD: patch-aa,v 1.15.22.1 2014/12/04 19:28:20 tron Exp $ Use pkgsrc's COMPILER_RPATH_FLAG variable, so this works on all pkgsrc platforms. ---- pcre-config.in.orig 2012-01-21 16:00:28.000000000 +0000 +--- pcre-config.in.orig 2014-01-31 14:32:51.000000000 +0000 +++ pcre-config.in -@@ -28,15 +28,7 @@ if test $# -eq 0; then +@@ -32,15 +32,7 @@ if test $# -eq 0; then exit 1 fi diff --git a/devel/pcre/patches/patch-ab b/devel/pcre/patches/patch-ab index 7c21960f2b9..f1cd04c9ae2 100644 --- a/devel/pcre/patches/patch-ab +++ b/devel/pcre/patches/patch-ab @@ -1,4 +1,4 @@ -$NetBSD: patch-ab,v 1.8 2012/03/10 08:03:57 sbd Exp $ +$NetBSD: patch-ab,v 1.8.22.1 2014/12/04 19:28:20 tron Exp $ Remove a feeble attempt at providing ABI compatibility for the C++ portion of the PCRE library. Relying on the C++ compiler to crunch symbols in a @@ -6,9 +6,9 @@ particular way is platform dependent at best, and the comments indicate that this was done for OSX. Also, the test misfired on SunOS leading to breakage (PR pkg/38768). ---- configure.orig 2012-02-04 12:55:43.000000000 +0000 +--- configure.orig 2014-09-26 09:06:46.000000000 +0000 +++ configure -@@ -16189,6 +16189,8 @@ ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS +@@ -17603,6 +17603,8 @@ ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_cxx_compiler_gnu @@ -17,7 +17,7 @@ Also, the test misfired on SunOS leading to breakage (PR pkg/38768). # Older versions of pcre defined pcrecpp::no_arg, but in new versions # it's called pcrecpp::RE::no_arg. For backwards ABI compatibility, -@@ -16231,6 +16233,9 @@ rm -f core conftest.err conftest.$ac_obj +@@ -17645,6 +17647,9 @@ rm -f core conftest.err conftest.$ac_obj done LDFLAGS="$OLD_LDFLAGS" @@ -27,7 +27,7 @@ Also, the test misfired on SunOS leading to breakage (PR pkg/38768). # We could be more clever here, given we're doing AC_SUBST with this # (eg set a var to be the name of the include file we want). But we're not # so it's easy to change back to 'regular' autoconf vars if we needed to. -@@ -17014,6 +17019,10 @@ if test "$enable_pcretest_libreadline" = +@@ -18952,6 +18957,10 @@ elif test "$enable_pcretest_libreadline" $as_echo "#define SUPPORT_LIBREADLINE /**/" >>confdefs.h |