diff options
Diffstat (limited to 'main/libidn')
-rw-r--r-- | main/libidn/APKBUILD | 12 | ||||
-rw-r--r-- | main/libidn/format-security.patch | 129 |
2 files changed, 137 insertions, 4 deletions
diff --git a/main/libidn/APKBUILD b/main/libidn/APKBUILD index f54ef988ecd..efd2dfaf9e8 100644 --- a/main/libidn/APKBUILD +++ b/main/libidn/APKBUILD @@ -1,15 +1,18 @@ # Contributor: Michael Mason <ms13sp@gmail.com> # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=libidn -pkgver=1.38 +pkgver=1.42 pkgrel=0 pkgdesc="Encode/Decode library for internationalized domain names" url="https://www.gnu.org/software/libidn" arch="all" -license="GPL-2.0-or-later GPL-3.0-or-later LGPL-3.0-or-later" +license="LGPL-2.1-or-later" +makedepends="help2man texinfo" checkdepends="diffutils" subpackages="$pkgname-dev $pkgname-doc" -source="https://ftp.gnu.org/gnu/libidn/libidn-$pkgver.tar.gz" +source="https://ftp.gnu.org/gnu/libidn/libidn-$pkgver.tar.gz + format-security.patch + " # secfixes: # 1.33-r0: @@ -42,5 +45,6 @@ package() { } sha512sums=" -5e59b2263fde44d1463b47b516347b17a4e3e3696ebba66ab5fe464d567e2ec81f769fa7cf72ed51cfb501e32221813bb375373713a47e2f599fc6122850e419 libidn-1.38.tar.gz +1a99f0c9aa12cebed2de7db603c203696544cfe093afd7b233b0955f4fbe65440bf637089a624ed74e204abe854b1d16d11b77dc1b8d56c97ba6b20715aeb0d7 libidn-1.42.tar.gz +bc4fc4348ff87615d40cc535b35de6edfe4379720313df1de8d0041609307dec51b1d283da29b562f7d5ab8fd1934ad094ea5df8044341ad206009739e7751c9 format-security.patch " diff --git a/main/libidn/format-security.patch b/main/libidn/format-security.patch new file mode 100644 index 00000000000..1ebf736e1c9 --- /dev/null +++ b/main/libidn/format-security.patch @@ -0,0 +1,129 @@ +diff --git a/src/idn.c b/src/idn.c +index 9e1e766..ea89ecb 100644 +--- a/src/idn.c ++++ b/src/idn.c +@@ -170,7 +170,7 @@ main (int argc, char *argv[]) + (args_info.nfkc_given ? 1 : 0) != 1) + { + error (0, 0, +- _("only one of -s, -e, -d, -a, -u or -n can be specified")); ++ "%s", _("only one of -s, -e, -d, -a, -u or -n can be specified")); + usage (EXIT_FAILURE); + } + +@@ -183,7 +183,7 @@ main (int argc, char *argv[]) + + if (!args_info.quiet_given + && args_info.inputs_num == 0 && isatty (fileno (stdin))) +- fprintf (stderr, _("Type each input string on a line by itself, " ++ fprintf (stderr, "%s", _("Type each input string on a line by itself, " + "terminated by a newline character.\n")); + + do +@@ -195,7 +195,7 @@ main (int argc, char *argv[]) + if (feof (stdin)) + break; + +- error (EXIT_FAILURE, errno, _("input error")); ++ error (EXIT_FAILURE, errno, "%s", _("input error")); + } + + if (strlen (line) > 0) +@@ -213,7 +213,7 @@ main (int argc, char *argv[]) + if (!q) + { + free (p); +- error (EXIT_FAILURE, 0, ++ error (EXIT_FAILURE, 0, "%s", + _("could not convert from UTF-8 to UCS-4")); + } + +@@ -238,7 +238,7 @@ main (int argc, char *argv[]) + if (!q) + { + free (r); +- error (EXIT_FAILURE, 0, ++ error (EXIT_FAILURE, 0, "%s", + _("could not convert from UTF-8 to UCS-4")); + } + +@@ -275,7 +275,7 @@ main (int argc, char *argv[]) + q = stringprep_utf8_to_ucs4 (p, -1, &len); + free (p); + if (!q) +- error (EXIT_FAILURE, 0, ++ error (EXIT_FAILURE, 0, "%s", + _("could not convert from UTF-8 to UCS-4")); + + if (args_info.debug_given) +@@ -334,7 +334,7 @@ main (int argc, char *argv[]) + r = stringprep_ucs4_to_utf8 (q, -1, NULL, NULL); + free (q); + if (!r) +- error (EXIT_FAILURE, 0, ++ error (EXIT_FAILURE, 0, "%s", + _("could not convert from UCS-4 to UTF-8")); + + p = stringprep_utf8_to_locale (r); +@@ -358,14 +358,14 @@ main (int argc, char *argv[]) + q = stringprep_utf8_to_ucs4 (p, -1, NULL); + free (p); + if (!q) +- error (EXIT_FAILURE, 0, ++ error (EXIT_FAILURE, 0, "%s", + _("could not convert from UCS-4 to UTF-8")); + + if (args_info.debug_given) + { + size_t i; + for (i = 0; q[i]; i++) +- fprintf (stderr, "input[%lu] = U+%04x\n", ++ fprintf (stderr, "%s", "input[%lu] = U+%04x\n", + (unsigned long) i, q[i]); + } + +@@ -436,7 +436,7 @@ main (int argc, char *argv[]) + if (!q) + { + free (p); +- error (EXIT_FAILURE, 0, ++ error (EXIT_FAILURE, 0, "%s", + _("could not convert from UCS-4 to UTF-8")); + } + +@@ -492,7 +492,7 @@ main (int argc, char *argv[]) + r = stringprep_ucs4_to_utf8 (q, -1, NULL, NULL); + free (q); + if (!r) +- error (EXIT_FAILURE, 0, ++ error (EXIT_FAILURE, 0, "%s", + _("could not convert from UTF-8 to UCS-4")); + + p = stringprep_utf8_to_locale (r); +@@ -521,7 +521,7 @@ main (int argc, char *argv[]) + if (!q) + { + free (p); +- error (EXIT_FAILURE, 0, ++ error (EXIT_FAILURE, 0, "%s", + _("could not convert from UTF-8 to UCS-4")); + } + +@@ -535,7 +535,7 @@ main (int argc, char *argv[]) + r = stringprep_utf8_nfkc_normalize (p, -1); + free (p); + if (!r) +- error (EXIT_FAILURE, 0, _("could not do NFKC normalization")); ++ error (EXIT_FAILURE, 0, "%s", _("could not do NFKC normalization")); + + if (args_info.debug_given) + { +@@ -545,7 +545,7 @@ main (int argc, char *argv[]) + if (!q) + { + free (r); +- error (EXIT_FAILURE, 0, ++ error (EXIT_FAILURE, 0, "%s", + _("could not convert from UTF-8 to UCS-4")); + } + |