From 558251d3ce37b751b4d3e263577e4252b441a92b Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Mon, 15 Jul 2019 15:47:22 +0200
Subject: add security fixes from Fedora

---
 oniguruma.spec | 28 ++++++++++++++++++++++++++--
 1 file changed, 26 insertions(+), 2 deletions(-)

(limited to 'oniguruma.spec')

diff --git a/oniguruma.spec b/oniguruma.spec
index 82e042d..03d8dd2 100644
--- a/oniguruma.spec
+++ b/oniguruma.spec
@@ -23,13 +23,21 @@ Name:       %{libname}
 %else
 Name:       %{libname}%{soname}
 %endif
-Version:	6.9.1
-Release:	1%{?dist}
+Version:	6.9.2
+Release:	2%{?dist}
 Summary:	Regular expressions library
 
 License:	BSD
 URL:		https://github.com/kkos/oniguruma/
 Source0:	https://github.com/kkos/oniguruma/releases/download/v%{version}/onig-%{version}.tar.gz
+# upstream patches
+Patch10:	0010-Fix-CVE-2019-13225-problem-in-converting-if-then-els.patch
+#Patch11:	0011-Fix-CVE-2019-13224-don-t-allow-different-encodings-f.patch
+# Not use Patch11 for F-30 and below, this is almost API change (deprecation of API) in
+# onig_new_deluxe() and this change should be avoided (if possible) in stable
+# branch
+# Instead use another fix
+Patch101:	0101-onig_new_deluxe-don-t-free-new-pattern-if-success.patch
 
 BuildRequires:	gcc
 
@@ -80,6 +88,10 @@ for f in \
 done
 %endif
 
+%patch10 -p1 -b .CVE-2019-13225
+#%%patch11 -p1 -b .CVE-2019-13224
+%patch101 -p1 -b .CVE-2019-13224
+
 
 %build
 %configure \
@@ -125,6 +137,8 @@ find $RPM_BUILD_ROOT -name '*.la' \
 %doc	doc/CALLOUTS.BUILTIN
 %doc	doc/FAQ
 %doc	doc/RE
+%doc	doc/SYNTAX.md
+%doc	doc/UNICODE_PROPERTIES
 %lang(ja)	%doc	doc/API.ja
 %lang(ja)	%doc	doc/CALLOUTS.API.ja
 %lang(ja)	%doc	doc/CALLOUTS.BUILTIN.ja
@@ -139,6 +153,16 @@ find $RPM_BUILD_ROOT -name '*.la' \
 
 
 %changelog
+* Mon Jul 15 2019 Remi Collet <remi@remirepo.net> -6.9.2-2
+- add security fixes from Fedora
+
+* Fri Jul 12 2019 Mamoru TASAKA <mtasaka@fedoraproject.org> - 6.9.2-2
+- Upstream patch for CVE-2019-13225 (#1728966)
+- NON-upstream patch for CVE-2019-13224 (#1728971)
+
+* Mon May 13 2019 Remi Collet <remi@remirepo.net> -6.9.2-1
+- update to 6.9.2
+
 * Mon Apr  1 2019 Remi Collet <remi@remirepo.net> -6.9.1-1
 - rename to oniguruma5 to allow parallel installation
   beside old oniguruma version
-- 
cgit