import fribidi-1.0.4-8.el8
This commit is contained in:
parent
7c709148fa
commit
7eb1310d7f
27
SOURCES/fribidi-CVE-2019-18397.patch
Normal file
27
SOURCES/fribidi-CVE-2019-18397.patch
Normal file
@ -0,0 +1,27 @@
|
||||
From 034c6e9a1d296286305f4cfd1e0072b879f52568 Mon Sep 17 00:00:00 2001
|
||||
From: Dov Grobgeld <dov.grobgeld@gmail.com>
|
||||
Date: Thu, 24 Oct 2019 09:37:29 +0300
|
||||
Subject: [PATCH] Truncate isolate_level to FRIBIDI_BIDI_MAX_EXPLICIT_LEVEL
|
||||
|
||||
---
|
||||
lib/fribidi-bidi.c | 4 +++-
|
||||
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/lib/fribidi-bidi.c b/lib/fribidi-bidi.c
|
||||
index 6c84392..d384878 100644
|
||||
--- a/lib/fribidi-bidi.c
|
||||
+++ b/lib/fribidi-bidi.c
|
||||
@@ -747,7 +747,9 @@ fribidi_get_par_embedding_levels_ex (
|
||||
}
|
||||
|
||||
RL_LEVEL (pp) = level;
|
||||
- RL_ISOLATE_LEVEL (pp) = isolate_level++;
|
||||
+ RL_ISOLATE_LEVEL (pp) = isolate_level;
|
||||
+ if (isolate_level < FRIBIDI_BIDI_MAX_EXPLICIT_LEVEL-1)
|
||||
+ isolate_level++;
|
||||
base_level_per_iso_level[isolate_level] = new_level;
|
||||
|
||||
if (!FRIBIDI_IS_NEUTRAL (override))
|
||||
--
|
||||
2.23.0
|
||||
|
@ -1,13 +1,14 @@
|
||||
Summary: Library implementing the Unicode Bidirectional Algorithm
|
||||
Name: fribidi
|
||||
Version: 1.0.4
|
||||
Release: 6%{?dist}
|
||||
Release: 8%{?dist}
|
||||
URL: https://github.com/fribidi/fribidi/
|
||||
Source: https://github.com//%{name}/%{name}/releases/download/v%{version}/%{name}-%{version}.tar.bz2
|
||||
License: LGPLv2+ and UCD
|
||||
BuildRequires: gcc
|
||||
BuildRequires: automake autoconf libtool
|
||||
Patch0: %{name}-drop-bundled-gnulib.patch
|
||||
Patch1: %{name}-CVE-2019-18397.patch
|
||||
|
||||
%description
|
||||
A library to handle bidirectional scripts (for example Hebrew, Arabic),
|
||||
@ -64,6 +65,15 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
|
||||
%{_mandir}/man3/*.gz
|
||||
|
||||
%changelog
|
||||
* Tue Dec 17 2019 Tomas Pelka <tpelka@redhat.com> - 1.0.4-8
|
||||
- bump version and rebuild to avoid version conflict with 8.1.0.z
|
||||
Resolves: rhbz#1781227
|
||||
|
||||
|
||||
* Fri Dec 13 2019 Akira TAGOH <tagoh@redhat.com> - 1.0.4-7
|
||||
- Security fix for CVE-2019-18397
|
||||
Resolves: rhbz#1781227
|
||||
|
||||
* Thu Jul 26 2018 Akira TAGOH <tagoh@redhat.com> - 1.0.4-6
|
||||
- Drop bundled gnulib code.
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user