From bb0f8150591ae0c97f7b1d49c3582656dfea1c30 Mon Sep 17 00:00:00 2001
From: eabdullin <ed.abdullin.1@gmail.com>
Date: Fri, 31 May 2024 16:48:25 +0000
Subject: [PATCH] Import from AlmaLinux stable repository

---
 .liblouis.metadata                          |  1 -
 SOURCES/liblouis-2.6.2-CVE-2018-11683.patch | 38 +++++++++++++++++++++
 SPECS/liblouis.spec                         | 11 +++++-
 3 files changed, 48 insertions(+), 2 deletions(-)
 delete mode 100644 .liblouis.metadata
 create mode 100644 SOURCES/liblouis-2.6.2-CVE-2018-11683.patch

diff --git a/.liblouis.metadata b/.liblouis.metadata
deleted file mode 100644
index 21aa57d..0000000
--- a/.liblouis.metadata
+++ /dev/null
@@ -1 +0,0 @@
-490437e79e648ef55c17f3e599eb1fc57ca781d0 SOURCES/liblouis-2.6.2.tar.gz
diff --git a/SOURCES/liblouis-2.6.2-CVE-2018-11683.patch b/SOURCES/liblouis-2.6.2-CVE-2018-11683.patch
new file mode 100644
index 0000000..a341512
--- /dev/null
+++ b/SOURCES/liblouis-2.6.2-CVE-2018-11683.patch
@@ -0,0 +1,38 @@
+diff -urN liblouis-2.6.2.old/tools/lou_translate.c liblouis-2.6.2/tools/lou_translate.c
+--- liblouis-2.6.2.old/tools/lou_translate.c	2020-05-17 07:37:40.572000000 +0100
++++ liblouis-2.6.2/tools/lou_translate.c	2020-05-17 07:43:28.596000000 +0100
+@@ -36,8 +36,6 @@
+ #include "progname.h"
+ #include "version-etc.h"
+ 
+-#define BUFSIZE MAXSTRING - 4
+-
+ static int forward_flag = 0;
+ static int backward_flag = 0;
+ 
+@@ -58,10 +56,10 @@
+ static void 
+ translate_input (int forward_translation, char *table_name)
+ {
+-  char charbuf[BUFSIZE];
++  char charbuf[MAXSTRING];
+   char *outputbuf;
+-  widechar inbuf[BUFSIZE];
+-  widechar transbuf[BUFSIZE];
++  widechar inbuf[MAXSTRING];
++  widechar transbuf[MAXSTRING];
+   int inlen;
+   int translen;
+   int k;
+@@ -69,9 +67,9 @@
+   int result;
+   while (1)
+     {
+-      translen = BUFSIZE;
++      translen = MAXSTRING;
+       k = 0;
+-      while ((ch = getchar ()) != '\n' && ch != EOF && k < BUFSIZE-1)
++      while ((ch = getchar ()) != '\n' && ch != EOF && k < MAXSTRING-1)
+ 	charbuf[k++] = ch;
+       if (ch == EOF && k == 0)
+ 	break;
diff --git a/SPECS/liblouis.spec b/SPECS/liblouis.spec
index 1d01d49..94aaf77 100644
--- a/SPECS/liblouis.spec
+++ b/SPECS/liblouis.spec
@@ -12,7 +12,7 @@
 
 Name:           liblouis
 Version:        2.6.2
-Release:        21%{?dist}
+Release:        23%{?dist}
 Summary:        Braille translation and back-translation library
 
 Group:          System Environment/Libraries
@@ -35,6 +35,8 @@ Patch4:         liblouis-2.6.2-CVE-2018-11685.patch
 Patch5:         liblouis-2.6.2-CVE-2018-12085.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=1602585
 Patch6:         liblouis-2.6.2-coverity-fixes.patch
+# https://bugzilla.redhat.com/show_bug.cgi?id=1588626
+Patch7:         liblouis-2.6.2-CVE-2018-11683.patch
 
 BuildRequires:  chrpath
 BuildRequires:  help2man
@@ -139,6 +141,7 @@ This package provides the documentation for liblouis.
 %patch4 -p1
 %patch5 -p1
 %patch6 -p1
+%patch7 -p1
 
 # For patch0
 autoreconf -fi
@@ -233,6 +236,12 @@ fi
 
 
 %changelog
+* Tue Jun 20 2023 Tomas Popela <tpopela@redhat.com> - 2.6.2-23
+- Resolves: RHEL-593 Bump the release to fix the upgrade path
+
+* Sat May 16 2020 David King <dking@redhat.com> - 2.6.2-22
+- Fix CVE-2018-11683 (#1588626)
+
 * Mon Mar 02 2020 David King <dking@redhat.com> - 2.6.2-21
 - A further Coverity fix (#1602585)