Import from AlmaLinux stable repository

2024-05-31 16:48:25 +00:00 · 2024-05-31 16:48:25 +00:00 · bb0f815059
commit bb0f815059
parent bd90e66d3d
3 changed files with 48 additions and 2 deletions
--- a/.liblouis.metadata
+++ b/.liblouis.metadata
@ -1 +0,0 @@
-490437e79e648ef55c17f3e599eb1fc57ca781d0 SOURCES/liblouis-2.6.2.tar.gz
--- a/SOURCES/liblouis-2.6.2-CVE-2018-11683.patch
+++ b/SOURCES/liblouis-2.6.2-CVE-2018-11683.patch
@ -0,0 +1,38 @@
+diff -urN liblouis-2.6.2.old/tools/lou_translate.c liblouis-2.6.2/tools/lou_translate.c
+--- liblouis-2.6.2.old/tools/lou_translate.c	2020-05-17 07:37:40.572000000 +0100
+++ liblouis-2.6.2/tools/lou_translate.c	2020-05-17 07:43:28.596000000 +0100
+@@ -36,8 +36,6 @@
+ #include "progname.h"
+ #include "version-etc.h"
+ 
+-#define BUFSIZE MAXSTRING - 4
+-
+ static int forward_flag = 0;
+ static int backward_flag = 0;
+ 
+@@ -58,10 +56,10 @@
+ static void 
+ translate_input (int forward_translation, char *table_name)
+ {
+-  char charbuf[BUFSIZE];
+  char charbuf[MAXSTRING];
+   char *outputbuf;
+-  widechar inbuf[BUFSIZE];
+-  widechar transbuf[BUFSIZE];
+  widechar inbuf[MAXSTRING];
+  widechar transbuf[MAXSTRING];
+   int inlen;
+   int translen;
+   int k;
+@@ -69,9 +67,9 @@
+   int result;
+   while (1)
+     {
+-      translen = BUFSIZE;
+      translen = MAXSTRING;
+       k = 0;
+-      while ((ch = getchar ()) != '\n' && ch != EOF && k < BUFSIZE-1)
+      while ((ch = getchar ()) != '\n' && ch != EOF && k < MAXSTRING-1)
+ 	charbuf[k++] = ch;
+       if (ch == EOF && k == 0)
+ 	break;
--- a/SPECS/liblouis.spec
+++ b/SPECS/liblouis.spec
@ -12,7 +12,7 @@

 Name:           liblouis
 Version:        2.6.2
-Release:        21%{?dist}
+Release:        23%{?dist}
 Summary:        Braille translation and back-translation library

 Group:          System Environment/Libraries
@ -35,6 +35,8 @@ Patch4:         liblouis-2.6.2-CVE-2018-11685.patch
 Patch5:         liblouis-2.6.2-CVE-2018-12085.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=1602585
 Patch6:         liblouis-2.6.2-coverity-fixes.patch
+# https://bugzilla.redhat.com/show_bug.cgi?id=1588626
+Patch7:         liblouis-2.6.2-CVE-2018-11683.patch

 BuildRequires:  chrpath
 BuildRequires:  help2man
@ -139,6 +141,7 @@ This package provides the documentation for liblouis.
 %patch4 -p1
 %patch5 -p1
 %patch6 -p1
+%patch7 -p1

 # For patch0
 autoreconf -fi
@ -233,6 +236,12 @@ fi


 %changelog
+* Tue Jun 20 2023 Tomas Popela <tpopela@redhat.com> - 2.6.2-23
+- Resolves: RHEL-593 Bump the release to fix the upgrade path
+
+* Sat May 16 2020 David King <dking@redhat.com> - 2.6.2-22
+- Fix CVE-2018-11683 (#1588626)
+
 * Mon Mar 02 2020 David King <dking@redhat.com> - 2.6.2-21
 - A further Coverity fix (#1602585)
				`@ -1 +0,0 @@`
				`490437e79e648ef55c17f3e599eb1fc57ca781d0 SOURCES/liblouis-2.6.2.tar.gz`