diff options
-rw-r--r-- | debian/NEWS.Debian | 6 | ||||
-rw-r--r-- | debian/README.source | 18 | ||||
-rw-r--r-- | debian/changelog | 336 | ||||
-rw-r--r-- | debian/compat | 1 | ||||
-rw-r--r-- | debian/control | 40 | ||||
-rw-r--r-- | debian/copyright | 52 | ||||
-rw-r--r-- | debian/libonig-dev.doc-base | 16 | ||||
-rw-r--r-- | debian/libonig-dev.docs | 10 | ||||
-rw-r--r-- | debian/libonig-dev.examples | 1 | ||||
-rw-r--r-- | debian/libonig-dev.install | 3 | ||||
-rw-r--r-- | debian/libonig5-dbg.dirs | 1 | ||||
-rw-r--r-- | debian/libonig5.install | 1 | ||||
-rw-r--r-- | debian/patches/0100-source_typos.patch | 18 | ||||
-rw-r--r-- | debian/patches/0105-CVE-2019-13224.patch | 38 | ||||
-rw-r--r-- | debian/patches/0110-CVE-2019-13225.patch | 66 | ||||
-rw-r--r-- | debian/patches/series | 3 | ||||
-rwxr-xr-x | debian/rules | 31 | ||||
-rw-r--r-- | debian/source/format | 1 | ||||
-rw-r--r-- | debian/symbols | 307 | ||||
-rw-r--r-- | debian/watch | 7 |
20 files changed, 956 insertions, 0 deletions
diff --git a/debian/NEWS.Debian b/debian/NEWS.Debian new file mode 100644 index 0000000..e58552a --- /dev/null +++ b/debian/NEWS.Debian @@ -0,0 +1,6 @@ +libonig (6.0.0-1) unstable; urgency=medium + + The file /usr/bin/onig-config is not Multi-Arch conform. So it is removed + in this release. You can use pkg-config instead. + + -- Jörg Frings-Fürst <debian@jff-webhosting.net> Tue, 06 Jan 2015 11:09:12 +0100 diff --git a/debian/README.source b/debian/README.source new file mode 100644 index 0000000..e4f2b3d --- /dev/null +++ b/debian/README.source @@ -0,0 +1,18 @@ +Hello, + +now I use the branching model from Vincent Driessen[1]. + +I use the gitflow-avh[2]. with the Documentation[3]. +The Debian package can be found here[4]. + +Please upload unattended uploads use a branch feature/<your title>. + + +Many thanks. + + -- Jörg Frings-Fürst <debian@jff-webhosting.net> Fri, 02 Jun 2017 19:00:40 +0200 + +[1] http://nvie.com/posts/a-successful-git-branching-model/ +[2] https://github.com/petervanderdoes/gitflow-avh +[3] https://github.com/petervanderdoes/gitflow-avh/wiki +[4] https://tracker.debian.org/pkg/git-flow diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..2ae3106 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,336 @@ +libonig (6.9.2-1) unstable; urgency=medium + + * New upstream release: + - Refresh symbols file. + - Refresh debian/patches/0100-source_typos.patch. + * Rewrite debain/watch. + * New debian/patches/0105-CVE-2019-13224.patch and + debian/patches/0110-CVE-2019-13225.patch (Closes: #931878): + - Fixes CVE-2019-13224 A use-after-free in onig_new_deluxe() in regext.c. + - Fixes CVE-2019-13225 A NULL Pointer Dereference in match_at() + in regexec.c. + * Declare compliance with Debian Policy 4.4.0 (No changes needed). + * Migrate to debhelper 12: + - Change debian/compat to 12. + - Bump minimum debhelper version in debian/control to >= 12. + - debian/rules: Remove obsolete dh_install --fail-missing. + + -- Jörg Frings-Fürst <debian@jff.email> Fri, 12 Jul 2019 10:39:37 +0200 + +libonig (6.9.1-1) unstable; urgency=medium + + * New upstream release: + - Refresh symbols file. + + -- Jörg Frings-Fürst <debian@jff.email> Fri, 21 Dec 2018 14:09:48 +0100 + +libonig (6.9.0-1) unstable; urgency=medium + + * New upstream release. + - Refresh symbols file. + * debian/control: + - Change VCS-* to point to the new repository. + * Declare compliance with Debian Policy 4.2.1 (No changes needed). + + -- Jörg Frings-Fürst <debian@jff.email> Thu, 06 Sep 2018 07:14:48 +0200 + +libonig (6.8.2-1) unstable; urgency=medium + + * New upstream release (Closes: #897250). + - Refresh symbols file. + * Declare compliance with Debian Policy 4.1.4 (No changes needed). + + -- Jörg Frings-Fürst <debian@jff.email> Fri, 04 May 2018 18:41:47 +0200 + +libonig (6.8.1-2) unstable; urgency=medium + + * Upload to unstable. + + -- Jörg Frings-Fürst <debian@jff.email> Tue, 01 May 2018 09:45:05 +0200 + +libonig (6.8.1-1) experimental; urgency=medium + + * New upstream release. + - Refresh symbols file. + - Refresh debian/copyright. + * Rename libonig4 to libonig5. + - debian/control: + + Rename binaray package. + + Set Depends to libonig5. + - Rename debian/libonig4* to debian/libonig5* + - debian/rules: + + Rename liboing4 to libonig5. + * Migrate to debhelper 11: + - Change debian/compat to 11. + - Bump minimum debhelper version in debian/control to >= 11. + * Declare compliance with Debian Policy 4.1.3 (No changes needed). + + -- Jörg Frings-Fürst <debian@jff.email> Wed, 21 Mar 2018 19:56:23 +0100 + +libonig (6.7.0-1) unstable; urgency=medium + + * New upstream release. + - Refresh symbols file. + * Change to my new email address: + - debian/control + - debian/copyright + * debian/changelog: + - Remove trailing whitespaces. + * Declare compliance with Debian Policy 4.1.2.0. (No changes needed). + + -- Jörg Frings-Fürst <debian@jff.email> Thu, 14 Dec 2017 17:26:05 +0100 + +libonig (6.6.1-1) unstable; urgency=medium + + * New upstream release. + - Refresh symbols file. + * Declare compliance with Debian Policy 4.1.0.0. (No changes needed). + * Remove missing README.ja from debian/libonig-dev.docs and + debian/libonig-dev.doc-base. + + -- Jörg Frings-Fürst <debian@jff-webhosting.net> Fri, 01 Sep 2017 19:57:42 +0200 + +libonig (6.5.0-1) unstable; urgency=medium + + * New upstream release. + + Refresh symbols file. + + -- Jörg Frings-Fürst <debian@jff-webhosting.net> Sun, 06 Aug 2017 19:31:50 +0200 + +libonig (6.4.0-1) unstable; urgency=medium + + * New upstream release. + + Refresh symbols file. + * Remove not longer needed patches. + + -- Jörg Frings-Fürst <debian@jff-webhosting.net> Sun, 23 Jul 2017 11:51:31 +0200 + +libonig (6.3.0-1) unstable; urgency=medium + + * New upstream release. + - Update symbols file. + - Refresh patches. + * Drop dh-autoreconf from both build-depends and dh --with arguments. + because this is all defaults when using dh compat 10. + * debian/copyright: Add year 2017. + * Remove upstream applied debian/patches/0500-CVE-2017-922[4-9].patch. + * Use the automatic debug symbol packages: + - Remove libonig4-dbg section from debian/control. + - Remove override_dh_strip from debian/rules. + * New README.source to explain the branching model used. + * Declare compliance with Debian Policy 4.0.0. (No changes needed). + + -- Jörg Frings-Fürst <debian@jff-webhosting.net> Sun, 25 Jun 2017 09:55:31 +0200 + +libonig (6.1.3-2) unstable; urgency=high + + * New debian/patches/0500-CVE-2017-922[4-9].patch: + - Cherrypicked from upstream to correct: + + CVE-2017-9224 (Closes: #863312) + + CVE-2017-9225 (Closes: #863313) + + CVE-2017-9226 (Closes: #863314) + + CVE-2017-9227 (Closes: #863315) + + CVE-2017-9228 (Closes: #863316) + + CVE-2017-9229 (Closes: #863318) + + -- Jörg Frings-Fürst <debian@jff-webhosting.net> Sat, 27 May 2017 12:05:50 +0200 + +libonig (6.1.3-1) unstable; urgency=medium + + * New upstream release. + + -- Jörg Frings-Fürst <debian@jff-webhosting.net> Thu, 15 Dec 2016 09:23:30 +0100 + +libonig (6.1.2-1) unstable; urgency=medium + + * New upstream release. + * debian/control: + - Bump debhelper B-D minimum version to 10. + * New debian/patches/0100-source_typos.patch. + + -- Jörg Frings-Fürst <debian@jff-webhosting.net> Wed, 09 Nov 2016 23:16:44 +0100 + +libonig (6.1.1-2) unstable; urgency=medium + + * Upload to unstable. + + -- Jörg Frings-Fürst <debian@jff-webhosting.net> Sun, 04 Sep 2016 21:26:20 +0200 + +libonig (6.1.1-1) experimental; urgency=medium + + * New upstream release. + + -- Jörg Frings-Fürst <debian@jff-webhosting.net> Sat, 03 Sep 2016 02:42:58 +0200 + +libonig (6.1.0-1) experimental; urgency=medium + + * New upstream release. + - NEW API: onig_scan(). + * debian/control: + - To match with the soname rename packages from liboing3 to libonig4. + * debian/rules: + - Rename liboing3 to libonig4. + * Renew debian/symbols. + + -- Jörg Frings-Fürst <debian@jff-webhosting.net> Wed, 31 Aug 2016 04:18:16 +0200 + +libonig (6.0.0-1) experimental; urgency=medium + + * New upstream release. + * debian/control: + - Remove dpkg from libonig2-dbg Pre-Depends because redundance + with ${misc:Pre-Depends}. + - Replace homepage to the new loacation. + - To match with the soname rename packages from liboing2 to libonig3. + - Bump Standards-Version to 3.9.8 (no changes required). + - Change Vcs-* to secure URIs. + * debian/rules: + - Rename liboing2 to libonig3. + * debian/watch: + - Move to github. + - Bump version to 4 (no changes required). + * debian/copyright: + - Replace homepage and upstream mail address. + - Add year 2016. + * Remove the not Multi-Arch conform file /usr/bin/onig-config and + the man page. + * Remove now useless debian/libonig3-dbg.maintscript. + * Set compat level to 10. + + -- Jörg Frings-Fürst <debian@jff-webhosting.net> Sat, 14 May 2016 17:53:39 +0200 + +libonig (5.9.6-1) unstable; urgency=medium + + * New upstream release. + * Refresh debian/patches/001-changes_build_sys.diff. + * Refresh debian/symbols. + * debian/rules: + - rewrite override_dh_strip. + - Add dpkg-gensymbols to generate symbol file(s) + on every build. + * debian/copyright: + Add year 2015 to my entry at debian/*. + * debian/control: + - Remove useless Depends ${shlibs:Depends} from libonig2-dbg + and libonig-dev + - Add dpkg and ${misc:Pre-Depends} to Depends of libonig2-dbg + to prevent error on upgrade wheezy to jessie (Closes: #769556). + - Bump Standards-Version to 3.9.6 (no changes required). + - Add Vcs-* fields pointed to alioth. + - Remove deprecated hardening-wrapper from Build-Depends + (Closes: #774485). + - Rewrite Descriptions (Closes: #774520). + * debian/*.postrm, debian/*.postinst, debian/*.preinst: + - Delete them and move the dpkg-maintscript-helper to + debian/libonig2-dbg.maintscript. + * New debian/libonig2-dbg.maintscript: + - Add symlink_to_dir calls. + - Change version in calls of symlink_to_dir to 5.9.6-1~. + * Add Vcs + * Add missing MNU changelog entries. Both don't provide a patch with + the changes and the first one causes a new RC-Bug. + + -- Jörg Frings-Fürst <debian@jff-webhosting.net> Mon, 05 Jan 2015 10:49:52 +0100 + +libonig (5.9.5-3.2) unstable; urgency=medium + + * Non-maintainer upload. + * Fix version for calls to dpkg-maintscript-helper symlink_to_dir. + (closes: #769556). + + -- Ivo De Decker <ivodd@debian.org> Sun, 28 Dec 2014 12:11:12 +0100 + +libonig (5.9.5-3.1) unstable; urgency=high + + * Non-maintainer upload. + * Add missing pre-dependency on dpkg for dpkg-maintscript-helper + symlink_to_dir (closes: #769556). + + -- Julien Cristau <jcristau@debian.org> Sat, 15 Nov 2014 11:53:45 +0100 + +libonig (5.9.5-3) unstable; urgency=medium + + * Add debian/libonig2-dbg.(preinst|postinst|postrm) to prevent + error on upgrade wheezy to jessie. (Closes: #768267) + + -- Jörg Frings-Fürst <debian@jff-webhosting.net> Thu, 06 Nov 2014 21:32:20 +0100 + +libonig (5.9.5-2) unstable; urgency=medium + + * rename debian/*.doc-base + * add html files to doc + * change debian/rules for hardening + * remove Multi-Arch from libonig-dev (Closes: #747897) + + -- Jörg Frings-Fürst <debian@jff-webhosting.net> Tue, 13 May 2014 10:25:38 +0200 + +libonig (5.9.5-1) unstable; urgency=medium + + * remove *.so.* files from libonig2-dbg + (same files as in libonig2) + * add debian/libonig-dev.doc-base + * add debian/symbols + * rewrite debian/copyright + * rewrite debian/rules (Closes: #645940) + * patch buildsystem (Closes: #734683) + * change lib version to 2.1.0 + * Bump compat to 9 + * Update to upstream version 5.9.5 (Closes: #661616) + * Bump Standarts to 3.9.5 + * New Maintainer (Closes: #747187) + + -- Jörg Frings-Fürst <debian@jff-webhosting.net> Wed, 07 May 2014 16:39:54 +0200 + +libonig (5.9.1-1) unstable; urgency=low + + [ Max Kellermann ] + * new upstream release + * acknowledge NMU, thanks Laurent (closes: #426355) + * run test suite after build + * added watch file + * bumped Standards-Version to 3.7.3 + * added homepage header to debian/control + * priority "extra" + + -- Alexander Wirt <formorer@debian.org> Mon, 07 Jan 2008 11:46:27 +0100 + +libonig (5.9.0-0.1) unstable; urgency=low + + * Non-maintainer upload. + * New upstream release (Closes: #426355) + * debian/control: + - Use binary:Version instead of Source-Version + * debian/rules: + - Don't hide make distclean error + - Fix copy of config.{sub,guess} + - Remove deprecated DH_COMPAT and use compat file instead + + -- Laurent Bigonville <bigon@bigon.be> Sat, 04 Aug 2007 15:07:34 +0200 + +libonig (5.5.2-1) unstable; urgency=low + + * new upstream release + + -- Max Kellermann <max@duempel.org> Wed, 14 Feb 2007 23:12:29 +0100 + +libonig (5.5.0-1) unstable; urgency=low + + [ Max Kellermann ] + * new upstream release + * update config.{sub,guess} in debian/rules + * removed libonig.la + + -- Alexander Wirt <formorer@debian.org> Wed, 6 Dec 2006 20:51:10 +0100 + +libonig (5.2.0-1) unstable; urgency=low + + * new upstream release + * updated copyright file since license has been changed to BSD + + -- Max Kellermann <max@duempel.org> Wed, 15 Nov 2006 09:32:24 +0100 + +libonig (4.4.4-1) unstable; urgency=low + + * initial debian release (Closes: #388412) + + -- Max Kellermann <max@duempel.org> Wed, 20 Sep 2006 12:17:40 +0200 diff --git a/debian/compat b/debian/compat new file mode 100644 index 0000000..48082f7 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +12 diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..bad90d6 --- /dev/null +++ b/debian/control @@ -0,0 +1,40 @@ +Source: libonig +Section: libs +Priority: extra +Maintainer: Jörg Frings-Fürst <debian@jff.email> +Build-Depends: + debhelper (>= 12) +Standards-Version: 4.4.0 +Homepage: https://github.com/kkos/oniguruma +Vcs-Git: git://jff.email/opt/git/libonig.git +Vcs-Browser: https://jff.email/cgit/libonig.git + +Package: libonig5 +Priority: optional +Architecture: any +Multi-Arch: same +Depends: + ${misc:Depends}, + ${shlibs:Depends} +Pre-Depends: + ${misc:Pre-Depends} +Description: regular expressions library + Oniguruma is a library for working with regular expressions. + . + Different character encoding for every regular expression object can + be specified. + +Package: libonig-dev +Section: libdevel +Priority: optional +Architecture: any +Depends: + ${misc:Depends}, + libonig5 (= ${binary:Version}) +Description: regular expressions library — development files + Oniguruma is a library for working with regular expressions. + . + Different character encoding for every regular expression object can + be specified. + . + This package provides development files and static libraries. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..cd813f1 --- /dev/null +++ b/debian/copyright @@ -0,0 +1,52 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0 +Source: https://github.com/kkos/oniguruma + +Files: * +Copyright: 2002-2018 K.Kosako <kkosako0@gmail.com> +License: BSD-2-clause + +License: BSD-2-clause + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + . + THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + SUCH DAMAGE. + + +Files: debian/* +Copyright: 2006-2008 Max Kellermann <max@duempel.org> + 2014-2018 Jörg Frings-Fürst <debian@jff.email> +License: GPL-2+ + +License: GPL-2+ + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + . + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + . + On Debian systems, the full text of the GNU General Public License version 2 + can be found in the file `/usr/share/common-licenses/GPL-2'. + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. diff --git a/debian/libonig-dev.doc-base b/debian/libonig-dev.doc-base new file mode 100644 index 0000000..8dab269 --- /dev/null +++ b/debian/libonig-dev.doc-base @@ -0,0 +1,16 @@ +Document: libonig2 +Title: Oniguruma Library Documentation +Section: Programming/C++ + +Format: Text +Files: /usr/share/doc/libonig-dev/API.gz + /usr/share/doc/libonig-dev/API.ja.gz + /usr/share/doc/libonig-dev/FAQ + /usr/share/doc/libonig-dev/FAQ.ja + /usr/share/doc/libonig-dev/RE.gz + /usr/share/doc/libonig-dev/RE.ja.gz + /usr/share/doc/libonig-dev/README.gz + +Format: HTML +Index: /usr/share/doc/libonig-dev/index.html +Files: /usr/share/doc/libonig-dev/*.html diff --git a/debian/libonig-dev.docs b/debian/libonig-dev.docs new file mode 100644 index 0000000..b8be5a0 --- /dev/null +++ b/debian/libonig-dev.docs @@ -0,0 +1,10 @@ +AUTHORS +README +doc/API +doc/API.ja +doc/FAQ +doc/FAQ.ja +doc/RE +doc/RE.ja +index.html +index_ja.html diff --git a/debian/libonig-dev.examples b/debian/libonig-dev.examples new file mode 100644 index 0000000..cfdeec6 --- /dev/null +++ b/debian/libonig-dev.examples @@ -0,0 +1 @@ +sample/*.c diff --git a/debian/libonig-dev.install b/debian/libonig-dev.install new file mode 100644 index 0000000..1ec5d42 --- /dev/null +++ b/debian/libonig-dev.install @@ -0,0 +1,3 @@ +usr/lib/*/lib*.so +usr/include +usr/lib/*/pkgconfig/* diff --git a/debian/libonig5-dbg.dirs b/debian/libonig5-dbg.dirs new file mode 100644 index 0000000..7276ecd --- /dev/null +++ b/debian/libonig5-dbg.dirs @@ -0,0 +1 @@ +usr/share/doc diff --git a/debian/libonig5.install b/debian/libonig5.install new file mode 100644 index 0000000..3ddde58 --- /dev/null +++ b/debian/libonig5.install @@ -0,0 +1 @@ +usr/lib/*/lib*.so.* diff --git a/debian/patches/0100-source_typos.patch b/debian/patches/0100-source_typos.patch new file mode 100644 index 0000000..6444b65 --- /dev/null +++ b/debian/patches/0100-source_typos.patch @@ -0,0 +1,18 @@ +Description: Fix typos +Author: Jörg Frings-Fürst <debian@jff-webhosting.net> +Last-Update: 2016-11-09 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: trunk/src/regerror.c +=================================================================== +--- trunk.orig/src/regerror.c ++++ trunk/src/regerror.c +@@ -63,7 +63,7 @@ onig_error_code_to_format(int code) + case ONIGERR_UNEXPECTED_BYTECODE: + p = "unexpected bytecode (bug)"; break; + case ONIGERR_DEFAULT_ENCODING_IS_NOT_SETTED: +- p = "default multibyte-encoding is not setted"; break; ++ p = "default multibyte-encoding is not set"; break; + case ONIGERR_SPECIFIED_ENCODING_CANT_CONVERT_TO_WIDE_CHAR: + p = "can't convert to wide-char on specified multibyte-encoding"; break; + case ONIGERR_FAIL_TO_INITIALIZE: diff --git a/debian/patches/0105-CVE-2019-13224.patch b/debian/patches/0105-CVE-2019-13224.patch new file mode 100644 index 0000000..6ea4f95 --- /dev/null +++ b/debian/patches/0105-CVE-2019-13224.patch @@ -0,0 +1,38 @@ +Description: CVE-2019-13224 + don't allow different encodings for onig_new_deluxe() +Origin: upstream, https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931878 +Last-Update: 2019-07-12 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: trunk/src/regext.c +=================================================================== +--- trunk.orig/src/regext.c ++++ trunk/src/regext.c +@@ -29,6 +29,7 @@ + + #include "regint.h" + ++#if 0 + static void + conv_ext0be32(const UChar* s, const UChar* end, UChar* conv) + { +@@ -158,6 +159,7 @@ conv_encoding(OnigEncoding from, OnigEnc + + return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION; + } ++#endif + + extern int + onig_new_deluxe(regex_t** reg, const UChar* pattern, const UChar* pattern_end, +@@ -169,9 +171,7 @@ onig_new_deluxe(regex_t** reg, const UCh + if (IS_NOT_NULL(einfo)) einfo->par = (UChar* )NULL; + + if (ci->pattern_enc != ci->target_enc) { +- r = conv_encoding(ci->pattern_enc, ci->target_enc, pattern, pattern_end, +- &cpat, &cpat_end); +- if (r != 0) return r; ++ return ONIGERR_NOT_SUPPORTED_ENCODING_COMBINATION; + } + else { + cpat = (UChar* )pattern; diff --git a/debian/patches/0110-CVE-2019-13225.patch b/debian/patches/0110-CVE-2019-13225.patch new file mode 100644 index 0000000..be9e152 --- /dev/null +++ b/debian/patches/0110-CVE-2019-13225.patch @@ -0,0 +1,66 @@ +Description: CVE-2019-13225 + problem in converting if-then-else pattern to bytecode. +Origin: upstream, https://github.com/kkos/oniguruma/commit/c509265c5f6ae7264f7b8a8aae1cfa5fc59d108c +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931878 +Last-Update: 2019-07-12 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: trunk/src/regcomp.c +=================================================================== +--- trunk.orig/src/regcomp.c ++++ trunk/src/regcomp.c +@@ -1307,8 +1307,9 @@ compile_length_bag_node(BagNode* node, r + len += tlen; + } + ++ len += SIZE_OP_JUMP + SIZE_OP_ATOMIC_END; ++ + if (IS_NOT_NULL(Else)) { +- len += SIZE_OP_JUMP; + tlen = compile_length_tree(Else, reg); + if (tlen < 0) return tlen; + len += tlen; +@@ -1455,7 +1456,7 @@ compile_bag_node(BagNode* node, regex_t* + + case BAG_IF_ELSE: + { +- int cond_len, then_len, jump_len; ++ int cond_len, then_len, else_len, jump_len; + Node* cond = NODE_BAG_BODY(node); + Node* Then = node->te.Then; + Node* Else = node->te.Else; +@@ -1472,8 +1473,7 @@ compile_bag_node(BagNode* node, regex_t* + else + then_len = 0; + +- jump_len = cond_len + then_len + SIZE_OP_ATOMIC_END; +- if (IS_NOT_NULL(Else)) jump_len += SIZE_OP_JUMP; ++ jump_len = cond_len + then_len + SIZE_OP_ATOMIC_END + SIZE_OP_JUMP; + + r = add_op(reg, OP_PUSH); + if (r != 0) return r; +@@ -1490,11 +1490,20 @@ compile_bag_node(BagNode* node, regex_t* + } + + if (IS_NOT_NULL(Else)) { +- int else_len = compile_length_tree(Else, reg); +- r = add_op(reg, OP_JUMP); +- if (r != 0) return r; +- COP(reg)->jump.addr = else_len + SIZE_INC_OP; ++ else_len = compile_length_tree(Else, reg); ++ if (else_len < 0) return else_len; ++ } ++ else ++ else_len = 0; + ++ r = add_op(reg, OP_JUMP); ++ if (r != 0) return r; ++ COP(reg)->jump.addr = SIZE_OP_ATOMIC_END + else_len + SIZE_INC_OP; ++ ++ r = add_op(reg, OP_ATOMIC_END); ++ if (r != 0) return r; ++ ++ if (IS_NOT_NULL(Else)) { + r = compile_tree(Else, reg, env); + } + } diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..e924636 --- /dev/null +++ b/debian/patches/series @@ -0,0 +1,3 @@ +0100-source_typos.patch +0105-CVE-2019-13224.patch +0110-CVE-2019-13225.patch diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..ee95689 --- /dev/null +++ b/debian/rules @@ -0,0 +1,31 @@ +#!/usr/bin/make -f +# -*- makefile -*- +# Sample debian/rules that uses debhelper. +# This file was originally written by Joey Hess and Craig Small. +# As a special exception, when this file is copied by dh-make into a +# dh-make output file, you may use that output file without restriction. +# This special exception was added by Craig Small in version 0.37 of dh-make. + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +# +# Test for gcc-6 support +# +#export CC=gcc-6 +#export CXX=g++-6 + +export DEB_BUILD_MAINT_OPTIONS = hardening=+all + +VERSION = $(shell head -n1 debian/changelog | sed -e 's/.*(//;s/-.*).*//;s/\+/\-/') + +%: + dh $@ + +override_dh_install: + $(RM) debian/tmp/usr/bin/onig-config + dh_install -X.la -X.a + +override_dh_makeshlibs: + dh_makeshlibs + dpkg-gensymbols -v$(VERSION) -plibonig5 diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/debian/symbols b/debian/symbols new file mode 100644 index 0000000..06628e7 --- /dev/null +++ b/debian/symbols @@ -0,0 +1,307 @@ +libonig.so.5 libonig5 #MINVER# + OnigAsciiLowerMap@Base 6.8.1 + OnigDefaultCaseFoldFlag@Base 6.8.1 + OnigDefaultSyntax@Base 6.8.1 + OnigEncAsciiCtypeTable@Base 6.8.1 + OnigEncAsciiToLowerCaseTable@Base 6.8.1 + OnigEncDefaultCharEncoding@Base 6.8.1 + OnigEncISO_8859_1_ToLowerCaseTable@Base 6.8.1 + OnigEncodingASCII@Base 6.8.1 + OnigEncodingBIG5@Base 6.8.1 + OnigEncodingCP1251@Base 6.8.1 + OnigEncodingEUC_CN@Base 6.8.1 + OnigEncodingEUC_JP@Base 6.8.1 + OnigEncodingEUC_KR@Base 6.8.1 + OnigEncodingEUC_TW@Base 6.8.1 + OnigEncodingGB18030@Base 6.8.1 + OnigEncodingISO_8859_10@Base 6.8.1 + OnigEncodingISO_8859_11@Base 6.8.1 + OnigEncodingISO_8859_13@Base 6.8.1 + OnigEncodingISO_8859_14@Base 6.8.1 + OnigEncodingISO_8859_15@Base 6.8.1 + OnigEncodingISO_8859_16@Base 6.8.1 + OnigEncodingISO_8859_1@Base 6.8.1 + OnigEncodingISO_8859_2@Base 6.8.1 + OnigEncodingISO_8859_3@Base 6.8.1 + OnigEncodingISO_8859_4@Base 6.8.1 + OnigEncodingISO_8859_5@Base 6.8.1 + OnigEncodingISO_8859_6@Base 6.8.1 + OnigEncodingISO_8859_7@Base 6.8.1 + OnigEncodingISO_8859_8@Base 6.8.1 + OnigEncodingISO_8859_9@Base 6.8.1 + OnigEncodingKOI8_R@Base 6.8.1 + OnigEncodingSJIS@Base 6.8.1 + OnigEncodingUTF16_BE@Base 6.8.1 + OnigEncodingUTF16_LE@Base 6.8.1 + OnigEncodingUTF32_BE@Base 6.8.1 + OnigEncodingUTF32_LE@Base 6.8.1 + OnigEncodingUTF8@Base 6.8.1 + OnigSyntaxASIS@Base 6.8.1 + OnigSyntaxEmacs@Base 6.8.1 + OnigSyntaxGnuRegex@Base 6.8.1 + OnigSyntaxGrep@Base 6.8.1 + OnigSyntaxJava@Base 6.8.1 + OnigSyntaxOniguruma@Base 6.8.1 + OnigSyntaxPerl@Base 6.8.1 + OnigSyntaxPerl_NG@Base 6.8.1 + OnigSyntaxPosixBasic@Base 6.8.1 + OnigSyntaxPosixExtended@Base 6.8.1 + OnigSyntaxRuby@Base 6.8.1 + OnigUnicodeFolds1@Base 6.8.1 + OnigUnicodeFolds2@Base 6.8.1 + OnigUnicodeFolds3@Base 6.8.1 + onig_add_end_call@Base 6.8.1 + onig_builtin_cmp@Base 6.8.1 + onig_builtin_count@Base 6.8.1 + onig_builtin_error@Base 6.8.1 + onig_builtin_fail@Base 6.8.1 + onig_builtin_max@Base 6.8.1 + onig_builtin_mismatch@Base 6.8.1 + onig_builtin_total_count@Base 6.8.1 + onig_callout_tag_is_exist_at_callout_num@Base 6.8.1 + onig_callout_tag_table_free@Base 6.8.1 + onig_capture_tree_traverse@Base 6.8.1 + onig_check_callout_data_and_clear_old_values@Base 6.8.1 + onig_codes_byte_at@Base 6.8.1 + onig_codes_cmp@Base 6.8.1 + onig_compile@Base 6.8.1 + onig_copy_encoding@Base 6.8.1 + onig_copy_syntax@Base 6.8.1 + onig_copyright@Base 6.8.1 + onig_end@Base 6.8.1 + onig_error_code_to_format@Base 6.8.1 + onig_error_code_to_str@Base 6.8.1 + onig_ext_set_pattern@Base 6.8.1 + onig_foreach_name@Base 6.8.1 + onig_free@Base 6.8.1 + onig_free_body@Base 6.8.1 + onig_free_match_param@Base 6.8.1 + onig_free_match_param_content@Base 6.8.1 + onig_free_reg_callout_list@Base 6.8.1 + onig_get_arg_by_callout_args@Base 6.8.1 + onig_get_args_num_by_callout_args@Base 6.8.1 + onig_get_callout_data@Base 6.8.1 + onig_get_callout_data_by_callout_args@Base 6.8.1 + onig_get_callout_data_by_callout_args_self@Base 6.8.1 + onig_get_callout_data_by_callout_args_self_dont_clear_old@Base 6.8.1 + onig_get_callout_data_by_tag@Base 6.8.1 + onig_get_callout_data_dont_clear_old@Base 6.8.1 + onig_get_callout_end_func_by_name_id@Base 6.8.1 + onig_get_callout_in_by_callout_args@Base 6.8.1 + onig_get_callout_in_by_name_id@Base 6.8.1 + onig_get_callout_name_by_name_id@Base 6.8.1 + onig_get_callout_num_by_callout_args@Base 6.8.1 + onig_get_callout_num_by_tag@Base 6.8.1 + onig_get_callout_start_func@Base 6.8.1 + onig_get_callout_start_func_by_name_id@Base 6.8.1 + onig_get_callout_tag_end@Base 6.8.1 + onig_get_callout_tag_start@Base 6.8.1 + onig_get_callout_type_by_name_id@Base 6.8.1 + onig_get_capture_range_in_callout@Base 6.8.1 + onig_get_capture_tree@Base 6.8.1 + onig_get_case_fold_flag@Base 6.8.1 + onig_get_contents_by_callout_args@Base 6.8.1 + onig_get_contents_end_by_callout_args@Base 6.8.1 + onig_get_current_by_callout_args@Base 6.8.1 + onig_get_default_case_fold_flag@Base 6.8.1 + onig_get_encoding@Base 6.8.1 + onig_get_match_stack_limit_size@Base 6.8.1 + onig_get_name_id_by_callout_args@Base 6.8.1 + onig_get_options@Base 6.8.1 + onig_get_parse_depth_limit@Base 6.8.1 + onig_get_passed_args_num_by_callout_args@Base 6.8.1 + onig_get_progress_callout@Base 6.8.1 + onig_get_regex_by_callout_args@Base 6.8.1 + onig_get_regex_ext@Base 6.8.1 + onig_get_retraction_callout@Base 6.8.1 + onig_get_retry_counter_by_callout_args@Base 6.8.1 + onig_get_retry_limit_in_match@Base 6.8.1 + onig_get_right_range_by_callout_args@Base 6.8.1 + onig_get_start_by_callout_args@Base 6.8.1 + onig_get_string_by_callout_args@Base 6.8.1 + onig_get_string_end_by_callout_args@Base 6.8.1 + onig_get_syntax@Base 6.8.1 + onig_get_syntax_behavior@Base 6.8.1 + onig_get_syntax_op2@Base 6.8.1 + onig_get_syntax_op@Base 6.8.1 + onig_get_syntax_options@Base 6.8.1 + onig_get_used_stack_size_in_callout@Base 6.8.1 + onig_global_callout_names_free@Base 6.8.1 + onig_init@Base 6.8.1 + onig_init_for_match_at@Base 6.9.2 + onig_initialize@Base 6.8.1 + onig_initialize_encoding@Base 6.8.1 + onig_initialize_match_param@Base 6.8.1 + onig_is_code_in_cc@Base 6.8.1 + onig_is_code_in_cc_len@Base 6.8.1 + onig_is_in_code_range@Base 6.8.1 + onig_match@Base 6.8.1 + onig_match_with_param@Base 6.8.1 + onig_name_to_backref_number@Base 6.8.1 + onig_name_to_group_numbers@Base 6.8.1 + onig_names_free@Base 6.8.1 + onig_new@Base 6.8.1 + onig_new_deluxe@Base 6.8.1 + onig_new_match_param@Base 6.8.1 + onig_new_without_alloc@Base 6.8.1 + onig_node_conv_to_str_node@Base 6.8.1 + onig_node_free@Base 6.8.1 + onig_node_list_add@Base 6.8.1 + onig_node_new_alt@Base 6.8.1 + onig_node_new_anchor@Base 6.8.1 + onig_node_new_bag@Base 6.9.1 + onig_node_new_list@Base 6.8.1 + onig_node_new_str@Base 6.8.1 + onig_node_str_cat@Base 6.8.1 + onig_node_str_clear@Base 6.8.1 + onig_node_str_set@Base 6.8.1 + onig_noname_group_capture_is_active@Base 6.8.1 + onig_null_warn@Base 6.8.1 + onig_number_of_capture_histories@Base 6.8.1 + onig_number_of_captures@Base 6.8.1 + onig_number_of_names@Base 6.8.1 + onig_parse_tree@Base 6.8.1 + onig_positive_int_multiply@Base 6.9.1 + onig_reduce_nested_quantifier@Base 6.8.1 + onig_reg_callout_list_at@Base 6.8.1 + onig_reg_init@Base 6.8.1 + onig_region_clear@Base 6.8.1 + onig_region_copy@Base 6.8.1 + onig_region_free@Base 6.8.1 + onig_region_init@Base 6.8.1 + onig_region_new@Base 6.8.1 + onig_region_resize@Base 6.8.1 + onig_region_set@Base 6.8.1 + onig_renumber_name_table@Base 6.8.1 + onig_scan@Base 6.8.1 + onig_scan_env_set_error_string@Base 6.8.1 + onig_scan_unsigned_number@Base 6.8.1 + onig_search@Base 6.8.1 + onig_search_with_param@Base 6.8.1 + onig_set_callout_data@Base 6.8.1 + onig_set_callout_data_by_callout_args@Base 6.8.1 + onig_set_callout_data_by_callout_args_self@Base 6.8.1 + onig_set_callout_data_by_tag@Base 6.8.1 + onig_set_callout_of_name@Base 6.8.1 + onig_set_callout_user_data_of_match_param@Base 6.8.2 + onig_set_capture_num_limit@Base 6.8.1 + onig_set_default_case_fold_flag@Base 6.8.1 + onig_set_default_syntax@Base 6.8.1 + onig_set_match_stack_limit_size@Base 6.8.1 + onig_set_match_stack_limit_size_of_match_param@Base 6.8.1 + onig_set_meta_char@Base 6.8.1 + onig_set_parse_depth_limit@Base 6.8.1 + onig_set_progress_callout@Base 6.8.1 + onig_set_progress_callout_of_match_param@Base 6.8.1 + onig_set_retraction_callout@Base 6.8.1 + onig_set_retraction_callout_of_match_param@Base 6.8.1 + onig_set_retry_limit_in_match@Base 6.8.1 + onig_set_retry_limit_in_match_of_match_param@Base 6.8.1 + onig_set_syntax_behavior@Base 6.8.1 + onig_set_syntax_op2@Base 6.8.1 + onig_set_syntax_op@Base 6.8.1 + onig_set_syntax_options@Base 6.8.1 + onig_set_verb_warn_func@Base 6.8.1 + onig_set_warn_func@Base 6.8.1 + onig_setup_builtin_monitors_by_ascii_encoded_name@Base 6.8.1 + onig_snprintf_with_pattern@Base 6.8.1 + onig_st_add_direct@Base 6.8.1 + onig_st_cleanup_safe@Base 6.8.1 + onig_st_copy@Base 6.8.1 + onig_st_delete@Base 6.8.1 + onig_st_delete_safe@Base 6.8.1 + onig_st_foreach@Base 6.8.1 + onig_st_free_table@Base 6.8.1 + onig_st_init_callout_name_table_with_size@Base 6.8.1 + onig_st_init_numtable@Base 6.8.1 + onig_st_init_numtable_with_size@Base 6.8.1 + onig_st_init_strend_table_with_size@Base 6.8.1 + onig_st_init_strtable@Base 6.8.1 + onig_st_init_strtable_with_size@Base 6.8.1 + onig_st_init_table@Base 6.8.1 + onig_st_init_table_with_size@Base 6.8.1 + onig_st_insert@Base 6.8.1 + onig_st_insert_strend@Base 6.8.1 + onig_st_lookup@Base 6.8.1 + onig_st_lookup_callout_name_table@Base 6.8.1 + onig_st_lookup_strend@Base 6.8.1 + onig_strcpy@Base 6.8.1 + onig_strncmp@Base 6.8.1 + onig_unicode_define_user_property@Base 6.8.1 + onig_version@Base 6.8.1 + onig_warning@Base 6.8.1 + onigenc_always_false_is_allowed_reverse_match@Base 6.8.1 + onigenc_always_true_is_allowed_reverse_match@Base 6.8.1 + onigenc_always_true_is_valid_mbc_string@Base 6.8.1 + onigenc_apply_all_case_fold_with_map@Base 6.8.1 + onigenc_ascii_apply_all_case_fold@Base 6.8.1 + onigenc_ascii_get_case_fold_codes_by_str@Base 6.8.1 + onigenc_ascii_mbc_case_fold@Base 6.8.1 + onigenc_egcb_is_break_position@Base 6.8.1 + onigenc_end@Base 6.8.1 + onigenc_euc_jp_lookup_property_name@Base 6.9.0 + onigenc_get_case_fold_codes_by_str_with_map@Base 6.8.1 + onigenc_get_default_encoding@Base 6.8.1 + onigenc_get_left_adjust_char_head@Base 6.8.1 + onigenc_get_prev_char_head@Base 6.8.1 + onigenc_get_right_adjust_char_head@Base 6.8.1 + onigenc_get_right_adjust_char_head_with_prev@Base 6.8.1 + onigenc_init@Base 6.8.1 + onigenc_is_mbc_newline_0x0a@Base 6.8.1 + onigenc_is_mbc_word_ascii@Base 6.8.1 + onigenc_is_valid_mbc_string@Base 6.8.1 + onigenc_length_check_is_valid_mbc_string@Base 6.8.1 + onigenc_mb2_code_to_mbc@Base 6.8.1 + onigenc_mb2_code_to_mbclen@Base 6.8.1 + onigenc_mb2_is_code_ctype@Base 6.8.1 + onigenc_mb4_code_to_mbc@Base 6.8.1 + onigenc_mb4_code_to_mbclen@Base 6.8.1 + onigenc_mb4_is_code_ctype@Base 6.8.1 + onigenc_mbn_mbc_case_fold@Base 6.8.1 + onigenc_mbn_mbc_to_code@Base 6.8.1 + onigenc_minimum_property_name_to_ctype@Base 6.8.1 + onigenc_not_support_get_ctype_code_range@Base 6.8.1 + onigenc_set_default_caseconv_table@Base 6.8.1 + onigenc_set_default_encoding@Base 6.8.1 + onigenc_single_byte_code_to_mbc@Base 6.8.1 + onigenc_single_byte_code_to_mbclen@Base 6.8.1 + onigenc_single_byte_left_adjust_char_head@Base 6.8.1 + onigenc_single_byte_mbc_enc_len@Base 6.8.1 + onigenc_single_byte_mbc_to_code@Base 6.8.1 + onigenc_sjis_lookup_property_name@Base 6.9.0 + onigenc_step@Base 6.8.1 + onigenc_step_back@Base 6.8.1 + onigenc_str_bytelen_null@Base 6.8.1 + onigenc_strdup@Base 6.8.1 + onigenc_strlen@Base 6.8.1 + onigenc_strlen_null@Base 6.8.1 + onigenc_unicode_apply_all_case_fold@Base 6.8.1 + onigenc_unicode_ctype_code_range@Base 6.8.1 + onigenc_unicode_fold1_key@Base 6.9.0 + onigenc_unicode_fold2_key@Base 6.9.0 + onigenc_unicode_fold3_key@Base 6.9.0 + onigenc_unicode_get_case_fold_codes_by_str@Base 6.8.1 + onigenc_unicode_is_code_ctype@Base 6.8.1 + onigenc_unicode_mbc_case_fold@Base 6.8.1 + onigenc_unicode_property_name_to_ctype@Base 6.8.1 + onigenc_unicode_unfold_key@Base 6.9.0 + onigenc_utf16_32_get_ctype_code_range@Base 6.8.1 + onigenc_wb_is_break_position@Base 6.9.2 + onigenc_with_ascii_strncmp@Base 6.8.1 + re_adjust_startpos@Base 6.8.1 + re_alloc_pattern@Base 6.8.1 + re_compile_pattern@Base 6.8.1 + re_free_pattern@Base 6.8.1 + re_free_registers@Base 6.8.1 + re_match@Base 6.8.1 + re_mbcinit@Base 6.8.1 + re_search@Base 6.8.1 + re_set_casetable@Base 6.8.1 + reg_foreach_name@Base 6.8.1 + reg_name_to_group_numbers@Base 6.8.1 + reg_number_of_names@Base 6.8.1 + reg_set_encoding@Base 6.8.1 + regcomp@Base 6.8.1 + regerror@Base 6.8.1 + regexec@Base 6.8.1 + regfree@Base 6.8.1 diff --git a/debian/watch b/debian/watch new file mode 100644 index 0000000..2f0e85f --- /dev/null +++ b/debian/watch @@ -0,0 +1,7 @@ +version=4 +opts=\ +dversionmangle=s/\+(debian|dfsg|ds|deb)\d*$//,\ +uversionmangle=s/(\d)[_\.\-\+]?((RC|rc|pre|dev|beta|alpha)\d*)$/$1~$2/;s/RC/rc/;s/\-/\./g;s/\_/\./g,\ +filenamemangle=s/(?:.*?)?(?:rel|v|oniguruma|ONIGURUMA)?[\-\_]?(\d\S+)\.(tgz|tbz|txz|(?:tar\.(?:gz|bz2|xz)))/oniguruma-$1.$2/ \ +https://github.com/kkos/oniguruma/tags \ +(?:.*?/)?(?:rel|v|oniguruma|ONIGURUMA)?[\-\_]?(\d\S+)\.(?:tgz|tbz|txz|(?:tar\.(?:gz|bz2|xz))) |