Skip to content

Commit

Permalink
uriparser: upgrade 0.9.5 -> 0.9.6
Browse files Browse the repository at this point in the history 
Changelog:
=========
  * Fixed: [CVE-2021-46141]
      Fix a bug affecting both uriNormalizeSyntax* and uriMakeOwner*
      functions where the text range in .hostText would not be duped using
      malloc but remain unchanged (and hence "not owned") for URIs with
      an IPv4 or IPv6 address hostname; depending on how an application
      uses uriparser, this could lead the application into a use-after-free
      situation.
      As the second half, fix uriFreeUriMembers* functions that would not
      free .hostText memory for URIs with an IPv4 or IPv6 address host;
      also, calling uriFreeUriMembers* multiple times on a URI of this
      very nature would result in trying to free pointers to stack
      (rather than heap) memory (GitHub openembedded#121, GitHub openembedded#124)
      Commit 987b046e41f407d17c622e580fc82a5e834b4329
      Commit b1a34743bc1472e055d886e29e9b53f670eb3282
  * Fixed: [CVE-2021-46142]
      Fix functions uriNormalizeSyntax* for out-of-memory situations
      (i.e. malloc returning NULL) for URIs containing empty segments
      (any of user info, host text, query, or fragment) where previously
      pointers to stack (rather than heap) memory were freed (GitHub openembedded#122,
      GitHub openembedded#124)
      Commit c0483990e6b5b454f7c8752b36760cfcb0d093f5
  * Fixed: CMake: Call "enable_language(CXX)" prior to tinkering with
      CMAKE_CXX_* variables (GitHub openembedded#110)
  * Fixed: CMake: Support absolute paths for both CMAKE_INSTALL_LIBDIR
      and CMAKE_INSTALL_INCLUDEDIR (GitHub openembedded#114)
  * Fixed: Windows: Address MSVC compiler warnings (GitHub openembedded#111, GitHub openembedded#113)
  * Fixed: Documentation: Space requirements for uriUriStringToUnixFilename
      did not take into account short form "file:/bin/bash" of RFC 8089 of 2017
      (with prefix "file:/" rather than "file:///") that uriparser supports
      since release 0.8.6 in 2018 (GitHub openembedded#118, GitHub openembedded#119)
  * Fixed: Compile error with MinGW GCC 9 related to a mismatched prototype
      for function inet_ntop (GitHub openembedded#117, GitHub openembedded#120)
  * Fixed: Compile warnings in test suite code (GitHub openembedded#120)
  * Improved: Respect variable ${CPP} in doc/preprocess.sh (GitHub openembedded#115)
  * Added: Test suite invocation for MinGW using Wine (GitHub openembedded#120)
  * Soname: 1:29:0 - see https://verbump.de/ for what these numbers do

Signed-off-by: Wang Mingyu <[email protected]>
Signed-off-by: Khem Raj <[email protected]>
  • Loading branch information
@wangmingyu84 @kraj
wangmingyu84 authored and kraj committed Jan 17, 2022
1 parent b7e94c9 commit b8174bf
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion ...ipes-support/uriparser/uriparser_0.9.5.bb → ...ipes-support/uriparser/uriparser_0.9.6.bb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ LICENSE = "BSD-3-Clause"
LIC_FILES_CHKSUM = "file://COPYING;md5=fcc5a53146c2401f4b4f6a3bdf3f0168"

SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${BP}/${BP}.tar.gz"
SRC_URI[sha256sum] = "1987466a798becb5441a491d29e762ab1a4817a525f82ef239e3d38f85605a77"
SRC_URI[sha256sum] = "10e6f90d359c1087c45f907f95e527a8aca84422251081d1533231e031a084ff"

UPSTREAM_CHECK_URI = "https://github.com/${BPN}/${BPN}/releases"

Expand Down

0 comments on commit b8174bf

Please sign in to comment.