aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/libpcre/libpcre2
AgeCommit message (Collapse)Author
2018-03-07libpcre: refresh patchesRoss Burton
The patch tool will apply patches by default with "fuzz", which is where if the hunk context isn't present but what is there is close enough, it will force the patch in. Whilst this is useful when there's just whitespace changes, when applied to source it is possible for a patch applied with fuzz to produce broken code which still compiles (see #10450). This is obviously bad. We'd like to eventually have do_patch() rejecting any fuzz on these grounds. For that to be realistic the existing patches with fuzz need to be rebased and reviewed. Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-11-05libpcre2: update to 10.30Armin Kuster
LICENSE files changed: Amend licence to relax its conditions for chains of binary distributions. removed included patches includes CVE-2017-8399 Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-30libpcre2: Fix CVE-2017-7186Robert Yang
A fuzz on libpcre1 through the pcretest utility revealed an invalid read in the library. For who is interested in a detailed description of the bug, will follow a feedback from upstream: This was a genuine bug in the 32-bit library. Thanks for finding it. The crash was caused by trying to find a Unicode property for a code value greater than 0x10ffff, the Unicode maximum, when running in non-UTF mode (where character values can be up to 0xffffffff). Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-30libpcre2: Fix CVE-2017-8786Robert Yang
The pcre2test.c in PCRE2 10.23 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-02-23libpcre2: add it for newer vteRobert Yang
There are two major versions of the PCRE library. The newest version, PCRE2, was released in 2015 and is at version 10.22. The original, very widely deployed PCRE library, originally released in 1997, is at version 8.40, and the API and feature set are stable, future releases will be for bugfixes only. All new future features will be to PCRE2, not the original PCRE 8.x series. The newer vte depends on libpcre2, so add it. (From OE-Core rev: f7165d379cb67c4d4918a8a3e9509d3d823d61da) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-06-07 09:04:48 +0000