Change-Id: I1942d5848d86e9d4ebbd2e3962b865c343db925a
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/1517
Reviewed-by: suezzelur <anishs@vmware.com>
Tested-by: suezzelur <anishs@vmware.com>
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/1522
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Sharath George
1 | 1 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,21 @@ |
0 |
+diff -rup flex-2.5.39/flex.skl flex-2.5.39-new/flex.skl |
|
1 |
+--- flex-2.5.39/flex.skl 2014-03-26 05:46:44.000000000 -0700 |
|
2 |
+@@ -1664,7 +1664,7 @@ int yyFlexLexer::yy_get_next_buffer() |
|
3 |
+ |
|
4 |
+ else |
|
5 |
+ { |
|
6 |
+- yy_size_t num_to_read = |
|
7 |
++ int num_to_read = |
|
8 |
+ YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1; |
|
9 |
+ |
|
10 |
+ while ( num_to_read <= 0 ) |
|
11 |
+@@ -1715,7 +1715,7 @@ m4_ifdef( [[M4_YY_USES_REJECT]], |
|
12 |
+ |
|
13 |
+ /* Read in more data. */ |
|
14 |
+ YY_INPUT( (&YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move]), |
|
15 |
+- YY_G(yy_n_chars), num_to_read ); |
|
16 |
++ YY_G(yy_n_chars), (yy_size_t) num_to_read ); |
|
17 |
+ |
|
18 |
+ YY_CURRENT_BUFFER_LVALUE->yy_n_chars = YY_G(yy_n_chars); |
|
19 |
+ } |
... | ... |
@@ -1,7 +1,7 @@ |
1 | 1 |
Summary: A utility for generating programs that recognize patterns in text |
2 | 2 |
Name: flex |
3 | 3 |
Version: 2.5.39 |
4 |
-Release: 2%{?dist} |
|
4 |
+Release: 3%{?dist} |
|
5 | 5 |
License: BSD |
6 | 6 |
URL: http://flex.sourceforge.net |
7 | 7 |
Group: Applications/System |
... | ... |
@@ -9,6 +9,7 @@ Vendor: VMware, Inc. |
9 | 9 |
Distribution: Photon |
10 | 10 |
Source0: http://prdownloads.sourceforge.net/flex/%{name}-%{version}.tar.xz |
11 | 11 |
%define sha1 flex=415e82bb0dc9b1713fc4802a9db2274cd8d2909a |
12 |
+Patch0: CVE-2016-6354.patch |
|
12 | 13 |
BuildRequires: m4 |
13 | 14 |
Requires: m4 |
14 | 15 |
%description |
... | ... |
@@ -26,6 +27,7 @@ flex. |
26 | 26 |
|
27 | 27 |
%prep |
28 | 28 |
%setup -q |
29 |
+%patch0 -p1 |
|
29 | 30 |
sed -i -e '/test-bison/d' tests/Makefile.in |
30 | 31 |
%build |
31 | 32 |
./configure \ |
... | ... |
@@ -66,12 +68,14 @@ make -k check |& tee %{_specdir}/%{name}-check-log || %{nocheck} |
66 | 66 |
%{_includedir}/* |
67 | 67 |
|
68 | 68 |
%changelog |
69 |
+* Thu Oct 13 2016 Kumar Kaushik <kaushikk@vmware.com> 2.5.39-3 |
|
70 |
+- Fixing Security bug CVE-2016-6354. |
|
69 | 71 |
* Tue May 24 2016 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 2.5.39-2 |
70 | 72 |
- GA - Bump release of all rpms |
71 | 73 |
* Tue Jan 12 2016 Xiaolin Li <xiaolinl@vmware.com> 2.5.39-1 |
72 | 74 |
- Updated to version 2.5.39 |
73 |
-* Mon Oct 12 2015 Xiaolin Li <xiaolinl@vmware.com> 2.5.38-3 |
|
74 |
-- Moving static lib files to devel package. |
|
75 |
+* Mon Oct 12 2015 Xiaolin Li <xiaolinl@vmware.com> 2.5.38-3 |
|
76 |
+- Moving static lib files to devel package. |
|
75 | 77 |
* Fri Jun 5 2015 Divya Thaluru <dthaluru@vmware.com> 2.5.38-2 |
76 | 78 |
- Adding m4 package to build and run time required package |
77 | 79 |
* Wed Nov 5 2014 Divya Thaluru <dthaluru@vmware.com> 2.5.38-1 |