- bsc#1082060: Update to 2.3.6:

* Fix order of arguments in SQLWriteFileDSN.c, fix unwanted
    free() in iusql.c
  * Add pkg-config files
- bsc#1082290 (CVE-2018-7409): Buffer overflow in
  unicode_to_ansi_copy() was fixed in 2.3.5
- bsc#1082484 (CVE-2018-7485): Swapped arguments in 
  SQLWriteFileDSN() in odbcinst/SQLWriteFileDSN.c
- Remove unixODBC-2.3.1-bison.patch: upstreamed
- Remove unixODBC-iaddr.patch: upstreamed
- Adapt unixODBC-2.3.1-declarations.patch to 
  unixODBC-2.3.6-declarations.patch
- Update unixODBC-gccwarnings.patch

OBS-URL: https://build.opensuse.org/package/show/server:database/unixODBC?expand=0&rev=50

unixODBC-2.3.1-bison.patch

@@ -1,22 +0,0 @@
-Index: Drivers/nn/yyparse.y
-===================================================================
---- Drivers/nn/yyparse.y.orig
-+++ Drivers/nn/yyparse.y
-@@ -36,7 +36,7 @@ static	char	sccsid[]
- # define yylex()		nnsql_yylex(&yylval, pyyenv)
- #endif
- 
--#define yyparse(x)		nnsql_yyparse	(pyyenv)
-+#define yyparse(x)		nnsql_yyparse	(yyenv_t* pyyenv)
- #define yyerror(msg)		nnsql_yyerror (pyyenv, msg)
- #define SETYYERROR(env, code)	{ env->pstmt->errcode = code; \
- 				  env->pstmt->errpos = env->errpos;}
-@@ -1197,7 +1197,7 @@ static int	add_ins_value( yystmt_t* pstm
- {
- 	if( !idx )
- 	{
--		MEM_FREE(pstmt->ins_values)
-+		MEM_FREE(pstmt->ins_values);
- 		pstmt->ins_values = (node_t*)MEM_ALLOC( FILTER_CHUNK_SIZE * sizeof(node_t));
- 	}
- 	else if( ! idx%FILTER_CHUNK_SIZE )

unixODBC-2.3.1-declarations.patch

@@ -1,180 +0,0 @@
-Index: Drivers/nn/SQLBindCol.c
-===================================================================
---- Drivers/nn/SQLBindCol.c.orig
-+++ Drivers/nn/SQLBindCol.c
-@@ -14,6 +14,7 @@
- **/
- #include <config.h>
- #include "driver.h"
-+#include <string.h>
- 
- RETCODE SQL_API SQLBindCol(
- 								  HSTMT hstmt,
-Index: Drivers/nn/SQLBindParameter.c
-===================================================================
---- Drivers/nn/SQLBindParameter.c.orig
-+++ Drivers/nn/SQLBindParameter.c
-@@ -13,6 +13,7 @@
-     GNU General Public License for more details.
- **/
- #include <config.h>
-+#include <string.h>
- #include "driver.h"
- 
- RETCODE SQL_API SQLBindParameter(
-Index: Drivers/nn/SQLDescribeCol.c
-===================================================================
---- Drivers/nn/SQLDescribeCol.c.orig
-+++ Drivers/nn/SQLDescribeCol.c
-@@ -14,6 +14,7 @@
- **/
- #include <config.h>
- #include "driver.h"
-+#include <string.h>
- 
- RETCODE SQL_API SQLDescribeCol(
- 										HSTMT hstmt,
-Index: Drivers/nn/SQLError.c
-===================================================================
---- Drivers/nn/SQLError.c.orig
-+++ Drivers/nn/SQLError.c
-@@ -14,6 +14,7 @@
- **/
- #include <config.h>
- #include "driver.h"
-+#include <string.h>
- 
- RETCODE SQL_API SQLError(
- 								HENV  henv,
-Index: Drivers/nn/SQLFetch.c
-===================================================================
---- Drivers/nn/SQLFetch.c.orig
-+++ Drivers/nn/SQLFetch.c
-@@ -14,6 +14,7 @@
- **/
- #include <config.h>
- #include "driver.h"
-+#include <string.h>
- 
- RETCODE SQL_API SQLFetch( HSTMT hstmt )
- {
-Index: Drivers/nn/SQLGetData.c
-===================================================================
---- Drivers/nn/SQLGetData.c.orig
-+++ Drivers/nn/SQLGetData.c
-@@ -14,6 +14,7 @@
- **/
- #include <config.h>
- #include "driver.h"
-+#include <string.h>
- 
- RETCODE SQL_API SQLGetData(
- 								  HSTMT hstmt,
-Index: Drivers/nn/SQLPutData.c
-===================================================================
---- Drivers/nn/SQLPutData.c.orig
-+++ Drivers/nn/SQLPutData.c
-@@ -14,6 +14,7 @@
- **/
- #include <config.h>
- #include "driver.h"
-+#include <string.h>
- 
- RETCODE SQL_API SQLPutData(
- 								  HSTMT hstmt,
-Index: Drivers/nn/convert.c
-===================================================================
---- Drivers/nn/convert.c.orig
-+++ Drivers/nn/convert.c
-@@ -14,6 +14,7 @@
- **/
- #include <config.h>
- #include "driver.h"
-+#include <string.h>
- 
- /* It looks silly to use a MEM_ALLOC() in function char2str(), etc,
-  * for converting C data type into STRING SQL data type. Esspecially
-Index: Drivers/nn/nndate.c
-===================================================================
---- Drivers/nn/nndate.c.orig
-+++ Drivers/nn/nndate.c
-@@ -16,6 +16,7 @@
- #include	<nnconfig.h>
- 
- #include	<nndate.h>
-+#include	<string.h>
- #include	"misc.h"
- 
- static char* month_name[] =
-Index: Drivers/nn/prepare.c
-===================================================================
---- Drivers/nn/prepare.c.orig
-+++ Drivers/nn/prepare.c
-@@ -14,6 +14,7 @@
- **/
- #include <config.h>
- #include "driver.h"
-+#include <string.h>
- 
- void*	nnodbc_getstmterrstack(void* hstmt)
- {
-Index: Drivers/nn/yyevl.c
-===================================================================
---- Drivers/nn/yyevl.c.orig
-+++ Drivers/nn/yyevl.c
-@@ -16,6 +16,7 @@
- #include	<nnconfig.h>
- #include	<yystmt.h>
- #include	<yylex.h>
-+#include	<string.h>
- #include	<nncol.h>
- #include	<nndate.h>
- 
-Index: Drivers/nn/yyparse.y
-===================================================================
---- Drivers/nn/yyparse.y.orig
-+++ Drivers/nn/yyparse.y
-@@ -25,6 +25,7 @@ static	char	sccsid[]
- #include	<yylex.h>
- #include	<yyerr.h>
- #include	<nndate.h>
-+#include	<stdio.h>
- 
- # ifdef YYLSP_NEEDED
- #  undef YYLSP_NEEDED
-Index: Drivers/nn/yystmt.c
-===================================================================
---- Drivers/nn/yystmt.c.orig
-+++ Drivers/nn/yystmt.c
-@@ -14,6 +14,7 @@
- **/
- #include <config.h>
- #include "driver.h"
-+#include <string.h>
- 
- static char	sccsid[]
- 	= "@(#)NNSQL(NetNews SQL) v0.5, Copyright(c) 1995, 1996 by Ke Jin";
-Index: Drivers/nn/connect.c
-===================================================================
---- Drivers/nn/connect.c.orig
-+++ Drivers/nn/connect.c
-@@ -14,6 +14,7 @@
- **/
- #include <config.h>
- #include <unistd.h>
-+#include <string.h>
- #include <sys/types.h>
- #include "driver.h"
- #include "misc.h"
-Index: Drivers/nn/yylex.c
-===================================================================
---- Drivers/nn/yylex.c.orig
-+++ Drivers/nn/yylex.c
-@@ -26,6 +26,7 @@
- 
- #include	<stdio.h>
- #include	<string.h>
-+#include	<ctype.h>
- 
- static int	getcmpopidxbyname(char* name)
- {

unixODBC-2.3.4.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:2e1509a96bb18d248bf08ead0d74804957304ff7c6f8b2e5965309c632421e39
-size 1830660

unixODBC-2.3.6-declarations.patch

@@ -0,0 +1,33 @@
+diff -urEbwB unixODBC-2.3.6/Drivers/nn/yyevl.c unixODBC-2.3.6.new/Drivers/nn/yyevl.c
+--- unixODBC-2.3.6/Drivers/nn/yyevl.c	2014-01-06 10:37:01.000000000 +0100
++++ unixODBC-2.3.6.new/Drivers/nn/yyevl.c	2018-03-19 12:36:19.380485884 +0100
+@@ -18,6 +18,7 @@
+ #include	<yylex.h>
+ #include	<nncol.h>
+ #include	<nndate.h>
++#include	<string.h>
+ 
+ typedef struct {
+ 	int	type;	/* can only be en_nt_qstr, en_nt_num and en_nt_null */
+diff -urEbwB unixODBC-2.3.6/Drivers/nn/yyparse.y unixODBC-2.3.6.new/Drivers/nn/yyparse.y
+--- unixODBC-2.3.6/Drivers/nn/yyparse.y	2018-02-26 15:43:58.000000000 +0100
++++ unixODBC-2.3.6.new/Drivers/nn/yyparse.y	2018-03-19 12:36:56.752790303 +0100
+@@ -25,6 +25,7 @@
+ #include	<yylex.h>
+ #include	<yyerr.h>
+ #include	<nndate.h>
++#include	<stdio.h>
+ 
+ # ifdef YYLSP_NEEDED
+ #  undef YYLSP_NEEDED
+diff -urEbwB unixODBC-2.3.6/Drivers/nn/yystmt.c unixODBC-2.3.6.new/Drivers/nn/yystmt.c
+--- unixODBC-2.3.6/Drivers/nn/yystmt.c	2014-01-06 10:37:01.000000000 +0100
++++ unixODBC-2.3.6.new/Drivers/nn/yystmt.c	2018-03-19 12:37:25.593024943 +0100
+@@ -14,6 +14,7 @@
+ **/
+ #include <config.h>
+ #include "driver.h"
++#include "string.h"
+ 
+ static char	sccsid[]
+ 	= "@(#)NNSQL(NetNews SQL) v0.5, Copyright(c) 1995, 1996 by Ke Jin";

unixODBC-2.3.6.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:88b637f647c052ecc3861a3baa275c3b503b193b6a49ff8c28b2568656d14d69
+size 1661914

unixODBC-gccwarnings.patch

@@ -1,16 +1,3 @@
-Index: exe/odbc-config.c
-===================================================================
---- exe/odbc-config.c.orig
-+++ exe/odbc-config.c
-@@ -23,6 +23,8 @@
- 
- #include <config.h>
- #include <stdio.h>
-+#include <stdlib.h>
-+#include <string.h>
- 
- #ifdef HAVE_STDLIB_H
- #include <stdlib.h>
 Index: Drivers/nn/nndate.c
 ===================================================================
 --- Drivers/nn/nndate.c.orig
@@ -85,40 +72,3 @@ Index: Drivers/nn/nncol.c
  
  int	nnsql_getcolidxbyname( char* col_name )
  {
-Index: Drivers/Postgre7.1/dlg_specific.c
-===================================================================
---- Drivers/Postgre7.1/dlg_specific.c.orig
-+++ Drivers/Postgre7.1/dlg_specific.c
-@@ -21,11 +21,11 @@
- #endif
- 
- #ifndef WIN32
--# include <string.h>
- # include <ctype.h>
- # ifdef UNIXODBC
- #  include <odbcinst.h>
- # else
-+# include <string.h>
- #  include "gpps.h"
- #  define SQLGetPrivateProfileString(a,b,c,d,e,f) GetPrivateProfileString(a,b,c,d,e,f)
- #  define SQLWritePrivateProfileString(a,b,c,d) WritePrivateProfileString(a,b,c,d)
-@@ -38,6 +38,7 @@
- 
- #include "dlg_specific.h"
- #include "convert.h"
-+#include <string.h>
- 
- #ifndef BOOL
- #define BOOL	int
-Index: Drivers/nn/yylex.c
-===================================================================
---- Drivers/nn/yylex.c.orig
-+++ Drivers/nn/yylex.c
-@@ -25,6 +25,7 @@
- # define	YYERRCODE	256
- 
- #include	<stdio.h>
-+#include	<string.h>
- 
- static int	getcmpopidxbyname(char* name)
- {

unixODBC-iaddr.patch

@@ -1,24 +0,0 @@
-Index: Drivers/Postgre7.1/socket.c
-===================================================================
---- Drivers/Postgre7.1/socket.c.orig
-+++ Drivers/Postgre7.1/socket.c
-@@ -100,7 +100,7 @@ SOCK_connect_to_ip(SocketClass *self, un
- {
- struct hostent *host;
- struct sockaddr_in sadr;
--unsigned long iaddr;
-+struct in_addr iaddr;
- 
- 	if (self->socket != -1) {
- 		self->errornumber = SOCKET_ALREADY_CONNECTED;
-@@ -113,8 +113,8 @@ unsigned long iaddr;
- 	/*	If it is a valid IP address, use it.
- 		Otherwise use hostname lookup. 
- 	*/
--	iaddr = inet_addr(hostname);
--	if (iaddr == INADDR_NONE) {
-+	iaddr.s_addr = inet_addr(hostname);
-+	if (iaddr.s_addr == INADDR_NONE) {
- 		host = gethostbyname(hostname);
- 		if (host == NULL) {
- 			self->errornumber = SOCKET_HOST_NOT_FOUND;

unixODBC.changes

@@ -1,3 +1,20 @@
+-------------------------------------------------------------------
+Mon Mar 19 11:52:05 UTC 2018 - mvetter@suse.com
+
+- bsc#1082060: Update to 2.3.6:
+  * Fix order of arguments in SQLWriteFileDSN.c, fix unwanted
+    free() in iusql.c
+  * Add pkg-config files
+- bsc#1082290 (CVE-2018-7409): Buffer overflow in
+  unicode_to_ansi_copy() was fixed in 2.3.5
+- bsc#1082484 (CVE-2018-7485): Swapped arguments in 
+  SQLWriteFileDSN() in odbcinst/SQLWriteFileDSN.c
+- Remove unixODBC-2.3.1-bison.patch: upstreamed
+- Remove unixODBC-iaddr.patch: upstreamed
+- Adapt unixODBC-2.3.1-declarations.patch to 
+  unixODBC-2.3.6-declarations.patch
+- Update unixODBC-gccwarnings.patch
+
 -------------------------------------------------------------------
 Wed Feb 21 13:34:18 UTC 2018 - mvetter@suse.com
 

unixODBC.spec

@@ -17,27 +17,25 @@
 
 
 Name:           unixODBC
-Version:        2.3.4
+Version:        2.3.6
 Release:        0
 Summary:        ODBC driver manager with some drivers included
-License:        GPL-2.0+ and LGPL-2.1+
+License:        GPL-2.0-or-later AND LGPL-2.1-or-later
 Group:          Productivity/Databases/Tools
 Url:            http://www.unixodbc.org/
-Source:         ftp://ftp.unixodbc.org/pub/unixODBC/unixODBC-%{version}.tar.gz
-Source2:        baselibs.conf
+Source0:        ftp://ftp.unixodbc.org/pub/unixODBC/unixODBC-%{version}.tar.gz
+Source1:        baselibs.conf
 Patch1:         unixODBC-paths.patch
-Patch5:         unixODBC-iaddr.patch
-Patch7:         unixODBC-gccwarnings.patch
-Patch10:        %{name}-2.3.1-libodbcinst-exports.patch
-Patch15:        %{name}-2.3.1-bison.patch
-Patch16:        %{name}-2.3.1-declarations.patch
+Patch2:         unixODBC-gccwarnings.patch
+# https://github.com/lurcher/unixODBC/issues/8
+Patch3:         unixODBC-2.3.1-libodbcinst-exports.patch
+Patch4:         unixODBC-2.3.6-declarations.patch 
 BuildRequires:  automake
 BuildRequires:  bison
 BuildRequires:  gcc-c++
 BuildRequires:  libltdl-devel
 BuildRequires:  libtool
 BuildRequires:  readline-devel
-BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %package devel
 Summary:        Includes for ODBC Development
@@ -55,11 +53,9 @@ Includes for ODBC development (based on unixODBC).
 %prep
 %setup -q
 %patch1
-%patch5
-%patch7
-%patch10
-%patch15
-%patch16
+%patch2
+%patch3
+%patch4 -p1
 
 %build
 perl -i -pe 's{^ACLOCAL_AMFLAGS.*}{}' Makefile.am
@@ -85,31 +81,30 @@ make %{?_smp_mflags}
 %install
 install -d -m 755 "%{buildroot}/%{_sysconfdir}/%{name}"
 install -d -m 755 "%{buildroot}/%{_libdir}/%{name}"
-make DESTDIR=%{buildroot} install %{?_smp_mflags}
+%make_install
 rm -rf "%{buildroot}/%{_datadir}/libtool"
 # packaged in gui-gtk
 rm -f "%{buildroot}/%{_libdir}"/libmimerS.*
-rm -f %{buildroot}/%{_libdir}/*.la
+find %{buildroot} -type f -name "*.la" -delete -print
 
 # bsc#1062860: we want psqlODBC instead of this unmaintained example driver
 rm -f "%{buildroot}/%{_libdir}"/unixODBC/libodbcpsql.*
 
 %post -p /sbin/ldconfig
-
 %postun -p /sbin/ldconfig
 
 %files
-%defattr(-, root, root)
-%doc AUTHORS COPYING ChangeLog NEWS README doc/*.html doc/*.gif
+%license COPYING
+%attr(644,root,root) %doc AUTHORS ChangeLog NEWS README doc/*.html doc/*.gif
 %docdir %{_mandir}
-%{_mandir}/man1/dltest.1.*
-%{_mandir}/man1/isql.1.*
-%{_mandir}/man1/iusql.1.*
-%{_mandir}/man1/odbc_config.1.*
-%{_mandir}/man1/odbcinst.1.*
-%{_mandir}/man5/odbc.ini.5.*
-%{_mandir}/man5/odbcinst.ini.5.*
-%{_mandir}/man7/unixODBC.7.*
+%{_mandir}/man1/dltest.1%{ext_man}
+%{_mandir}/man1/isql.1%{ext_man}
+%{_mandir}/man1/iusql.1%{ext_man}
+%{_mandir}/man1/odbc_config.1%{ext_man}
+%{_mandir}/man1/odbcinst.1%{ext_man}
+%{_mandir}/man5/odbc.ini.5%{ext_man}
+%{_mandir}/man5/odbcinst.ini.5%{ext_man}
+%{_mandir}/man7/unixODBC.7%{ext_man}
 %dir %{_sysconfdir}/%{name}
 %dir %{_sysconfdir}/%{name}/ODBCDataSources
 %dir %{_libdir}/%{name}
@@ -124,15 +119,17 @@ rm -f "%{buildroot}/%{_libdir}"/unixODBC/libodbcpsql.*
 %{_libdir}/libodbc.so.*
 %{_libdir}/libodbcinst.so.*
 %{_libdir}/libodbccr.so.*
-%{_libdir}/libodbc.so                                                          
-%{_libdir}/libodbcinst.so                                                      
+%{_libdir}/libodbc.so
+%{_libdir}/libodbcinst.so
 %{_libdir}/libodbccr.so
 %{_libdir}/%{name}
 
 # All .so files are in the main package as many ext apps
 # dlopen those so you need these on regular package.
 %files devel
-%defattr(-, root, root)
 %{_includedir}/*
+%{_libdir}/pkgconfig/odbc.pc
+%{_libdir}/pkgconfig/odbccr.pc
+%{_libdir}/pkgconfig/odbcinst.pc
 
 %changelog