Compare commits
4 Commits
| Author | SHA256 | Date | |
|---|---|---|---|
| 0df5fbad1e | |||
| 82eaadb5cf | |||
| 794b093b53 | |||
| 940acfbfac |
BIN
uriparser-0.9.8.tar.xz
LFS
BIN
uriparser-0.9.8.tar.xz
LFS
Binary file not shown.
3
uriparser-1.0.0.tar.xz
Normal file
3
uriparser-1.0.0.tar.xz
Normal file
@@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:154a3f649d80a78d5095fc461ec032ffb45f5ed3619edec923ac68cff29a088d
|
||||
size 200048
|
||||
@@ -1,3 +1,178 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Jan 13 14:05:09 UTC 2026 - Adam Majer <adam.majer@suse.de>
|
||||
|
||||
- Update to 1.0.0 (bsc#1255000, CVE-2025-67899)
|
||||
* Fixed: [CVE-2025-67899]
|
||||
Protect from stack overflow during parsing by dissolving all 13 cases
|
||||
of recursion, both direct and indirect. The attack vector was long
|
||||
(or crafted) URI input. The known impact is denial of service or more.
|
||||
Thanks for the report to Sergey Svistunov!
|
||||
Thanks for in-depth review to Tim Düsterhus! (sponsored by Tideways GmbH)
|
||||
Thanks for C callgraph tool "egypt" (https://www.gson.org/egypt/)
|
||||
to Andreas Gustafsson and for "dot_find_cycles.py" to Jason Antman!
|
||||
* Changed: Start requiring a C99 compiler (GitHub #264, GitHub #273)
|
||||
* Changed: Require CMake >=3.15.0 (GitHub #270)
|
||||
* Fixed: Normalization of URIs with leading dot segments
|
||||
produced ambiguous results in the sense that a reparse
|
||||
after normalization would have misinterpreted path parts
|
||||
as a host (GitHub #262, GitHub #263, GitHub #265)
|
||||
Examples of affected URIs:
|
||||
- "scheme:/.//path1/path2"
|
||||
- "/.//path1/path2"
|
||||
- ".//path1/path2"
|
||||
The fix is to not remove that dot segment.
|
||||
Thanks to Ignace Nyamagana Butera and to Tim Düsterhus for the report!
|
||||
* Fixed: Insufficient pointer alignment from allocation wrappers
|
||||
used in the implementation of function uriCompleteMemoryManager.
|
||||
(GitHub #261)
|
||||
Thanks to Matthew Fernandez and Rolf Eike Beer for the report and review!
|
||||
* Fixed: Do not set `absolutePath` for empty paths when removing host
|
||||
Thanks for the report and pull request to Tim Düsterhus!
|
||||
(GitHub #275, GitHub #276)
|
||||
* Fixed: Documentation of functions uriCompleteMemoryManager,
|
||||
uriEmulateCalloc, uriEmulateReallocarray and uriTestMemoryManager
|
||||
(GitHub #261)
|
||||
* Fixed: CMake: Remake approach to static CRT with MSVC compilers
|
||||
Old: -DURIPARSER_MSVC_RUNTIME=/MT
|
||||
New: -DURIPARSER_MSVC_STATIC_CRT=ON
|
||||
(GitHub #270)
|
||||
* Fixed: Documentation: Get CMake variables list back in sync and sorted
|
||||
in the readme (GitHub #270)
|
||||
* Fixed: Various typos found by Codespell
|
||||
(https://github.com/codespell-project/codespell) (GitHub #259)
|
||||
* Added: Add a new (and recommended to use) version of uriTestMemoryManager
|
||||
that can challenge pointer alignment (GitHub #261)
|
||||
New functions:
|
||||
uriTestMemoryManagerEx
|
||||
* Improved: Increase test coverage by mutation testing
|
||||
Thanks for the pull request to Tim Düsterhus! (GitHub #266)
|
||||
* Improved: Address compiler warning -Wunused-but-set-variable (GitHub #268)
|
||||
* Improved: Deduplicate internal char set macros (GitHub #280)
|
||||
* Infrastructure: Enable stack traces from UndefinedBehaviorSanitizer in CI
|
||||
via environment variable UBSAN_OPTIONS (GitHub #261)
|
||||
* Infrastructure: Bump GoogleTest to 1.12.0 in AppVeyor CI to fix the build
|
||||
with CMake >=3.5 (GitHub #261)
|
||||
* Infrastructure: Migrate Windows CI from AppVeyor to GitHub Actions
|
||||
(GitHub #270)
|
||||
* Infrastructure: Make GitHub Actions detect and reject known typos using
|
||||
Codespell (https://github.com/codespell-project/codespell) (GitHub #259)
|
||||
* Infrastructure: Update Clang from 20 to 21 (GitHub #267)
|
||||
* Infrastructure: Start specifying CXX and CXXFLAGS for fuzzing CI
|
||||
(GitHub #268)
|
||||
* Infrastructure: Make CI report on test coverage using LLVM, and offer
|
||||
these reports for download (GitHub #32, GitHub #269)
|
||||
* Infrastructure: Make CI enforce clang-format clean code (GitHub #272)
|
||||
* Soname: 3:0:2 — see https://verbump.de/ for what these numbers do
|
||||
(liburiparser.so.1.2.0)
|
||||
|
||||
Changes in 0.9.9:
|
||||
* Fixed: Dissolve undefined behavior in parsing of URIs (GitHub #252)
|
||||
Thanks to Tim Düsterhus for the report!
|
||||
* Fixed: Normalized percent-encoded octets should have uppercase letters
|
||||
in the host (GitHub #221, GitHub #222)
|
||||
Thanks to Máté Kocsis for the pull request!
|
||||
* Fixed: Fix documentation of uriEscape (GitHub #206, GitHub #207)
|
||||
* Fixed: Docstring typo in ParseIpFourAddress (GitHub #254)
|
||||
* Fixed: Documentation: Make Mainpage.txt bypass the C preprocessor
|
||||
(GitHub #226, GitHub #227)
|
||||
* Fixed: Documentation: Migrate Doxygen from ${CPP} to ${CC} -E (GitHub #192)
|
||||
* Fixed: Fix macros URI_VER_SUFFIX_UNICODE and URI_VER_UNICODE (GitHub #258)
|
||||
Thanks to Tim Düsterhus for the report and patch!
|
||||
* Added: Support for copying Uri structures (GitHub #200, GitHub #230,
|
||||
GitHub #237, GitHub #240, GitHub #250, GitHub #251)
|
||||
Thanks to Máté Kocsis and to Tim Düsterhus!
|
||||
New functions:
|
||||
uriCopyUri[AW]
|
||||
uriCopyUriMm[AW]
|
||||
* Added: Add port normalization to NormalizeSyntax function (GitHub #231)
|
||||
* Added: Add function HasHost to the public API (GitHub #234)
|
||||
Thanks to Máté Kocsis for the pull request!
|
||||
New functions:
|
||||
uriHasHost[AW]
|
||||
* Added: Support obtaining base runtime version (GitHub #219, GitHub #258)
|
||||
New functions:
|
||||
uriBaseRuntimeVersion[AW]
|
||||
* Added: CMake: Add alias "uriparser::uriparser" (GitHub #197)
|
||||
* Added: Integrate fuzzers from google/oss-fuzz repository and
|
||||
improve those fuzzers on top (GitHub #209, GitHub #211, GitHub #212,
|
||||
GitHub #214)
|
||||
Thanks to @tyler92 for two of the related pull requests!
|
||||
* Added: Support setting individual components of a UriUri[AW] structure
|
||||
(GitHub #196, GitHub #249)
|
||||
Part of this work was commissioned by the PHP Foundation.
|
||||
Thanks to Máté Kocsis and Tim Düsterhus for the detailed review!
|
||||
New functions:
|
||||
uriIsWellFormedFragment[AW]
|
||||
uriIsWellFormedHostIp4[AW]
|
||||
uriIsWellFormedHostIp6[AW]
|
||||
uriIsWellFormedHostIp6Mm[AW]
|
||||
uriIsWellFormedHostIpFuture[AW]
|
||||
uriIsWellFormedHostIpFutureMm[AW]
|
||||
uriIsWellFormedHostRegName[AW]
|
||||
uriIsWellFormedPath[AW]
|
||||
uriIsWellFormedPort[AW]
|
||||
uriIsWellFormedQuery[AW]
|
||||
uriIsWellFormedScheme[AW]
|
||||
uriIsWellFormedUserInfo[AW]
|
||||
uriParseIpSixAddress[AW]
|
||||
uriParseIpSixAddressMm[AW]
|
||||
uriSetFragment[AW]
|
||||
uriSetFragmentMm[AW]
|
||||
uriSetHostAuto[AW]
|
||||
uriSetHostAutoMm[AW]
|
||||
uriSetHostIp4[AW]
|
||||
uriSetHostIp4Mm[AW]
|
||||
uriSetHostIp6[AW]
|
||||
uriSetHostIp6Mm[AW]
|
||||
uriSetHostIpFuture[AW]
|
||||
uriSetHostIpFutureMm[AW]
|
||||
uriSetHostRegName[AW]
|
||||
uriSetHostRegNameMm[AW]
|
||||
uriSetPath[AW]
|
||||
uriSetPathMm[AW]
|
||||
uriSetPortText[AW]
|
||||
uriSetPortTextMm[AW]
|
||||
uriSetQuery[AW]
|
||||
uriSetQueryMm[AW]
|
||||
uriSetScheme[AW]
|
||||
uriSetSchemeMm[AW]
|
||||
uriSetUserInfo[AW]
|
||||
uriSetUserInfoMm[AW]
|
||||
* Improved: CMake: Compile with -std=c90 by default (GitHub #232)
|
||||
* Improved: Be consequent about and document .hostData.ipFuture .hostText
|
||||
relation (GitHub #243)
|
||||
* Improved: Document and cover FreeUriMembers after memset with zeros
|
||||
(GitHub #238, GitHub #239)
|
||||
* Improved: CLI tool "uriparse": Add missing hostData.ipFuture output
|
||||
(GitHub #253)
|
||||
* Improved: tests: Mass-replace ASSERT_TRUE([..] == [..]) by ASSERT_EQ
|
||||
(GitHub #235)
|
||||
* Improved: tests: Leverage assertion EXPECT_STREQ (GitHub #257)
|
||||
* Improved: Percent encoding related code cleanup (GitHub #242)
|
||||
* Improved: Documentation: Update some URLs to new HTTPS locations
|
||||
Thanks to Hanno Böck for the pull request!
|
||||
(GitHub #224)
|
||||
* Improved: Documentation: Hide URI_PUBLIC (GitHub #236)
|
||||
* Improved: Convert remaining DOS (CR/LF) newlines to Unix newlines
|
||||
Thanks to Hanno Böck for the pull request!
|
||||
(GitHub #225)
|
||||
* Improved: Rename misleading variable doneMask to revertMask
|
||||
(GitHub #233, GitHub #244)
|
||||
* Improved: Make licensing easier to discover (GitHub #246)
|
||||
* Changed: Documentation: For the Qt Compressed Help file, migrate from
|
||||
naming ".qch" to "-doc.qch" (GitHub #191)
|
||||
* Infrastructure: Update Clang from 18 to 20 (GitHub #217, GitHub #228)
|
||||
* Infrastructure: Bump CI to Ubuntu 24.04 (GitHub #216)
|
||||
* Infrastructure: Adapt to breaking changes in CI (GitHub #199, GitHub #204)
|
||||
* Soname: 2:0:1 — see https://verbump.de/ for what these numbers do
|
||||
(liburiparser.so.1.1.0)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu May 29 12:09:50 UTC 2025 - Antonio Larrosa <alarrosa@suse.com>
|
||||
|
||||
- Use Qt6's qhelpgenerator instead of Qt5's and fix its usage since
|
||||
Qt5 was being BuildRequired but qch docs weren't being generated.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed May 29 08:49:36 UTC 2024 - Adam Majer <adam.majer@suse.de>
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package uriparser
|
||||
#
|
||||
# Copyright (c) 2024 SUSE LLC
|
||||
# Copyright (c) 2026 SUSE LLC and contributors
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@@ -24,10 +24,10 @@
|
||||
|
||||
%define so_ver 1
|
||||
Name: uriparser
|
||||
Version: 0.9.8
|
||||
Version: 1.0.0
|
||||
Release: 0
|
||||
Summary: A strictly RFC 3986 compliant URI parsing library
|
||||
License: BSD-3-Clause AND LGPL-2.1-or-later
|
||||
License: Apache-2.0 AND BSD-3-Clause AND LGPL-2.1-or-later
|
||||
Group: Development/Libraries/C and C++
|
||||
URL: https://uriparser.github.io
|
||||
Source: https://github.com/uriparser/uriparser/releases/download/uriparser-%{version}/uriparser-%{version}.tar.xz
|
||||
@@ -39,8 +39,8 @@ BuildRequires: gcc-c++
|
||||
BuildRequires: ghostscript-fonts-std
|
||||
BuildRequires: graphviz
|
||||
BuildRequires: graphviz-gd
|
||||
BuildRequires: libqt5-qttools
|
||||
BuildRequires: pkg-config
|
||||
BuildRequires: qt6-tools
|
||||
BuildRequires: xz
|
||||
BuildRequires: pkgconfig(libxdot)
|
||||
%if %{with googletest}
|
||||
@@ -109,7 +109,8 @@ This subpackage contains the documentation for %{name}.
|
||||
-DURIPARSER_BUILD_TESTS:BOOL=OFF \
|
||||
%endif
|
||||
-DURIPARSER_BUILD_TOOLS:BOOL=ON \
|
||||
-DURIPARSER_BUILD_WCHAR:BOOL=ON
|
||||
-DURIPARSER_BUILD_WCHAR:BOOL=ON \
|
||||
-DQHG_LOCATION:PATH=%{_libexecdir}/qt6/qhelpgenerator
|
||||
%cmake_build
|
||||
|
||||
%install
|
||||
@@ -127,16 +128,16 @@ unset MALLOC_CHECK_ MALLOC_PERTURB_
|
||||
%postun -n liburiparser%{so_ver} -p /sbin/ldconfig
|
||||
|
||||
%files
|
||||
%license COPYING
|
||||
%license COPYING.BSD-3-Clause
|
||||
%{_bindir}/uriparse
|
||||
|
||||
%files -n liburiparser%{so_ver}
|
||||
%license COPYING
|
||||
%license COPYING.BSD-3-Clause
|
||||
%{_libdir}/liburiparser.so.%{so_ver}
|
||||
%{_libdir}/liburiparser.so.%{so_ver}.*
|
||||
|
||||
%files devel
|
||||
%license COPYING
|
||||
%license COPYING.BSD-3-Clause
|
||||
%doc ChangeLog THANKS AUTHORS
|
||||
%{_includedir}/%{name}/
|
||||
%{_libdir}/liburiparser.so
|
||||
@@ -144,9 +145,10 @@ unset MALLOC_CHECK_ MALLOC_PERTURB_
|
||||
%{_libdir}/pkgconfig/liburiparser.pc
|
||||
|
||||
%files doc
|
||||
%license COPYING
|
||||
%license COPYING.BSD-3-Clause
|
||||
%doc doc/Mainpage.txt
|
||||
%dir %{_docdir}/%{name}/
|
||||
%{_docdir}/%{name}/html/
|
||||
%{_docdir}/%{name}/%{name}-%{version}-doc.qch
|
||||
|
||||
%changelog
|
||||
|
||||
Reference in New Issue
Block a user