From 3e267ad39b2b4a412509f43afc80294b7dd05852 Mon Sep 17 00:00:00 2001 From: Lancelot SIX Date: Wed, 6 Nov 2019 23:02:22 +0100 Subject: gettext: 0.19.8.1 -> 0.20.1 - 0.20 release information: https://lists.gnu.org/archive/html/info-gnu/2019-05/msg00006.html - 0.20.1 release information: https://lists.gnu.org/archive/html/info-gnu/2019-05/msg00011.html --- .../libraries/gettext/CVE-2018-18751-bison.patch | 323 --------------------- pkgs/development/libraries/gettext/default.nix | 23 +- 2 files changed, 3 insertions(+), 343 deletions(-) delete mode 100644 pkgs/development/libraries/gettext/CVE-2018-18751-bison.patch (limited to 'pkgs/development/libraries/gettext') diff --git a/pkgs/development/libraries/gettext/CVE-2018-18751-bison.patch b/pkgs/development/libraries/gettext/CVE-2018-18751-bison.patch deleted file mode 100644 index b734c1c8b02..00000000000 --- a/pkgs/development/libraries/gettext/CVE-2018-18751-bison.patch +++ /dev/null @@ -1,323 +0,0 @@ -This patch was generated by re-running Bison 3.0.4 on pro-gram-gen.y after -applying CVE-2018-18751.patch. This patch removes the need to add bison to -nativeBuildInputs. - ---- a/gettext-tools/src/po-gram-gen.c -+++ b/gettext-tools/src/po-gram-gen.c -@@ -568,9 +568,9 @@ static const yytype_uint8 yytranslate[] = - static const yytype_uint16 yyrline[] = - { - 0, 169, 169, 171, 172, 173, 174, 179, 187, 195, -- 216, 240, 249, 258, 269, 278, 292, 301, 315, 321, -- 332, 338, 350, 361, 372, 376, 391, 414, 422, 434, -- 442 -+ 216, 237, 246, 255, 266, 275, 289, 298, 312, 318, -+ 329, 335, 347, 358, 369, 373, 388, 411, 419, 431, -+ 439 - }; - #endif - -@@ -1419,14 +1419,11 @@ yyreduce: - check_obsolete ((yyvsp[-3].message_intro), (yyvsp[-1].string)); - check_obsolete ((yyvsp[-3].message_intro), (yyvsp[0].rhs)); - if (!(yyvsp[-3].message_intro).obsolete || pass_obsolete_entries) -- { -- do_callback_message ((yyvsp[-3].message_intro).ctxt, string2, &(yyvsp[-3].message_intro).pos, (yyvsp[-1].string).string, -- (yyvsp[0].rhs).rhs.msgstr, (yyvsp[0].rhs).rhs.msgstr_len, &(yyvsp[0].rhs).pos, -- (yyvsp[-3].message_intro).prev_ctxt, -- (yyvsp[-3].message_intro).prev_id, (yyvsp[-3].message_intro).prev_id_plural, -- (yyvsp[-3].message_intro).obsolete); -- free ((yyvsp[-1].string).string); -- } -+ do_callback_message ((yyvsp[-3].message_intro).ctxt, string2, &(yyvsp[-3].message_intro).pos, (yyvsp[-1].string).string, -+ (yyvsp[0].rhs).rhs.msgstr, (yyvsp[0].rhs).rhs.msgstr_len, &(yyvsp[0].rhs).pos, -+ (yyvsp[-3].message_intro).prev_ctxt, -+ (yyvsp[-3].message_intro).prev_id, (yyvsp[-3].message_intro).prev_id_plural, -+ (yyvsp[-3].message_intro).obsolete); - else - { - free_message_intro ((yyvsp[-3].message_intro)); -@@ -1435,11 +1432,11 @@ yyreduce: - free ((yyvsp[0].rhs).rhs.msgstr); - } - } --#line 1439 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1436 "po-gram-gen.c" /* yacc.c:1646 */ - break; - - case 11: --#line 241 "po-gram-gen.y" /* yacc.c:1646 */ -+#line 238 "po-gram-gen.y" /* yacc.c:1646 */ - { - check_obsolete ((yyvsp[-2].message_intro), (yyvsp[-1].stringlist)); - check_obsolete ((yyvsp[-2].message_intro), (yyvsp[0].string)); -@@ -1448,11 +1445,11 @@ yyreduce: - string_list_destroy (&(yyvsp[-1].stringlist).stringlist); - free ((yyvsp[0].string).string); - } --#line 1452 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1449 "po-gram-gen.c" /* yacc.c:1646 */ - break; - - case 12: --#line 250 "po-gram-gen.y" /* yacc.c:1646 */ -+#line 247 "po-gram-gen.y" /* yacc.c:1646 */ - { - check_obsolete ((yyvsp[-2].message_intro), (yyvsp[-1].stringlist)); - check_obsolete ((yyvsp[-2].message_intro), (yyvsp[0].rhs)); -@@ -1461,22 +1458,22 @@ yyreduce: - string_list_destroy (&(yyvsp[-1].stringlist).stringlist); - free ((yyvsp[0].rhs).rhs.msgstr); - } --#line 1465 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1462 "po-gram-gen.c" /* yacc.c:1646 */ - break; - - case 13: --#line 259 "po-gram-gen.y" /* yacc.c:1646 */ -+#line 256 "po-gram-gen.y" /* yacc.c:1646 */ - { - check_obsolete ((yyvsp[-1].message_intro), (yyvsp[0].stringlist)); - po_gram_error_at_line (&(yyvsp[-1].message_intro).pos, _("missing 'msgstr' section")); - free_message_intro ((yyvsp[-1].message_intro)); - string_list_destroy (&(yyvsp[0].stringlist).stringlist); - } --#line 1476 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1473 "po-gram-gen.c" /* yacc.c:1646 */ - break; - - case 14: --#line 270 "po-gram-gen.y" /* yacc.c:1646 */ -+#line 267 "po-gram-gen.y" /* yacc.c:1646 */ - { - (yyval.message_intro).prev_ctxt = NULL; - (yyval.message_intro).prev_id = NULL; -@@ -1485,11 +1482,11 @@ yyreduce: - (yyval.message_intro).pos = (yyvsp[0].string).pos; - (yyval.message_intro).obsolete = (yyvsp[0].string).obsolete; - } --#line 1489 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1486 "po-gram-gen.c" /* yacc.c:1646 */ - break; - - case 15: --#line 279 "po-gram-gen.y" /* yacc.c:1646 */ -+#line 276 "po-gram-gen.y" /* yacc.c:1646 */ - { - check_obsolete ((yyvsp[-1].prev), (yyvsp[0].string)); - (yyval.message_intro).prev_ctxt = (yyvsp[-1].prev).ctxt; -@@ -1499,11 +1496,11 @@ yyreduce: - (yyval.message_intro).pos = (yyvsp[0].string).pos; - (yyval.message_intro).obsolete = (yyvsp[0].string).obsolete; - } --#line 1503 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1500 "po-gram-gen.c" /* yacc.c:1646 */ - break; - - case 16: --#line 293 "po-gram-gen.y" /* yacc.c:1646 */ -+#line 290 "po-gram-gen.y" /* yacc.c:1646 */ - { - check_obsolete ((yyvsp[-1].string), (yyvsp[0].stringlist)); - (yyval.prev).ctxt = (yyvsp[-1].string).string; -@@ -1512,11 +1509,11 @@ yyreduce: - (yyval.prev).pos = (yyvsp[-1].string).pos; - (yyval.prev).obsolete = (yyvsp[-1].string).obsolete; - } --#line 1516 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1513 "po-gram-gen.c" /* yacc.c:1646 */ - break; - - case 17: --#line 302 "po-gram-gen.y" /* yacc.c:1646 */ -+#line 299 "po-gram-gen.y" /* yacc.c:1646 */ - { - check_obsolete ((yyvsp[-2].string), (yyvsp[-1].stringlist)); - check_obsolete ((yyvsp[-2].string), (yyvsp[0].string)); -@@ -1526,21 +1523,21 @@ yyreduce: - (yyval.prev).pos = (yyvsp[-2].string).pos; - (yyval.prev).obsolete = (yyvsp[-2].string).obsolete; - } --#line 1530 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1527 "po-gram-gen.c" /* yacc.c:1646 */ - break; - - case 18: --#line 316 "po-gram-gen.y" /* yacc.c:1646 */ -+#line 313 "po-gram-gen.y" /* yacc.c:1646 */ - { - (yyval.string).string = NULL; - (yyval.string).pos = (yyvsp[0].pos).pos; - (yyval.string).obsolete = (yyvsp[0].pos).obsolete; - } --#line 1540 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1537 "po-gram-gen.c" /* yacc.c:1646 */ - break; - - case 19: --#line 322 "po-gram-gen.y" /* yacc.c:1646 */ -+#line 319 "po-gram-gen.y" /* yacc.c:1646 */ - { - check_obsolete ((yyvsp[-2].pos), (yyvsp[-1].stringlist)); - check_obsolete ((yyvsp[-2].pos), (yyvsp[0].pos)); -@@ -1548,21 +1545,21 @@ yyreduce: - (yyval.string).pos = (yyvsp[0].pos).pos; - (yyval.string).obsolete = (yyvsp[0].pos).obsolete; - } --#line 1552 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1549 "po-gram-gen.c" /* yacc.c:1646 */ - break; - - case 20: --#line 333 "po-gram-gen.y" /* yacc.c:1646 */ -+#line 330 "po-gram-gen.y" /* yacc.c:1646 */ - { - (yyval.string).string = NULL; - (yyval.string).pos = (yyvsp[0].pos).pos; - (yyval.string).obsolete = (yyvsp[0].pos).obsolete; - } --#line 1562 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1559 "po-gram-gen.c" /* yacc.c:1646 */ - break; - - case 21: --#line 339 "po-gram-gen.y" /* yacc.c:1646 */ -+#line 336 "po-gram-gen.y" /* yacc.c:1646 */ - { - check_obsolete ((yyvsp[-2].pos), (yyvsp[-1].stringlist)); - check_obsolete ((yyvsp[-2].pos), (yyvsp[0].pos)); -@@ -1570,11 +1567,11 @@ yyreduce: - (yyval.string).pos = (yyvsp[0].pos).pos; - (yyval.string).obsolete = (yyvsp[0].pos).obsolete; - } --#line 1574 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1571 "po-gram-gen.c" /* yacc.c:1646 */ - break; - - case 22: --#line 351 "po-gram-gen.y" /* yacc.c:1646 */ -+#line 348 "po-gram-gen.y" /* yacc.c:1646 */ - { - check_obsolete ((yyvsp[-1].pos), (yyvsp[0].stringlist)); - plural_counter = 0; -@@ -1582,30 +1579,30 @@ yyreduce: - (yyval.string).pos = (yyvsp[-1].pos).pos; - (yyval.string).obsolete = (yyvsp[-1].pos).obsolete; - } --#line 1586 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1583 "po-gram-gen.c" /* yacc.c:1646 */ - break; - - case 23: --#line 362 "po-gram-gen.y" /* yacc.c:1646 */ -+#line 359 "po-gram-gen.y" /* yacc.c:1646 */ - { - check_obsolete ((yyvsp[-1].pos), (yyvsp[0].stringlist)); - (yyval.string).string = string_list_concat_destroy (&(yyvsp[0].stringlist).stringlist); - (yyval.string).pos = (yyvsp[-1].pos).pos; - (yyval.string).obsolete = (yyvsp[-1].pos).obsolete; - } --#line 1597 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1594 "po-gram-gen.c" /* yacc.c:1646 */ - break; - - case 24: --#line 373 "po-gram-gen.y" /* yacc.c:1646 */ -+#line 370 "po-gram-gen.y" /* yacc.c:1646 */ - { - (yyval.rhs) = (yyvsp[0].rhs); - } --#line 1605 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1602 "po-gram-gen.c" /* yacc.c:1646 */ - break; - - case 25: --#line 377 "po-gram-gen.y" /* yacc.c:1646 */ -+#line 374 "po-gram-gen.y" /* yacc.c:1646 */ - { - check_obsolete ((yyvsp[-1].rhs), (yyvsp[0].rhs)); - (yyval.rhs).rhs.msgstr = XNMALLOC ((yyvsp[-1].rhs).rhs.msgstr_len + (yyvsp[0].rhs).rhs.msgstr_len, char); -@@ -1617,11 +1614,11 @@ yyreduce: - (yyval.rhs).pos = (yyvsp[-1].rhs).pos; - (yyval.rhs).obsolete = (yyvsp[-1].rhs).obsolete; - } --#line 1621 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1618 "po-gram-gen.c" /* yacc.c:1646 */ - break; - - case 26: --#line 392 "po-gram-gen.y" /* yacc.c:1646 */ -+#line 389 "po-gram-gen.y" /* yacc.c:1646 */ - { - check_obsolete ((yyvsp[-4].pos), (yyvsp[-3].pos)); - check_obsolete ((yyvsp[-4].pos), (yyvsp[-2].number)); -@@ -1640,11 +1637,11 @@ yyreduce: - (yyval.rhs).pos = (yyvsp[-4].pos).pos; - (yyval.rhs).obsolete = (yyvsp[-4].pos).obsolete; - } --#line 1644 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1641 "po-gram-gen.c" /* yacc.c:1646 */ - break; - - case 27: --#line 415 "po-gram-gen.y" /* yacc.c:1646 */ -+#line 412 "po-gram-gen.y" /* yacc.c:1646 */ - { - string_list_init (&(yyval.stringlist).stringlist); - string_list_append (&(yyval.stringlist).stringlist, (yyvsp[0].string).string); -@@ -1652,11 +1649,11 @@ yyreduce: - (yyval.stringlist).pos = (yyvsp[0].string).pos; - (yyval.stringlist).obsolete = (yyvsp[0].string).obsolete; - } --#line 1656 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1653 "po-gram-gen.c" /* yacc.c:1646 */ - break; - - case 28: --#line 423 "po-gram-gen.y" /* yacc.c:1646 */ -+#line 420 "po-gram-gen.y" /* yacc.c:1646 */ - { - check_obsolete ((yyvsp[-1].stringlist), (yyvsp[0].string)); - (yyval.stringlist).stringlist = (yyvsp[-1].stringlist).stringlist; -@@ -1665,11 +1662,11 @@ yyreduce: - (yyval.stringlist).pos = (yyvsp[-1].stringlist).pos; - (yyval.stringlist).obsolete = (yyvsp[-1].stringlist).obsolete; - } --#line 1669 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1666 "po-gram-gen.c" /* yacc.c:1646 */ - break; - - case 29: --#line 435 "po-gram-gen.y" /* yacc.c:1646 */ -+#line 432 "po-gram-gen.y" /* yacc.c:1646 */ - { - string_list_init (&(yyval.stringlist).stringlist); - string_list_append (&(yyval.stringlist).stringlist, (yyvsp[0].string).string); -@@ -1677,11 +1674,11 @@ yyreduce: - (yyval.stringlist).pos = (yyvsp[0].string).pos; - (yyval.stringlist).obsolete = (yyvsp[0].string).obsolete; - } --#line 1681 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1678 "po-gram-gen.c" /* yacc.c:1646 */ - break; - - case 30: --#line 443 "po-gram-gen.y" /* yacc.c:1646 */ -+#line 440 "po-gram-gen.y" /* yacc.c:1646 */ - { - check_obsolete ((yyvsp[-1].stringlist), (yyvsp[0].string)); - (yyval.stringlist).stringlist = (yyvsp[-1].stringlist).stringlist; -@@ -1690,11 +1687,11 @@ yyreduce: - (yyval.stringlist).pos = (yyvsp[-1].stringlist).pos; - (yyval.stringlist).obsolete = (yyvsp[-1].stringlist).obsolete; - } --#line 1694 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1691 "po-gram-gen.c" /* yacc.c:1646 */ - break; - - --#line 1698 "po-gram-gen.c" /* yacc.c:1646 */ -+#line 1695 "po-gram-gen.c" /* yacc.c:1646 */ - default: break; - } - /* User semantic actions sometimes alter yychar, and that requires diff --git a/pkgs/development/libraries/gettext/default.nix b/pkgs/development/libraries/gettext/default.nix index 9547c6c31ad..7a6129a68da 100644 --- a/pkgs/development/libraries/gettext/default.nix +++ b/pkgs/development/libraries/gettext/default.nix @@ -1,24 +1,15 @@ -{ stdenv, lib, fetchurl, libiconv, xz, bison, automake115x, autoconf }: +{ stdenv, lib, fetchurl, libiconv, xz }: -let allowBisonDependency = !stdenv.isDarwin; in stdenv.mkDerivation rec { pname = "gettext"; - version = "0.19.8.1"; + version = "0.20.1"; src = fetchurl { url = "mirror://gnu/gettext/${pname}-${version}.tar.gz"; - sha256 = "0hsw28f9q9xaggjlsdp2qmbp2rbd1mp0njzan2ld9kiqwkq2m57z"; + sha256 = "0p3zwkk27wm2m2ccfqm57nj7vqkmfpn7ja1nf65zmhz8qqs5chb6"; }; patches = [ ./absolute-paths.diff - (fetchurl { - name = "CVE-2018-18751.patch"; - url = "https://git.savannah.gnu.org/gitweb/?p=gettext.git;a=patch;h=dce3a16e5e9368245735e29bf498dcd5e3e474a4"; - sha256 = "1lpjwwcjr1sb879faj0xyzw02kma0ivab6xwn3qciy13qy6fq5xn"; - }) - ] ++ lib.optionals (!allowBisonDependency) [ - # Only necessary for CVE-2018-18751.patch: - ./CVE-2018-18751-bison.patch ]; outputs = [ "out" "man" "doc" "info" ]; @@ -54,14 +45,6 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ xz xz.bin - ] - # Only necessary for CVE-2018-18751.patch (unless CVE-2018-18751-bison.patch - # is also applied): - ++ lib.optional allowBisonDependency bison - ++ [ - # Only necessary for CVE-2018-18751.patch: - automake115x - autoconf ]; # HACK, see #10874 (and 14664) buildInputs = stdenv.lib.optional (!stdenv.isLinux && !stdenv.hostPlatform.isCygwin) libiconv; -- cgit 1.4.1