From 951fd8572af1bd00064d5c0ae59c2927ec1b6ba5 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Thu, 1 Aug 2019 21:57:45 +0200 Subject: [PATCH] gnu: pcre@2: Fix run-time crash [security fix]. * gnu/packages/pcre.scm (pcre2)[replacement]: New field. (pcre2/fixed): New public variable. * packages/patches/pcre2-fix-jit_match-crash.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + gnu/packages/pcre.scm | 12 ++++++++++++ 2 files changed, 13 insertions(+) diff --git a/gnu/local.mk b/gnu/local.mk index bd509647dc..ca15f3096d 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1165,6 +1165,7 @@ dist_patch_DATA = \ %D%/packages/patches/patchelf-rework-for-arm.patch \ %D%/packages/patches/patchutils-test-perms.patch \ %D%/packages/patches/patch-hurd-path-max.patch \ + %D%/packages/patches/pcre2-fix-jit_match-crash.patch \ %D%/packages/patches/perl-autosplit-default-time.patch \ %D%/packages/patches/perl-deterministic-ordering.patch \ %D%/packages/patches/perl-finance-quote-unuse-mozilla-ca.patch \ diff --git a/gnu/packages/pcre.scm b/gnu/packages/pcre.scm index 1395a3ea40..7385c78b9f 100644 --- a/gnu/packages/pcre.scm +++ b/gnu/packages/pcre.scm @@ -89,6 +89,7 @@ POSIX regular expression API.") (define-public pcre2 (package (name "pcre2") + (replacement pcre2/fixed) (version "10.33") (source (origin (method url-fetch) @@ -125,3 +126,14 @@ own native API, as well as a set of wrapper functions that correspond to the POSIX regular expression API.") (license license:bsd-3) (home-page "https://www.pcre.org/"))) + +(define-public pcre2/fixed + ;; PHP >= 7.3.8 requires a fixed version at build time, so make it public + ;; and hide it in the UI. + (package + (inherit pcre2) + (source + (origin + (inherit (package-source pcre2)) + (patches (search-patches "pcre2-fix-jit_match-crash.patch")))) + (properties '((hidden? . #t)))))