summary refs log tree commit diff
path: root/gnu
diff options
context:
space:
mode:
authorTobias Geerinckx-Rice <me@tobias.gr>2019-08-01 21:57:45 +0200
committerTobias Geerinckx-Rice <me@tobias.gr>2019-08-02 01:49:47 +0200
commit951fd8572af1bd00064d5c0ae59c2927ec1b6ba5 (patch)
treea8f630aa7d803029e1f13a35b6f8201fe1535b32 /gnu
parent9b76aa1031e078f273633cc4f59d4641b9f5332f (diff)
downloadguix-951fd8572af1bd00064d5c0ae59c2927ec1b6ba5.tar.gz
gnu: pcre@2: Fix run-time crash [security fix].
* gnu/packages/pcre.scm (pcre2)[replacement]: New field.
(pcre2/fixed): New public variable.
* packages/patches/pcre2-fix-jit_match-crash.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
Diffstat (limited to 'gnu')
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/pcre.scm12
2 files changed, 13 insertions, 0 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index bd509647dc..ca15f3096d 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1165,6 +1165,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/patchelf-rework-for-arm.patch		\
   %D%/packages/patches/patchutils-test-perms.patch		\
   %D%/packages/patches/patch-hurd-path-max.patch		\
+  %D%/packages/patches/pcre2-fix-jit_match-crash.patch		\
   %D%/packages/patches/perl-autosplit-default-time.patch	\
   %D%/packages/patches/perl-deterministic-ordering.patch	\
   %D%/packages/patches/perl-finance-quote-unuse-mozilla-ca.patch \
diff --git a/gnu/packages/pcre.scm b/gnu/packages/pcre.scm
index 1395a3ea40..7385c78b9f 100644
--- a/gnu/packages/pcre.scm
+++ b/gnu/packages/pcre.scm
@@ -89,6 +89,7 @@ POSIX regular expression API.")
 (define-public pcre2
   (package
     (name "pcre2")
+    (replacement pcre2/fixed)
     (version "10.33")
     (source (origin
               (method url-fetch)
@@ -125,3 +126,14 @@ own native API, as well as a set of wrapper functions that correspond to the
 POSIX regular expression API.")
    (license license:bsd-3)
    (home-page "https://www.pcre.org/")))
+
+(define-public pcre2/fixed
+  ;; PHP >= 7.3.8 requires a fixed version at build time, so make it public
+  ;; and hide it in the UI.
+  (package
+    (inherit pcre2)
+    (source
+     (origin
+       (inherit (package-source pcre2))
+       (patches (search-patches "pcre2-fix-jit_match-crash.patch"))))
+    (properties '((hidden? . #t)))))