./devel/libidn, Internationalized Domain Names command line tool

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.33, Package name: libidn-1.33, Maintainer: pkgsrc-users

GNU Libidn is an implementation of the Stringprep, Punycode, and IDNA
specifications defined by the IETF Internationalized Domain Names (IDN)
working group. It is used to prepare internationalized strings (such as
domain name labels, usernames, and passwords) in order to increase the
likelihood that string input and string comparison work in ways that make
sense for typical users throughout the world.

The library contains a generic Stringprep implementation that does Unicode
3.2 NFKC normalization, mapping and prohibition of characters, and
bidirectional character handling. Profiles for iSCSI, Kerberos 5, Nameprep,
SASL, and XMPP are included. Punycode and ASCII Compatible Encoding (ACE) via
IDNA are supported.


Required to build:
[pkgtools/cwrappers]

Master sites: (Expand)

SHA1: 57872fdc665dcc585e16f4ac0bb35374b1103f7e
RMD160: b6bff80e6d5b5e3ee15a52378d42c7b9074a627d
Filesize: 3419 KB

Version history: (Expand)


CVS history: (Expand)


   2017-01-19 19:52:30 by Alistair G. Crooks | Files touched by this commit (352)
Log message:
Convert all occurrences (353 by my count) of

	MASTER_SITES= 	site1 \
			site2

style continuation lines to be simple repeated

	MASTER_SITES+= site1
	MASTER_SITES+= site2

lines. As previewed on tech-pkg. With thanks to rillig for fixing pkglint
accordingly.
   2016-07-21 13:51:28 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Updated libidn to 1.33.

* Version 1.33 (released 2016-07-20) [beta]

** libidn: Fix out-of-bounds stack read in idna_to_ascii_4i.
See tests/tst_toascii64oob.c for regression check (and the comment in
it how to use it).  Reported by Hanno Böck <hanno@hboeck.de>.

** idn: Solve out-of-bounds-read when reading one zero byte as input.
Also replaced fgets with getline.  Reported by Hanno Böck <hanno@hboeck.de>.

** libidn: stringprep_utf8_nfkc_normalize reject invalid UTF-8.
It was always documented to only accept UTF-8 data, but now it doesn't
crash when presented with such data.  Reported by Hanno Böck.

** Dropped valgrind suppressions file, should no longer be needed.

** API and ABI is backwards compatible with the previous version.
   2016-07-09 08:39:18 by Thomas Klausner | Files touched by this commit (1068) | Package updated
Log message:
Bump PKGREVISION for perl-5.24.0 for everything mentioning perl.
   2016-02-25 13:12:50 by Jonathan Perkin | Files touched by this commit (39)
Log message:
Use OPSYSVARS.
   2015-11-03 04:29:40 by Alistair G. Crooks | Files touched by this commit (1995)
Log message:
Add SHA512 digests for distfiles for devel category

Issues found with existing distfiles:
	distfiles/eclipse-sourceBuild-srcIncluded-3.0.1.zip
	distfiles/fortran-utils-1.1.tar.gz
	distfiles/ivykis-0.39.tar.gz
	distfiles/enum-1.11.tar.gz
	distfiles/pvs-3.2-libraries.tgz
	distfiles/pvs-3.2-linux.tgz
	distfiles/pvs-3.2-solaris.tgz
	distfiles/pvs-3.2-system.tgz
No changes made to these distinfo files.

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-08-06 09:54:57 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Update to 1.32:

* Version 1.32 (released 2015-08-01) [beta]

** libidn: Fix crash in idna_to_unicode_8z8z and idna_to_unicode_8zlz.
This problem was introduced in 1.31.  Reported by Adam Sampson.

** API and ABI is backwards compatible with the previous version.
   2015-07-09 16:02:04 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Update to 1.31:

* Version 1.31 (released 2015-07-08) [bet

** libidn: stringprep_utf8_to_ucs4 now rejects invalid UTF-8. CVE-2015-2059
This function has always been documented to not validate that the
input UTF-8 string is actually valid UTF-8.  Like the rest of the API,
when you call a function that works on UTF-8 data, you have to pass it
valid UTF-8 data.  Application writers appear to have difficulties
using interfaces designed like that, as bugs triggered by invalid
UTF-8 has been identified in a number of projects (jabberd2, gnutls,
wget, and curl).  While we could introduce a new API to perform UTF-8
validation, so that applications can easily implement the proper
checks, this appear error prone because there is a risk that the check
will be forgotten.  Instead, we took the more radical approach of
modifying the documentation and the implementation of the API.  The
intention is that all functions that accepts UTF-8 data should
validate it before use.  This will solve the problem for applications,
without needing to change them.  This change has the unfortunate
side-effect that Surrogate codes (see section 5.5 of RFC 3454) no
longer trigger the STRINGPREP_CONTAINS_PROHIBITED error code but
instead will trigger the newly introduced STRINGPREP_ICONV_ERROR error
code, as the gnulib/libunistring-based code that we use to test
UTF-8-compliance rejects Surrogate codes.  We hope that this is an
acceptable cost to live with in order to improve application security.
We welcome feedback on this solution, and we are marking this release
as beta rather than stable to signal that we may reconsider this
approach if people disagree.  Reported by several people including
Thijs Alkemade, Gustavo Grieco, Daniel Stenberg, and Nikos
Mavrogiannopoulos.

** libidn: Added STRINGPREP_ICONV_ERROR error code.

** libidn: Workaround valgrind/gcc/glibc issue.
Valgrind reported a 'Invalid read of size 4' that was caused by
optimized strlen implementation.  Reported and patch by Alessandro
Ghedini <alessandro@ghedini.me>.

** build: Use LOG_COMPILER instead of TESTS_ENVIRONMENT to fix valgrind use.
Errors caught by valgrind did not always trigger 'make check' failures
before.

** i18n: Updated Danish translation.
Thanks to Joe Hansen.

** API and ABI is backwards compatible with the previous version.
   2015-06-12 12:52:19 by Thomas Klausner | Files touched by this commit (3152)
Log message:
Recursive PKGREVISION bump for all packages mentioning 'perl',
having a PKGNAME of p5-*, or depending such a package,
for perl-5.22.0.