head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.2.0.10
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2012Q4:1.2.0.8
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2011Q4:1.2.0.6
	pkgsrc-2011Q4-base:1.2
	pkgsrc-2011Q2:1.2.0.4
	pkgsrc-2011Q2-base:1.2
	pkgsrc-2009Q4:1.2.0.2
	pkgsrc-2009Q4-base:1.2
	pkgsrc-2008Q4:1.1.0.12
	pkgsrc-2008Q4-base:1.1
	pkgsrc-2008Q3:1.1.0.10
	pkgsrc-2008Q3-base:1.1
	cube-native-xorg:1.1.0.8
	cube-native-xorg-base:1.1
	pkgsrc-2008Q2:1.1.0.6
	pkgsrc-2008Q2-base:1.1
	cwrapper:1.1.0.4
	pkgsrc-2008Q1:1.1.0.2
	pkgsrc-2008Q1-base:1.1;
locks; strict;
comment	@# @;


1.2
date	2009.03.25.22.30.19;	author he;	state dead;
branches;
next	1.1;

1.1
date	2008.03.20.17.07.54;	author drochner;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Update from version 3.6nb2 to 4.0.1.


Pkgsrc changes:
 o New MASTER_SITE
 o Adjust PLIST
 o Remove no-longer-needed patches, since corresponding changes
   have been adopted upstream
 o BUILDLINK_ABI_DEPENDS bumped to >=4.0, since a new shared library
   version is installed
 o Fixes security vulnerability, ref. below.

Dependent pkgsrc packages will have their revisions bumped shortly
due to the (possibly/probably) changed ABI.


Upstream changes:
4.0.1:
  ICU4C 4.0.1 is a maintenance release of ICU4J 4.0. The primary
  changes of this release were:

    * Updated time zone data to 2008i
    * Technical preview of string search implementation using
      Boyer-Moore algorithm (#6286). For detail information, please
      see the tech note here.
    * #5691 Conversion: consistent illegal sequences
    * #6435 Bad @@stable ICU4.0 tags
    * #6597 TestDisplayNamesMeta failure
    * #6670 Test failure in format/TimeZoneTest/TestShortZoneIDs

4.0:
  Major changes in ICU 4.0 include the following:

    * Common Changes
	  o Unicode 5.1 (#5696)
	  o Locale Data: ICU uses and supports data from Common
	    Locale Data Repository (CLDR) 1.6 , which includes many
	    improvements in quality and quantity of data.
	  o add/removeLikelySubtags (#6124)
	  o Charset converter file size improvement (#5987)
	  o Date Interval Formatting (#6157) Note: Calendar type
	    supported by this feature is Gregorian only in this
	    release.
	  o Improved Plural support
    * ICU4C Specific Changes
	    Additional Calendars
		+ Chinese (#4081)
		+ Coptic/Ethiopic (#4571)
    * ICU4J Specific Changes
	  o Charset
		+ Graduated from Technology Preview status
		+ ICU2022 Converter (#5791)
		+ HZ Converter (#6128)
		+ SCSU/BOCU-1 Converter (#2147)
		+ Charset Converter Callback (#6144)
	  o Thai Dictionary break iterator (#5385)
	  o JDK TimeZone support (#5975)
	  o Locale Service Provider (#5976)
	  o More convenient formatting of year+month, day+month,
	    and other combinations (#6304)
	  o Simple Duration Formatting (#6303)
    * ICU4C Security Fixes
      ICU4C 4.0 resolves the vulnerabilities CVE-2007-4770 and
      CVE-2007-4771 which were found in earlier versions of ICU.
      The standard ICU tests verify that these have been corrected,
      however, the updated versions of the previous tests may be
      run by applying the following patch to ICU 4.0: r24324. As
      well, ICU4C and ICU4J 4.0 resolve the issue underlying
      CVE-2008-1036.
@
text
@$NetBSD: patch-be,v 1.1 2008/03/20 17:07:54 drochner Exp $

--- test/intltest/regextst.cpp.orig	2005-07-05 20:39:00.000000000 +0200
+++ test/intltest/regextst.cpp
@@@@ -66,6 +66,10 @@@@ void RegexTest::runIndexedTest( int32_t 
         case 6: name = "PerlTests";
             if (exec) PerlTests();
             break;
+        case 7: name = "Bug 6149";
+            if (exec) Bug6149();
+            break;
+            
 
 
         default: name = "";
@@@@ -1637,6 +1641,13 @@@@ void RegexTest::Errors() {
     // UnicodeSet containing a string
     REGEX_ERR("abc[{def}]xyz", 1, 10, U_REGEX_SET_CONTAINS_STRING);
 
+    
+    // Invalid Back Reference \0
+    //    For ICU 3.8 and earlier
+    //    For ICU versions newer than 3.8, \0 introduces an octal escape.
+    //
+    REGEX_ERR("(ab)\\0", 1, 6, U_REGEX_INVALID_BACK_REF);
+
 }
 
 
@@@@ -2119,6 +2130,26 @@@@ void RegexTest::PerlTests() {
 }
 
 
+//--------------------------------------------------------------
+//
+//  Bug6149   Verify limits to heap expansion for backtrack stack.
+//             Use this pattern,
+//                 "(a?){1,}"
+//             The zero-length match will repeat forever.
+//                (That this goes into a loop is another bug)
+//
+//---------------------------------------------------------------
+void RegexTest::Bug6149() {
+    UnicodeString pattern("(a?){1,}");
+    UnicodeString s("xyz");
+    uint32_t flags = 0;
+    UErrorCode status = U_ZERO_ERROR;
+    
+    RegexMatcher  matcher(pattern, s, flags, status);
+    UBool result = false;
+    REGEX_ASSERT_FAIL(result=matcher.matches(status), U_BUFFER_OVERFLOW_ERROR);
+    REGEX_ASSERT(result == FALSE);
+ }
 
 #endif  /* !UCONFIG_NO_REGULAR_EXPRESSIONS  */
 
@


1.1
log
@fix RE vulnerabilities (CVE-2007-(4770|4771)), patch from redhat
via Gentoo bug #208001,
bump PKGREVISION
@
text
@d1 1
a1 1
$NetBSD$
@