[main] Upgrading oniguruma to v6.9.7.1 (#1997)

* oniguruma upgrade to 6.9.7.1

* adding subversion

* updating cgmanifest

* correcting licensing

* applied linting

* correction subversioning

* removing patch file

SPECS/oniguruma/CVE-2020-26159.patch

@@ -1,22 +0,0 @@
-From cbe9f8bd9cfc6c3c87a60fbae58fa1a85db59df0 Mon Sep 17 00:00:00 2001
-From: "K.Kosako" <kkosako0@gmail.com>
-Date: Mon, 21 Sep 2020 12:58:29 +0900
-Subject: [PATCH] #207: Out-of-bounds write
-
----
- src/regcomp.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/regcomp.c b/src/regcomp.c
-index f6494b6d..a0a68561 100644
---- a/src/regcomp.c
-+++ b/src/regcomp.c
-@@ -6257,7 +6257,7 @@ concat_opt_exact_str(OptStr* to, UChar* s, UChar* end, OnigEncoding enc)
- 
-   for (i = to->len, p = s; p < end && i < OPT_EXACT_MAXLEN; ) {
-     len = enclen(enc, p);
--    if (i + len > OPT_EXACT_MAXLEN) break;
-+    if (i + len >= OPT_EXACT_MAXLEN) break;
-     for (j = 0; j < len && p < end; j++)
-       to->s[i++] = *p++;
-   }

SPECS/oniguruma/oniguruma.signatures.json

@@ -1,5 +1,5 @@
 {
  "Signatures": {
-  "onig-6.9.5.tar.gz": "2f25cc3165e6da4b12dcabdb6b77c48f436d835e127ec2e3cad7abae9ea8e9a6"
+  "onig-6.9.7.1.tar.gz": "6444204b9c34e6eb6c0b23021ce89a0370dad2b2f5c00cd44c342753e0b204d9"
  }
 }

SPECS/oniguruma/oniguruma.spec

@@ -1,15 +1,15 @@
-Name:           oniguruma
-Version:        6.9.5
-Release:        2%{?dist}
-License:        BSD
+%define major_version %(echo %{version} | cut -d. -f1-3)
+
 Summary:        Regular expressions library
-Group:          System Environment/Libraries
+Name:           oniguruma
+Version:        6.9.7.1
+Release:        1%{?dist}
+License:        BSD
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
+Group:          System Environment/Libraries
 URL:            https://github.com/kkos/oniguruma/
 Source0:        https://github.com/kkos/oniguruma/releases/download/v%{version}/onig-%{version}.tar.gz
-# https://github.com/kkos/oniguruma/commit/cbe9f8bd9cfc6c3c87a60fbae58fa1a85db59df0.patch
-Patch0:         CVE-2020-26159.patch
 
 %description
 Oniguruma is a regular expressions library.
@@ -26,8 +26,7 @@ Requires:       oniguruma = %{version}-%{release}
 Development files for libonig
 
 %prep
-%autosetup -n onig-%{version} -p1
-
+%autosetup -n onig-%{major_version} -p1
 
 %build
 %configure                     \
@@ -41,42 +40,53 @@ make
 make install \
         DESTDIR=%{buildroot}  \
         INSTALL="install -c -p"
-find %{buildroot}/%{_libdir} -name '*.la' -delete
+find %{buildroot} -type f -name "*.la" -delete -print
 
 %check
 make  check
-%post -p /sbin/ldconfig
-%postun -p /sbin/ldconfig
+%ldconfig_scriptlets
 
 %files
 %{_libdir}/libonig.so.*
 
 %files devel
 %defattr(-,root,root,-)
-%doc    AUTHORS
-%license        COPYING
-%doc    README
-%doc    index.html
-%lang(ja)       %doc    README_japanese
-%lang(ja)       %doc    index_ja.html
+%doc AUTHORS
+%license COPYING
+%doc README
+%doc index.html
+%lang(ja) %doc README_japanese
+%lang(ja) %doc index_ja.html
 %{_bindir}/onig-config
 %{_libdir}/libonig.so
 %{_includedir}/onig*.h
 %{_libdir}/pkgconfig/%{name}.pc
 
 %changelog
+* Mon Jan 24 2022 Max Brodeur-Urbas <maxbr@microsoft.com> - 6.9.7.1-1
+- Upgraded to 6.9.7.1
+- Added majorversion variable.
+- License verified.
+- Linted.
+
 * Thu Oct 15 2020 Emre Girgin <mrgirgin@microsoft.com> 6.9.5-2
 - Fix CVE-2020-26159. 
+
 * Tue May 19 2020 Andrew Phelps <anphel@microsoft.com> 6.9.5-1
 - Upgrade to 6.9.5.
+
 * Wed Apr 22 2020 Emre Girgin <mrgirgin@microsoft.com> 6.9.0-4
 - Fix CVE-2019-19012.
+
 * Tue Sep 03 2019 Mateusz Malisz <mamalisz@microsoft.com> 6.9.0-3
 - Initial CBL-Mariner import from Photon (license: Apache2).
+
 * Mon Jul 15 2019 Dweep Advani <dadvani@vmware.com> 6.9.0-2
 - Fixed CVE-2019-13224
+
 * Mon Sep 10 2018 Him Kalyan Bordoloi <bordoloih@vmware.com> 6.9.0-1
 - Upgrade to 6.9.0
 - Created devel package
+
 * Tue Aug 22 2017 Chang Lee <changlee@vmware.com> 6.5.0-1
 - Initial version

cgmanifest.json

@@ -15514,8 +15514,8 @@
         "type": "other",
         "other": {
           "name": "oniguruma",
-          "version": "6.9.5",
-          "downloadUrl": "https://github.com/kkos/oniguruma/releases/download/v6.9.5/onig-6.9.5.tar.gz"
+          "version": "6.9.7.1",
+          "downloadUrl": "https://github.com/kkos/oniguruma/releases/download/v6.9.7.1/onig-6.9.7.1.tar.gz"
         }
       }
     },