From 2a82c3ea79ecdd903ad446f0303896d89fc07a18 Mon Sep 17 00:00:00 2001
From: Ørjan Malde <red@foxi.me>
Date: May 14 2022 13:21:02 +0000
Subject: groups/251.native_packages_lib.group: fribidi: bump to v1.0.12


Signed-off-by: Ørjan Malde <red@foxi.me>

---

diff --git a/groups/251.native_packages_lib.group b/groups/251.native_packages_lib.group
index 83d74a2..1e13192 100644
--- a/groups/251.native_packages_lib.group
+++ b/groups/251.native_packages_lib.group
@@ -15,8 +15,8 @@ sdl1_image sdl1_ttf sdl2 sdl2_image sdl2_ttf sdl2_net wolfssl")";
 : ${PKG_BEARSSL_URL:=https://bearssl.org/bearssl-${PKG_BEARSSL_VERSION}.tar.gz};
 : ${PKG_BEARSSL_IN_TREE:=1};
 : ${PKG_BEARSSL_MAKEFLAGS_BUILD:="DESTDIR=${PREFIX_NATIVE}"};
-: ${PKG_FRIBIDI_SHA256SUM:=30f93e9c63ee627d1a2cedcf59ac34d45bf30240982f99e44c6e015466b4e73d};
-: ${PKG_FRIBIDI_VERSION:=1.0.11};
+: ${PKG_FRIBIDI_SHA256SUM:=0cd233f97fc8c67bb3ac27ce8440def5d3ffacf516765b91c2cc654498293495};
+: ${PKG_FRIBIDI_VERSION:=1.0.12};
 : ${PKG_FRIBIDI_URL:=https://github.com/fribidi/fribidi/releases/download/v${PKG_FRIBIDI_VERSION}/fribidi-${PKG_FRIBIDI_VERSION}.tar.xz};
 : ${PKG_GLIB_DEPENDS:="libffi libz pcre libiconv"};
 : ${PKG_GLIB_SHA256SUM:=d64abd16813501c956c4e123ae79f47f1b58de573df9fdd3b0795f1e2c1aa789};
diff --git a/patches/fribidi/CVE-2022-25308.patch b/patches/fribidi/CVE-2022-25308.patch
deleted file mode 100644
index 052bfd7..0000000
--- a/patches/fribidi/CVE-2022-25308.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-From ad3a19e6372b1e667128ed1ea2f49919884587e1 Mon Sep 17 00:00:00 2001
-From: Akira TAGOH <akira@tagoh.org>
-Date: Thu, 17 Feb 2022 17:30:12 +0900
-Subject: [PATCH] Fix the stack buffer overflow issue
-
-strlen() could returns 0. Without a conditional check for len,
-accessing S_ pointer with len - 1 may causes a stack buffer overflow.
-
-AddressSanitizer reports this like:
-==1219243==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffdce043c1f at pc 0x000000403547 bp 0x7ffdce0
-43b30 sp 0x7ffdce043b28
-READ of size 1 at 0x7ffdce043c1f thread T0
-    #0 0x403546 in main ../bin/fribidi-main.c:393
-    #1 0x7f226804e58f in __libc_start_call_main (/lib64/libc.so.6+0x2d58f)
-    #2 0x7f226804e648 in __libc_start_main_impl (/lib64/libc.so.6+0x2d648)
-    #3 0x4036f4 in _start (/tmp/fribidi/build/bin/fribidi+0x4036f4)
-
-Address 0x7ffdce043c1f is located in stack of thread T0 at offset 63 in frame
-    #0 0x4022bf in main ../bin/fribidi-main.c:193
-
-  This frame has 5 object(s):
-    [32, 36) 'option_index' (line 233)
-    [48, 52) 'base' (line 386)
-    [64, 65064) 'S_' (line 375) <== Memory access at offset 63 underflows this variable
-    [65328, 130328) 'outstring' (line 385)
-    [130592, 390592) 'logical' (line 384)
-
-This fixes https://github.com/fribidi/fribidi/issues/181
----
- bin/fribidi-main.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/bin/fribidi-main.c b/bin/fribidi-main.c
-index 3cf9fe1..3ae4fb6 100644
---- a/bin/fribidi-main.c
-+++ b/bin/fribidi-main.c
-@@ -390,7 +390,7 @@ FRIBIDI_END_IGNORE_DEPRECATIONS
- 	    S_[sizeof (S_) - 1] = 0;
- 	    len = strlen (S_);
- 	    /* chop */
--	    if (S_[len - 1] == '\n')
-+	    if (len > 0 && S_[len - 1] == '\n')
- 	      {
- 		len--;
- 		S_[len] = '\0';
diff --git a/patches/fribidi/CVE-2022-25309.patch b/patches/fribidi/CVE-2022-25309.patch
deleted file mode 100644
index 3dc9fd9..0000000
--- a/patches/fribidi/CVE-2022-25309.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From f22593b82b5d1668d1997dbccd10a9c31ffea3b3 Mon Sep 17 00:00:00 2001
-From: Dov Grobgeld <dov.grobgeld@gmail.com>
-Date: Fri, 25 Mar 2022 09:09:49 +0300
-Subject: [PATCH] Protected against garbage in the CapRTL encoder
-
----
- lib/fribidi-char-sets-cap-rtl.c | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/lib/fribidi-char-sets-cap-rtl.c b/lib/fribidi-char-sets-cap-rtl.c
-index b0c0e4a..f74e010 100644
---- a/lib/fribidi-char-sets-cap-rtl.c
-+++ b/lib/fribidi-char-sets-cap-rtl.c
-@@ -232,7 +232,12 @@ fribidi_cap_rtl_to_unicode (
- 	    }
- 	}
-       else
--	us[j++] = caprtl_to_unicode[(int) s[i]];
-+      {
-+        if ((int)s[i] < 0)
-+          us[j++] = '?';
-+        else
-+          us[j++] = caprtl_to_unicode[(int) s[i]];
-+      }
-     }
- 
-   return j;
diff --git a/patches/fribidi/CVE-2022-25310.patch b/patches/fribidi/CVE-2022-25310.patch
deleted file mode 100644
index a1d05c0..0000000
--- a/patches/fribidi/CVE-2022-25310.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 175850b03e1af251d705c1d04b2b9b3c1c06e48f Mon Sep 17 00:00:00 2001
-From: Akira TAGOH <akira@tagoh.org>
-Date: Thu, 17 Feb 2022 19:06:10 +0900
-Subject: [PATCH] Fix SEGV issue in fribidi_remove_bidi_marks
-
-Escape from fribidi_remove_bidi_marks() immediately if str is null.
-
-This fixes https://github.com/fribidi/fribidi/issues/183
----
- lib/fribidi.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/lib/fribidi.c b/lib/fribidi.c
-index f5da0da..70bdab2 100644
---- a/lib/fribidi.c
-+++ b/lib/fribidi.c
-@@ -74,7 +74,7 @@ fribidi_remove_bidi_marks (
-   fribidi_boolean status = false;
- 
-   if UNLIKELY
--    (len == 0)
-+    (len == 0 || str == NULL)
-     {
-       status = true;
-       goto out;