Skip to content

uriparser: update to version 0.9.8

Richard Muzik requested to merge feature/bump-uriparser-098 into develop

SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

  • Fixed: [CVE-2024-34402] Protect against integer overflow in ComposeQueryEngine
  • Fixed: [CVE-2024-34403] Protect against integer overflow in ComposeQueryMallocExMm

SECURITY >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

  • Changed: Require CMake >=3.5.0
  • Added: CMake option URIPARSER_SHARED_LIBS=(ON|OFF) to control, whether to produce a shared or static library for uriparser and that alone, falls back to standard BUILD_SHARED_LIBS if available, else defaults to "ON"
  • Improved: Document that scheme-based normalization a la section 6.2.3 of RFC 3986 is a responsibility of the application using uriparser
  • Improved: Document supported code points for functions uriEscape(Ex)W
  • Infrastructure: Update Clang from 15 to 18
  • Infrastructure: Adapt to breaking changes in Clang packaging
  • Infrastructure: Get sanitizer CFLAGS and LDFLAGS back in sync
  • Infrastructure: Pin GitHub Actions to specific commits for security
  • Soname: 1:31:0 — see https://verbump.de/ for what these numbers do
Edited by Richard Muzik

Merge request reports