libidn: add fix for CVE-2017-14062
Add upstream patch fixing CVE-2017-14062:
Integer overflow in the decode_digit function in puny_decode.c in
Libidn2 before 2.0.4 allows remote attackers to cause a denial of
service or possibly have unspecified other impact.
This issue also affects libidn.
Unfortunately, the patch also triggers reconf of the documentation
subdirectory, since lib/punycode.c is listed in GDOC_SRC that is defined
in doc/Makefile.am. Add autoreconf to handle that.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 49cb795f7965328ce7a57cbc3736b0fc03919fe7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2 files changed