b***@artifex.com
2017-11-23 10:06:31 UTC
http://bugs.ghostscript.com/show_bug.cgi?id=698774
Bug ID: 698774
Summary: [configure] Add support for libidn2 and prefer it over
libidn
Product: Ghostscript
Version: 9.22
Hardware: PC
OS: Linux
Status: UNCONFIRMED
Severity: normal
Priority: P4
Component: Build Process
Assignee: ***@artifex.com
Reporter: ***@redhat.com
QA Contact: gs-***@ghostscript.com
Word Size: ---
Hello guys,
as we already discussed it on IRC, I'm creating this BZ so this issue is not
forgotten... :)
Description of problem:
-----------------------
Internationalized domain names exist for quite some time (IDNA2003), although
the protocols describing them have evolved in an incompatible way (IDNA2008).
These incompatibilities will prevent applications written for IDNA2003 to
access certain problematic domain names defined with IDNA2008, e.g., faß.de is
translated to domain xn--fa-hia.de with IDNA2008, while in IDNA2003 it is
translated to fass.de domain. That not only causes incompatibility problems,
but may be used as an attack vector to redirect users to different web sites.
The change is about deprecating libidn, which supports IDNA2003, and switch all
applications using libidn, to libidn2 2.0.0, which supports IDNA2008. The
switch should be transparent as the libidn2 library is API compatible.
See instructions at:
--------------------
https://libidn.gitlab.io/libidn2/manual/libidn2.html#Converting-from-libidn
More info can be found on Fedora wiki:
--------------------------------------
https://fedoraproject.org/wiki/Changes/IDNA2008
Solution:
---------
Most likely the change to ./configure should be enough in a way that it looks
for 'libidn2' by default, and prefers it over the 'libidn' if both of them are
found.
Best regards,
-- Dee'Kej --
Bug ID: 698774
Summary: [configure] Add support for libidn2 and prefer it over
libidn
Product: Ghostscript
Version: 9.22
Hardware: PC
OS: Linux
Status: UNCONFIRMED
Severity: normal
Priority: P4
Component: Build Process
Assignee: ***@artifex.com
Reporter: ***@redhat.com
QA Contact: gs-***@ghostscript.com
Word Size: ---
Hello guys,
as we already discussed it on IRC, I'm creating this BZ so this issue is not
forgotten... :)
Description of problem:
-----------------------
Internationalized domain names exist for quite some time (IDNA2003), although
the protocols describing them have evolved in an incompatible way (IDNA2008).
These incompatibilities will prevent applications written for IDNA2003 to
access certain problematic domain names defined with IDNA2008, e.g., faß.de is
translated to domain xn--fa-hia.de with IDNA2008, while in IDNA2003 it is
translated to fass.de domain. That not only causes incompatibility problems,
but may be used as an attack vector to redirect users to different web sites.
The change is about deprecating libidn, which supports IDNA2003, and switch all
applications using libidn, to libidn2 2.0.0, which supports IDNA2008. The
switch should be transparent as the libidn2 library is API compatible.
See instructions at:
--------------------
https://libidn.gitlab.io/libidn2/manual/libidn2.html#Converting-from-libidn
More info can be found on Fedora wiki:
--------------------------------------
https://fedoraproject.org/wiki/Changes/IDNA2008
Solution:
---------
Most likely the change to ./configure should be enough in a way that it looks
for 'libidn2' by default, and prefers it over the 'libidn' if both of them are
found.
Best regards,
-- Dee'Kej --
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are receiving this mail because:
You are the QA Contact for the bug.