diff options
author | A. Wilcox <AWilcox@Wilcox-Tech.com> | 2019-12-28 19:34:19 +0000 |
---|---|---|
committer | A. Wilcox <AWilcox@Wilcox-Tech.com> | 2019-12-28 19:34:19 +0000 |
commit | 2de90f930161f1345e2a26c2609724dd01de0c5b (patch) | |
tree | f01adb662d4f2f50a9413489f6c9259dbbcd37c2 | |
parent | ddf0310cb98dabbecff4d59c440e8bcdd7624fa6 (diff) | |
download | packages-2de90f930161f1345e2a26c2609724dd01de0c5b.tar.gz packages-2de90f930161f1345e2a26c2609724dd01de0c5b.tar.bz2 packages-2de90f930161f1345e2a26c2609724dd01de0c5b.tar.xz packages-2de90f930161f1345e2a26c2609724dd01de0c5b.zip |
user/wavpack: Bump to 5.2.0, drop upstreamed CVE patch
-rw-r--r-- | user/wavpack/APKBUILD | 15 | ||||
-rw-r--r-- | user/wavpack/cve2018-19841.patch | 29 |
2 files changed, 5 insertions, 39 deletions
diff --git a/user/wavpack/APKBUILD b/user/wavpack/APKBUILD index e59ef255e..45b2f7895 100644 --- a/user/wavpack/APKBUILD +++ b/user/wavpack/APKBUILD @@ -2,8 +2,8 @@ # Contributor: Carlo Landmeter # Maintainer: pkgname=wavpack -pkgver=5.1.0 -pkgrel=4 +pkgver=5.2.0 +pkgrel=0 pkgdesc="Audio compression format with lossless, lossy, and hybrid compression modes" url="http://www.wavpack.com/" arch="all" @@ -14,7 +14,6 @@ makedepends="" subpackages="$pkgname-dev $pkgname-doc" source="http://www.wavpack.com/$pkgname-$pkgver.tar.bz2 cve2018-19840.patch - cve2018-19841.patch " # secfixes: @@ -28,9 +27,7 @@ source="http://www.wavpack.com/$pkgname-$pkgver.tar.bz2 # - CVE-2016-10172 build() { - cd "$builddir" - - local _arch_opts= + _arch_opts="" case "$CARCH" in x86 | x86_64) _arch_opts="--enable-mmx" ;; esac @@ -48,10 +45,8 @@ build() { } package() { - cd "$builddir" make DESTDIR="$pkgdir" install } -sha512sums="4c31616ae63c3a875afa20f26ce935f7a8f9921e2892b4b8388eca3ccd83b2d686f43eed8b9ec1dead934a1148401b9dced3b05f509b7942c48d7af31cf80a54 wavpack-5.1.0.tar.bz2 -67d02dd744c638d126cf5a894d1ff2c39726bd4d3771ef7410ea782e5c9a0f9341909432bd4bea9b8959891c38699601c1aac2da6e0eaddaa5a4d679e7f58dd2 cve2018-19840.patch -dba007fa8cb2537b6f6c8ee559a98e501e948260ce7e7af7d3fdc8c9145bbbbf85c8fed8030de354459c4b08d3015a0ea769a948636bdfd66e567c0a2d2493c6 cve2018-19841.patch" +sha512sums="456da78fb5d01b33a8ed71b43cb6809a25ca0d54e53858b93bbb3eb26923bfa6de4c6a3c01caca947c0852aea74d1b14667205dae344148a01619e67eb2c7e71 wavpack-5.2.0.tar.bz2 +67d02dd744c638d126cf5a894d1ff2c39726bd4d3771ef7410ea782e5c9a0f9341909432bd4bea9b8959891c38699601c1aac2da6e0eaddaa5a4d679e7f58dd2 cve2018-19840.patch" diff --git a/user/wavpack/cve2018-19841.patch b/user/wavpack/cve2018-19841.patch deleted file mode 100644 index 6872ed91e..000000000 --- a/user/wavpack/cve2018-19841.patch +++ /dev/null @@ -1,29 +0,0 @@ -From bba5389dc598a92bdf2b297c3ea34620b6679b5b Mon Sep 17 00:00:00 2001 -From: David Bryant <david@wavpack.com> -Date: Thu, 29 Nov 2018 21:53:51 -0800 -Subject: [PATCH] issue #54: fix potential out-of-bounds heap read - ---- - src/open_utils.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/open_utils.c b/src/open_utils.c -index 80051fc..4fe0d67 100644 ---- a/src/open_utils.c -+++ b/src/open_utils.c -@@ -1258,13 +1258,13 @@ int WavpackVerifySingleBlock (unsigned char *buffer, int verify_checksum) - #endif - - if (meta_bc == 4) { -- if (*dp++ != (csum & 0xff) || *dp++ != ((csum >> 8) & 0xff) || *dp++ != ((csum >> 16) & 0xff) || *dp++ != ((csum >> 24) & 0xff)) -+ if (*dp != (csum & 0xff) || dp[1] != ((csum >> 8) & 0xff) || dp[2] != ((csum >> 16) & 0xff) || dp[3] != ((csum >> 24) & 0xff)) - return FALSE; - } - else { - csum ^= csum >> 16; - -- if (*dp++ != (csum & 0xff) || *dp++ != ((csum >> 8) & 0xff)) -+ if (*dp != (csum & 0xff) || dp[1] != ((csum >> 8) & 0xff)) - return FALSE; - } - |