summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMax Rees <maxcrees@me.com>2020-03-21 14:01:02 -0500
committerMax Rees <maxcrees@me.com>2020-03-21 14:02:57 -0500
commit988d22dd710713d46c13c0b08f045aa2ce4f69d9 (patch)
treee935058145b880da9cb46f7e9addd860e33782e1
parent9f0f9cf4b52840ea0d566572659a2bd8226b147f (diff)
downloadpackages-988d22dd710713d46c13c0b08f045aa2ce4f69d9.tar.gz
packages-988d22dd710713d46c13c0b08f045aa2ce4f69d9.tar.bz2
packages-988d22dd710713d46c13c0b08f045aa2ce4f69d9.tar.xz
packages-988d22dd710713d46c13c0b08f045aa2ce4f69d9.zip
user/wavpack: drop upstreamed patch, update secfixes for 5.2.0 (#129)
The patch for CVE-2018-19840 was already upstreamed in 5.2.0, but patch(1) helpfully still applied it which results in (harmlessly) checking the same condition twice. https://github.com/dbry/WavPack/commit/070ef6f138956d9ea9612e69586152339dbefe51
-rw-r--r--user/wavpack/APKBUILD31
-rw-r--r--user/wavpack/cve2018-19840.patch25
2 files changed, 21 insertions, 35 deletions
diff --git a/user/wavpack/APKBUILD b/user/wavpack/APKBUILD
index 45b2f7895..db868c74f 100644
--- a/user/wavpack/APKBUILD
+++ b/user/wavpack/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer:
pkgname=wavpack
pkgver=5.2.0
-pkgrel=0
+pkgrel=1
pkgdesc="Audio compression format with lossless, lossy, and hybrid compression modes"
url="http://www.wavpack.com/"
arch="all"
@@ -12,19 +12,30 @@ license="BSD-3-Clause"
depends=""
makedepends=""
subpackages="$pkgname-dev $pkgname-doc"
-source="http://www.wavpack.com/$pkgname-$pkgver.tar.bz2
- cve2018-19840.patch
- "
+source="http://www.wavpack.com/$pkgname-$pkgver.tar.bz2"
# secfixes:
+# 5.2.0-r0:
+# - CVE-2018-6767
+# - CVE-2018-7253
+# - CVE-2018-7254
+# - CVE-2018-10536
+# - CVE-2018-10537
+# - CVE-2018-10538
+# - CVE-2018-10539
+# - CVE-2018-10540
+# - CVE-2019-11498
+# - CVE-2019-1010315
+# - CVE-2019-1010317
+# - CVE-2019-1010319
# 5.1.0-r4:
-# - CVE-2018-19840
-# - CVE-2018-19840
+# - CVE-2018-19840
+# - CVE-2018-19841
# 5.1.0-r0:
-# - CVE-2016-10169
-# - CVE-2016-10170
-# - CVE-2016-10171
-# - CVE-2016-10172
+# - CVE-2016-10169
+# - CVE-2016-10170
+# - CVE-2016-10171
+# - CVE-2016-10172
build() {
_arch_opts=""
diff --git a/user/wavpack/cve2018-19840.patch b/user/wavpack/cve2018-19840.patch
deleted file mode 100644
index 2da022025..000000000
--- a/user/wavpack/cve2018-19840.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 070ef6f138956d9ea9612e69586152339dbefe51 Mon Sep 17 00:00:00 2001
-From: David Bryant <david@wavpack.com>
-Date: Thu, 29 Nov 2018 21:00:42 -0800
-Subject: [PATCH] issue #53: error out on zero sample rate
-
----
- src/pack_utils.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/src/pack_utils.c b/src/pack_utils.c
-index 2253f0d..2a83497 100644
---- a/src/pack_utils.c
-+++ b/src/pack_utils.c
-@@ -195,6 +195,11 @@ int WavpackSetConfiguration64 (WavpackContext *wpc, WavpackConfig *config, int64
- int num_chans = config->num_channels;
- int i;
-
-+ if (!config->sample_rate) {
-+ strcpy (wpc->error_message, "sample rate cannot be zero!");
-+ return FALSE;
-+ }
-+
- wpc->stream_version = (config->flags & CONFIG_COMPATIBLE_WRITE) ? CUR_STREAM_VERS : MAX_STREAM_VERS;
-
- if ((config->qmode & QMODE_DSD_AUDIO) && config->bytes_per_sample == 1 && config->bits_per_sample == 8) {