diff options
author | Max Rees <maxcrees@me.com> | 2020-03-21 14:01:02 -0500 |
---|---|---|
committer | Max Rees <maxcrees@me.com> | 2020-03-21 14:02:57 -0500 |
commit | 988d22dd710713d46c13c0b08f045aa2ce4f69d9 (patch) | |
tree | e935058145b880da9cb46f7e9addd860e33782e1 | |
parent | 9f0f9cf4b52840ea0d566572659a2bd8226b147f (diff) | |
download | packages-988d22dd710713d46c13c0b08f045aa2ce4f69d9.tar.gz packages-988d22dd710713d46c13c0b08f045aa2ce4f69d9.tar.bz2 packages-988d22dd710713d46c13c0b08f045aa2ce4f69d9.tar.xz packages-988d22dd710713d46c13c0b08f045aa2ce4f69d9.zip |
user/wavpack: drop upstreamed patch, update secfixes for 5.2.0 (#129)
The patch for CVE-2018-19840 was already upstreamed in 5.2.0, but
patch(1) helpfully still applied it which results in (harmlessly)
checking the same condition twice.
https://github.com/dbry/WavPack/commit/070ef6f138956d9ea9612e69586152339dbefe51
-rw-r--r-- | user/wavpack/APKBUILD | 31 | ||||
-rw-r--r-- | user/wavpack/cve2018-19840.patch | 25 |
2 files changed, 21 insertions, 35 deletions
diff --git a/user/wavpack/APKBUILD b/user/wavpack/APKBUILD index 45b2f7895..db868c74f 100644 --- a/user/wavpack/APKBUILD +++ b/user/wavpack/APKBUILD @@ -3,7 +3,7 @@ # Maintainer: pkgname=wavpack pkgver=5.2.0 -pkgrel=0 +pkgrel=1 pkgdesc="Audio compression format with lossless, lossy, and hybrid compression modes" url="http://www.wavpack.com/" arch="all" @@ -12,19 +12,30 @@ license="BSD-3-Clause" depends="" makedepends="" subpackages="$pkgname-dev $pkgname-doc" -source="http://www.wavpack.com/$pkgname-$pkgver.tar.bz2 - cve2018-19840.patch - " +source="http://www.wavpack.com/$pkgname-$pkgver.tar.bz2" # secfixes: +# 5.2.0-r0: +# - CVE-2018-6767 +# - CVE-2018-7253 +# - CVE-2018-7254 +# - CVE-2018-10536 +# - CVE-2018-10537 +# - CVE-2018-10538 +# - CVE-2018-10539 +# - CVE-2018-10540 +# - CVE-2019-11498 +# - CVE-2019-1010315 +# - CVE-2019-1010317 +# - CVE-2019-1010319 # 5.1.0-r4: -# - CVE-2018-19840 -# - CVE-2018-19840 +# - CVE-2018-19840 +# - CVE-2018-19841 # 5.1.0-r0: -# - CVE-2016-10169 -# - CVE-2016-10170 -# - CVE-2016-10171 -# - CVE-2016-10172 +# - CVE-2016-10169 +# - CVE-2016-10170 +# - CVE-2016-10171 +# - CVE-2016-10172 build() { _arch_opts="" diff --git a/user/wavpack/cve2018-19840.patch b/user/wavpack/cve2018-19840.patch deleted file mode 100644 index 2da022025..000000000 --- a/user/wavpack/cve2018-19840.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 070ef6f138956d9ea9612e69586152339dbefe51 Mon Sep 17 00:00:00 2001 -From: David Bryant <david@wavpack.com> -Date: Thu, 29 Nov 2018 21:00:42 -0800 -Subject: [PATCH] issue #53: error out on zero sample rate - ---- - src/pack_utils.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/src/pack_utils.c b/src/pack_utils.c -index 2253f0d..2a83497 100644 ---- a/src/pack_utils.c -+++ b/src/pack_utils.c -@@ -195,6 +195,11 @@ int WavpackSetConfiguration64 (WavpackContext *wpc, WavpackConfig *config, int64 - int num_chans = config->num_channels; - int i; - -+ if (!config->sample_rate) { -+ strcpy (wpc->error_message, "sample rate cannot be zero!"); -+ return FALSE; -+ } -+ - wpc->stream_version = (config->flags & CONFIG_COMPATIBLE_WRITE) ? CUR_STREAM_VERS : MAX_STREAM_VERS; - - if ((config->qmode & QMODE_DSD_AUDIO) && config->bytes_per_sample == 1 && config->bits_per_sample == 8) { |