diff options
author | A. Wilcox <awilcox@wilcox-tech.com> | 2020-03-28 21:20:16 +0000 |
---|---|---|
committer | A. Wilcox <awilcox@wilcox-tech.com> | 2020-03-28 21:20:16 +0000 |
commit | d5a2d4b0847392305e7de2bca65d30987bd0ca7e (patch) | |
tree | 6abd9673142dfece523ff5e5379b862080aa0e65 /system/bubblewrap/APKBUILD | |
parent | 2e865b057fa79fa5f65240dd6634c91824f3f480 (diff) | |
parent | 29d357bdc4c7296befb3b35cd3ac3d17aa561bdb (diff) | |
download | packages-d5a2d4b0847392305e7de2bca65d30987bd0ca7e.tar.gz packages-d5a2d4b0847392305e7de2bca65d30987bd0ca7e.tar.bz2 packages-d5a2d4b0847392305e7de2bca65d30987bd0ca7e.tar.xz packages-d5a2d4b0847392305e7de2bca65d30987bd0ca7e.zip |
Merge branch 'bump/misc/2020.03.23' into 'master'
Miscellaneous bumps for 2020.03.23
See merge request adelie/packages!417
Diffstat (limited to 'system/bubblewrap/APKBUILD')
-rw-r--r-- | system/bubblewrap/APKBUILD | 33 |
1 files changed, 17 insertions, 16 deletions
diff --git a/system/bubblewrap/APKBUILD b/system/bubblewrap/APKBUILD index c4ae4fa31..d51d14ae7 100644 --- a/system/bubblewrap/APKBUILD +++ b/system/bubblewrap/APKBUILD @@ -1,7 +1,7 @@ # Contributor: Timo Teräs <timo.teras@iki.fi> # Maintainer: Max Rees <maxcrees@me.com> pkgname=bubblewrap -pkgver=0.3.3 +pkgver=0.4.0 pkgrel=0 pkgdesc="Unprivileged sandboxing tool" url="https://github.com/projectatomic/bubblewrap" @@ -9,21 +9,21 @@ arch="all" options="!check suid" # requires suid to already be set in order to check license="LGPL-2.0+" makedepends="autoconf automake libcap-dev docbook-xsl" -checkdepends="sudo" +checkdepends="python3 sudo" subpackages="$pkgname-nosuid $pkgname-doc $pkgname-bash-completion:bashcomp:noarch" -source="bubblewrap-$pkgver.tar.gz::https://github.com/projectatomic/bubblewrap/archive/v$pkgver.tar.gz +source="bubblewrap-$pkgver.tar.gz::https://github.com/containers/bubblewrap/archive/v$pkgver.tar.gz realpath-workaround.patch - musl-fixes.patch - tests.patch" + tests.patch + " # secfixes: # 0.3.3-r0: -# - CVE-2019-12439 +# - CVE-2019-12439 prepare() { - srcdir= NOCONFIGURE=1 ./autogen.sh default_prepare + NOCONFIGURE=1 ./autogen.sh } build() { @@ -39,14 +39,16 @@ build() { } check() { - # Uses sudo to chown root and setuid $builddir/test-bwrap + # 1. chown root and chmod u+s $builddir/test-bwrap + # 2. Run abuild check (suid test) + # 3. Unset permissions on test-bwrap + # 4. Run abuild check again (nosuid test) # - # As of 0.3.3-r0, all tests pass on ppc64 except those relating - # to bind mounts over symlinks. Those tests fail because musl's - # realpath depends on the availability of /proc, which is not - # available in the middle of the setup procedure since pivot_root - # has been performed at least once. They have been patched to be - # skipped. + # As of 0.4.0, all tests pass except those relating to bind mounts + # over symlinks. Those tests fail because musl's realpath depends on + # the availability of /proc, which is not available in the middle of + # the setup procedure since pivot_root has been performed at least + # once. They have been patched to be skipped. make check } @@ -72,7 +74,6 @@ bashcomp() { mv "$pkgdir"/usr/share/bash-completion/ "$subpkgdir"/usr/share/ } -sha512sums="b1c38fad90ddaa23a5f2dd49f9ec3f9d9af7426af321ae9f7c43dd64f11a448b3502942a42112a1c6ebf8a4dea2e1196b17c31cca9c2f119dc2e0c1674c345ae bubblewrap-0.3.3.tar.gz +sha512sums="1957126e13900bbb1c9c885802f513006313836826938555899a8ad0e6c3ba47478eae0cc90f4aceff228663379b45203dce4fa57d6bfc489984670571232b97 bubblewrap-0.4.0.tar.gz 400a0446670ebf80f16739f1a7a2878aadc3099424f957ba09ec3df780506c23a11368f0578c9e352d7ca6473fa713df826fad7a20c50338aa5f9fa9ac6b84a4 realpath-workaround.patch -f59cda3b09dd99db9ca6d97099a15bb2523e054063d677502317ae3165ba2e32105a0ae8f877afc3827bd28d093c9d9d413270f4c87d9fe5f26f3eee670d916e musl-fixes.patch d572a6296729ab192dd4f04707e0271df600d565897ce089b7f00b9ae6c62e71a087e864b4c4972e0a64aeb222a337ff4ed95560620c200cc44534db1ca79efd tests.patch" |