diff options
author | A. Wilcox <awilcox@wilcox-tech.com> | 2020-03-10 02:44:11 +0000 |
---|---|---|
committer | A. Wilcox <awilcox@wilcox-tech.com> | 2020-03-10 02:44:11 +0000 |
commit | b2b91cc7b341c21dd2754f766e3688d1cd8683cd (patch) | |
tree | 89eb840eb4db48f40d8e3b4315b883b108d3b71e /user/exiv2/APKBUILD | |
parent | 757c7417918541af9e656e023b2ead86998a07d9 (diff) | |
parent | 2da62e2b9ab827bf6930e008d51cd0ab468dbd1b (diff) | |
download | packages-b2b91cc7b341c21dd2754f766e3688d1cd8683cd.tar.gz packages-b2b91cc7b341c21dd2754f766e3688d1cd8683cd.tar.bz2 packages-b2b91cc7b341c21dd2754f766e3688d1cd8683cd.tar.xz packages-b2b91cc7b341c21dd2754f766e3688d1cd8683cd.zip |
Merge branch 'cves.2020.02.28' into 'master'
CVE patches for 2020.02.28
See merge request adelie/packages!408
Diffstat (limited to 'user/exiv2/APKBUILD')
-rw-r--r-- | user/exiv2/APKBUILD | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/user/exiv2/APKBUILD b/user/exiv2/APKBUILD index f1ca3f81f..fb710b602 100644 --- a/user/exiv2/APKBUILD +++ b/user/exiv2/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: A. Wilcox <awilfox@adelielinux.org> pkgname=exiv2 pkgver=0.27.2 -pkgrel=1 +pkgrel=2 pkgdesc="Exif, IPTC and XMP metadata library and tools" url="https://www.exiv2.org/" arch="all" @@ -12,8 +12,11 @@ checkdepends="python3 libxml2 cmd:which" makedepends="$depends_dev bash cmake" subpackages="$pkgname-dev $pkgname-doc" source="http://www.exiv2.org/builds/exiv2-$pkgver-Source.tar.gz - https://dev.sick.bike/dist/exiv2-0.27.2-POC-file_issue_1019 - CVE-2019-17402.patch" + https://dev.sick.bike/dist/exiv2-$pkgver-POC-file_issue_1019 + https://dev.sick.bike/dist/exiv2-$pkgver-Jp2Image_readMetadata_loop.poc + CVE-2019-17402.patch + CVE-2019-20421.patch + " builddir="$srcdir/$pkgname-$pkgver-Source" # secfixes: @@ -86,6 +89,8 @@ builddir="$srcdir/$pkgname-$pkgver-Source" # - CVE-2019-13114 # 0.27.2-r1: # - CVE-2019-17402 +# 0.27.2-r2: +# - CVE-2019-20421 prepare() { default_prepare @@ -93,6 +98,10 @@ prepare() { # Remove #1019 POC after >= 0.27.2 mv "$srcdir/$pkgname-$pkgver-POC-file_issue_1019" \ test/data/POC-file_issue_1019 + + # Ditto + mv "$srcdir/$pkgname-$pkgver-Jp2Image_readMetadata_loop.poc" \ + test/data/Jp2Image_readMetadata_loop.poc } build() { @@ -112,4 +121,6 @@ package() { sha512sums="39eb7d920dce18b275ac66f4766c7c73f7c72ee10e3e1e43d84c611b24f48ce20a70eac6d53948914e93242a25b8b52cc4bc760ee611ddcd77481306c1f9e721 exiv2-0.27.2-Source.tar.gz cfe0b534c29c37e7b6e5a00e8ec320cb57eb17187813fe30677a097e930655f1b097ce77806e0124affbdc423b48d9910560158eed9d2d03418a824244dafba9 exiv2-0.27.2-POC-file_issue_1019 -623232624f5382c7261a8b7e66063954c37555b7812e4f2e9af8433c4d8a1f141feafbfd2c5081395208cf1c65307ce1b39e5e34f689c558dce82f78030b29dd CVE-2019-17402.patch" +d2c0f59e9e2daf00066b0ad73253bb7bb09b3319606813f16478ef5717751e4cbb93d12f5c9339dae2965dcf6a63138bdb4205b698aeab57a75f97ddf458d4f7 exiv2-0.27.2-Jp2Image_readMetadata_loop.poc +623232624f5382c7261a8b7e66063954c37555b7812e4f2e9af8433c4d8a1f141feafbfd2c5081395208cf1c65307ce1b39e5e34f689c558dce82f78030b29dd CVE-2019-17402.patch +c819f06a194b8465c66ccd91b8373cb2a359e59bab7583a8abb873c2001efe6188ac8fa4717c6382d2f2396d25e79e7b397c5ebf000d35c4a7dae547db7bc77b CVE-2019-20421.patch" |