diff options
author | Max Rees <maxcrees@me.com> | 2019-10-16 16:52:54 -0500 |
---|---|---|
committer | Max Rees <maxcrees@me.com> | 2019-10-16 16:52:54 -0500 |
commit | 3bd6d256fad70f5c9089bcde94480eca572693d5 (patch) | |
tree | de6ba92470b9b2a0a7d1fff299fc59da17e57f1c /user/exiv2/APKBUILD | |
parent | 8c4d830f564c6c9a7448556d157d54247618292c (diff) | |
download | packages-3bd6d256fad70f5c9089bcde94480eca572693d5.tar.gz packages-3bd6d256fad70f5c9089bcde94480eca572693d5.tar.bz2 packages-3bd6d256fad70f5c9089bcde94480eca572693d5.tar.xz packages-3bd6d256fad70f5c9089bcde94480eca572693d5.zip |
user/exiv2: patch CVE-2019-17402
Diffstat (limited to 'user/exiv2/APKBUILD')
-rw-r--r-- | user/exiv2/APKBUILD | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/user/exiv2/APKBUILD b/user/exiv2/APKBUILD index 791fcb610..82aa2a958 100644 --- a/user/exiv2/APKBUILD +++ b/user/exiv2/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: A. Wilcox <awilfox@adelielinux.org> pkgname=exiv2 pkgver=0.27.2 -pkgrel=0 +pkgrel=1 pkgdesc="Exif, IPTC and XMP metadata library and tools" url="https://www.exiv2.org/" arch="all" @@ -11,7 +11,9 @@ depends_dev="expat-dev zlib-dev" makedepends="$depends_dev bash cmake" checkdepends="python3 libxml2 cmd:which" subpackages="$pkgname-dev $pkgname-doc" -source="http://www.exiv2.org/builds/exiv2-$pkgver-Source.tar.gz" +source="http://www.exiv2.org/builds/exiv2-$pkgver-Source.tar.gz + https://dev.sick.bike/dist/exiv2-0.27.2-POC-file_issue_1019 + CVE-2019-17402.patch" builddir="$srcdir/$pkgname-$pkgver-Source" # secfixes: @@ -82,10 +84,16 @@ builddir="$srcdir/$pkgname-$pkgver-Source" # - CVE-2019-13112 # - CVE-2019-13113 # - CVE-2019-13114 +# 0.27.2-r1: +# - CVE-2019-17402 prepare() { default_prepare mkdir build + + # Remove #1019 POC after >= 0.27.2 + mv "$srcdir/$pkgname-$pkgver-POC-file_issue_1019" \ + test/data/POC-file_issue_1019 } build() { @@ -106,4 +114,6 @@ package() { make DESTDIR="$pkgdir" install } -sha512sums="39eb7d920dce18b275ac66f4766c7c73f7c72ee10e3e1e43d84c611b24f48ce20a70eac6d53948914e93242a25b8b52cc4bc760ee611ddcd77481306c1f9e721 exiv2-0.27.2-Source.tar.gz" +sha512sums="39eb7d920dce18b275ac66f4766c7c73f7c72ee10e3e1e43d84c611b24f48ce20a70eac6d53948914e93242a25b8b52cc4bc760ee611ddcd77481306c1f9e721 exiv2-0.27.2-Source.tar.gz +cfe0b534c29c37e7b6e5a00e8ec320cb57eb17187813fe30677a097e930655f1b097ce77806e0124affbdc423b48d9910560158eed9d2d03418a824244dafba9 exiv2-0.27.2-POC-file_issue_1019 +623232624f5382c7261a8b7e66063954c37555b7812e4f2e9af8433c4d8a1f141feafbfd2c5081395208cf1c65307ce1b39e5e34f689c558dce82f78030b29dd CVE-2019-17402.patch" |