summaryrefslogtreecommitdiff
path: root/user/exiv2/APKBUILD
diff options
context:
space:
mode:
authorMax Rees <maxcrees@me.com>2019-10-16 16:52:54 -0500
committerMax Rees <maxcrees@me.com>2019-10-16 16:52:54 -0500
commit3bd6d256fad70f5c9089bcde94480eca572693d5 (patch)
treede6ba92470b9b2a0a7d1fff299fc59da17e57f1c /user/exiv2/APKBUILD
parent8c4d830f564c6c9a7448556d157d54247618292c (diff)
downloadpackages-3bd6d256fad70f5c9089bcde94480eca572693d5.tar.gz
packages-3bd6d256fad70f5c9089bcde94480eca572693d5.tar.bz2
packages-3bd6d256fad70f5c9089bcde94480eca572693d5.tar.xz
packages-3bd6d256fad70f5c9089bcde94480eca572693d5.zip
user/exiv2: patch CVE-2019-17402
Diffstat (limited to 'user/exiv2/APKBUILD')
-rw-r--r--user/exiv2/APKBUILD16
1 files changed, 13 insertions, 3 deletions
diff --git a/user/exiv2/APKBUILD b/user/exiv2/APKBUILD
index 791fcb610..82aa2a958 100644
--- a/user/exiv2/APKBUILD
+++ b/user/exiv2/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: A. Wilcox <awilfox@adelielinux.org>
pkgname=exiv2
pkgver=0.27.2
-pkgrel=0
+pkgrel=1
pkgdesc="Exif, IPTC and XMP metadata library and tools"
url="https://www.exiv2.org/"
arch="all"
@@ -11,7 +11,9 @@ depends_dev="expat-dev zlib-dev"
makedepends="$depends_dev bash cmake"
checkdepends="python3 libxml2 cmd:which"
subpackages="$pkgname-dev $pkgname-doc"
-source="http://www.exiv2.org/builds/exiv2-$pkgver-Source.tar.gz"
+source="http://www.exiv2.org/builds/exiv2-$pkgver-Source.tar.gz
+ https://dev.sick.bike/dist/exiv2-0.27.2-POC-file_issue_1019
+ CVE-2019-17402.patch"
builddir="$srcdir/$pkgname-$pkgver-Source"
# secfixes:
@@ -82,10 +84,16 @@ builddir="$srcdir/$pkgname-$pkgver-Source"
# - CVE-2019-13112
# - CVE-2019-13113
# - CVE-2019-13114
+# 0.27.2-r1:
+# - CVE-2019-17402
prepare() {
default_prepare
mkdir build
+
+ # Remove #1019 POC after >= 0.27.2
+ mv "$srcdir/$pkgname-$pkgver-POC-file_issue_1019" \
+ test/data/POC-file_issue_1019
}
build() {
@@ -106,4 +114,6 @@ package() {
make DESTDIR="$pkgdir" install
}
-sha512sums="39eb7d920dce18b275ac66f4766c7c73f7c72ee10e3e1e43d84c611b24f48ce20a70eac6d53948914e93242a25b8b52cc4bc760ee611ddcd77481306c1f9e721 exiv2-0.27.2-Source.tar.gz"
+sha512sums="39eb7d920dce18b275ac66f4766c7c73f7c72ee10e3e1e43d84c611b24f48ce20a70eac6d53948914e93242a25b8b52cc4bc760ee611ddcd77481306c1f9e721 exiv2-0.27.2-Source.tar.gz
+cfe0b534c29c37e7b6e5a00e8ec320cb57eb17187813fe30677a097e930655f1b097ce77806e0124affbdc423b48d9910560158eed9d2d03418a824244dafba9 exiv2-0.27.2-POC-file_issue_1019
+623232624f5382c7261a8b7e66063954c37555b7812e4f2e9af8433c4d8a1f141feafbfd2c5081395208cf1c65307ce1b39e5e34f689c558dce82f78030b29dd CVE-2019-17402.patch"