user/libexif: patch CVE-2020-0198 (#285)

1 files changed, 7 insertions, 2 deletions

diff --git a/user/libexif/APKBUILD b/user/libexif/APKBUILD
index 8dd3ff715..320b87492 100644
--- a/user/libexif/APKBUILD
+++ b/user/libexif/APKBUILD
@@ -10,7 +10,9 @@ license="LGPL-2.0+"
 subpackages="$pkgname-dev $pkgname-doc $pkgname-lang"
 depends=""
 makedepends=""
-source="https://github.com/libexif/libexif/releases/download/libexif-$_pkgver-release/libexif-$pkgver.tar.xz"
+source="https://github.com/libexif/libexif/releases/download/libexif-$_pkgver-release/libexif-$pkgver.tar.xz
+	CVE-2020-0198.patch
+	"
 
 # secfixes:
 #   0.6.21-r3:
@@ -21,6 +23,8 @@ source="https://github.com/libexif/libexif/releases/download/libexif-$_pkgver-re
 #     - CVE-2019-9278
 #   0.6.22-r0:
 #     - CVE-2020-0093
+#     - CVE-2020-0182
+#     - CVE-2020-0198
 #     - CVE-2020-12767
 #     - CVE-2020-13112
 #     - CVE-2020-13113
@@ -47,4 +51,5 @@ package() {
 	make DESTDIR="$pkgdir" install
 }
 
-sha512sums="0a9e7bf0258ed98a794b667d45e8fc65299101a2a2d2e39c358715b20b003beff258782f0736cd5b53978428a2f878a989f303bee249a978850a065f33c534af  libexif-0.6.22.tar.xz"
+sha512sums="0a9e7bf0258ed98a794b667d45e8fc65299101a2a2d2e39c358715b20b003beff258782f0736cd5b53978428a2f878a989f303bee249a978850a065f33c534af  libexif-0.6.22.tar.xz
+7df084f9acdc09bd05fadfb66332956d8587fcaac9d693000f47fadeba17b3c49eafa402d1e2c9b7d394e697feccd1f760bab8b64378deaea1777c5a3b90c3b2  CVE-2020-0198.patch"