summaryrefslogtreecommitdiff
path: root/user/libexif/APKBUILD
diff options
context:
space:
mode:
authorMax Rees <maxcrees@me.com>2020-06-10 12:08:13 -0500
committerMax Rees <maxcrees@me.com>2020-06-10 17:10:38 -0500
commitddb2347a2da3758bfd6bc10dabf5e636c638626a (patch)
treebcc7bbfeda6e155b8238b16b3cc0caf82e68e967 /user/libexif/APKBUILD
parentecbcfd73ac4ced9aff3683017b45536c7a5ebdc6 (diff)
downloadpackages-ddb2347a2da3758bfd6bc10dabf5e636c638626a.tar.gz
packages-ddb2347a2da3758bfd6bc10dabf5e636c638626a.tar.bz2
packages-ddb2347a2da3758bfd6bc10dabf5e636c638626a.tar.xz
packages-ddb2347a2da3758bfd6bc10dabf5e636c638626a.zip
user/libexif: [CVE] bump to 0.6.22 (#285)
Upstream is now on GitHub according to the old SF page: "Development has moved to https://github.com/libexif/"
Diffstat (limited to 'user/libexif/APKBUILD')
-rw-r--r--user/libexif/APKBUILD26
1 files changed, 12 insertions, 14 deletions
diff --git a/user/libexif/APKBUILD b/user/libexif/APKBUILD
index 06e1e832a..8dd3ff715 100644
--- a/user/libexif/APKBUILD
+++ b/user/libexif/APKBUILD
@@ -1,20 +1,16 @@
# Maintainer:
pkgname=libexif
-pkgver=0.6.21
-pkgrel=4
+pkgver=0.6.22
+_pkgver=$(printf '%s' "$pkgver" | tr . _)
+pkgrel=0
pkgdesc="Library to parse EXIF metadata"
-url="https://sourceforge.net/projects/libexif"
+url="https://libexif.github.io/"
arch="all"
license="LGPL-2.0+"
subpackages="$pkgname-dev $pkgname-doc $pkgname-lang"
depends=""
makedepends=""
-source="https://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.bz2
- CVE-2016-6328.patch
- CVE-2017-7544.patch
- CVE-2018-20030.patch
- CVE-2019-9278.patch
- "
+source="https://github.com/libexif/libexif/releases/download/libexif-$_pkgver-release/libexif-$pkgver.tar.xz"
# secfixes:
# 0.6.21-r3:
@@ -23,6 +19,12 @@ source="https://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.bz2
# 0.6.21-r4:
# - CVE-2016-6328
# - CVE-2019-9278
+# 0.6.22-r0:
+# - CVE-2020-0093
+# - CVE-2020-12767
+# - CVE-2020-13112
+# - CVE-2020-13113
+# - CVE-2020-13114
prepare() {
default_prepare
@@ -45,8 +47,4 @@ package() {
make DESTDIR="$pkgdir" install
}
-sha512sums="4e0fe2abe85d1c95b41cb3abe1f6333dc3a9eb69dba106a674a78d74a4d5b9c5a19647118fa1cc2d72b98a29853394f1519eda9e2889eb28d3be26b21c7cfc35 libexif-0.6.21.tar.bz2
-c0d4c74207993efc373615ef2c797d720162a2ee6fd7ad026edf2ced4198d9b1165b88790c2af3194f6bb7c2de88d4672c041c2cff8a82c8914700633332b8c5 CVE-2016-6328.patch
-d529c6c5bd26dc21c0946702574184e1f61c2bfd4fb95b41e314f486a0dd55571963ff2cad566d2fb0804de3c0799bcd956c15a3dc10a520ce207728edad4e2d CVE-2017-7544.patch
-0d6123bd275ace338ad9cebb31a2e714de0141b91860f07394b281686a5393566c3f4159679d4ba689ae7ea69ae2e412b158c3deb451c40c210b5817f6888bbc CVE-2018-20030.patch
-c30c03fefea94d175b94c9f0c4d60cbb3aa0ad78b0d29008975fbbb15c17f2907a16fd50970e5fa18d533d0ce291a5ee9b62934210cb40b0f463693460607738 CVE-2019-9278.patch"
+sha512sums="0a9e7bf0258ed98a794b667d45e8fc65299101a2a2d2e39c358715b20b003beff258782f0736cd5b53978428a2f878a989f303bee249a978850a065f33c534af libexif-0.6.22.tar.xz"