summaryrefslogtreecommitdiff
path: root/user/libjpeg-turbo/APKBUILD
diff options
context:
space:
mode:
authorMax Rees <maxcrees@me.com>2020-06-10 12:13:22 -0500
committerMax Rees <maxcrees@me.com>2020-06-10 17:10:39 -0500
commit985b73b871df35bfb163c3a180691ac7b8aa55bd (patch)
tree38b13423075bde1ee81d4116038a8469fd80c6d3 /user/libjpeg-turbo/APKBUILD
parentddb2347a2da3758bfd6bc10dabf5e636c638626a (diff)
downloadpackages-985b73b871df35bfb163c3a180691ac7b8aa55bd.tar.gz
packages-985b73b871df35bfb163c3a180691ac7b8aa55bd.tar.bz2
packages-985b73b871df35bfb163c3a180691ac7b8aa55bd.tar.xz
packages-985b73b871df35bfb163c3a180691ac7b8aa55bd.zip
user/libjpeg-turbo: [CVE] patch CVE-2020-13790 (#298)
Diffstat (limited to 'user/libjpeg-turbo/APKBUILD')
-rw-r--r--user/libjpeg-turbo/APKBUILD11
1 files changed, 8 insertions, 3 deletions
diff --git a/user/libjpeg-turbo/APKBUILD b/user/libjpeg-turbo/APKBUILD
index ad4a4076a..00b4ec314 100644
--- a/user/libjpeg-turbo/APKBUILD
+++ b/user/libjpeg-turbo/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: A. Wilcox <awilfox@adelielinux.org>
pkgname=libjpeg-turbo
pkgver=2.0.4
-pkgrel=0
+pkgrel=1
pkgdesc="Accelerated JPEG compression and decompression library"
url="https://libjpeg-turbo.org/"
arch="all"
@@ -10,7 +10,9 @@ license="IJG AND BSD-3-Clause AND Zlib"
depends=""
makedepends="cmake"
subpackages="$pkgname-doc $pkgname-dev $pkgname-utils"
-source="https://downloads.sourceforge.net/libjpeg-turbo/libjpeg-turbo-$pkgver.tar.gz"
+source="https://downloads.sourceforge.net/libjpeg-turbo/libjpeg-turbo-$pkgver.tar.gz
+ CVE-2020-13790.patch
+ "
case "$CTARGET_ARCH" in
pmmx | x86 | x86_64) makedepends="$makedepends nasm" ;;
@@ -19,6 +21,8 @@ esac
# secfixes:
# 2.0.3-r0:
# - CVE-2019-2201
+# 2.0.4-r1:
+# - CVE-2020-13790
build() {
if [ "$CBUILD" != "$CHOST" ]; then
@@ -51,4 +55,5 @@ utils() {
mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
}
-sha512sums="708c2e7418d9ed5abca313e2ff5a08f8176d79cad2127573cda6036583c201973db4cfb0eafc0fc8f57ecc7b000d2b4af95980de54de5a0aed45969e993a5bf9 libjpeg-turbo-2.0.4.tar.gz"
+sha512sums="708c2e7418d9ed5abca313e2ff5a08f8176d79cad2127573cda6036583c201973db4cfb0eafc0fc8f57ecc7b000d2b4af95980de54de5a0aed45969e993a5bf9 libjpeg-turbo-2.0.4.tar.gz
+83752558d0cf60508a9ccd55505b91f4faa22277537916629a045b2aaa0cb3649e2f90b0df26d389687dc4aba78bdf76e64fc5e5eb324a65026ec86cd95dbe6a CVE-2020-13790.patch"