Merge branch 'cves' into 'master'

CVE catch up, part one

See merge request adelie/packages!307

1 files changed, 6 insertions, 2 deletions

diff --git a/user/libvncserver/APKBUILD b/user/libvncserver/APKBUILD
index 0801da573..764fec75a 100644
--- a/user/libvncserver/APKBUILD
+++ b/user/libvncserver/APKBUILD
@@ -14,13 +14,16 @@ depends_dev="libgcrypt-dev libjpeg-turbo-dev gnutls-dev libpng-dev
 	libxi-dev libxinerama-dev libxrandr-dev libxtst-dev"
 makedepends="$depends_dev autoconf automake libtool"
 subpackages="$pkgname-dev"
-source="https://github.com/LibVNC/libvncserver/archive/LibVNCServer-$pkgver.tar.gz"
+source="https://github.com/LibVNC/libvncserver/archive/LibVNCServer-$pkgver.tar.gz
+	CVE-2018-15127.patch"
 builddir="$srcdir"/libvncserver-LibVNCServer-$pkgver
 
 # secfixes:
 #   0.9.11-r0:
 #     - CVE-2016-9941
 #     - CVE-2016-9942
+#   0.9.12-r0:
+#     - CVE-2018-15127
 
 build() {
 	if [ "$CBUILD" != "$CHOST" ]; then
@@ -45,4 +48,5 @@ package() {
 	make install DESTDIR="$pkgdir"
 }
 
-sha512sums="60ff1cc93a937d6f8f97449bc58b763095846207112f7b1b3c43eb2d74448b595d6da949903a764bd484ee54e38ff6277e882adbe965dd6d26ba15ef6ff6fcb8  LibVNCServer-0.9.12.tar.gz"
+sha512sums="60ff1cc93a937d6f8f97449bc58b763095846207112f7b1b3c43eb2d74448b595d6da949903a764bd484ee54e38ff6277e882adbe965dd6d26ba15ef6ff6fcb8  LibVNCServer-0.9.12.tar.gz
+8b5b6742e6c3a181c60652484b15ec42cc0a3acc1e82cef38e82b61f43f1de456d09731976f4e5dfab44abf3e551e22aaf4300cb8418cd8e136d705fcb2a7dbe  CVE-2018-15127.patch"