diff options
author | Max Rees <maxcrees@me.com> | 2019-08-29 13:08:34 -0500 |
---|---|---|
committer | Max Rees <maxcrees@me.com> | 2019-09-17 14:34:11 -0500 |
commit | bfc686181b6c0eaab1750e53c7597518d226941d (patch) | |
tree | f733fd2bdf5b22ff83ef0e37d3f10d6395860028 /user/libvorbis/APKBUILD | |
parent | 162826e7e57fa3f73d6fcf904e3a059286df3476 (diff) | |
download | packages-bfc686181b6c0eaab1750e53c7597518d226941d.tar.gz packages-bfc686181b6c0eaab1750e53c7597518d226941d.tar.bz2 packages-bfc686181b6c0eaab1750e53c7597518d226941d.tar.xz packages-bfc686181b6c0eaab1750e53c7597518d226941d.zip |
user/libvorbis: new patch for CVE-2018-10392 (#157)
Also, use upstream patch for CVE-2017-14160
Diffstat (limited to 'user/libvorbis/APKBUILD')
-rw-r--r-- | user/libvorbis/APKBUILD | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/user/libvorbis/APKBUILD b/user/libvorbis/APKBUILD index 2b5b41f4c..73520bf56 100644 --- a/user/libvorbis/APKBUILD +++ b/user/libvorbis/APKBUILD @@ -10,18 +10,21 @@ license="BSD-3-Clause" subpackages="$pkgname-dev $pkgname-doc" makedepends="libogg-dev" source="https://downloads.xiph.org/releases/vorbis/$pkgname-$pkgver.tar.xz - CVE-2017-14160.patch + CVE-2017-14160-and-2018-10393.patch + CVE-2018-10392.patch " # secfixes: +# 1.3.6-r1: +# - CVE-2018-10392 # 1.3.5-r4: -# - CVE-2017-14632 -# - CVE-2017-14633 +# - CVE-2017-14632 +# - CVE-2017-14633 # 1.3.5-r3: -# - CVE-2017-14160 +# - CVE-2017-14160 +# - CVE-2018-10393 build() { - cd "$builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -33,9 +36,9 @@ build() { } package() { - cd "$builddir" make DESTDIR="$pkgdir" install } sha512sums="a5d990bb88db2501b16f8eaee9f2ecb599cefd7dab2134d16538d8905263a972157c7671867848c2a8a358bf5e5dbc7721205ece001032482f168be7bda4f132 libvorbis-1.3.6.tar.xz -4c2f7be947f2159ae47175cba89950c7b7d357b37a20d54382e4fbecd8c268b148e6cb86cb148945c7b68bbe8b14f466e910b35b80903ab51f1b02cfccf5806e CVE-2017-14160.patch" +332081da5dd8fb28ee70dfbc123e7fcef279317ee977be9da97e97a105e788da452c33097bf597f369fea0e49749f876a93d6af0fa2fa20405acbc57771c89a9 CVE-2017-14160-and-2018-10393.patch +294de5e0c40b64d495df7f53196260be5ffaba11c75fc4a1a54ec0c058eeba4793c1ef685c8cf866195a2972c91a7a896df5f05f478b7f25a564abb3f82f331f CVE-2018-10392.patch" |