summaryrefslogtreecommitdiff
path: root/user/libvorbis/APKBUILD
diff options
context:
space:
mode:
authorMax Rees <maxcrees@me.com>2019-08-29 13:08:34 -0500
committerMax Rees <maxcrees@me.com>2019-09-17 14:34:11 -0500
commitbfc686181b6c0eaab1750e53c7597518d226941d (patch)
treef733fd2bdf5b22ff83ef0e37d3f10d6395860028 /user/libvorbis/APKBUILD
parent162826e7e57fa3f73d6fcf904e3a059286df3476 (diff)
downloadpackages-bfc686181b6c0eaab1750e53c7597518d226941d.tar.gz
packages-bfc686181b6c0eaab1750e53c7597518d226941d.tar.bz2
packages-bfc686181b6c0eaab1750e53c7597518d226941d.tar.xz
packages-bfc686181b6c0eaab1750e53c7597518d226941d.zip
user/libvorbis: new patch for CVE-2018-10392 (#157)
Also, use upstream patch for CVE-2017-14160
Diffstat (limited to 'user/libvorbis/APKBUILD')
-rw-r--r--user/libvorbis/APKBUILD17
1 files changed, 10 insertions, 7 deletions
diff --git a/user/libvorbis/APKBUILD b/user/libvorbis/APKBUILD
index 2b5b41f4c..73520bf56 100644
--- a/user/libvorbis/APKBUILD
+++ b/user/libvorbis/APKBUILD
@@ -10,18 +10,21 @@ license="BSD-3-Clause"
subpackages="$pkgname-dev $pkgname-doc"
makedepends="libogg-dev"
source="https://downloads.xiph.org/releases/vorbis/$pkgname-$pkgver.tar.xz
- CVE-2017-14160.patch
+ CVE-2017-14160-and-2018-10393.patch
+ CVE-2018-10392.patch
"
# secfixes:
+# 1.3.6-r1:
+# - CVE-2018-10392
# 1.3.5-r4:
-# - CVE-2017-14632
-# - CVE-2017-14633
+# - CVE-2017-14632
+# - CVE-2017-14633
# 1.3.5-r3:
-# - CVE-2017-14160
+# - CVE-2017-14160
+# - CVE-2018-10393
build() {
- cd "$builddir"
./configure \
--build=$CBUILD \
--host=$CHOST \
@@ -33,9 +36,9 @@ build() {
}
package() {
- cd "$builddir"
make DESTDIR="$pkgdir" install
}
sha512sums="a5d990bb88db2501b16f8eaee9f2ecb599cefd7dab2134d16538d8905263a972157c7671867848c2a8a358bf5e5dbc7721205ece001032482f168be7bda4f132 libvorbis-1.3.6.tar.xz
-4c2f7be947f2159ae47175cba89950c7b7d357b37a20d54382e4fbecd8c268b148e6cb86cb148945c7b68bbe8b14f466e910b35b80903ab51f1b02cfccf5806e CVE-2017-14160.patch"
+332081da5dd8fb28ee70dfbc123e7fcef279317ee977be9da97e97a105e788da452c33097bf597f369fea0e49749f876a93d6af0fa2fa20405acbc57771c89a9 CVE-2017-14160-and-2018-10393.patch
+294de5e0c40b64d495df7f53196260be5ffaba11c75fc4a1a54ec0c058eeba4793c1ef685c8cf866195a2972c91a7a896df5f05f478b7f25a564abb3f82f331f CVE-2018-10392.patch"