Merge branch 'secfixes.aerdan.20181206' into 'master'

Security fixes for Perl and WavPack See merge request !126
author: A. Wilcox <awilcox@wilcox-tech.com> 2018-12-08 17:31:33 +0000
committer: A. Wilcox <awilcox@wilcox-tech.com> 2018-12-08 17:31:33 +0000
commit: bde2825df3cba470104d79b5f7dc1c0494d17bfd (patch)
tree: 1e38116c89741c54efd8b04e2c3b0e472d260591 /user/wavpack/APKBUILD
parent: 39af0df5ca8d7acd233d6cc872d184c41fbe6737 (diff)
parent: a7d8e4c0862ec2c0309809f30e6d3205971c12b2 (diff)
download: packages-bde2825df3cba470104d79b5f7dc1c0494d17bfd.tar.gz
packages-bde2825df3cba470104d79b5f7dc1c0494d17bfd.tar.bz2
packages-bde2825df3cba470104d79b5f7dc1c0494d17bfd.tar.xz
packages-bde2825df3cba470104d79b5f7dc1c0494d17bfd.zip
1 files changed, 11 insertions, 3 deletions
diff --git a/user/wavpack/APKBUILD b/user/wavpack/APKBUILD
index a98666d6e..e59ef255e 100644
--- a/user/wavpack/APKBUILD
+++ b/user/wavpack/APKBUILD
@@ -3,7 +3,7 @@
 # Maintainer: 
 pkgname=wavpack
 pkgver=5.1.0
-pkgrel=3
+pkgrel=4
 pkgdesc="Audio compression format with lossless, lossy, and hybrid compression modes"
 url="http://www.wavpack.com/"
 arch="all"
@@ -12,9 +12,15 @@ license="BSD-3-Clause"
 depends=""
 makedepends=""
 subpackages="$pkgname-dev $pkgname-doc"
-source="http://www.wavpack.com/$pkgname-$pkgver.tar.bz2"
+source="http://www.wavpack.com/$pkgname-$pkgver.tar.bz2
+	cve2018-19840.patch
+	cve2018-19841.patch
+	"
 
 # secfixes:
+#   5.1.0-r4:
+#   - CVE-2018-19840
+#   - CVE-2018-19840
 #   5.1.0-r0:
 #   - CVE-2016-10169
 #   - CVE-2016-10170
@@ -46,4 +52,6 @@ package() {
 	make DESTDIR="$pkgdir" install
 }
 
-sha512sums="4c31616ae63c3a875afa20f26ce935f7a8f9921e2892b4b8388eca3ccd83b2d686f43eed8b9ec1dead934a1148401b9dced3b05f509b7942c48d7af31cf80a54  wavpack-5.1.0.tar.bz2"
+sha512sums="4c31616ae63c3a875afa20f26ce935f7a8f9921e2892b4b8388eca3ccd83b2d686f43eed8b9ec1dead934a1148401b9dced3b05f509b7942c48d7af31cf80a54  wavpack-5.1.0.tar.bz2
+67d02dd744c638d126cf5a894d1ff2c39726bd4d3771ef7410ea782e5c9a0f9341909432bd4bea9b8959891c38699601c1aac2da6e0eaddaa5a4d679e7f58dd2  cve2018-19840.patch
+dba007fa8cb2537b6f6c8ee559a98e501e948260ce7e7af7d3fdc8c9145bbbbf85c8fed8030de354459c4b08d3015a0ea769a948636bdfd66e567c0a2d2493c6  cve2018-19841.patch"
author	A. Wilcox <awilcox@wilcox-tech.com>	2018-12-08 17:31:33 +0000
committer	A. Wilcox <awilcox@wilcox-tech.com>	2018-12-08 17:31:33 +0000
commit	bde2825df3cba470104d79b5f7dc1c0494d17bfd (patch)
tree	1e38116c89741c54efd8b04e2c3b0e472d260591 /user/wavpack/APKBUILD
parent	39af0df5ca8d7acd233d6cc872d184c41fbe6737 (diff)
parent	a7d8e4c0862ec2c0309809f30e6d3205971c12b2 (diff)
download	packages-bde2825df3cba470104d79b5f7dc1c0494d17bfd.tar.gz packages-bde2825df3cba470104d79b5f7dc1c0494d17bfd.tar.bz2 packages-bde2825df3cba470104d79b5f7dc1c0494d17bfd.tar.xz packages-bde2825df3cba470104d79b5f7dc1c0494d17bfd.zip