Merge branch 'cves.2020.03.16' into 'master'

CVE patches for 2020.03.16

See merge request adelie/packages!411

1 files changed, 21 insertions, 10 deletions

diff --git a/user/wavpack/APKBUILD b/user/wavpack/APKBUILD
index 45b2f7895..db868c74f 100644
--- a/user/wavpack/APKBUILD
+++ b/user/wavpack/APKBUILD
@@ -3,7 +3,7 @@
 # Maintainer: 
 pkgname=wavpack
 pkgver=5.2.0
-pkgrel=0
+pkgrel=1
 pkgdesc="Audio compression format with lossless, lossy, and hybrid compression modes"
 url="http://www.wavpack.com/"
 arch="all"
@@ -12,19 +12,30 @@ license="BSD-3-Clause"
 depends=""
 makedepends=""
 subpackages="$pkgname-dev $pkgname-doc"
-source="http://www.wavpack.com/$pkgname-$pkgver.tar.bz2
-	cve2018-19840.patch
-	"
+source="http://www.wavpack.com/$pkgname-$pkgver.tar.bz2"
 
 # secfixes:
+#   5.2.0-r0:
+#     - CVE-2018-6767
+#     - CVE-2018-7253
+#     - CVE-2018-7254
+#     - CVE-2018-10536
+#     - CVE-2018-10537
+#     - CVE-2018-10538
+#     - CVE-2018-10539
+#     - CVE-2018-10540
+#     - CVE-2019-11498
+#     - CVE-2019-1010315
+#     - CVE-2019-1010317
+#     - CVE-2019-1010319
 #   5.1.0-r4:
-#   - CVE-2018-19840
-#   - CVE-2018-19840
+#     - CVE-2018-19840
+#     - CVE-2018-19841
 #   5.1.0-r0:
-#   - CVE-2016-10169
-#   - CVE-2016-10170
-#   - CVE-2016-10171
-#   - CVE-2016-10172
+#     - CVE-2016-10169
+#     - CVE-2016-10170
+#     - CVE-2016-10171
+#     - CVE-2016-10172
 
 build() {
 	_arch_opts=""