summaryrefslogtreecommitdiff
path: root/user/taglib/APKBUILD
diff options
context:
space:
mode:
Diffstat (limited to 'user/taglib/APKBUILD')
-rw-r--r--user/taglib/APKBUILD15
1 files changed, 12 insertions, 3 deletions
diff --git a/user/taglib/APKBUILD b/user/taglib/APKBUILD
index 60586f78e..0b7731116 100644
--- a/user/taglib/APKBUILD
+++ b/user/taglib/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: A. Wilcox <awilfox@adelielinux.org>
pkgname=taglib
pkgver=1.11.1
-pkgrel=2
+pkgrel=3
pkgdesc="Library for manipulating audio file metadata"
url="https://taglib.org/"
arch="all"
@@ -10,7 +10,14 @@ license="LGPL-2.1-only AND MPL-1.1"
depends=""
makedepends="cmake zlib-dev"
subpackages="$pkgname-dev"
-source="http://taglib.org/releases/taglib-$pkgver.tar.gz"
+source="http://taglib.org/releases/taglib-$pkgver.tar.gz
+ CVE-2017-12678.patch
+ CVE-2018-11439.patch"
+
+# secfixes:
+# 1.11.1-r3:
+# - CVE-2017-12678
+# - CVE-2018-11439
build() {
cd "$builddir"
@@ -27,4 +34,6 @@ package() {
make DESTDIR="$pkgdir" install
}
-sha512sums="7846775c4954ea948fe4383e514ba7c11f55d038ee06b6ea5a0a1c1069044b348026e76b27aa4ba1c71539aa8143e1401fab39184cc6e915ba0ae2c06133cb98 taglib-1.11.1.tar.gz"
+sha512sums="7846775c4954ea948fe4383e514ba7c11f55d038ee06b6ea5a0a1c1069044b348026e76b27aa4ba1c71539aa8143e1401fab39184cc6e915ba0ae2c06133cb98 taglib-1.11.1.tar.gz
+e50810e8d790c490b7d6752c4bf65da812b7534b9920c505d83b8bd0d67fe9991b4db488b6a63e69b206bbcb3cf80754018b17294b5832dd05bfad9a0fbc56c6 CVE-2017-12678.patch
+9a118f9410404996bf3879325f77fcfb638f6cc71b4e258d9786bd741c2c45f26385a6049788ef6ebc56c7c987bd7ef6267a461f4478f5d52d236b035287cdf2 CVE-2018-11439.patch"
generated by cgit v1.2.3-60-g2f50 (git 2.42.0) at 2024-07-08 03:41:31 +0000