summaryrefslogtreecommitdiff
path: root/user
diff options
context:
space:
mode:
Diffstat (limited to 'user')
-rw-r--r--user/acpid/APKBUILD57
-rw-r--r--user/acpid/acpid.confd6
-rw-r--r--user/acpid/acpid.initd19
-rw-r--r--user/acpid/default2
-rw-r--r--user/acpid/handler.sh4
-rw-r--r--user/claws-mail/APKBUILD42
-rw-r--r--user/compface/APKBUILD34
-rw-r--r--user/cups/APKBUILD4
-rw-r--r--user/eigen/APKBUILD11
-rw-r--r--user/exiv2/APKBUILD10
-rw-r--r--user/exiv2/CVE-2018-19535.patch239
-rw-r--r--user/firefox-esr/APKBUILD4
-rw-r--r--user/firefox-esr/shut-up-warning.patch11
-rw-r--r--user/garcon/APKBUILD4
-rw-r--r--user/gobject-introspection/APKBUILD4
-rw-r--r--user/gvim/APKBUILD4
-rw-r--r--user/highlight/APKBUILD4
-rw-r--r--user/imagemagick/APKBUILD4
-rw-r--r--user/libetpan/APKBUILD39
-rw-r--r--user/libfm/APKBUILD4
-rw-r--r--user/libgphoto2/APKBUILD4
-rw-r--r--user/libpaper/APKBUILD10
-rw-r--r--user/libpng/APKBUILD6
-rw-r--r--user/nettle/APKBUILD4
-rw-r--r--user/nghttp2/APKBUILD4
-rw-r--r--user/pciutils/APKBUILD18
-rw-r--r--user/pcsc-tools/APKBUILD5
-rw-r--r--user/perl-test-cleannamespaces/APKBUILD4
-rw-r--r--user/php7/APKBUILD6
-rw-r--r--user/php7/CVE-2018-19935.patch52
-rw-r--r--user/py3-pygobject/APKBUILD4
-rw-r--r--user/qt5-qtquickcontrols2/APKBUILD3
-rw-r--r--user/tcpdump/APKBUILD13
-rw-r--r--user/tcpdump/CVE-2018-19519.patch10
-rw-r--r--user/unifont/APKBUILD4
-rw-r--r--user/v4l-utils/APKBUILD4
-rw-r--r--user/vlc/APKBUILD8
-rw-r--r--user/vlc/CVE-2018-19857.patch34
-rw-r--r--user/vte/APKBUILD4
-rw-r--r--user/wavpack/APKBUILD14
-rw-r--r--user/wavpack/cve2018-19840.patch25
-rw-r--r--user/wavpack/cve2018-19841.patch29
-rw-r--r--user/xfce4-appfinder/APKBUILD4
-rw-r--r--user/xfwm4/APKBUILD8
-rw-r--r--user/xfwm4/fix-mask-length.patch12
-rw-r--r--user/xterm/APKBUILD4
46 files changed, 720 insertions, 79 deletions
diff --git a/user/acpid/APKBUILD b/user/acpid/APKBUILD
new file mode 100644
index 000000000..aa674dfbb
--- /dev/null
+++ b/user/acpid/APKBUILD
@@ -0,0 +1,57 @@
+# Maintainer: multiplexd <multi@in-addr.xyz>
+# Contributor: Morten Linderud <foxboron@archlinux.org>
+# Contributor: Sébastien Luttringer
+# Contributor: xduugu
+# Contributor: Manolis Tzanidakis
+# Contributor: Jonathan Schmidt <j.schmidt@archlinux.us>
+# Contributor: multiplexd <multi@in-addr.xyz>
+
+pkgname=acpid
+pkgver=2.0.31
+pkgrel=0
+pkgdesc="Daemon for handling ACPI power management events"
+url="https://sourceforge.net/projects/acpid2/"
+arch="all"
+options="!check" # No test suite.
+license="GPL-2.0+ AND GPL-2.0-only"
+depends=""
+makedepends=""
+subpackages="$pkgname-doc $pkgname-openrc"
+source="http://downloads.sourceforge.net/sourceforge/acpid2/$pkgname-$pkgver.tar.xz
+ handler.sh
+ default
+ acpid.initd
+ acpid.confd"
+
+build() {
+ cd "$builddir"
+ ./configure \
+ --build=$CBUILD \
+ --host=$CHOST \
+ --prefix=/usr \
+ --sbindir=/usr/sbin \
+ --sysconfdir=/etc \
+ --mandir=/usr/share/man \
+ --localstatedir=/var
+ make
+}
+
+package() {
+ cd "$builddir"
+ make DESTDIR="$pkgdir" install
+
+ install -m 755 -D "$srcdir"/acpid.initd \
+ "$pkgdir"/etc/init.d/acpid
+ install -m 644 -D "$srcdir"/acpid.confd \
+ "$pkgdir"/etc/conf.d/acpid
+ install -m 644 -D "$srcdir"/default \
+ "$pkgdir"/etc/acpi/events/default
+ install -m 755 -D "$srcdir"/handler.sh \
+ "$pkgdir"/etc/acpi/handler.sh
+}
+
+sha512sums="05eb96cdae698731b14caa89aa01239a0f16ce732f897d295447753aab7c8d49227c9b9ce901c6fd3bfdb117688e6ed80ec61aea0f64d75c9c0afe2aea2aa91a acpid-2.0.31.tar.xz
+f5935340391a927b2c0b8d36f6b9579d740299a46c210f762483336f2685e80bdfc237dd5ac5eeed5e458eff2fa436cd36e3277c4ee2085e05662e1525c56edd handler.sh
+2ca236168ce6aaa56c980568c781d6e51590870b7a7936c74bf72532ef3f6c60a369f37597202f3a236d60637fd0daa6611d4ae0348484011ff71871a9914246 default
+7381d30b5c6478cdbf5dff93ae95baa0b3b1fe0a04b02cf491831f1657d6f71b8eef121b7e78f3201d11a5856bfb30df0a57437c76e6fbe05ad88cd45e86ae64 acpid.initd
+518cb397b2aa63b893ead1be08f32fe436d19b72663dee66834cfbc112b003333f0df8b9e4f1ffe64b813783f657d3fe8b9a0c5e992d5665583357e68b266705 acpid.confd"
diff --git a/user/acpid/acpid.confd b/user/acpid/acpid.confd
new file mode 100644
index 000000000..9aadb4cd8
--- /dev/null
+++ b/user/acpid/acpid.confd
@@ -0,0 +1,6 @@
+# /etc/conf.d/acpid: config file for /etc/init.d/acpid
+
+# Options to pass to the acpid daemon.
+# See the acpid(8) man page for more info.
+
+ACPID_ARGS=""
diff --git a/user/acpid/acpid.initd b/user/acpid/acpid.initd
new file mode 100644
index 000000000..f8076d43b
--- /dev/null
+++ b/user/acpid/acpid.initd
@@ -0,0 +1,19 @@
+#!/sbin/openrc-run
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+extra_started_commands="reload"
+command="/usr/sbin/acpid"
+command_args="${ACPID_ARGS}"
+description="Daemon for Advanced Configuration and Power Interface"
+
+depend() {
+ need localmount
+ use logger
+}
+
+reload() {
+ ebegin "Reloading acpid configuration"
+ start-stop-daemon --exec $command --signal HUP
+ eend $?
+}
diff --git a/user/acpid/default b/user/acpid/default
new file mode 100644
index 000000000..96f031dbf
--- /dev/null
+++ b/user/acpid/default
@@ -0,0 +1,2 @@
+event=.*
+action=/etc/acpi/handler.sh %e
diff --git a/user/acpid/handler.sh b/user/acpid/handler.sh
new file mode 100644
index 000000000..8e291bc2b
--- /dev/null
+++ b/user/acpid/handler.sh
@@ -0,0 +1,4 @@
+#!/bin/bash
+
+logger "Received ACPI event: ${@}"
+
diff --git a/user/claws-mail/APKBUILD b/user/claws-mail/APKBUILD
new file mode 100644
index 000000000..319bf9998
--- /dev/null
+++ b/user/claws-mail/APKBUILD
@@ -0,0 +1,42 @@
+# Contributor: A. Wilcox <awilfox@adelielinux.org>
+# Maintainer: A. Wilcox <awilfox@adelielinux.org>
+pkgname=claws-mail
+pkgver=3.17.3
+pkgrel=0
+pkgdesc="User-friendly, lightweight, and fast email client"
+url="https://www.claws-mail.org/"
+arch="all"
+license="GPL-3.0-only"
+depends="compface"
+makedepends="compface-dev curl-dev dbus-glib-dev enchant-dev gnutls-dev
+ gpgme-dev gtk+2.0-dev libcanberra-gtk2 libcanberra-dev libetpan-dev
+ libical-dev libnotify-dev librsvg-dev openldap-dev
+ startup-notification-dev"
+subpackages="$pkgname-doc $pkgname-lang"
+source="https://www.claws-mail.org/download.php?file=releases/claws-mail-$pkgver.tar.xz"
+
+build() {
+ cd "$builddir"
+ ./configure \
+ --build=$CBUILD \
+ --host=$CHOST \
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --mandir=/usr/share/man \
+ --localstatedir=/var \
+ --disable-perl-plugin \
+ --disable-static
+ make
+}
+
+check() {
+ cd "$builddir"
+ make check
+}
+
+package() {
+ cd "$builddir"
+ make DESTDIR="$pkgdir" install
+}
+
+sha512sums="b562d785eaedbdec408c4a3db8f4d9326183266fe314509a189c9e1220f15b4f41ccd9d8c58c5194c0267842e8efe900e88eb17c0d17d6069e2543870efa5ef8 claws-mail-3.17.3.tar.xz"
diff --git a/user/compface/APKBUILD b/user/compface/APKBUILD
new file mode 100644
index 000000000..0c742f166
--- /dev/null
+++ b/user/compface/APKBUILD
@@ -0,0 +1,34 @@
+# Contributor: A. Wilcox <awilfox@adelielinux.org>
+# Maintainer: A. Wilcox <awilfox@adelielinux.org>
+pkgname=compface
+pkgver=1.5.2
+pkgrel=0
+pkgdesc="Utilities and library for using the X-Face format"
+url="http://freshmeat.sourceforge.net/projects/compface/"
+arch="all"
+options="!check" # No test suite.
+license="MIT"
+depends=""
+depends_dev=""
+makedepends="$depends_dev"
+subpackages="$pkgname-dev $pkgname-doc"
+source="http://ftp.xemacs.org/pub/xemacs/aux/compface-$pkgver.tar.gz"
+
+build() {
+ cd "$builddir"
+ ./configure \
+ --build=$CBUILD \
+ --host=$CHOST \
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --mandir=/usr/share/man \
+ --localstatedir=/var
+ make
+}
+
+package() {
+ cd "$builddir"
+ make prefix="$pkgdir"/usr MANDIR="$pkgdir"/usr/share/man install
+}
+
+sha512sums="0da9ee4c5fb2b5c712466d9fa6170e5687b23c038e6304baa42d7ede6d9bd50a1b84da416eb853a420c01a6b9eccd5e7d92a4ebc26295714b85254c05c9e3360 compface-1.5.2.tar.gz"
diff --git a/user/cups/APKBUILD b/user/cups/APKBUILD
index 4159e28e8..378aeb1ae 100644
--- a/user/cups/APKBUILD
+++ b/user/cups/APKBUILD
@@ -1,6 +1,6 @@
# Maintainer:
pkgname=cups
-pkgver=2.2.9
+pkgver=2.2.10
pkgrel=0
pkgdesc="The CUPS Printing System"
url="https://www.cups.org/"
@@ -127,7 +127,7 @@ _mv() {
done
}
-sha512sums="423d2a215a115d5f78ce73118e8a2e566662e5d7f8acbffea39e1bfefb2f48f94841c8b85d731b0786b682dc579df8dfb5508570225b5205a182fbb2cd6dd2a5 cups-2.2.9-source.tar.gz
+sha512sums="1393987a263ebf20089dd3008ae4ed770a27a1f289032604eb9e18f2e863bd0e4215a70118f5a6d3940875625278b6798fbc9070e791ec559179c6cf7dc7b05f cups-2.2.10-source.tar.gz
cf64211da59e79285f99d437c02fdd7db462855fb2920ec9563ba47bd8a9e5cbd10555094940ceedeb41ac805c4f0ddb9147481470112a11a76220d0298aef79 cups.logrotate
2c2683f755a220166b3a1653fdd1a6daa9718c8f0bbdff2e2d5e61d1133306260d63a83d3ff41619b5cf84c4913fae5822b79553e2822858f38fa3613f4c7082 cupsd.initd
7a8cd9ac33b0dd4627c72df4275db8ccd7cf8e201bce3833719b42f532f526bb347b842e3ea1ef0d61855b5c6e1088b5d20b68942f2c2c0acf504d8d9728efd3 cups-no-export-ssllibs.patch
diff --git a/user/eigen/APKBUILD b/user/eigen/APKBUILD
index 9dcef042e..125cf77fe 100644
--- a/user/eigen/APKBUILD
+++ b/user/eigen/APKBUILD
@@ -1,8 +1,8 @@
# Contributor: Bradley J Chambers <brad.chambers@gmail.com>
# Maintainer:
pkgname=eigen
-pkgver=3.3.5
-pkgrel=1
+pkgver=3.3.7
+pkgrel=0
pkgdesc="Eigen is a C++ template library for linear algebra"
url="http://eigen.tuxfamily.org/index.php?title=Main_Page"
arch="noarch"
@@ -11,9 +11,7 @@ license="MPL-2.0"
depends=""
makedepends=""
subpackages="$pkgname-dev"
-source="$pkgname-$pkgver.tar.gz::http://bitbucket.org/eigen/$pkgname/get/$pkgver.tar.gz
- prototype.patch
- "
+source="$pkgname-$pkgver.tar.gz::http://bitbucket.org/eigen/$pkgname/get/$pkgver.tar.gz"
prepare() {
mv "$srcdir"/eigen-eigen-* "$builddir" # directory name contains hash
@@ -26,5 +24,4 @@ package() {
cp -r "$builddir"/unsupported "$pkgdir"/usr/include/eigen3
}
-sha512sums="32398be114924ed10ea063bc2b857176bf28b3d5fb915344e972765e3f72e7b72f4a4cee1742e70029e391fdd06f854aa2ab1613b107bd41fbfaf32f0c44463e eigen-3.3.5.tar.gz
-bbecc8323dbbd37b624ae8816ce9c3ee3f1791b10847f5d56a957d00197fd13ff5cc2026b2eb644d5eb0f77f74fc20b25f98070befbd1c2dfd98e9c596778942 prototype.patch"
+sha512sums="34cf600914cce719d61511577ef9cd26fbdcb7a6fad1d0ab8396f98b887fac6a5577d3967e84a8f56225cc50de38f3b91f34f447d14312028383e32b34ea1972 eigen-3.3.7.tar.gz"
diff --git a/user/exiv2/APKBUILD b/user/exiv2/APKBUILD
index d9ced3064..12c8c21c6 100644
--- a/user/exiv2/APKBUILD
+++ b/user/exiv2/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: A. Wilcox <awilfox@adelielinux.org>
pkgname=exiv2
pkgver=0.26
-pkgrel=1
+pkgrel=2
pkgdesc="Exif, IPTC and XMP metadata library and tools"
url="http://www.exiv2.org"
arch="all"
@@ -14,9 +14,14 @@ subpackages="$pkgname-dev $pkgname-doc"
source="http://www.exiv2.org/builds/exiv2-$pkgver-trunk.tar.gz
0000-pthread-init-fix.patch
0001-Amend-fix-for-9-to-apply-to-other-Unix-systems.patch
+ CVE-2018-19535.patch
"
builddir="$srcdir"/exiv2-trunk
+# secfixes:
+# 0.26-r2:
+# - CVE-2018-19535
+
prepare() {
cd "$builddir"
default_prepare
@@ -38,4 +43,5 @@ package() {
sha512sums="d1e9cab886e279b045768dd9ec781f07d2d36d573119403d0b76dc571442173aae6972f86ec55c3ea53fb3ee9ca3571eb8fd63a2a6643a970852813e88634a86 exiv2-0.26-trunk.tar.gz
9721d359708c385be7c86a8f8a63de43b05b2578a29b4339861e82873aa81a98a7ee7252847b6c55529341187d40f552c488589b416fd9d1e27418925929c018 0000-pthread-init-fix.patch
-485bd340169f69a3ce356e59e9138250cc14592f4477bb73827c799fe465535954469634fc58a1856f690f0e0b4171cba6fdd3391d43c0efc5e89652b93eb3ce 0001-Amend-fix-for-9-to-apply-to-other-Unix-systems.patch"
+485bd340169f69a3ce356e59e9138250cc14592f4477bb73827c799fe465535954469634fc58a1856f690f0e0b4171cba6fdd3391d43c0efc5e89652b93eb3ce 0001-Amend-fix-for-9-to-apply-to-other-Unix-systems.patch
+ac145a9b4df21e7f5fdd3099e6ae4c1e12ae2cdccc455d0262c5d38b8e07ce6437036a19264bd04b1cb1fffd01d89672044ca82fddd5e71dcd0d84d48356ab12 CVE-2018-19535.patch"
diff --git a/user/exiv2/CVE-2018-19535.patch b/user/exiv2/CVE-2018-19535.patch
new file mode 100644
index 000000000..ba9355012
--- /dev/null
+++ b/user/exiv2/CVE-2018-19535.patch
@@ -0,0 +1,239 @@
+From 03173751b4d7053d6ddf52a15904e8f751f78f56 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Luis=20D=C3=ADaz=20M=C3=A1s?= <piponazo@gmail.com>
+Date: Sun, 2 Sep 2018 14:39:52 +0200
+Subject: [PATCH 2/5] Fix bug in PngChunk::readRawProfile
+
+- Now it takes into account text.size_ when searching for a newline
+char.
+---
+ src/pngchunk.cpp | 12 ++++++++++--
+ 1 file changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/src/pngchunk.cpp b/src/pngchunk.cpp
+index 58281b3ff..755872c94 100644
+--- a/src/pngchunk.cpp
++++ b/src/pngchunk.cpp
+@@ -629,11 +629,19 @@ namespace Exiv2 {
+
+
+ sp = (char*)text.pData_+1;
++ int pointerPos = 1;
+
+ // Look for newline
+-
+- while (*sp != '\n')
++ while (*sp != '\n' && pointerPos < (text.size_ - 1))
++ {
+ sp++;
++ pointerPos++;
++ }
++
++ if (pointerPos == (text.size_ - 1))
++ {
++ return DataBuf();
++ }
+
+ // Look for length
+
+
+From cf3ba049a2792ec2a4a877e343f5dd9654da53dc Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Luis=20D=C3=ADaz=20M=C3=A1s?= <piponazo@gmail.com>
+Date: Mon, 3 Sep 2018 08:51:08 +0200
+Subject: [PATCH 3/5] Fix more issues in PngChunk::readRawProfile
+
+---
+ src/pngchunk.cpp | 36 +++++++++++++-----------
+ 1 file changed, 20 insertions(+), 16 deletions(-)
+
+diff --git a/src/pngchunk.cpp b/src/pngchunk.cpp
+index 755872c94..9b3faf1aa 100644
+--- a/src/pngchunk.cpp
++++ b/src/pngchunk.cpp
+@@ -606,11 +606,6 @@ namespace Exiv2 {
+ DataBuf PngChunk::readRawProfile(const DataBuf& text,bool iTXt)
+ {
+ DataBuf info;
+- register long i;
+- register unsigned char *dp;
+- const char *sp;
+- unsigned int nibbles;
+- long length;
+ unsigned char unhex[103]={0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,
+ 0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,
+ 0,0,0,0,0,0,0,0,0,1, 2,3,4,5,6,7,8,9,0,0,
+@@ -627,8 +622,7 @@ namespace Exiv2 {
+ return info;
+ }
+
+-
+- sp = (char*)text.pData_+1;
++ const char *sp = (char*)text.pData_+1;
+ int pointerPos = 1;
+
+ // Look for newline
+@@ -638,20 +632,30 @@ namespace Exiv2 {
+ pointerPos++;
+ }
+
++ // Look for length
++ while ((*sp == '\0' || *sp == ' ' || *sp == '\n') && pointerPos < (text.size_ - 1))
++ {
++ sp++;
++ pointerPos++;
++ }
++
+ if (pointerPos == (text.size_ - 1))
+ {
+ return DataBuf();
+ }
+
+- // Look for length
++ long length = (long) atol(sp);
+
+- while (*sp == '\0' || *sp == ' ' || *sp == '\n')
++ while (*sp != ' ' && *sp != '\n' && pointerPos < (text.size_ - 1))
++ {
+ sp++;
++ pointerPos++;
++ }
+
+- length = (long) atol(sp);
+-
+- while (*sp != ' ' && *sp != '\n')
+- sp++;
++ if (pointerPos == (text.size_ - 1))
++ {
++ return DataBuf();
++ }
+
+ // Allocate space
+
+@@ -674,10 +678,10 @@ namespace Exiv2 {
+
+ // Copy profile, skipping white space and column 1 "=" signs
+
+- dp = (unsigned char*)info.pData_;
+- nibbles = length * 2;
++ unsigned char *dp = (unsigned char*)info.pData_;
++ unsigned int nibbles = length * 2;
+
+- for (i = 0; i < (long) nibbles; i++)
++ for (long i = 0; i < (long) nibbles; i++)
+ {
+ while (*sp < '0' || (*sp > '9' && *sp < 'a') || *sp > 'f')
+ {
+
+From 8b480bc5b2cc2abb8cf6fe4e16c24e58916464d2 Mon Sep 17 00:00:00 2001
+From: Robin Mills <robin@clanmills.com>
+Date: Mon, 10 Sep 2018 20:54:53 +0200
+Subject: [PATCH 4/5] Fixes in PngChunk::readRawProfile
+
+---
+ src/pngchunk.cpp | 55 ++++++++++++++++++++++----------------------
+ 1 file changed, 27 insertions(+), 28 deletions(-)
+
+diff --git a/src/pngchunk.cpp b/src/pngchunk.cpp
+index 9b3faf1aa..f81b560aa 100644
+--- a/src/pngchunk.cpp
++++ b/src/pngchunk.cpp
+@@ -607,11 +607,11 @@ namespace Exiv2 {
+ {
+ DataBuf info;
+ unsigned char unhex[103]={0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,
+- 0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,
+- 0,0,0,0,0,0,0,0,0,1, 2,3,4,5,6,7,8,9,0,0,
+- 0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,
+- 0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,10,11,12,
+- 13,14,15};
++ 0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,
++ 0,0,0,0,0,0,0,0,0,1, 2,3,4,5,6,7,8,9,0,0,
++ 0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,
++ 0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,10,11,12,
++ 13,14,15};
+ if (text.size_ == 0) {
+ return DataBuf();
+ }
+@@ -622,52 +622,51 @@ namespace Exiv2 {
+ return info;
+ }
+
+- const char *sp = (char*)text.pData_+1;
+- int pointerPos = 1;
++ const char *sp = (char*) text.pData_+1; // current byte (space pointer)
++ const char *eot = (char*) text.pData_+text.size_; // end of text
+
+ // Look for newline
+- while (*sp != '\n' && pointerPos < (text.size_ - 1))
++ while (*sp != '\n' && sp < eot )
+ {
+ sp++;
+- pointerPos++;
++ if ( sp == eot )
++ {
++ return DataBuf();
++ }
+ }
++ sp++ ; // step over '\n'
+
+ // Look for length
+- while ((*sp == '\0' || *sp == ' ' || *sp == '\n') && pointerPos < (text.size_ - 1))
++ while ( (*sp == '\0' || *sp == ' ' || *sp == '\n') && sp < eot )
+ {
+ sp++;
+- pointerPos++;
+- }
+-
+- if (pointerPos == (text.size_ - 1))
+- {
+- return DataBuf();
++ if (sp == eot )
++ {
++ return DataBuf();
++ }
+ }
+
+- long length = (long) atol(sp);
+-
+- while (*sp != ' ' && *sp != '\n' && pointerPos < (text.size_ - 1))
++ const char* startOfLength = sp;
++ while ( ('0' <= *sp && *sp <= '9') && sp < eot)
+ {
+ sp++;
+- pointerPos++;
++ if (sp == eot )
++ {
++ return DataBuf();
++ }
+ }
++ sp++ ; // step over '\n'
+
+- if (pointerPos == (text.size_ - 1))
+- {
+- return DataBuf();
+- }
++ long length = (long) atol(startOfLength);
+
+ // Allocate space
+-
+ if (length == 0)
+ {
+ #ifdef DEBUG
+ std::cerr << "Exiv2::PngChunk::readRawProfile: Unable To Copy Raw Profile: invalid profile length\n";
+ #endif
+ }
+-
+ info.alloc(length);
+-
+ if (info.size_ != length)
+ {
+ #ifdef DEBUG
+@@ -678,7 +677,7 @@ namespace Exiv2 {
+
+ // Copy profile, skipping white space and column 1 "=" signs
+
+- unsigned char *dp = (unsigned char*)info.pData_;
++ unsigned char *dp = (unsigned char*)info.pData_; // decode pointer
+ unsigned int nibbles = length * 2;
+
+ for (long i = 0; i < (long) nibbles; i++)
+
diff --git a/user/firefox-esr/APKBUILD b/user/firefox-esr/APKBUILD
index feca61fdf..8a9a805e1 100644
--- a/user/firefox-esr/APKBUILD
+++ b/user/firefox-esr/APKBUILD
@@ -4,7 +4,7 @@ pkgname=firefox-esr
pkgver=52.9.0
_pkgver=$pkgver
_xulver=$pkgver
-pkgrel=3
+pkgrel=4
pkgdesc="Firefox web browser"
url="https://www.mozilla.org/en-US/firefox/organizations/faq/"
arch="all"
@@ -38,6 +38,7 @@ source="https://ftp.mozilla.org/pub/firefox/releases/${pkgver}esr/source/firefox
disable-moz-stackwalk.patch
missing-header-s390x.patch
ffmpeg4.patch
+ shut-up-warning.patch
firefox.desktop
firefox-safe.desktop"
@@ -247,5 +248,6 @@ e61664bc93eadce5016a06a4d0684b34a05074f1815e88ef2613380d7b369c6fd305fb34f83b5eb1
4797d2d89ac63a57abb826b8ea9f751314ce66946194033deb9d78c2ff377b88106fd2c7bc5034dc13ad03dd5085b1893c3ccae1a9e63fde35655bb0921f7188 disable-moz-stackwalk.patch
6beba471b6a7fc229a9c105d58137f80cec07219e52bb9a666c787b37ca88635d6ec2eba651eccb5096429c2965709c9475c89839c255c3545f8c96c5d40f403 missing-header-s390x.patch
1e2d0321afb0fc3bb0f6e1f1d7c0621f574414fa3d2696ec30c0e4ebf7738aa4f74a15017f18fae3561f1bc72932ccfb7e5be0e608b878fca5558fb265c16860 ffmpeg4.patch
+21100340ff03f4257fa6a4b59e206d4d1b71c074ebae392ba616f9e6e6d4988a22eec69b40534221f9453ec3a58397fa4ab99b87abdcb7d22fabb13f9cc577d2 shut-up-warning.patch
f3b7c3e804ce04731012a46cb9e9a6b0769e3772aef9c0a4a8c7520b030fdf6cd703d5e9ff49275f14b7d738fe82a0a4fde3bc3219dff7225d5db0e274987454 firefox.desktop
5dcb6288d0444a8a471d669bbaf61cdb1433663eff38b72ee5e980843f5fc07d0d60c91627a2c1159215d0ad77ae3f115dcc5fdfe87e64ca704b641aceaa44ed firefox-safe.desktop"
diff --git a/user/firefox-esr/shut-up-warning.patch b/user/firefox-esr/shut-up-warning.patch
new file mode 100644
index 000000000..ffba50436
--- /dev/null
+++ b/user/firefox-esr/shut-up-warning.patch
@@ -0,0 +1,11 @@
+--- firefox-52.9.0esr/gfx/2d/HelpersCairo.h.old 2017-04-11 02:13:04.000000000 +0000
++++ firefox-52.9.0esr/gfx/2d/HelpersCairo.h 2018-12-08 18:45:01.880000000 +0000
+@@ -160,7 +160,7 @@
+ case SurfaceFormat::R5G6B5_UINT16:
+ return CAIRO_FORMAT_RGB16_565;
+ default:
+- gfxCriticalError() << "Unknown image format " << (int)format;
++ //gfxCriticalError() << "Unknown image format " << (int)format;
+ return CAIRO_FORMAT_ARGB32;
+ }
+ }
diff --git a/user/garcon/APKBUILD b/user/garcon/APKBUILD
index 01174f637..953bb230e 100644
--- a/user/garcon/APKBUILD
+++ b/user/garcon/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com>
# Maintainer: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com>
pkgname=garcon
-pkgver=0.6.1
+pkgver=0.6.2
pkgrel=0
pkgdesc="freedesktop.org menu library for the XFCE desktop environment"
url="https://xfce.org"
@@ -12,7 +12,6 @@ makedepends="intltool glib-dev libxfce4util-dev gtk+3.0-dev libxfce4util-dev
subpackages="$pkgname-dev $pkgname-doc $pkgname-lang"
langdir="/usr/lib/locale"
source="http://archive.xfce.org/src/xfce/garcon/0.6/garcon-$pkgver.tar.bz2"
-sha512sums="36c5b1ba3c91e613853cd5e986176c8cbd2a509fafde1b302334deda872b7f7073fd06ba341220b030d8d5728346b7339368190b225203f33c023dd96f3ed1a3 garcon-0.6.1.tar.bz2"
build() {
cd "$builddir"
@@ -36,3 +35,4 @@ package() {
make DESTDIR="$pkgdir" install
}
+sha512sums="7a96c33b47302fa989862098bc5b8ed64515a60e19a4b8dbb049398cf847d64584f93f85b1f6e1327653b22f0b44a805b737258bbc9ac69197639ef7f13f20b1 garcon-0.6.2.tar.bz2"
diff --git a/user/gobject-introspection/APKBUILD b/user/gobject-introspection/APKBUILD
index 50bd59d03..a4990adbf 100644
--- a/user/gobject-introspection/APKBUILD
+++ b/user/gobject-introspection/APKBUILD
@@ -1,6 +1,6 @@
# Maintainer:
pkgname=gobject-introspection
-pkgver=1.58.1
+pkgver=1.58.2
pkgrel=0
pkgdesc="Introspection system for GObject-based libraries"
url="https://wiki.gnome.org/action/show/Projects/GObjectIntrospection"
@@ -46,4 +46,4 @@ dev() {
replaces="gobject-introspection"
}
-sha512sums="179cacb682de3fec109f67c5201e0c0582cc484452532a98d012d397f49179eb9972a69956ba6144201c3fda8054b0e1af5741eba8a3d107f05cb7dbaa281440 gobject-introspection-1.58.1.tar.xz"
+sha512sums="b516527a910702b26f8034ded463bdd28bb9db782ac77947ac2178ae3a41bd9e0390fff6155aca6e9ec92c6cf051314134322efae6937bd9cbcb4033df65c677 gobject-introspection-1.58.2.tar.xz"
diff --git a/user/gvim/APKBUILD b/user/gvim/APKBUILD
index d423ae5c9..1b05bffec 100644
--- a/user/gvim/APKBUILD
+++ b/user/gvim/APKBUILD
@@ -5,7 +5,7 @@
# Maintainer: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com>
pkgname=gvim
_pkgreal=vim
-pkgver=8.1.0551
+pkgver=8.1.0606
pkgrel=0
pkgdesc="advanced text editor"
url="http://www.vim.org"
@@ -74,4 +74,4 @@ package() {
ln -s gvim rgvim
}
-sha512sums="a05cfb3d7d640d551a4c3c1622110cd2aed01fe20f2b3e4e78161346eb957c4a56e64d8d8e43bea7dfd0af4160faa78f2f48d4d2bd77e694706ce2cdfe7632e6 vim-8.1.0551.tar.gz"
+sha512sums="df02717611d7b2f54f3b60ff9f73259a6ff3228b841d7d2d429fa0eedd98ce0a140a6a3839b50bd67ce5724d86f816042d6cbb0930fd040d30216f98f2d7e6ec vim-8.1.0606.tar.gz"
diff --git a/user/highlight/APKBUILD b/user/highlight/APKBUILD
index b2860f006..4e1f96eb5 100644
--- a/user/highlight/APKBUILD
+++ b/user/highlight/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Carlo Landmeter <clandmeter@gmail.com>
# Maintainer:
pkgname=highlight
-pkgver=3.47
+pkgver=3.48
pkgrel=0
pkgdesc="Fast and flexible source code highlighter"
url="http://www.andre-simon.de/doku/highlight/highlight.html"
@@ -22,4 +22,4 @@ package() {
make DESTDIR="$pkgdir" install
}
-sha512sums="286dcc0db33c8b250852f7b607eb313afbd83da7ead6bde8a35ed5b7f59438b0345725a31dd5969347af10aba0c981f6bf2ce5683b801c45ee27b2b3c6ed21ed highlight-3.47.tar.bz2"
+sha512sums="b6508c3f0ed108126d07690b3ea878ac68814ae15ae3986096b2325f90d997bf467f2b3eeaa89da4feb2b8b39393a44e2ee0b89dc4584a7a7d4ca57475397451 highlight-3.48.tar.bz2"
diff --git a/user/imagemagick/APKBUILD b/user/imagemagick/APKBUILD
index 5a9989bdb..9f8cdbae9 100644
--- a/user/imagemagick/APKBUILD
+++ b/user/imagemagick/APKBUILD
@@ -2,7 +2,7 @@
# Contributor: Carlo Landmeter <clandmeter@gmail.com>
# Maintainer:
pkgname=imagemagick
-pkgver=7.0.8.14
+pkgver=7.0.8.17
_abiver=7
_pkgver=${pkgver%.*}-${pkgver##*.}
pkgrel=0
@@ -81,4 +81,4 @@ _cxx() {
mv "$pkgdir"/usr/lib/libMagick++*.so.* "$subpkgdir"/usr/lib/
}
-sha512sums="0a5f3357f4ce5b245d60b178d81b58c3483effb45b669791d4686514a8c3b0ad04244e31caf0a4a614e73e3e071c17d851992670917ebcf2761c977d77c58dd6 ImageMagick-7.0.8-14.tar.xz"
+sha512sums="b55408059f85b6fcecae40ccb0a924d73936f6877454cd5ed03e9e0b338ddc9954e0b4c089a2c7545d444deaba24fe90c69a3bb218a6d6165ebe782f6e9413e1 ImageMagick-7.0.8-17.tar.xz"
diff --git a/user/libetpan/APKBUILD b/user/libetpan/APKBUILD
new file mode 100644
index 000000000..386ec21e5
--- /dev/null
+++ b/user/libetpan/APKBUILD
@@ -0,0 +1,39 @@
+# Contributor: A. Wilcox <awilfox@adelielinux.org>
+# Maintainer: A. Wilcox <awilfox@adelielinux.org>
+pkgname=libetpan
+pkgver=1.9.2
+pkgrel=0
+pkgdesc="Mail library for C"
+url="https://www.etpan.org/libetpan.html"
+arch="all"
+license="BSD-3-Clause"
+depends=""
+depends_dev=""
+makedepends="$depends_dev autoconf automake libtool
+ cyrus-sasl-dev db-dev expat-dev openssl-dev zlib-dev"
+subpackages="$pkgname-dev"
+source="libetpan-$pkgver.tar.gz::https://github.com/dinhviethoa/libetpan/archive/$pkgver.tar.gz"
+
+build() {
+ cd "$builddir"
+ ./autogen.sh \
+ --build=$CBUILD \
+ --host=$CHOST \
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --mandir=/usr/share/man \
+ --localstatedir=/var
+ make
+}
+
+check() {
+ cd "$builddir"
+ make check
+}
+
+package() {
+ cd "$builddir"
+ make DESTDIR="$pkgdir" install
+}
+
+sha512sums="3e2e1de77fae2212374e909d15ed8564eee90883c38fee0ca69f58785733b1ac2df848da1bda6f55577d647e0ad27bc3057199e70b6ef01f2a7e2823b24113ba libetpan-1.9.2.tar.gz"
diff --git a/user/libfm/APKBUILD b/user/libfm/APKBUILD
index a954db7e9..fc1021a8e 100644
--- a/user/libfm/APKBUILD
+++ b/user/libfm/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Bartłomiej Piotrowski <bpiotrowski@alpinelinux.org>
# Maintainer:
pkgname=libfm
-pkgver=1.3.0.2
+pkgver=1.3.1
pkgrel=0
pkgdesc="Library for file management"
url="https://wiki.lxde.org/en/PCManFM"
@@ -38,4 +38,4 @@ dev() {
replaces="libfm-extra-dev"
}
-sha512sums="179cc0350509cb1a8a60b89f8145169857926c7cc3dadb9f61078d4dba79709b248b3d05862e78c11747f1fc4e45825ad6f4916d423ae5e346e5274d34197445 libfm-1.3.0.2.tar.xz"
+sha512sums="f385cf7bf2f4800c11dd6474cd20009cbe1208f1d08570b61954ea8bd84c56cc49880cbf84d4b2aa4b91eb6929d017ebc427649391059b786d7e6fc4535e4f14 libfm-1.3.1.tar.xz"
diff --git a/user/libgphoto2/APKBUILD b/user/libgphoto2/APKBUILD
index 1654e66cf..76e277987 100644
--- a/user/libgphoto2/APKBUILD
+++ b/user/libgphoto2/APKBUILD
@@ -1,6 +1,6 @@
# Maintainer:
pkgname=libgphoto2
-pkgver=2.5.20
+pkgver=2.5.21
pkgrel=0
pkgdesc="Digital camera library"
url="http://www.gphoto.org"
@@ -46,4 +46,4 @@ package() {
"$pkgdir/lib/udev/rules.d/54-gphoto.rules"
}
-sha512sums="13364a8fdfe137a21ebf04dfd2b30b20c7fb652e11e1b98cd06176e9a1576ef8f67121523111395100ed39d1d3e6e5d6d458b86d58502f7056a1c06a5623640a libgphoto2-2.5.20.tar.bz2"
+sha512sums="08e5d6a7b7603b92d3e24d3ee7843aa980525f25b7315e7ca6f17a6a1e059748471d9cf0b19392ea965cf0eb094386be275fcb5b97de1d9e7df6c66fe92a81c6 libgphoto2-2.5.21.tar.bz2"
diff --git a/user/libpaper/APKBUILD b/user/libpaper/APKBUILD
index 74ff2a04f..927b5e73a 100644
--- a/user/libpaper/APKBUILD
+++ b/user/libpaper/APKBUILD
@@ -1,8 +1,7 @@
# Maintainer:
pkgname=libpaper
-pkgver=1.1.24
-_pkgver=${pkgver}+nmu5
-pkgrel=5
+pkgver=1.1.26
+pkgrel=0
pkgdesc="Library for handling paper characteristics"
url="https://packages.debian.org/unstable/source/libpaper"
arch="all"
@@ -11,8 +10,7 @@ license="GPL-2.0-only"
subpackages="$pkgname-dev $pkgname-doc"
depends=""
makedepends=""
-source="http://ftp.debian.org/debian/pool/main/libp/libpaper/libpaper_${_pkgver}.tar.gz"
-builddir="$srcdir"/$pkgname-$_pkgver
+source="http://ftp.debian.org/debian/pool/main/libp/libpaper/libpaper_$pkgver.tar.gz"
prepare() {
cd "$builddir"
@@ -34,4 +32,4 @@ package() {
make prefix="$pkgdir"/usr install
}
-sha512sums="4d20d454dd7d09dd7e84b9ccc3b0ff8d65d95e0ae3874ec41462f812882e7ead032310396801a47a32bfff112c4a9adaf2d8d3e6235a1fa6fbb853196a363c56 libpaper_1.1.24+nmu5.tar.gz"
+sha512sums="6c54d28004c2dc95cfcc58467026d87b1590d35c9acf09d85568be0c558a04c183e0657afe3278dc894825428372ae60ccf417ece955b7d358fd9ce7b3d78b76 libpaper_1.1.26.tar.gz"
diff --git a/user/libpng/APKBUILD b/user/libpng/APKBUILD
index 5b1a3352d..e3504e859 100644
--- a/user/libpng/APKBUILD
+++ b/user/libpng/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Carlo Landmeter <clandmeter@gmail.com>
# Maintainer:
pkgname=libpng
-pkgver=1.6.35
+pkgver=1.6.36
pkgrel=0
pkgdesc="Portable Network Graphics library"
url="http://www.libpng.org/"
@@ -55,6 +55,6 @@ utils() {
mv "$pkgdir"/usr/bin "$subpkgdir"/usr
}
-sha512sums="e4312a4b33e02ad975864d8f1b0c29427625257983962ddd043f258643c18ddcb15a118405282f04d1310817e454a95111e2d4569de494d01d649c7171fd3127 libpng-1.6.35.tar.gz
-fe02147399a3cf3bf86d12589f876cf685fd5edf140d0e8b92f58fc6f113f8b2fce9ab9c19d5b3c8bff381d7e657faa6a2c6b1b6640472c2f1b59dedc598ef52 libpng-1.6.35-apng.patch.gz
+sha512sums="8b9c54c5555d6a736eaf298cbbae1e08199001202bacabc6212d75fa619e2ecf06bcf36db0321bfdb90a3dc5cde361c8d951002701637a557c34eae80f5d0936 libpng-1.6.36.tar.gz
+8fa213204768b058459ffd5eae6b3661c3f185d3baf1913da4337e7b7855e567f2525e7f67411c32fa8cb177a5f93d538c3d0ce17a94d4aa71bd9cffabe8b311 libpng-1.6.36-apng.patch.gz
e3fae918f14bc34e7c126892f69527c6e1b4d72593835ece839d9a28cff55a886b2030f877cf9e29b2c97abf2e47bbb5ba54584828edd2a841c2556f330b9c7e libpng-fix-arm-neon.patch"
diff --git a/user/nettle/APKBUILD b/user/nettle/APKBUILD
index 2fadf7330..f13680455 100644
--- a/user/nettle/APKBUILD
+++ b/user/nettle/APKBUILD
@@ -2,7 +2,7 @@
# Contributor: Fabian Affolter <fabian@affolter-engineering.ch>
# Maintainer:
pkgname=nettle
-pkgver=3.4
+pkgver=3.4.1
pkgrel=0
pkgdesc="Low-level cryptographic library"
url="http://www.lysator.liu.se/~nisse/nettle/"
@@ -49,5 +49,5 @@ utils() {
mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
}
-sha512sums="3bea3aabd2c99cc42d084a94fd6b0b5dbdb24cd6c7020271a6ee87a81a904b21b21756f590cb1afdf2e85fd1cb59e5c3651c5c4032e30204e7ea6f8801d1ea3b nettle-3.4.tar.gz
+sha512sums="26aefbbe9927e90e28f271e56d2ba876611831222d0e1e1a58bdb75bbd50934fcd84418a4fe47b845f557e60a9786a72a4de2676c930447b104f2256aca7a54f nettle-3.4.1.tar.gz
c7d9741a7a37d225f3f0db16d355e13b04cc0f1ac56882a6ff31ef15c1a1a0aee7a70cf1ec8bbf2c46b9b0dcec153da7a7aa6b8909a72d76dd4d669cbbaceaa4 nettle-2.4-makefile.patch"
diff --git a/user/nghttp2/APKBUILD b/user/nghttp2/APKBUILD
index 697a1995e..41c43ab9b 100644
--- a/user/nghttp2/APKBUILD
+++ b/user/nghttp2/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Natanael Copa <ncopa@alpinelinux.org>
# Maintainer:
pkgname=nghttp2
-pkgver=1.35.0
+pkgver=1.35.1
pkgrel=0
pkgdesc="Experimental HTTP/2 client, server and proxy"
url="https://nghttp2.org/"
@@ -39,4 +39,4 @@ package() {
make DESTDIR="$pkgdir" install
}
-sha512sums="4e209bb6e388ee9c3440a88eb28ecb4a69e0047b089e4d028bb911dd69518a970b5b06ed6fff06594adca53dccd42443733faad909d347dd8d8e919055356e2f nghttp2-1.35.0.tar.xz"
+sha512sums="fcd3f79f913afbeee1c75003bb39df918e6122bbf728b3ad4192d5849d8fb96705e04f5505465d63f25a565b2f1da6abd8fabdebb6e3347500f7abd31980861d nghttp2-1.35.1.tar.xz"
diff --git a/user/pciutils/APKBUILD b/user/pciutils/APKBUILD
index 92964b95f..f198c08c8 100644
--- a/user/pciutils/APKBUILD
+++ b/user/pciutils/APKBUILD
@@ -2,14 +2,14 @@
# Maintainer:
pkgname=pciutils
pkgver=3.6.2
-pkgrel=0
+pkgrel=1
pkgdesc="PCI bus configuration space access library and tools"
url="http://mj.ucw.cz/pciutils.html"
arch="all"
options="!check" # No test suite.
license="GPL-2.0-only"
-depends="hwdata-pci"
-makedepends="linux-headers"
+depends="hwids-pci"
+makedepends="eudev-dev kmod-dev linux-headers cmd:which"
subpackages="$pkgname-doc $pkgname-dev $pkgname-libs"
source="https://www.kernel.org/pub/software/utils/$pkgname/$pkgname-$pkgver.tar.gz
fix-linking-pci-malloc-Makefile.patch
@@ -33,15 +33,11 @@ package() {
SHARED=yes \
SHAREDIR="$pkgdir"/usr/share/hwdata \
MANDIR="$pkgdir"/usr/share/man \
- install
-
- install -d "$pkgdir"/usr/lib
- ln -s libpci.so.${pkgver%%.*} "$pkgdir"/usr/lib/libpci.so
- install -D -m 644 lib/libpci.pc "$pkgdir"/usr/lib/pkgconfig/libpci.pc
- for i in config.h header.h pci.h types.h; do
- install -D -m 644 lib/${i} "$pkgdir"/usr/include/pci/${i}
- done
+ install install-lib
+ rm "$pkgdir"/usr/sbin/update-pciids
+ rm "$pkgdir"/usr/share/man/man8/update-pciids.8
+ rm -r "$pkgdir"/usr/share/hwdata
}
sha512sums="a9332f07755ab8af6ba99a5fa3cf739b0f3688276902673b9fe981955c4fa732c3d0ccaa150942ecaf4b263a10c2653f5454aa87492cac1dd805f33500fac489 pciutils-3.6.2.tar.gz
diff --git a/user/pcsc-tools/APKBUILD b/user/pcsc-tools/APKBUILD
index fe617b27a..07fd60e32 100644
--- a/user/pcsc-tools/APKBUILD
+++ b/user/pcsc-tools/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com>
# Maintainer: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com>
pkgname=pcsc-tools
-pkgver=1.5.3
+pkgver=1.5.4
pkgrel=0
pkgdesc="Tools for scanning for and interacting with PC/SC devices"
url="http://ludovic.rousseau.free.fr/softwares/pcsc-tools/"
@@ -11,8 +11,6 @@ depends="perl"
makedepends="pcsc-lite-dev"
subpackages="$pkgname-doc"
source="http://ludovic.rousseau.free.fr/softwares/pcsc-tools/pcsc-tools-$pkgver.tar.bz2"
-sha512sums="da5b362b7a3a6d47dd309ff217e6dd8af29298501db5e898ecd68762020ce62fc982132205f9bbee159a7d7eac549fdb8f25395416bb52bc0d0c888a5b0fa1a0 pcsc-tools-1.5.3.tar.bz2"
-builddir="$srcdir/pcsc-tools-$pkgver"
build() {
cd "$builddir"
@@ -36,3 +34,4 @@ package() {
make DESTDIR="$pkgdir" install
}
+sha512sums="c64b9445dcdf72a7e5627380894c1f627ebcb343a497524ee185b64110c2c2b8b6138cae5610439991ab9756fd89ea5de0e054e68698b220d11606b38f7a90c6 pcsc-tools-1.5.4.tar.bz2"
diff --git a/user/perl-test-cleannamespaces/APKBUILD b/user/perl-test-cleannamespaces/APKBUILD
index 718bc3a27..71eb1e9d7 100644
--- a/user/perl-test-cleannamespaces/APKBUILD
+++ b/user/perl-test-cleannamespaces/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: A. Wilcox <awilfox@adelielinux.org>
# Maintainer: Adélie Perl Team <adelie-perl@lists.adelielinux.org>
pkgname=perl-test-cleannamespaces
-pkgver=0.23
+pkgver=0.24
pkgrel=0
pkgdesc="Check Perl code for uncleaned imports"
url="https://metacpan.org/release/Test-CleanNamespaces"
@@ -33,4 +33,4 @@ package() {
find "$pkgdir" \( -name perllocal.pod -o -name .packlist \) -delete
}
-sha512sums="c40587c09bcd6a6ebc6801e12a3d33fcd2695b650fe02546a8a6da7d038ba5b1218d730a09f3b8942824a0506aca3edfcbcdf204906569dad5c46816b91e8a99 Test-CleanNamespaces-0.23.tar.gz"
+sha512sums="f99d3dea0af3ae654819c72ed9672234953edf5c8e5f3c6271a578761ee371e2ed670df07a8a8c2adba91c42404ac94b8d479acc91ae16a4536c0f2fd99809a7 Test-CleanNamespaces-0.24.tar.gz"
diff --git a/user/php7/APKBUILD b/user/php7/APKBUILD
index 8ed53f99d..89ab74709 100644
--- a/user/php7/APKBUILD
+++ b/user/php7/APKBUILD
@@ -26,7 +26,7 @@
pkgname=php7
_pkgname=php
pkgver=7.2.11
-pkgrel=1
+pkgrel=2
_apiver=20170718
pkgdesc="The PHP7 language runtime engine"
url="https://php.net/"
@@ -76,6 +76,7 @@ source="http://php.net/distributions/$_pkgname-$pkgver.tar.bz2
$_pkgname-fpm.logrotate
$_pkgname-module.conf
disabled-tests.list
+ CVE-2018-19935.patch
install-pear.patch
fpm-paths.patch
allow-build-recode-and-imap-together.patch
@@ -223,6 +224,8 @@ enable_ext 'zip' \
# 7.2.8-r0:
# - CVE-2015-9253
# - CVE-2018-12882
+# 7.2.11-r2:
+# - CVE-2018-19935
prepare() {
cd "$builddir"
@@ -527,6 +530,7 @@ sha512sums="a6bdd639648ae7845467e01303d0b4f4b85fd541409be97a5a605e91a9c994609e4e
01d4ba3ef104ea378eb0e8cbb7bdee3fdf65e4bd6865eb3bc6c0dc4af31c2d52887abdf0150b5ef984b877860285a3b1af84b11ffebb5b8b722ea9faf83edfeb php-fpm.logrotate
a7f9ba5e11652fd1cb9e756c3269269a95de083ecb5be936a85c7a09c1396db9088e0251c6a643c40235c0e776fce2a471e5c7f5a033b85c7d3b3110c2b39e48 php-module.conf
b1008eabc86fcff88336fe2961e3229c159c930a05d97359136c381c5c1cc572a33110308a3e5ef5e31c60327f76c9ef02b375cd2ea8ff9caa7deeddc216f4ce disabled-tests.list
+4b6e4a8062808fcc54321b159f0b8bfef93267e0824f698f6ab06fc82796d62878a2e73cb44ef4bbad231658f9c0ee819ece1f7ca7517e56eea54309c92128c7 CVE-2018-19935.patch
f1177cbf6b1f44402f421c3d317aab1a2a40d0b1209c11519c1158df337c8945f3a313d689c939768584f3e4edbe52e8bd6103fb6777462326a9d94e8ab1f505 install-pear.patch
a77dd3bdf9dc7a0f2c06ff3e7c425d062bbaa29902c17402ce98701dc99499be863ad543aa5e6a7d1c249702d6afb193398dd3199ae58e42b32b95d434fb1883 fpm-paths.patch
f8ecae241a90cbc3e98aa4deb3d5d35ef555f51380e29f4e182a8060dffeb84be74f030a14c6b452668471030d78964f52795ca74275db05543ccad20ef1f2cc allow-build-recode-and-imap-together.patch
diff --git a/user/php7/CVE-2018-19935.patch b/user/php7/CVE-2018-19935.patch
new file mode 100644
index 000000000..e24310f42
--- /dev/null
+++ b/user/php7/CVE-2018-19935.patch
@@ -0,0 +1,52 @@
+From 648fc1e369fc05fb9200a42c7938912236b2a318 Mon Sep 17 00:00:00 2001
+From: Stanislav Malyshev <stas@php.net>
+Date: Sun, 11 Nov 2018 10:04:01 -0800
+Subject: [PATCH] Fix #77020: null pointer dereference in imap_mail
+
+If an empty $message is passed to imap_mail(), we must not set message
+to NULL, since _php_imap_mail() is not supposed to handle NULL pointers
+(opposed to pointers to NUL).
+
+(cherry picked from commit 7edc639b9ff1c3576773d79d016abbeed1f93846)
+---
+ ext/imap/php_imap.c | 1 -
+ ext/imap/tests/bug77020.phpt | 15 +++++++++++++++
+ 2 files changed, 15 insertions(+), 1 deletion(-)
+ create mode 100644 ext/imap/tests/bug77020.phpt
+
+diff --git a/ext/imap/php_imap.c b/ext/imap/php_imap.c
+index 9e626a4..01d1a5f 100644
+--- a/ext/imap/php_imap.c
++++ b/ext/imap/php_imap.c
+@@ -4116,7 +4116,6 @@ PHP_FUNCTION(imap_mail)
+ if (!ZSTR_LEN(message)) {
+ /* this is not really an error, so it is allowed. */
+ php_error_docref(NULL, E_WARNING, "No message string in mail command");
+- message = NULL;
+ }
+
+ if (_php_imap_mail(ZSTR_VAL(to), ZSTR_VAL(subject), ZSTR_VAL(message), headers?ZSTR_VAL(headers):NULL, cc?ZSTR_VAL(cc):NULL,
+diff --git a/ext/imap/tests/bug77020.phpt b/ext/imap/tests/bug77020.phpt
+new file mode 100644
+index 0000000..8a65232
+--- /dev/null
++++ b/ext/imap/tests/bug77020.phpt
+@@ -0,0 +1,15 @@
++--TEST--
++Bug #77020 (null pointer dereference in imap_mail)
++--SKIPIF--
++<?php
++if (!extension_loaded('imap')) die('skip imap extension not available');
++?>
++--FILE--
++<?php
++imap_mail('1', 1, NULL);
++?>
++===DONE===
++--EXPECTF--
++Warning: imap_mail(): No message string in mail command in %s on line %d
++%s
++===DONE===
+--
+2.1.4
+
diff --git a/user/py3-pygobject/APKBUILD b/user/py3-pygobject/APKBUILD
index add93b15b..972b0f957 100644
--- a/user/py3-pygobject/APKBUILD
+++ b/user/py3-pygobject/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com>
# Maintainer: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com>
pkgname=py3-pygobject
-pkgver=3.30.3
+pkgver=3.30.4
pkgrel=0
pkgdesc="Python bindings for GObject libraries"
url="https://pygobject.readthedocs.io/"
@@ -28,4 +28,4 @@ package() {
python3 setup.py install --prefix=/usr --root="$pkgdir"
}
-sha512sums="f3e18d375ca915c894e2c17c5b2c98f9027449bdf00c3591589f3f236bec7fe235a879ddf2b249da19cf74f63f994ced002b169450cb88d22fef6ca6be8ae66b pygobject-3.30.3.tar.bz2"
+sha512sums="8c86955033690b199d12e4e853443e4078fc0eb7c2c23599aba1e083b743ae3b6c9e2031c4277c6a1140ac787540639865e743e1504dd15bf160b977b4a8dee5 pygobject-3.30.4.tar.bz2"
diff --git a/user/qt5-qtquickcontrols2/APKBUILD b/user/qt5-qtquickcontrols2/APKBUILD
index ad0483701..274ff17bf 100644
--- a/user/qt5-qtquickcontrols2/APKBUILD
+++ b/user/qt5-qtquickcontrols2/APKBUILD
@@ -10,7 +10,8 @@ arch="all"
options="!check" # Impossible to test with accelerated X desktop
license="LGPLv2 with exceptions OR GPLv3 with exceptions"
depends=""
-makedepends="qt5-qtbase-dev qt5-qtdeclarative-dev"
+depends_dev="qt5-qtdeclarative-dev"
+makedepends="$depends_dev qt5-qtbase-dev"
subpackages="$pkgname-dev"
source="https://download.qt.io/official_releases/qt/${pkgver%.*}/$pkgver/submodules/$_pkgname-$pkgver.tar.xz"
builddir="$srcdir"/$_pkgname-$pkgver
diff --git a/user/tcpdump/APKBUILD b/user/tcpdump/APKBUILD
index c5f4203e7..7adeefa35 100644
--- a/user/tcpdump/APKBUILD
+++ b/user/tcpdump/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Dan Theisen <djt@hxx.in>
pkgname=tcpdump
pkgver=4.9.2
-pkgrel=0
+pkgrel=1
pkgdesc="A tool for network monitoring and data acquisition"
url="http://www.tcpdump.org"
arch="all"
@@ -10,7 +10,13 @@ license="BSD-3-Clause"
depends=""
makedepends="libpcap-dev openssl-dev perl"
subpackages="$pkgname-doc"
-source="http://www.tcpdump.org/release/$pkgname-$pkgver.tar.gz"
+source="http://www.tcpdump.org/release/$pkgname-$pkgver.tar.gz
+ CVE-2018-19519.patch
+ "
+
+# secfixes:
+# 4.9.2-r1:
+# - CVE-2018-19519
build () {
cd "$builddir"
@@ -35,4 +41,5 @@ package() {
rm -f "$pkgdir"/usr/sbin/tcpdump.4*
}
-sha512sums="e1bc19a5867d6e3628f3941bdf3ec831bf13784f1233ca1bccc46aac1702f47ee9357d7ff0ca62cddf211b3c8884488c21144cabddd92c861e32398cd8f7c44b tcpdump-4.9.2.tar.gz"
+sha512sums="e1bc19a5867d6e3628f3941bdf3ec831bf13784f1233ca1bccc46aac1702f47ee9357d7ff0ca62cddf211b3c8884488c21144cabddd92c861e32398cd8f7c44b tcpdump-4.9.2.tar.gz
+eb4232e434064ec59b07840aa394cfcc05c89e817f2d4ebeb4da1dbb1c910fe1805857356d6304ebdb16e32aa6476ce90f164aabc60501b493fd5601b380af7e CVE-2018-19519.patch"
diff --git a/user/tcpdump/CVE-2018-19519.patch b/user/tcpdump/CVE-2018-19519.patch
new file mode 100644
index 000000000..ac3293927
--- /dev/null
+++ b/user/tcpdump/CVE-2018-19519.patch
@@ -0,0 +1,10 @@
+--- tcpdump-4.9.2/print-hncp.c.old 2017-09-03 23:17:14.000000000 +0000
++++ tcpdump-4.9.2/print-hncp.c 2018-12-07 19:31:24.360000000 +0000
+@@ -228,6 +228,7 @@
+ snprintf(buf, sizeof(buf), "%s/%d", ipaddr_string(ndo, &addr), plen);
+ plenbytes += 1 + IPV4_MAPPED_HEADING_LEN;
+ } else {
++ buf[0] = '\0';
+ plenbytes = decode_prefix6(ndo, prefix, max_length, buf, sizeof(buf));
+ }
+
diff --git a/user/unifont/APKBUILD b/user/unifont/APKBUILD
index b4d8ff484..fc71d4326 100644
--- a/user/unifont/APKBUILD
+++ b/user/unifont/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Breno Leitao <breno.leitao@gmail.com>
# Maintainer:
pkgname=unifont
-pkgver=11.0.02
+pkgver=11.0.03
pkgrel=0
pkgdesc="GNU font package with all Unicode 11 characters"
url="http://unifoundry.com/unifont.html"
@@ -24,4 +24,4 @@ package() {
make DESTDIR="$pkgdir" install
}
-sha512sums="d0dc8ce079feb282f53c444df5819751a7c97788feed480dc5c5b8a239c8cc13ef258876ffe2830994e404c0a6f524481a405b273c7341703ceef5854c12a68d unifont-11.0.02.tar.gz"
+sha512sums="fd24e48630acb4bac5e3a05aa541c5c93cbdda95ce162f62e05bc860a686f025e67af3c2e577bf96991119b70b2e3a0d1ef170466af3b8037df5a7014d009982 unifont-11.0.03.tar.gz"
diff --git a/user/v4l-utils/APKBUILD b/user/v4l-utils/APKBUILD
index b55d4da14..389c4f9ad 100644
--- a/user/v4l-utils/APKBUILD
+++ b/user/v4l-utils/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Leonardo Arena <rnalrd@alpinelinux.org>
# Maintainer:
pkgname=v4l-utils
-pkgver=1.16.2
+pkgver=1.16.3
pkgrel=0
pkgdesc="Userspace tools and conversion library for Video 4 Linux"
url="https://www.linuxtv.org/wiki/index.php/V4l-utils"
@@ -76,7 +76,7 @@ ir_keytable() {
"$subpkgdir"/etc
}
-sha512sums="e74a422bf22ca47533c28680ce21169de428cf0a4718bbd20e51d4c7ab6327b1894edf76caade3cc38c1eeacb2a479940c7a8fcd4b79b51ba8a2df2fde1d34df v4l-utils-1.16.2.tar.bz2
+sha512sums="404672d18d94861c6957ea3a15a6a48f238d3859940810952a5a8cc33b57f1a360d1a19af28405c01b073c0ece90c5995a71dbe6544b30bdb8eace7daeb4bc0b v4l-utils-1.16.3.tar.bz2
bc18280046c15b19984103f7c2bb44a0aea79715803c64f0c64bc932499c09022c956914c3b15ae59499adc09f6fbff5378be45707fe851250f495a26b63d682 qv4l2.svg
6f74aa524b3de420eeb8de788ff3f717020732a3f1f6530caee50e63aae7eddbe5f551ffc50065c9f5d6078c13bace089948ecdcacf01f8b82c1a44960e06315 qv4l2.desktop
9a4f6d0a44d30bb7afe4db8b40074d362f240cae1f1b13feb0eb2b1b666479fc6f73ef27542f6f80fb1b922c9540feadc9ff8563890ff3041d3f7fc62e504e29 getsubopt.patch"
diff --git a/user/vlc/APKBUILD b/user/vlc/APKBUILD
index 7db6632a1..1d8f2de92 100644
--- a/user/vlc/APKBUILD
+++ b/user/vlc/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: A. Wilcox <awilfox@adelielinux.org>
pkgname=vlc
pkgver=3.0.4
-pkgrel=1
+pkgrel=2
pkgdesc="Multi-platform MPEG, VCD/DVD, and DivX player"
triggers="vlc-libs.trigger=/usr/lib/vlc/plugins"
pkgusers="vlc"
@@ -61,6 +61,7 @@ makedepends="autoconf automake bison eudev-dev flex libarchive-dev
"
source="https://get.videolan.org/vlc/$pkgver/vlc-$pkgver.tar.xz
check-headless.patch
+ CVE-2018-19857.patch
disable-sub-autodetect-fuzzy-1-test.patch
endian-fix.patch
fix-testing.patch
@@ -71,6 +72,10 @@ source="https://get.videolan.org/vlc/$pkgver/vlc-$pkgver.tar.xz
vlc-libs.trigger
"
+# secfixes:
+# 3.0.4-r2:
+# - CVE-2018-19857
+
prepare() {
default_prepare
NOCONFIGURE=1 ./bootstrap
@@ -295,6 +300,7 @@ plugins_visualization() { _mv_plugins visualization; }
sha512sums="55c5a45a1573d559f8d62272dc446bebfb328bd48f938e634693a45032e1a3095148e634de5bc53a3a3c0e4858f7df3ed7e5dc91f3f5447e47d0ab5775171271 vlc-3.0.4.tar.xz
22d80df599b8b65a5439cefbb7140af8e9530f326d54945da3769af65f37518b99ec2cc8647aafd2763324a0698280915afe043cc87e5720c4694881ed35bffa check-headless.patch
+57a2b843b4b80d3887ca0141b9ea1a00752473861846a6c988553faa58650eb42cc2cd011503dce075c8a5dcabf834e449397c3cdbfdcb291ae7a41d218512da CVE-2018-19857.patch
e214b407235cb3afb8bec93f20c9b42957b57e6fd3960679d3d4235e77762e03e64d03c01f00ef63d589e7c85aaad02ce6abbeeccd66b1867bc92451a5b5e9b0 disable-sub-autodetect-fuzzy-1-test.patch
e063c727d952465bbea33f669db49190427521dc8e2291e9a5cbb0f5e8e879bd3ba76855e44bd4630948e30c4329d27bd928f95de20fe1050d5e839778a4d012 endian-fix.patch
63adb16b3a1927ee3de27ac339cbfbbaa346a69928c527f883259d1e03b5cb59f26a55feeda767837b448c455de584abcb53dc733b2845c0cc13621d72e7f6fd fix-testing.patch
diff --git a/user/vlc/CVE-2018-19857.patch b/user/vlc/CVE-2018-19857.patch
new file mode 100644
index 000000000..a65dcef20
--- /dev/null
+++ b/user/vlc/CVE-2018-19857.patch
@@ -0,0 +1,34 @@
+From 0cc5ea748ee5ff7705dde61ab15dff8f58be39d0 Mon Sep 17 00:00:00 2001
+From: =?utf8?q?R=C3=A9mi=20Denis-Courmont?= <remi@remlab.net>
+Date: Sat, 1 Dec 2018 23:32:18 +0200
+Subject: [PATCH] caf: fix integer underflow
+
+Pointed-out-by: Hans Jerry Illikainen <hji@dyntopia.com>
+---
+ modules/demux/caf.c | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/modules/demux/caf.c b/modules/demux/caf.c
+index cc312a5a30..39b381f963 100644
+--- a/modules/demux/caf.c
++++ b/modules/demux/caf.c
+@@ -691,14 +691,13 @@ static int ReadKukiChunk( demux_t *p_demux, uint64_t i_size )
+ demux_sys_t *p_sys = p_demux->p_sys;
+ const uint8_t *p_peek;
+
+- /* vlc_stream_Peek can't handle sizes bigger than INT32_MAX, and also p_sys->fmt.i_extra is of type 'int'*/
+- if( i_size > INT32_MAX )
++ if( i_size > SSIZE_MAX )
+ {
+ msg_Err( p_demux, "Magic Cookie chunk too big" );
+ return VLC_EGENERIC;
+ }
+
+- if( (unsigned int)vlc_stream_Peek( p_demux->s, &p_peek, (int)i_size ) < i_size )
++ if( vlc_stream_Peek( p_demux->s, &p_peek, i_size ) < (ssize_t)i_size )
+ {
+ msg_Err( p_demux, "Couldn't peek extra data" );
+ return VLC_EGENERIC;
+--
+2.11.0
+
diff --git a/user/vte/APKBUILD b/user/vte/APKBUILD
index 8aae39a17..73af32453 100644
--- a/user/vte/APKBUILD
+++ b/user/vte/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com>
# Maintainer: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com>
pkgname=vte
-pkgver=0.54.2
+pkgver=0.54.3
pkgrel=0
pkgdesc="Virtual terminal emulator library for Gnome"
url="https://www.gnome.org"
@@ -35,5 +35,5 @@ package() {
make DESTDIR="$pkgdir" install
}
-sha512sums="214ec69110d6ad6caa9bc41fb741874bfcf27f20f34d3ae745b13903c574f9c854f7e0dadbae3dbc8ce04c5a6eb818a433c50569c1ef802501a9a078385f23fc vte-0.54.2.tar.xz
+sha512sums="dd7d2ac361ed9ac0550599bb3164a3bd6ba95535275c9b559c81ce0af1bbf4b3d150a7489f987b2e626b32d4a8adc82d1ff78e8c8640e5b1c036fe4076c5d8ce vte-0.54.3.tar.xz
4987254439a136f66a7b7be1300f5efbf85db74bdb64fdd8d0c9a555173a172b4fd519174f932e73d58a2618ef37273e82fe681bb129891f2792a414025f6c61 exitcode.patch"
diff --git a/user/wavpack/APKBUILD b/user/wavpack/APKBUILD
index a98666d6e..e59ef255e 100644
--- a/user/wavpack/APKBUILD
+++ b/user/wavpack/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer:
pkgname=wavpack
pkgver=5.1.0
-pkgrel=3
+pkgrel=4
pkgdesc="Audio compression format with lossless, lossy, and hybrid compression modes"
url="http://www.wavpack.com/"
arch="all"
@@ -12,9 +12,15 @@ license="BSD-3-Clause"
depends=""
makedepends=""
subpackages="$pkgname-dev $pkgname-doc"
-source="http://www.wavpack.com/$pkgname-$pkgver.tar.bz2"
+source="http://www.wavpack.com/$pkgname-$pkgver.tar.bz2
+ cve2018-19840.patch
+ cve2018-19841.patch
+ "
# secfixes:
+# 5.1.0-r4:
+# - CVE-2018-19840
+# - CVE-2018-19840
# 5.1.0-r0:
# - CVE-2016-10169
# - CVE-2016-10170
@@ -46,4 +52,6 @@ package() {
make DESTDIR="$pkgdir" install
}
-sha512sums="4c31616ae63c3a875afa20f26ce935f7a8f9921e2892b4b8388eca3ccd83b2d686f43eed8b9ec1dead934a1148401b9dced3b05f509b7942c48d7af31cf80a54 wavpack-5.1.0.tar.bz2"
+sha512sums="4c31616ae63c3a875afa20f26ce935f7a8f9921e2892b4b8388eca3ccd83b2d686f43eed8b9ec1dead934a1148401b9dced3b05f509b7942c48d7af31cf80a54 wavpack-5.1.0.tar.bz2
+67d02dd744c638d126cf5a894d1ff2c39726bd4d3771ef7410ea782e5c9a0f9341909432bd4bea9b8959891c38699601c1aac2da6e0eaddaa5a4d679e7f58dd2 cve2018-19840.patch
+dba007fa8cb2537b6f6c8ee559a98e501e948260ce7e7af7d3fdc8c9145bbbbf85c8fed8030de354459c4b08d3015a0ea769a948636bdfd66e567c0a2d2493c6 cve2018-19841.patch"
diff --git a/user/wavpack/cve2018-19840.patch b/user/wavpack/cve2018-19840.patch
new file mode 100644
index 000000000..2da022025
--- /dev/null
+++ b/user/wavpack/cve2018-19840.patch
@@ -0,0 +1,25 @@
+From 070ef6f138956d9ea9612e69586152339dbefe51 Mon Sep 17 00:00:00 2001
+From: David Bryant <david@wavpack.com>
+Date: Thu, 29 Nov 2018 21:00:42 -0800
+Subject: [PATCH] issue #53: error out on zero sample rate
+
+---
+ src/pack_utils.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/src/pack_utils.c b/src/pack_utils.c
+index 2253f0d..2a83497 100644
+--- a/src/pack_utils.c
++++ b/src/pack_utils.c
+@@ -195,6 +195,11 @@ int WavpackSetConfiguration64 (WavpackContext *wpc, WavpackConfig *config, int64
+ int num_chans = config->num_channels;
+ int i;
+
++ if (!config->sample_rate) {
++ strcpy (wpc->error_message, "sample rate cannot be zero!");
++ return FALSE;
++ }
++
+ wpc->stream_version = (config->flags & CONFIG_COMPATIBLE_WRITE) ? CUR_STREAM_VERS : MAX_STREAM_VERS;
+
+ if ((config->qmode & QMODE_DSD_AUDIO) && config->bytes_per_sample == 1 && config->bits_per_sample == 8) {
diff --git a/user/wavpack/cve2018-19841.patch b/user/wavpack/cve2018-19841.patch
new file mode 100644
index 000000000..6872ed91e
--- /dev/null
+++ b/user/wavpack/cve2018-19841.patch
@@ -0,0 +1,29 @@
+From bba5389dc598a92bdf2b297c3ea34620b6679b5b Mon Sep 17 00:00:00 2001
+From: David Bryant <david@wavpack.com>
+Date: Thu, 29 Nov 2018 21:53:51 -0800
+Subject: [PATCH] issue #54: fix potential out-of-bounds heap read
+
+---
+ src/open_utils.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/open_utils.c b/src/open_utils.c
+index 80051fc..4fe0d67 100644
+--- a/src/open_utils.c
++++ b/src/open_utils.c
+@@ -1258,13 +1258,13 @@ int WavpackVerifySingleBlock (unsigned char *buffer, int verify_checksum)
+ #endif
+
+ if (meta_bc == 4) {
+- if (*dp++ != (csum & 0xff) || *dp++ != ((csum >> 8) & 0xff) || *dp++ != ((csum >> 16) & 0xff) || *dp++ != ((csum >> 24) & 0xff))
++ if (*dp != (csum & 0xff) || dp[1] != ((csum >> 8) & 0xff) || dp[2] != ((csum >> 16) & 0xff) || dp[3] != ((csum >> 24) & 0xff))
+ return FALSE;
+ }
+ else {
+ csum ^= csum >> 16;
+
+- if (*dp++ != (csum & 0xff) || *dp++ != ((csum >> 8) & 0xff))
++ if (*dp != (csum & 0xff) || dp[1] != ((csum >> 8) & 0xff))
+ return FALSE;
+ }
+
diff --git a/user/xfce4-appfinder/APKBUILD b/user/xfce4-appfinder/APKBUILD
index 7edd9dcfa..575436450 100644
--- a/user/xfce4-appfinder/APKBUILD
+++ b/user/xfce4-appfinder/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com>
# Maintainer: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com>
pkgname=xfce4-appfinder
-pkgver=4.13.1
+pkgver=4.13.2
pkgrel=0
pkgdesc="An application finder for the XFCE desktop environment"
url="https://xfce.org"
@@ -34,4 +34,4 @@ package() {
make DESTDIR="$pkgdir" install
}
-sha512sums="1be1508bea87e9ff7763dc6a8dd0a45b3e1ef39400486b9926de190e146c4c3fd96d08508d32c53a99ff92e98c4cc504e074f651273aac917a79e5df71022116 xfce4-appfinder-4.13.1.tar.bz2"
+sha512sums="96ac782c785649ddf75f8659f9cf10f42c37bab647824f0c76714baca0b61904fa8ba6d23dc1574aae5fdf2538201936d26b42ea6c0f5d5f0f9d71c8ba0a51b8 xfce4-appfinder-4.13.2.tar.bz2"
diff --git a/user/xfwm4/APKBUILD b/user/xfwm4/APKBUILD
index 14451017a..d560fff66 100644
--- a/user/xfwm4/APKBUILD
+++ b/user/xfwm4/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com>
pkgname=xfwm4
pkgver=4.13.1
-pkgrel=0
+pkgrel=1
pkgdesc="Window manager for the XFCE desktop environment"
url="https://xfce.org"
arch="all"
@@ -11,8 +11,8 @@ makedepends="intltool gtk+3.0-dev libxfce4util-dev libxfce4ui-dev libwnck-dev
gobject-introspection-dev vala-dev"
subpackages="$pkgname-lang"
langdir="/usr/lib/locale"
-source="http://archive.xfce.org/src/xfce/xfwm4/4.13/xfwm4-$pkgver.tar.bz2"
-sha512sums="2ac5acdefff3a89b8525719b345dfeb2dc71104b4da341afe99d7c57c049753c4cdb81a512d1f344e5fb463c7143673e83316b63888777bdcf254c4a07ca8320 xfwm4-4.13.1.tar.bz2"
+source="http://archive.xfce.org/src/xfce/xfwm4/4.13/xfwm4-$pkgver.tar.bz2
+ fix-mask-length.patch"
build() {
cd "$builddir"
@@ -36,3 +36,5 @@ package() {
make DESTDIR="$pkgdir" install
}
+sha512sums="2ac5acdefff3a89b8525719b345dfeb2dc71104b4da341afe99d7c57c049753c4cdb81a512d1f344e5fb463c7143673e83316b63888777bdcf254c4a07ca8320 xfwm4-4.13.1.tar.bz2
+88733a4d69b58b0c98f2f46694ccc8bda4e5bc1b565d952123cee466b3f89f95d72fc28c8e9c173dcc0aee606c9f4b085d891004d769b74ad0c7084d8dec00a9 fix-mask-length.patch"
diff --git a/user/xfwm4/fix-mask-length.patch b/user/xfwm4/fix-mask-length.patch
new file mode 100644
index 000000000..dd050c8dc
--- /dev/null
+++ b/user/xfwm4/fix-mask-length.patch
@@ -0,0 +1,12 @@
+diff -ru xfwm4-4.13.1.orig/src/device.c xfwm4-4.13.1/src/device.c
+--- xfwm4-4.13.1.orig/src/device.c 2018-07-29 16:08:54.000000000 +0300
++++ xfwm4-4.13.1/src/device.c 2018-09-12 08:49:18.130254993 +0300
+@@ -301,7 +301,7 @@
+ guint i;
+
+ xievent_mask->deviceid = XIAllMasterDevices;
+- xievent_mask->mask_len = sizeof (mask);
++ xievent_mask->mask_len = len;
+ xievent_mask->mask = mask;
+
+ for (i = 0; i < G_N_ELEMENTS (core_to_xi2); i++)
diff --git a/user/xterm/APKBUILD b/user/xterm/APKBUILD
index 7e35c3d49..edec39639 100644
--- a/user/xterm/APKBUILD
+++ b/user/xterm/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com>
# Maintainer: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com>
pkgname=xterm
-pkgver=337
+pkgver=340
pkgrel=0
pkgdesc="An X-based terminal emulator"
url="https://invisible-island.net/xterm/"
@@ -31,4 +31,4 @@ package() {
make DESTDIR="$pkgdir" install
}
-sha512sums="fad31aa971a42cf38d3e3db2edc615b408d92226c305654b9276592c6dee075f31c7f082a3f549284f1685a31d5d9dedbda99c2c308a90bd741958f862806609 xterm-337.tgz"
+sha512sums="9a150741868fb681e71f4e3644748ea62fd73f9babbbe0baaca24f8c65d96c2ca434abcca713c2d337ec83e2264903b0f98fa6c9dbc3e3ac19c69a98d4c0a033 xterm-340.tgz"