From 0401ed06b3057dd45a935b9a82acc7980a064abe Mon Sep 17 00:00:00 2001 From: Max Rees Date: Mon, 30 Mar 2020 15:00:36 -0500 Subject: system/bubblewrap: [sec] bump to 0.4.1 --- system/bubblewrap/APKBUILD | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'system/bubblewrap') diff --git a/system/bubblewrap/APKBUILD b/system/bubblewrap/APKBUILD index d51d14ae7..866bdb468 100644 --- a/system/bubblewrap/APKBUILD +++ b/system/bubblewrap/APKBUILD @@ -1,7 +1,7 @@ # Contributor: Timo Teräs # Maintainer: Max Rees pkgname=bubblewrap -pkgver=0.4.0 +pkgver=0.4.1 pkgrel=0 pkgdesc="Unprivileged sandboxing tool" url="https://github.com/projectatomic/bubblewrap" @@ -20,6 +20,8 @@ source="bubblewrap-$pkgver.tar.gz::https://github.com/containers/bubblewrap/arch # secfixes: # 0.3.3-r0: # - CVE-2019-12439 +# 0.4.1-r0: +# - GHSA-j2qp-rvxj-43vj prepare() { default_prepare @@ -44,7 +46,7 @@ check() { # 3. Unset permissions on test-bwrap # 4. Run abuild check again (nosuid test) # - # As of 0.4.0, all tests pass except those relating to bind mounts + # As of 0.4.1, all tests pass except those relating to bind mounts # over symlinks. Those tests fail because musl's realpath depends on # the availability of /proc, which is not available in the middle of # the setup procedure since pivot_root has been performed at least @@ -74,6 +76,6 @@ bashcomp() { mv "$pkgdir"/usr/share/bash-completion/ "$subpkgdir"/usr/share/ } -sha512sums="1957126e13900bbb1c9c885802f513006313836826938555899a8ad0e6c3ba47478eae0cc90f4aceff228663379b45203dce4fa57d6bfc489984670571232b97 bubblewrap-0.4.0.tar.gz +sha512sums="83e036e242503e1364b2d0052bba5127175891203c57bd22ba47a1b1e934fdca64ca620cd0e48c903fa2bc7cdcf92339b8a7fcb8716b54c2e28034b6d6f86adc bubblewrap-0.4.1.tar.gz 400a0446670ebf80f16739f1a7a2878aadc3099424f957ba09ec3df780506c23a11368f0578c9e352d7ca6473fa713df826fad7a20c50338aa5f9fa9ac6b84a4 realpath-workaround.patch d572a6296729ab192dd4f04707e0271df600d565897ce089b7f00b9ae6c62e71a087e864b4c4972e0a64aeb222a337ff4ed95560620c200cc44534db1ca79efd tests.patch" -- cgit v1.2.3-70-g09d2