From e0810a8bc36196b7141f4802b43f621e0358577d Mon Sep 17 00:00:00 2001
From: Max Rees <maxcrees@me.com>
Date: Fri, 13 Sep 2019 14:23:48 -0500
Subject: system/expat: [CVE] patch CVE-2019-15903 (#192)

---
 system/expat/APKBUILD | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

(limited to 'system/expat/APKBUILD')

diff --git a/system/expat/APKBUILD b/system/expat/APKBUILD
index 088d9d9b1..4a6f547e3 100644
--- a/system/expat/APKBUILD
+++ b/system/expat/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: A. Wilcox <awilfox@adelielinux.org>
 pkgname=expat
 pkgver=2.2.7
-pkgrel=0
+pkgrel=1
 pkgdesc="An XML Parser library written in C"
 url="https://libexpat.github.io/"
 arch="all"
@@ -10,13 +10,16 @@ depends=""
 checkdepends="bash"
 makedepends=""
 subpackages="$pkgname-dev $pkgname-doc"
-source="https://downloads.sourceforge.net/project/expat/expat/$pkgver/expat-$pkgver.tar.bz2"
+source="https://downloads.sourceforge.net/project/expat/expat/$pkgver/expat-$pkgver.tar.bz2
+	CVE-2019-15903.patch"
 
 # secfixes:
 #   2.2.1-r0:
 #     - CVE-2016-9063
 #   2.2.0-r1:
 #     - CVE-2017-9233
+#   2.2.7-r1:
+#     - CVE-2019-15903
 
 build() {
 	./configure \
@@ -35,4 +38,5 @@ package() {
 	make DESTDIR="$pkgdir/" install
 }
 
-sha512sums="a078692317b44f14a9acdca4ddc04adac6a48d22ab321bba3e9e32c92131752aa397915d7121c4a95dc1b603d6a6128f7dce3741093d4322944787e0b49b4c00  expat-2.2.7.tar.bz2"
+sha512sums="a078692317b44f14a9acdca4ddc04adac6a48d22ab321bba3e9e32c92131752aa397915d7121c4a95dc1b603d6a6128f7dce3741093d4322944787e0b49b4c00  expat-2.2.7.tar.bz2
+02d1719307dffdab98e90f242a77aa61cab79ae63ea28d6fa1219b4191d7247e5c319d3adf9781c9086e392c05fd6b6558051b0792ade5cb6c64e7583c67a70d  CVE-2019-15903.patch"
-- 
cgit v1.2.3-70-g09d2