From 8544988613c315f3726b1ce2e277817e66456c2f Mon Sep 17 00:00:00 2001 From: Max Rees Date: Thu, 1 Aug 2019 04:20:02 -0500 Subject: user/libexif: patch for CVE-2017-7544 and CVE-2018-20030 (#143) --- user/libexif/APKBUILD | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) (limited to 'user/libexif/APKBUILD') diff --git a/user/libexif/APKBUILD b/user/libexif/APKBUILD index cfe2dd75f..71c9f7d06 100644 --- a/user/libexif/APKBUILD +++ b/user/libexif/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: pkgname=libexif pkgver=0.6.21 -pkgrel=2 +pkgrel=3 pkgdesc="Library to parse EXIF metadata" url="https://sourceforge.net/projects/libexif" arch="all" @@ -9,16 +9,21 @@ license="LGPL-2.0+" subpackages="$pkgname-dev $pkgname-doc $pkgname-lang" depends="" makedepends="" -source="https://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.bz2" +source="https://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.bz2 + CVE-2017-7544.patch + CVE-2018-20030.patch" + +# secfixes: +# 0.6.21-r3: +# - CVE-2017-7544 +# - CVE-2018-20030 prepare() { - cd "$builddir" update_config_sub default_prepare } build() { - cd "$builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -27,12 +32,13 @@ build() { } check() { - cd "$builddir" make check } package() { - cd "$builddir" make DESTDIR="$pkgdir" install } -sha512sums="4e0fe2abe85d1c95b41cb3abe1f6333dc3a9eb69dba106a674a78d74a4d5b9c5a19647118fa1cc2d72b98a29853394f1519eda9e2889eb28d3be26b21c7cfc35 libexif-0.6.21.tar.bz2" + +sha512sums="4e0fe2abe85d1c95b41cb3abe1f6333dc3a9eb69dba106a674a78d74a4d5b9c5a19647118fa1cc2d72b98a29853394f1519eda9e2889eb28d3be26b21c7cfc35 libexif-0.6.21.tar.bz2 +d529c6c5bd26dc21c0946702574184e1f61c2bfd4fb95b41e314f486a0dd55571963ff2cad566d2fb0804de3c0799bcd956c15a3dc10a520ce207728edad4e2d CVE-2017-7544.patch +0d6123bd275ace338ad9cebb31a2e714de0141b91860f07394b281686a5393566c3f4159679d4ba689ae7ea69ae2e412b158c3deb451c40c210b5817f6888bbc CVE-2018-20030.patch" -- cgit v1.2.3-70-g09d2