From 371b1775733f7c187f0e7384842bf17061c7821d Mon Sep 17 00:00:00 2001
From: "A. Wilcox" <AWilcox@Wilcox-Tech.com>
Date: Thu, 3 Oct 2019 16:20:46 +0000
Subject: user/libgd: secfixes (#159)

---
 user/libgd/APKBUILD | 22 +++++++++++++++++-----
 1 file changed, 17 insertions(+), 5 deletions(-)

(limited to 'user/libgd/APKBUILD')

diff --git a/user/libgd/APKBUILD b/user/libgd/APKBUILD
index 13f07cfe0..27de81126 100644
--- a/user/libgd/APKBUILD
+++ b/user/libgd/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: 
 pkgname=libgd
 pkgver=2.2.5
-pkgrel=0
+pkgrel=1
 pkgdesc="Library for dynamic image creation"
 url="http://libgd.github.io/"
 arch="all"
@@ -15,10 +15,20 @@ subpackages="$pkgname-dev"
 replaces="gd"
 source="https://github.com/$pkgname/$pkgname/releases/download/gd-$pkgver/$pkgname-$pkgver.tar.xz
 	CVE-2016-7568.patch
+	CVE-2018-5711.patch
+	CVE-2018-1000222.patch
+	CVE-2019-6977.patch
+	CVE-2019-6978.patch
 	"
 
+# secfixes:
+#   2.2.5-r1:
+#     - CVE-2018-5711
+#     - CVE-2018-1000222
+#     - CVE-2019-6977
+#     - CVE-2019-6978
+
 build() {
-	cd "$builddir"
 	./configure \
 		--build=$CBUILD \
 		--host=$CHOST \
@@ -31,12 +41,10 @@ build() {
 }
 
 check() {
-	cd "$builddir"
 	make check
 }
 
 package() {
-	cd "$builddir"
 	make DESTDIR="$pkgdir" install
 }
 
@@ -48,4 +56,8 @@ dev() {
 }
 
 sha512sums="e4598e17a277a75e02255402182cab139cb3f2cffcd68ec05cc10bbeaf6bc7aa39162c3445cd4a7efc1a26b72b9152bbedb187351e3ed099ea51767319997a6b  libgd-2.2.5.tar.xz
-8310d11a2398e8617c9defc4500b9ce3897ac1026002ffa36000f1d1f8df19336005e8c1f6587533f1d787a4a54d7a3a28ad25bddbc966a018aedf4d8704a716  CVE-2016-7568.patch"
+8310d11a2398e8617c9defc4500b9ce3897ac1026002ffa36000f1d1f8df19336005e8c1f6587533f1d787a4a54d7a3a28ad25bddbc966a018aedf4d8704a716  CVE-2016-7568.patch
+d6577566814cbe2d93b141a4216b32acdeb2989dc1712eb137565081b913151bbb4c69911c96b2bb7c90695078a85152d368aad183de494d1283fde25021751b  CVE-2018-5711.patch
+d12462f1b159d50b9032435e9767a5d76e1797a88be950ed33dda7aa17005b7cb60560d04b9520e46d8111e1669d42ce28cb2c508f9c8825d545ac0335d2a10b  CVE-2018-1000222.patch
+df84e469515f684d79ebad163e137401627310a984ac1ae6a4d31b739b3dc6d9144f101e9bfc3211af1d7cdbaa827721d21a9fe528e69b9b60a943ec8a7ab74b  CVE-2019-6977.patch
+3bf31941365a878bef899afa14a89e4ad0fbfb3280d34b2118c8484698e15eff600751ae3ce146a4f006e6c21730cb18899bae3538f6cc2651025274b40cf1ca  CVE-2019-6978.patch"
-- 
cgit v1.2.3-70-g09d2