From f58efe23e016a57672e127d949784f408c0d470c Mon Sep 17 00:00:00 2001 From: Max Rees Date: Fri, 24 Apr 2020 17:02:53 -0500 Subject: user/libslirp: [CVE] bump to 4.3.0 --- user/libslirp/APKBUILD | 13 +++++++++---- user/libslirp/git-describe.patch | 24 ++++++++++++++++++++++++ 2 files changed, 33 insertions(+), 4 deletions(-) create mode 100644 user/libslirp/git-describe.patch (limited to 'user/libslirp') diff --git a/user/libslirp/APKBUILD b/user/libslirp/APKBUILD index 07d7eea31..bd88d3957 100644 --- a/user/libslirp/APKBUILD +++ b/user/libslirp/APKBUILD @@ -1,6 +1,6 @@ # Maintainer: Max Rees pkgname=libslirp -pkgver=4.2.0 +pkgver=4.3.0 pkgrel=0 pkgdesc="A general-purpose TCP/IP emulator" url="https://gitlab.freedesktop.org/slirp/libslirp" @@ -10,10 +10,14 @@ license="BSD-3-Clause AND MIT" depends="" makedepends="glib-dev meson" subpackages="$pkgname-dev" -source="https://gitlab.freedesktop.org/slirp/libslirp/-/archive/v$pkgver/libslirp-v$pkgver.tar.gz +source="https://elmarco.fedorapeople.org/libslirp-$pkgver.tar.xz + git-describe.patch static.patch " -builddir="$srcdir/libslirp-v$pkgver" + +# secfixes: +# 4.3.0-r0: +# - CVE-2020-1983 build() { meson \ @@ -30,5 +34,6 @@ package() { DESTDIR="$pkgdir" ninja -C output install } -sha512sums="514744ac8325857915b9946a76f4a55d48c8361b6167cd69c533086928ae06f059d923c5f057e92a0915921bb363b69d34a939a0bcc28233515125a5d1858d25 libslirp-v4.2.0.tar.gz +sha512sums="656a57878354b893503af69dfb11ab93dcf4728cc68bd0b6aa352073cbcf1b558924a5932e1996011002f72f5bddfb22ddaffc5a88078a61862c630d908e8beb libslirp-4.3.0.tar.xz +fb66abe30c7b36c93bf759960275119c6d34e57861efe0cdc147a606a7a13b2d29f0f77dfe99326539800bd4ded9e39c736abd9d4ca9d6f16df2d50fd70fb7f6 git-describe.patch bb1bb5443d8083099d2a270b78b7ec74daa26634b2062d2c30460ed118b333942a9a555c96910216bb746311ae021d457f39a304a60fe07a3908a0c315a7c756 static.patch" diff --git a/user/libslirp/git-describe.patch b/user/libslirp/git-describe.patch new file mode 100644 index 000000000..9cc66bbad --- /dev/null +++ b/user/libslirp/git-describe.patch @@ -0,0 +1,24 @@ +Otherwise you might get "-dirty" in the pc: version + +--- libslirp-4.3.0/build-aux/git-version-gen 2020-04-23 06:09:44.166262600 -0500 ++++ libslirp-4.3.0/build-aux/git-version-gen 2020-04-24 15:08:09.450004079 -0500 +@@ -133,19 +133,6 @@ fi + + v=`echo "$v" |sed 's/^v//'` + +-# Don't declare a version "dirty" merely because a time stamp has changed. +-git update-index --refresh > /dev/null 2>&1 +- +-dirty=`sh -c 'git diff-index --name-only HEAD' 2>/dev/null` || dirty= +-case "$dirty" in +- '') ;; +- *) # Append the suffix only if there isn't one already. +- case $v in +- *-dirty) ;; +- *) v="$v-dirty" ;; +- esac ;; +-esac +- + # Omit the trailing newline, so that m4_esyscmd can use the result directly. + echo "$v" | tr -d "$nl" + -- cgit v1.2.3-60-g2f50