From a8eebfa23ff14b349c50b1ee9e67ab99c215ef9d Mon Sep 17 00:00:00 2001 From: Max Rees Date: Sat, 3 Aug 2019 23:45:31 -0500 Subject: user/openjpeg: patch for CVE-2019-12973 (#146) --- user/openjpeg/APKBUILD | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'user/openjpeg/APKBUILD') diff --git a/user/openjpeg/APKBUILD b/user/openjpeg/APKBUILD index c549987d8..e454afa61 100644 --- a/user/openjpeg/APKBUILD +++ b/user/openjpeg/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: A. Wilcox pkgname=openjpeg pkgver=2.3.1 -pkgrel=1 +pkgrel=2 pkgdesc="Open-source implementation of JPEG 2000 image codec" url="http://www.openjpeg.org/" arch="all" @@ -11,7 +11,8 @@ license="BSD-2-Clause-NetBSD" depends_dev="$pkgname-tools" makedepends="libpng-dev tiff-dev lcms2-dev doxygen cmake" subpackages="$pkgname-dev $pkgname-tools" -source="$pkgname-$pkgver.tar.gz::https://github.com/uclouvain/openjpeg/archive/v$pkgver.tar.gz" +source="$pkgname-$pkgver.tar.gz::https://github.com/uclouvain/openjpeg/archive/v$pkgver.tar.gz + CVE-2019-12973.patch" build() { cmake . \ @@ -23,6 +24,8 @@ build() { } # secfixes: +# 2.3.1-r2: +# - CVE-2019-12973 # 2.3.0-r0: # - CVE-2017-14039 # 2.2.0-r2: @@ -47,4 +50,5 @@ tools() { mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ } -sha512sums="339fbc899bddf2393d214df71ed5d6070a3a76b933b1e75576c8a0ae9dfcc4adec40bdc544f599e4b8d0bc173e4e9e7352408497b5b3c9356985605830c26c03 openjpeg-2.3.1.tar.gz" +sha512sums="339fbc899bddf2393d214df71ed5d6070a3a76b933b1e75576c8a0ae9dfcc4adec40bdc544f599e4b8d0bc173e4e9e7352408497b5b3c9356985605830c26c03 openjpeg-2.3.1.tar.gz +472deba1d521553f9c7af805ba3d0c4fc31564fd36e37c598646f468b7d05bf5f81d2320fd6fadf8c0e3344ebce7bc0d04cece55a1b3cec2ef693a6e65bd2516 CVE-2019-12973.patch" -- cgit v1.2.3-70-g09d2