From dd008a31d9cc9a1d02bfc848b8321758ac92d2d8 Mon Sep 17 00:00:00 2001
From: "A. Wilcox" <AWilcox@Wilcox-Tech.com>
Date: Fri, 7 Dec 2018 17:56:36 +0000
Subject: user/vlc: sec fix for CVE-2018-19857

---
 user/vlc/APKBUILD | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'user/vlc/APKBUILD')

diff --git a/user/vlc/APKBUILD b/user/vlc/APKBUILD
index 7db6632a1..1d8f2de92 100644
--- a/user/vlc/APKBUILD
+++ b/user/vlc/APKBUILD
@@ -3,7 +3,7 @@
 # Maintainer: A. Wilcox <awilfox@adelielinux.org>
 pkgname=vlc
 pkgver=3.0.4
-pkgrel=1
+pkgrel=2
 pkgdesc="Multi-platform MPEG, VCD/DVD, and DivX player"
 triggers="vlc-libs.trigger=/usr/lib/vlc/plugins"
 pkgusers="vlc"
@@ -61,6 +61,7 @@ makedepends="autoconf automake bison eudev-dev flex libarchive-dev
 	"
 source="https://get.videolan.org/vlc/$pkgver/vlc-$pkgver.tar.xz
 	check-headless.patch
+	CVE-2018-19857.patch
 	disable-sub-autodetect-fuzzy-1-test.patch
 	endian-fix.patch
 	fix-testing.patch
@@ -71,6 +72,10 @@ source="https://get.videolan.org/vlc/$pkgver/vlc-$pkgver.tar.xz
 	vlc-libs.trigger
 	"
 
+# secfixes:
+#   3.0.4-r2:
+#     - CVE-2018-19857
+
 prepare() {
 	default_prepare
 	NOCONFIGURE=1 ./bootstrap
@@ -295,6 +300,7 @@ plugins_visualization()		{ _mv_plugins visualization; }
 
 sha512sums="55c5a45a1573d559f8d62272dc446bebfb328bd48f938e634693a45032e1a3095148e634de5bc53a3a3c0e4858f7df3ed7e5dc91f3f5447e47d0ab5775171271  vlc-3.0.4.tar.xz
 22d80df599b8b65a5439cefbb7140af8e9530f326d54945da3769af65f37518b99ec2cc8647aafd2763324a0698280915afe043cc87e5720c4694881ed35bffa  check-headless.patch
+57a2b843b4b80d3887ca0141b9ea1a00752473861846a6c988553faa58650eb42cc2cd011503dce075c8a5dcabf834e449397c3cdbfdcb291ae7a41d218512da  CVE-2018-19857.patch
 e214b407235cb3afb8bec93f20c9b42957b57e6fd3960679d3d4235e77762e03e64d03c01f00ef63d589e7c85aaad02ce6abbeeccd66b1867bc92451a5b5e9b0  disable-sub-autodetect-fuzzy-1-test.patch
 e063c727d952465bbea33f669db49190427521dc8e2291e9a5cbb0f5e8e879bd3ba76855e44bd4630948e30c4329d27bd928f95de20fe1050d5e839778a4d012  endian-fix.patch
 63adb16b3a1927ee3de27ac339cbfbbaa346a69928c527f883259d1e03b5cb59f26a55feeda767837b448c455de584abcb53dc733b2845c0cc13621d72e7f6fd  fix-testing.patch
-- 
cgit v1.2.3-60-g2f50