From 03ef76f450eda2661dff1b65f8dcd4b19b8bbfab Mon Sep 17 00:00:00 2001 From: Max Rees Date: Mon, 2 Sep 2019 19:16:27 -0500 Subject: user/vlc: [CVE] bump to 3.0.8 (#182) --- user/vlc/APKBUILD | 31 ++++++++++++++++++++----------- 1 file changed, 20 insertions(+), 11 deletions(-) (limited to 'user') diff --git a/user/vlc/APKBUILD b/user/vlc/APKBUILD index 2dc82dde6..3da8680d2 100644 --- a/user/vlc/APKBUILD +++ b/user/vlc/APKBUILD @@ -2,8 +2,8 @@ # Contributor: Leonardo Arena # Maintainer: A. Wilcox pkgname=vlc -pkgver=3.0.7.1 -pkgrel=2 +pkgver=3.0.8 +pkgrel=0 pkgdesc="Multi-platform MPEG, VCD/DVD, and DivX player" triggers="vlc-libs.trigger=/usr/lib/vlc/plugins" pkgusers="vlc" @@ -11,7 +11,7 @@ pkggroups="vlc" url="https://www.videolan.org/vlc/" arch="all" license="GPL-2.0+" -options="!checkroot textrel" +options="textrel" subpackages="$pkgname-dev $pkgname-doc $pkgname-qt $pkgname-pulse $pkgname-daemon::noarch $pkgname-libs $pkgname-lang" depends="ttf-dejavu xdg-utils" @@ -43,12 +43,25 @@ source="https://get.videolan.org/vlc/$pkgver/vlc-$pkgver.tar.xz omxil-rpi-codecs.patch tar-compat.patch test-s390x.patch - vlc-libs.trigger " # secfixes: vlc_media_player # 3.0.4-r2: # - CVE-2018-19857 +# 3.0.8-r0: +# - CVE-2019-13602 +# - CVE-2019-13615 +# - CVE-2019-13962 +# - CVE-2019-14437 +# - CVE-2019-14438 +# - CVE-2019-14498 +# - CVE-2019-14533 +# - CVE-2019-14534 +# - CVE-2019-14535 +# - CVE-2019-14776 +# - CVE-2019-14777 +# - CVE-2019-14778 +# - CVE-2019-14970 prepare() { default_prepare @@ -57,7 +70,6 @@ prepare() { build() { local _arch_opts= - cd "$builddir" export CFLAGS="$CFLAGS -D_GNU_SOURCE" case "$CARCH" in @@ -127,7 +139,6 @@ build() { } package() { - cd "$builddir" make DESTDIR="$pkgdir" install # delete cache as it's autocreated by trigger rm -rf "$pkgdir"/usr/lib/vlc/plugins/plugins.dat @@ -137,7 +148,6 @@ package() { } check() { - cd "$builddir" make check } @@ -150,7 +160,7 @@ _mv() { pulse() { pkgdesc="PulseAudio support for VLC" depends="" - install_if="vlc pulseaudio" + install_if="vlc=$pkgver-r$pkgrel pulseaudio" mkdir -p "$subpkgdir"/usr/lib/vlc mv "$pkgdir"/usr/lib/vlc/libvlc_pulse* "$subpkgdir"/usr/lib/vlc/ } @@ -192,7 +202,7 @@ libs() { default_libs } -sha512sums="6b99ae0564630a7a7ca9187c3bb954c601e384522ce93460b73f2dbf31787ce5828daca9f31c781b97db77872d76b6a3e871ff3401d70f1b5829fee7c4e847fd vlc-3.0.7.1.tar.xz +sha512sums="5ade0b350e98fd6fa90035bffabda96f0addb3844a7c0a242b4db1cab6a746e1adb1d713ddcb48ae51a7d1736090f096f5d3b0637a9f958ccf4fcf27e838cf70 vlc-3.0.8.tar.xz 22d80df599b8b65a5439cefbb7140af8e9530f326d54945da3769af65f37518b99ec2cc8647aafd2763324a0698280915afe043cc87e5720c4694881ed35bffa check-headless.patch e214b407235cb3afb8bec93f20c9b42957b57e6fd3960679d3d4235e77762e03e64d03c01f00ef63d589e7c85aaad02ce6abbeeccd66b1867bc92451a5b5e9b0 disable-sub-autodetect-fuzzy-1-test.patch e063c727d952465bbea33f669db49190427521dc8e2291e9a5cbb0f5e8e879bd3ba76855e44bd4630948e30c4329d27bd928f95de20fe1050d5e839778a4d012 endian-fix.patch @@ -200,5 +210,4 @@ e063c727d952465bbea33f669db49190427521dc8e2291e9a5cbb0f5e8e879bd3ba76855e44bd463 35f83e38a6a0dd1e3c37e3dc6d63b1406d2f9454ed246854c1408d6f35ad74b743c5b0dbc19442bab65aad4268707ffa85bfda9e72b2d711c1d3412d955bf150 lua.patch e13e398b7bfd977f6e099bcb6cf8dc5cd5bad6dea3eff715881826246dc4329468846084aff2576de2b7fd28d3f06e7c327a6e4511a28d22e5cd198a81146c89 omxil-rpi-codecs.patch a117ca4d7fd66a5f959fdeaddfdce2f8442fe9f2c13995bb7f4792a7745c00813813aa962f76e957e3b0735344a5dc000e0644ce09f23458802a2932231655c3 tar-compat.patch -c0107655249687655846a9547ca1a5670b9207443180600e7a149c69ffb96d7226787c19b018d4033db9b284c1a5faa8d7d42188ed40c3b8bb051256febf11c5 test-s390x.patch -34d899b8b88de2058a8d64ce316389bd3437c0bbcd64a925eec4975adf2bc306a3a8d2e322bad5e3a18b5a28cbb5bf6705d8849dee655daf7e5a4bb007fe07e0 vlc-libs.trigger" +c0107655249687655846a9547ca1a5670b9207443180600e7a149c69ffb96d7226787c19b018d4033db9b284c1a5faa8d7d42188ed40c3b8bb051256febf11c5 test-s390x.patch" -- cgit v1.2.3-60-g2f50