# Maintainer: 
pkgname=libvorbis
pkgver=1.3.6
pkgrel=0
pkgdesc="Vorbis audio codec library"
url="https://xiph.org/vorbis/"
arch="all"
options="!check" # Test suite doesn't compile.
license="BSD-3-Clause"
depends=""
makedepends="libogg-dev"
subpackages="$pkgname-dev $pkgname-doc"
source="https://downloads.xiph.org/releases/vorbis/$pkgname-$pkgver.tar.xz
	CVE-2017-14160-and-2018-10393.patch
	CVE-2018-10392.patch
	"

# secfixes:
#   1.3.6-r1:
#     - CVE-2018-10392
#   1.3.5-r4:
#     - CVE-2017-14632
#     - CVE-2017-14633
#   1.3.5-r3:
#     - CVE-2017-14160
#     - CVE-2018-10393

build() {
	./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--prefix=/usr \
		--sysconfdir=/etc \
		--mandir=/usr/share/man \
		--localstatedir=/var
	make
}

package() {
	make DESTDIR="$pkgdir" install
}

sha512sums="a5d990bb88db2501b16f8eaee9f2ecb599cefd7dab2134d16538d8905263a972157c7671867848c2a8a358bf5e5dbc7721205ece001032482f168be7bda4f132  libvorbis-1.3.6.tar.xz
332081da5dd8fb28ee70dfbc123e7fcef279317ee977be9da97e97a105e788da452c33097bf597f369fea0e49749f876a93d6af0fa2fa20405acbc57771c89a9  CVE-2017-14160-and-2018-10393.patch
294de5e0c40b64d495df7f53196260be5ffaba11c75fc4a1a54ec0c058eeba4793c1ef685c8cf866195a2972c91a7a896df5f05f478b7f25a564abb3f82f331f  CVE-2018-10392.patch"