diff options
author | Francesco Colista <fcolista@alpinelinux.org> | 2017-05-19 14:07:01 +0000 |
---|---|---|
committer | Francesco Colista <fcolista@alpinelinux.org> | 2017-05-19 14:08:36 +0000 |
commit | 6916b57a3b0b5200fbcd5f6b22a9d21bbe9098d6 (patch) | |
tree | cf98d768cf37889124aebe80b5e4f8fba9c15fcd | |
parent | c25c75b8fbbe2271a6f10508c809cbcc0ff19ea3 (diff) | |
download | aports-6916b57a3b0b5200fbcd5f6b22a9d21bbe9098d6.tar.bz2 aports-6916b57a3b0b5200fbcd5f6b22a9d21bbe9098d6.tar.xz |
main/libsndfile: security upgrade to 1.0.28 - fixes #7153
CVE-2017-7585: Stack-based buffer overflow in flac_buffer_copy()
CVE-2017-7741: invalid memory WRITE
CVE-2017-7742: invalid memory READ
-rw-r--r-- | main/libsndfile/APKBUILD | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/main/libsndfile/APKBUILD b/main/libsndfile/APKBUILD index 70bfad835d..8ec809e297 100644 --- a/main/libsndfile/APKBUILD +++ b/main/libsndfile/APKBUILD @@ -1,6 +1,7 @@ +# Contributor: Sergei Lukin <sergej.lukin@gmail.com> # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=libsndfile -pkgver=1.0.26 +pkgver=1.0.28 pkgrel=0 pkgdesc="A C library for reading and writing files containing sampled sound" url="http://www.mega-nerd.com/libsndfile" @@ -12,6 +13,12 @@ depends_dev="flac-dev libvorbis-dev libogg-dev" makedepends="linux-headers alsa-lib-dev $depends_dev" source="http://www.mega-nerd.com/$pkgname/files/$pkgname-$pkgver.tar.gz" +# secfixes: +# 1.0.28-r0: +# - CVE-2017-7585 +# - CVE-2017-7741 +# - CVE-2017-7742 + _builddir="$srcdir/$pkgname-$pkgver" prepare() { @@ -36,6 +43,4 @@ package() { make DESTDIR="$pkgdir" install || return 1 rm "$pkgdir"/usr/lib/*.la || return 1 } -md5sums="ec810a0c60c08772a8a5552704b63393 libsndfile-1.0.26.tar.gz" -sha256sums="cd6520ec763d1a45573885ecb1f8e4e42505ac12180268482a44b28484a25092 libsndfile-1.0.26.tar.gz" -sha512sums="49a131482f9735e2f171ab7b59770cafc6b92e177f88bed9d2e6189390abc5aa473081dce3e4ec3c0e32b6f3d8c19901136b3df15b9222c11b578f522e88257e libsndfile-1.0.26.tar.gz" +sha512sums="890731a6b8173f714155ce05eaf6d991b31632c8ab207fbae860968861a107552df26fcf85602df2e7f65502c7256c1b41735e1122485a3a07ddb580aa83b57f libsndfile-1.0.28.tar.gz" |