diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2019-05-06 17:03:40 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2019-05-06 17:21:50 +0000 |
commit | 01caeea43bd4470bd3d48c51abf2cbc53654f774 (patch) | |
tree | fe6db13189adfa03618ab167f5fe88c31b44b5e1 | |
parent | 23eacac21afa63d71f78d619df4ce5e0b728051d (diff) | |
download | aports-01caeea43bd4470bd3d48c51abf2cbc53654f774.tar.bz2 aports-01caeea43bd4470bd3d48c51abf2cbc53654f774.tar.xz |
main/lua5.3: security fix for CVE-2019-6706
fixes #10256
(cherry picked from commit ebd55722b9637f4559c94b13e5e061ffef9fb4a3)
-rw-r--r-- | main/lua5.3/APKBUILD | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/main/lua5.3/APKBUILD b/main/lua5.3/APKBUILD index 83fbccf955..79be803c3f 100644 --- a/main/lua5.3/APKBUILD +++ b/main/lua5.3/APKBUILD @@ -3,7 +3,7 @@ pkgname=lua5.3 _pkgname=lua pkgver=5.3.5 _luaver=${pkgname#lua} -pkgrel=1 +pkgrel=2 pkgdesc="Powerful light-weight programming language" url="http://www.lua.org/" arch="all" @@ -16,9 +16,14 @@ source="http://www.lua.org/ftp/$_pkgname-$pkgver.tar.gz lua-5.3-make.patch lua-5.3-module_paths.patch linenoise.patch + CVE-2019-6706-use-after-free-lua_upvaluejoin.patch " builddir="$srcdir/$_pkgname-$pkgver" +# secfixes: +# 5.3.5-r2: +# - CVE-2019-6706 + prepare() { default_prepare || return 1 cd "$builddir" @@ -135,4 +140,5 @@ libs() { sha512sums="4f9516acc4659dfd0a9e911bfa00c0788f0ad9348e5724fe8fb17aac59e9c0060a64378f82be86f8534e49c6c013e7488ad17321bafcc787831d3d67406bd0f4 lua-5.3.5.tar.gz 1bc6c623024c1738155b30ff9c0edcce0f336edc25aa20c3a1400c859421ea2015d75175cce8d515e055ac3e96028426b74812e04022af18a0ed4c4601556027 lua-5.3-make.patch 313ff823ed871f380a2cb0ba1f0afbba5cfa9b98da40e6e5e8f3c7a2e5993b13c2577efbe7147b79e3903ff27d5a814fa782c1c925092b08510cb4ce02abf464 lua-5.3-module_paths.patch -a2edcf5a41513492edff5fa6e97652e676ceb6c66bb2c6a7e6f345570248d7646167f0172ceb07a74fd9d4a43051ed8244fbd94706dd9f5593f174075592a527 linenoise.patch" +a2edcf5a41513492edff5fa6e97652e676ceb6c66bb2c6a7e6f345570248d7646167f0172ceb07a74fd9d4a43051ed8244fbd94706dd9f5593f174075592a527 linenoise.patch +fde7f5f5a184cd393665c7c8c7ba3c728e1413df5f63dbe60855af13ddd313d9300720298534f4312638ddf59fa678a38f708bce622dd7a2298b4ed87c068ae7 CVE-2019-6706-use-after-free-lua_upvaluejoin.patch" |