aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLeonardo Arena <rnalrd@alpinelinux.org>2018-03-06 09:41:56 +0000
committerLeonardo Arena <rnalrd@alpinelinux.org>2018-03-06 09:42:02 +0000
commit2ec57e0e13ceccd61a0be8376969fb676d94c14a (patch)
tree32c4dfbf01441d063abee6e920c77cb8354743fa
parentf34424f591766c86f5174e3b4dcf59af082d6e0e (diff)
downloadaports-2ec57e0e13ceccd61a0be8376969fb676d94c14a.tar.bz2
aports-2ec57e0e13ceccd61a0be8376969fb676d94c14a.tar.xz
main/wavpack: security fixes
CVE-2018-6767, CVE-2018-7253, CVE-2018-7254 Fixes #8592
Diffstat
-rw-r--r--main/wavpack/APKBUILD28
1 files changed, 18 insertions, 10 deletions
diff --git a/main/wavpack/APKBUILD b/main/wavpack/APKBUILD
index 776382949f..438a12c6d1 100644
--- a/main/wavpack/APKBUILD
+++ b/main/wavpack/APKBUILD
@@ -3,24 +3,29 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=wavpack
pkgver=5.1.0
-pkgrel=2
+pkgrel=3
pkgdesc="Audio compression format with lossless, lossy, and hybrid compression modes"
url="http://www.wavpack.com/"
arch="all"
options="!check" # No test suite.
license="BSD-3-Clause"
-depends=""
-makedepends=""
-install=
subpackages="$pkgname-dev $pkgname-doc"
-source="http://www.wavpack.com/${pkgname}-${pkgver}.tar.bz2"
+source="http://www.wavpack.com/${pkgname}-${pkgver}.tar.bz2
+ CVE-2018-6767.patch
+ CVE-2018-7253.patch
+ CVE-2018-7254.patch
+ "
# secfixes:
+# 5.1.0-r3:
+# - CVE-2018-6767
+# - CVE-2018-7253
+# - CVE-2018-7254
# 5.1.0-r0:
-# - CVE-2016-10169
-# - CVE-2016-10170
-# - CVE-2016-10171
-# - CVE-2016-10172
+# - CVE-2016-10169
+# - CVE-2016-10170
+# - CVE-2016-10171
+# - CVE-2016-10172
build() {
cd "$builddir"
@@ -47,4 +52,7 @@ package() {
make DESTDIR="$pkgdir" install
}
-sha512sums="4c31616ae63c3a875afa20f26ce935f7a8f9921e2892b4b8388eca3ccd83b2d686f43eed8b9ec1dead934a1148401b9dced3b05f509b7942c48d7af31cf80a54 wavpack-5.1.0.tar.bz2"
+sha512sums="4c31616ae63c3a875afa20f26ce935f7a8f9921e2892b4b8388eca3ccd83b2d686f43eed8b9ec1dead934a1148401b9dced3b05f509b7942c48d7af31cf80a54 wavpack-5.1.0.tar.bz2
+9a4d0da20398c3500f2308abae921bda2149e46270e0424b83b06bf9a15ff16b5b89c000a7633a6b454f09f7e2ffd5a88de37cd7504f633108e50c0d954c883c CVE-2018-6767.patch
+6e8bdb2a1fa1445de7778226bf4db35efa96f6455be3f2c52bd56dc567eba8eeba9a0140965816c2dc340abcdcb966dc6fd647345e419fde3dceba2a512e5395 CVE-2018-7253.patch
+8745e1d3b97df6bdc2844c6731c1079afce8aee6cd3ad39557c8442687f80d2e2b278fd5277e35f7793de3035a7923be69a248dd7ab2cae66d92ea43905dae60 CVE-2018-7254.patch"
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-12 02:51:39 +0000