diff options
| author | Leo <thinkabit.ukim@gmail.com> | 2019-12-30 13:51:17 +0100 |
|---|---|---|
| committer | Leo <thinkabit.ukim@gmail.com> | 2019-12-30 13:58:42 +0100 |
| commit | 661c78a105528241d881fb5ede26fd8b7cbc87f3 (patch) | |
| tree | c53de38fd7ce6fe2e5ac3ca5aab803a3ef2bff24 | |
| parent | d0cf104cce12123f61ed8801c96e861995aafee9 (diff) | |
| download | aports-661c78a105528241d881fb5ede26fd8b7cbc87f3.tar.bz2 aports-661c78a105528241d881fb5ede26fd8b7cbc87f3.tar.xz | |
community/dia: fix CVE-2019-19451.patch
see #11093
| -rw-r--r-- | community/dia/APKBUILD | 15 | ||||
| -rw-r--r-- | community/dia/CVE-2019-19451.patch | 12 |
2 files changed, 21 insertions, 6 deletions
diff --git a/community/dia/APKBUILD b/community/dia/APKBUILD index 2b0fff5b2e..ec427b36a2 100644 --- a/community/dia/APKBUILD +++ b/community/dia/APKBUILD @@ -1,21 +1,24 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=dia pkgver=0.97.3 -pkgrel=0 +pkgrel=1 pkgdesc="a GTK+ based diagram creation program" url="http://live.gnome.org/Dia" arch="all" -license="GPL-2.0" +license="GPL-2.0-or-later" makedepends="gtk+2.0-dev libxml2-dev" subpackages="$pkgname-doc $pkgname-lang" source="https://download.gnome.org/sources/dia/${pkgver%.*}/dia-$pkgver.tar.xz isinf.patch dia-unregister-import.patch + CVE-2019-19451.patch " -builddir="$srcdir"/dia-$pkgver +# secfixes: +# 0.97.3-r1: +# - CVE-2019-19451.patch + build() { - cd "$builddir" ./configure --prefix=/usr \ --sysconfdir=/etc \ --mandir=/usr/share/man \ @@ -25,10 +28,10 @@ build() { } package() { - cd "$builddir" make DESTDIR="$pkgdir" install } sha512sums="34298980be930b87cb4a636344e4cb2a7e43eedc00b0969a5e446cee9b74b616fdc8c798efcb9a5832b98741f2e20632a44037b2bcb436f59591d531ef441efa dia-0.97.3.tar.xz cfa8fd8fecc7f0e3da185b512c169b156363a73c151547725f964e1cf7b1a305e44c493d0490c680c5f25859acee74fe4ef942ae9ee634b370bd9b9952186c5a isinf.patch -24267507ff08ac589ec1015e55637586a9fd97802893a77849d1e7bce67135fbd3d55611e2c80be1d5f87b92406c95cd5fe484175037297ebe1dbc8eb509a7d4 dia-unregister-import.patch" +24267507ff08ac589ec1015e55637586a9fd97802893a77849d1e7bce67135fbd3d55611e2c80be1d5f87b92406c95cd5fe484175037297ebe1dbc8eb509a7d4 dia-unregister-import.patch +c78b78bd4ce7bfab9babfc887fb98571849246d1ca78e6c69a4413c7881d30358e1287bd9b0d9ba50cbcc540cf5f0e28333b31f467dbe5579ad5c97148b3b512 CVE-2019-19451.patch" diff --git a/community/dia/CVE-2019-19451.patch b/community/dia/CVE-2019-19451.patch new file mode 100644 index 0000000000..fdc8386fba --- /dev/null +++ b/community/dia/CVE-2019-19451.patch @@ -0,0 +1,12 @@ +diff --git a/app/app_procs.c b/app/app_procs.c +index d0f2d3d..423fe2f 100644 +--- a/app/app_procs.c ++++ b/app/app_procs.c +@@ -801,6 +801,7 @@ app_init (int argc, char **argv) + + if (!filename) { + g_print (_("Filename conversion failed: %s\n"), filenames[i]); ++ ++i; + continue; + } + |