diff options
| author | prspkt <prspkt@protonmail.com> | 2018-03-16 20:51:06 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2018-03-28 14:01:48 +0000 |
| commit | e408a1ad1a359d037188ea51cc2b0aa052218846 (patch) | |
| tree | 921ba559a2d2f584fc31af129682f0c7b5e7ae37 | |
| parent | 548c24ea1e19b3739a24556248ebbde4f300e14a (diff) | |
| download | aports-e408a1ad1a359d037188ea51cc2b0aa052218846.tar.bz2 aports-e408a1ad1a359d037188ea51cc2b0aa052218846.tar.xz | |
main/libvorbis: upgrade to 1.3.6, enable tests
fixes #8670
| -rw-r--r-- | main/libvorbis/APKBUILD | 31 | ||||
| -rw-r--r-- | main/libvorbis/CVE-2017-14632.patch | 10 | ||||
| -rw-r--r-- | main/libvorbis/CVE-2017-14633.patch | 11 |
3 files changed, 18 insertions, 34 deletions
diff --git a/main/libvorbis/APKBUILD b/main/libvorbis/APKBUILD index 27e6dd203e..7af3554f85 100644 --- a/main/libvorbis/APKBUILD +++ b/main/libvorbis/APKBUILD @@ -1,28 +1,30 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=libvorbis -pkgver=1.3.5 -pkgrel=5 +pkgver=1.3.6 +pkgrel=0 pkgdesc="Vorbis codec library" -url="https://xiph.org/vorbis/" +url="https://xiph.org/vorbis" arch="all" -options="!check" # Test suite doesn't compile. license="BSD-3-Clause" subpackages="$pkgname-dev $pkgname-doc" makedepends="libogg-dev" -source="http://downloads.xiph.org/releases/vorbis/$pkgname-$pkgver.tar.gz - CVE-2017-14160.patch - CVE-2017-14632.patch - CVE-2017-14633.patch - " +source="http://downloads.xiph.org/releases/vorbis/$pkgname-$pkgver.tar.xz + CVE-2017-14160.patch" builddir="$srcdir/$pkgname-$pkgver" # secfixes: +# 1.3.6-r0: +# - CVE-2018-5146 # 1.3.5-r4: # - CVE-2017-14632 # - CVE-2017-14633 # 1.3.5-r3: # - CVE-2017-14160 +prepare() { + default_prepare +} + build() { cd "$builddir" ./configure \ @@ -35,12 +37,15 @@ build() { make } +check() { + cd "$builddir" + make -j1 check +} + package() { cd "$builddir" make DESTDIR="$pkgdir" install } -sha512sums="6c729a227143abc744a779ec4d4ce9932cd1234e301b766cb5111c3894b7cd866f0267590c7864afd3841ac0d4ae2eb2386e8d14345b7c41c8ce35e996e3656c libvorbis-1.3.5.tar.gz -4c2f7be947f2159ae47175cba89950c7b7d357b37a20d54382e4fbecd8c268b148e6cb86cb148945c7b68bbe8b14f466e910b35b80903ab51f1b02cfccf5806e CVE-2017-14160.patch -656db69d915fb30e26b6370a9b6f7c2c1f1caaec7051eb13602983935d716ae78a1a3ceaa901d63e2a2169cf00c50d90a86530d461fd53191d545e8d82dbae92 CVE-2017-14632.patch -1b4b1a6a31feca7e9cabc9274149788f0134a3be7575d530092e42864ff6f6d129f923282da7378d29d953e6be4519b3aa7f782e2cca70a623024c7c050614f1 CVE-2017-14633.patch" +sha512sums="a5d990bb88db2501b16f8eaee9f2ecb599cefd7dab2134d16538d8905263a972157c7671867848c2a8a358bf5e5dbc7721205ece001032482f168be7bda4f132 libvorbis-1.3.6.tar.xz +4c2f7be947f2159ae47175cba89950c7b7d357b37a20d54382e4fbecd8c268b148e6cb86cb148945c7b68bbe8b14f466e910b35b80903ab51f1b02cfccf5806e CVE-2017-14160.patch" diff --git a/main/libvorbis/CVE-2017-14632.patch b/main/libvorbis/CVE-2017-14632.patch deleted file mode 100644 index f935cc68fd..0000000000 --- a/main/libvorbis/CVE-2017-14632.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- a/lib/info.c -+++ b/lib/info.c -@@ -584,6 +584,7 @@ int vorbis_analysis_headerout(vorbis_dsp - private_state *b=v->backend_state; - - if(!b||vi->channels<=0){ -+ b = NULL; - ret=OV_EFAULT; - goto err_out; - } diff --git a/main/libvorbis/CVE-2017-14633.patch b/main/libvorbis/CVE-2017-14633.patch deleted file mode 100644 index 76af2652c8..0000000000 --- a/main/libvorbis/CVE-2017-14633.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/lib/info.c -+++ b/lib/info.c -@@ -583,7 +583,7 @@ int vorbis_analysis_headerout(vorbis_dsp - oggpack_buffer opb; - private_state *b=v->backend_state; - -- if(!b||vi->channels<=0){ -+ if(!b||vi->channels<=0||vi->channels>256){ - b = NULL; - ret=OV_EFAULT; - goto err_out; |