diff options
| author | alpine-mips-patches <info@mobile-stream.com> | 2018-12-20 14:06:58 +0000 |
|---|---|---|
| committer | Leonardo Arena <rnalrd@alpinelinux.org> | 2018-12-27 10:21:48 +0000 |
| commit | 880aa1b5c01e1e14f9295a953dbf37cbd08d24a9 (patch) | |
| tree | 9c3af87d58ef9b116a8457aebe5536ff410e8415 /community/cpio/APKBUILD | |
| parent | a1b83606c3f4cedbb42cf7cb1fbae75b933dbbdd (diff) | |
| download | aports-880aa1b5c01e1e14f9295a953dbf37cbd08d24a9.tar.bz2 aports-880aa1b5c01e1e14f9295a953dbf37cbd08d24a9.tar.xz | |
community/cpio: add minor security fixes, fix tests
- add fixes for CVE-2016-2037, integer overflow and inconsistent
argument passing to printf-like functions, all from upstream.
- add autoconf to checkdepends as autom4te is required to create
built-in tests from templates;
- remove bash from checkdepends (as it is useless without passing
CONFIG_SHELL=/bin/bash to ./configure anyway) and replace the
bash-style sequence expression at tests/symlink-long.at:30 to
resolve test failure;
- disable NLS and make explicit other default ./configure options.
Diffstat (limited to 'community/cpio/APKBUILD')
| -rw-r--r-- | community/cpio/APKBUILD | 30 |
1 files changed, 25 insertions, 5 deletions
diff --git a/community/cpio/APKBUILD b/community/cpio/APKBUILD index 64ad52497d..eb8840d660 100644 --- a/community/cpio/APKBUILD +++ b/community/cpio/APKBUILD @@ -2,24 +2,40 @@ # Maintainer: Stuart Cardall <developer@it-offshore.co.uk> pkgname=cpio pkgver=2.12 -pkgrel=2 +pkgrel=3 pkgdesc="A tool to copy files into or out of a cpio or tar archive" url="https://www.gnu.org/software/cpio" arch="all" license="GPL" depends="" -checkdepends="bash" +checkdepends="autoconf" subpackages="$pkgname-doc" -source="$pkgname-$pkgver.tar.bz2::http://ftp.snt.utwente.nl/pub/software/gnu/cpio/$pkgname-$pkgver.tar.bz2" +source="$pkgname-$pkgver.tar.bz2::http://ftp.snt.utwente.nl/pub/software/gnu/cpio/$pkgname-$pkgver.tar.bz2 + fix-bash-sequence-expression.patch + fix-signed-integer-overflow-big-block-sizes.patch + CVE-2016-2037.patch + cast-arguments-to-printf.patch" + +# secfixes: +# 2.12-r3: +# - CVE-2016-2037 builddir="$srcdir"/$pkgname-$pkgver build() { cd "$builddir" ./configure \ + --build=$CBUILD \ + --host=$CHOST \ --prefix=/usr \ + --sysconfdir=/etc \ + --localstatedir=/var \ --mandir=/usr/share/man \ - --infodir=/usr/share/info + --infodir=/usr/share/info \ + --enable-largefile \ + --disable-mt \ + --disable-rpath \ + --disable-nls make } @@ -36,4 +52,8 @@ package() { rm "$pkgdir"/usr/share/man/*/rmt.* } -sha512sums="0cd4da5f2fbca179ab4e666a5f878414c086a5f98bce4c76273f21d9b2a6fe422d901b5d453826c5f81bbe363aa015047a1e99779ad1a451c8feca6205c63120 cpio-2.12.tar.bz2" +sha512sums="0cd4da5f2fbca179ab4e666a5f878414c086a5f98bce4c76273f21d9b2a6fe422d901b5d453826c5f81bbe363aa015047a1e99779ad1a451c8feca6205c63120 cpio-2.12.tar.bz2 +228ae9f3832589eea742534953e3d28eafe8295893232b33f060a4ad35d7da7eae4608e1d675d9ece1a8ff107157a3c9c43eb2d282b3a95b22324c27d54fd787 fix-bash-sequence-expression.patch +979a67a0071389fd385c118062e8f3a89488c94c7b3674396f17311e891134ea328d948da4bfeb45bbc620c67e411717cd1cc1ff890d72db479bb484e8d1839c fix-signed-integer-overflow-big-block-sizes.patch +0c3884389be446a927e387ccf8a3e658b38e3d2b94bb3262703bbd6806835e7f5d1cccfbdf090ce7be27913eef6b67c30e37e7b9fee363a9d9ee6c4d830da4c1 CVE-2016-2037.patch +209007a8c34f52a4a7539adf83b62925ea0013e11b0ec4c4faf6853384c34251e7898ed5822cb5a2f4a05d90baa574fc26f52504f2952e6e57c2b852a0d2d97a cast-arguments-to-printf.patch" |