community/graphicsmagick: security upgrade to 1.3.27.

- Fixes #8095 - Fixes #7943 (last CVE was not fixed since the patch did not apply)
author: Francesco Colista <fcolista@alpinelinux.org> 2017-12-11 02:14:25 +0000
committer: Francesco Colista <fcolista@alpinelinux.org> 2017-12-11 02:15:43 +0000
commit: 38638bab94d2426e261c1354303f5fec985618ef (patch)
tree: 6f9ba55cc21fe94606a1ddc4c2dd1bf555fd5365 /community/graphicsmagick
parent: 035ac73a8ccdc62d829f5443ad951fe3f19f3f1c (diff)
download: aports-38638bab94d2426e261c1354303f5fec985618ef.tar.bz2
aports-38638bab94d2426e261c1354303f5fec985618ef.tar.xz
1 files changed, 13 insertions, 29 deletions
diff --git a/community/graphicsmagick/APKBUILD b/community/graphicsmagick/APKBUILD
index 14788a2351..88c9c8f5e1 100644
--- a/community/graphicsmagick/APKBUILD
+++ b/community/graphicsmagick/APKBUILD
@@ -1,38 +1,34 @@
 # Contributor: Carlo Landmeter <clandmeter@gmail.com>
 # Maintainer: Francesco Colista <fcolista@alpinelinux.org>
 pkgname=graphicsmagick
-pkgver=1.3.26
-pkgrel=5
+pkgver=1.3.27
+pkgrel=0
 pkgdesc="Image processing system"
 url="http://www.graphicsmagick.org/"
 arch="all"
 license="MIT"
 makedepends="jasper-dev libpng-dev tiff-dev libxml2-dev libwmf-dev freetype-dev libtool libltdl"
 subpackages="$pkgname-dev $pkgname-doc"
-source="http://downloads.sourceforge.net/$pkgname/$pkgname/$pkgver/GraphicsMagick-$pkgver.tar.xz
-	CVE-2017-11642.patch
-	CVE-2017-11722.patch
-	CVE-2017-12935.patch
-	CVE-2017-12936.patch
-	CVE-2017-12937.patch
-	CVE-2017-13063-13064-13065.patch
-	CVE-2017-13648.patch
-	CVE-2017-13775.patch
-	CVE-2017-13776-13777.patch
-	CVE-2017-14103.patch
-	CVE-2017-14042.patch
-	CVE-2017-14165.patch"
+source="http://downloads.sourceforge.net/$pkgname/$pkgname/$pkgver/GraphicsMagick-$pkgver.tar.xz"
 options="libtool !check"
 builddir="$srcdir"/GraphicsMagick-$pkgver
 
 # security fixes:
+#   1.3.27-r0:
+#     - CVE-2017-11102
+#     - CVE-2017-14314
+#     - CVE-2017-14504
+#     - CVE-2017-14733
+#     - CVE-2017-14994
+#     - CVE-2017-14997
+#     - CVE-2017-15930
+#     - CVE-2017-14649
 #   1.3.26-r5:
 #     - CVE-2017-13065
 #     - CVE-2017-13648
 #     - CVE-2017-14042
 #     - CVE-2017-14103
 #     - CVE-2017-14165
-
 #   1.3.26-r3:
 #     - CVE-2017-13775
 #     - CVE-2017-13776
@@ -73,16 +69,4 @@ package() {
 	make DESTDIR="$pkgdir" install
 }
 
-sha512sums="b33ca0f1c858428693aee27a9089acff9e63d1110f85fa036894cfefe6274e7b2422758ea39852f94fdb4823c9c3f3c44b0d8906627503301f5928096f739f22  GraphicsMagick-1.3.26.tar.xz
-1706f87cfa248bf08f2e7038ec2d3adf4ad0b9775a8787a48bb168d9bd04578e3ac01dcd384d4d961903dd738f748601619c0999b2a4b4b775e1b72489220336  CVE-2017-11642.patch
-f9167ad79f54fc3881d81b9b5cb5b84f38e847103c6945af4fda516d6696ff8e95ec48cbae84161f3dbedca48cf1f3a2afbb0831b54c32363d263c0c1ad5d595  CVE-2017-11722.patch
-2cb2ee3f88a835dff63c903bd215abb09c1812fedecbbb19c228fd2680c5762c6a20e6be1497c0fc3ed7a9b16eac6e7fe7f0fc9da4f6ef3e90fe75a049085ca7  CVE-2017-12935.patch
-b78b61d7b29c2316ecefe69c473b1aa1e93185e0da245f7cf2d351566ff737bce8e560e9b471334549e4ab76bc8752717f403e7afa9d393bdd64e191f8abbb9c  CVE-2017-12936.patch
-508ceee0aa73744e9b36c6e60b071d4dc4a5254b4d5265c4ee2bde317713b831db8958667fac44aa1e89b3cc8094027cade368f10f7f5f3d1a2980c2a70d516d  CVE-2017-12937.patch
-262434bab04541c276728111c9ec5d92abbb68e980813a50712d03505f3d3c4681b4daf02fd22e4ba11ed0daf5b553e4a47291c43f4c146554f1809292b73441  CVE-2017-13063-13064-13065.patch
-01cebf614e38f4a80dea508ac03f9a6bba9113fba0bcf66cd6808257ba18957e54e21d728c6c6f201513682696939cde5a29791e42d8eae4bbbca2a787543ecd  CVE-2017-13648.patch
-b15d1c71a4f7e15cbc6a6a83590c99dfaf20d25f08e07a1ea8ff08f9e0f92d55da3a0afc86a259f88cae01ec0fa21c9b555a9085aae24f4bf3d36c48b29d56e5  CVE-2017-13775.patch
-f23c5e7d8e5c9e670ceb27b7e027910f181107033ec86538ce9778a2d37c29964008d5d8774bf59d4b45126b36630d73dc460636bfc55ab72ca64eefaae1768e  CVE-2017-13776-13777.patch
-7abbd2edcd3dc029b359ad19e0f9eb406805ee4d5d4847f36f3709e0ed43164c20105b3fae7ef22a8dc2c89804f708ba41e7f800cfe5d2bf47dfbb19683978ef  CVE-2017-14103.patch
-d19741e0e6ae181ab74f0a5a9b8fc72b69eb4107bb34573a34d6e701622dffe73e3d723dd512ba24aae9ca321897a91e0715c74617aa74500deac867c6bbe852  CVE-2017-14042.patch
-91df1ec37345fe054f190dc1a0fef759380502b9a211bd61a1c48f7efcebbbf31a6abc8e64c7e3180af559800defdde03e4cfa14c6bf42afb8e5a1088ad44cb9  CVE-2017-14165.patch"
+sha512sums="27c2fccebe1ae079040986979405f9840ad39f773e2e0399712695146ec1b0f92a53533e6052df124f5db38aacc95bbd4b2e8692e81c92dade4e169ddfcc9b8c  GraphicsMagick-1.3.27.tar.xz"
author	Francesco Colista <fcolista@alpinelinux.org>	2017-12-11 02:14:25 +0000
committer	Francesco Colista <fcolista@alpinelinux.org>	2017-12-11 02:15:43 +0000
commit	38638bab94d2426e261c1354303f5fec985618ef (patch)
tree	6f9ba55cc21fe94606a1ddc4c2dd1bf555fd5365 /community/graphicsmagick
parent	035ac73a8ccdc62d829f5443ad951fe3f19f3f1c (diff)
download	aports-38638bab94d2426e261c1354303f5fec985618ef.tar.bz2 aports-38638bab94d2426e261c1354303f5fec985618ef.tar.xz