diff options
| author | ntaylor1781 <ntaylor1781@gmail.com> | 2019-06-27 18:38:55 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2019-07-04 15:37:46 +0000 |
| commit | 53b02f8b1597aabb4ec836bb5aa421e0d1f95189 (patch) | |
| tree | a86a53a2899cb6c558d4762771fd3702c53f0772 /main/bzip2/APKBUILD | |
| parent | 6be22ac3ebf95b8387668ef9913aeba51138f5ab (diff) | |
| download | aports-53b02f8b1597aabb4ec836bb5aa421e0d1f95189.tar.bz2 aports-53b02f8b1597aabb4ec836bb5aa421e0d1f95189.tar.xz | |
main/bzip2: add patch for CVE-2019-12900
Adding the upstream bzip2 security patch to fix the out of bounds security
vulnerability in bzip2.
fixes #10643
Diffstat (limited to 'main/bzip2/APKBUILD')
| -rw-r--r-- | main/bzip2/APKBUILD | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/main/bzip2/APKBUILD b/main/bzip2/APKBUILD index 10b1b0423a..d91dd490ea 100644 --- a/main/bzip2/APKBUILD +++ b/main/bzip2/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=bzip2 pkgver=1.0.6 -pkgrel=6 +pkgrel=7 pkgdesc="A high-quality data compression program" url="http://sources.redhat.com/bzip2" arch="all" @@ -16,9 +16,12 @@ source="https://downloads.sourceforge.net/bzip2/bzip2-$pkgver.tar.gz bzip2-1.0.3-no-test.patch bzip2-1.0.4-POSIX-shell.patch CVE-2016-3189.patch + CVE-2019-12900.patch " # secfixes: +# 1.0.6-r7: +# - CVE-2019-12900 # 1.0.6-r5: # - CVE-2016-3189 @@ -71,4 +74,5 @@ sha512sums="00ace5438cfa0c577e5f578d8a808613187eff5217c35164ffe044fbafdfec9e98f4 b6810c73428f17245e0d7c2decd00c88986cd8ad1cfe4982defe34bdab808d53870ed92cb513b2d00c15301747ceb6ca958fb0e0458d0663b7d8f7c524f7ba4e bzip2-1.0.2-progress.patch aefcafaaadc7f19b20fe023e0bd161127b9f32e0cd364621f6e5c03e95fb976e7e69e354ec46673a554392519532a3bfe56d982a5cde608c10e0b18c3847a030 bzip2-1.0.3-no-test.patch 64ab461bf739c29615383750e7f260abb2d49df7eb23916940d512bd61fd9a37aaade4d8f6f94280c95fc781b8f92587ad4f3dda51e87dec7a92a7a6f8d8ae86 bzip2-1.0.4-POSIX-shell.patch -cef6f448b661a775cc433f9636730e89c1285d07075536217657056be56e0a11e96f41f7c14f6ec59e235464b9ddd649a71fb8de1c60eda2fd5c2cdfbb6a8fdc CVE-2016-3189.patch" +cef6f448b661a775cc433f9636730e89c1285d07075536217657056be56e0a11e96f41f7c14f6ec59e235464b9ddd649a71fb8de1c60eda2fd5c2cdfbb6a8fdc CVE-2016-3189.patch +924992e381f701b43ac2e8bdeee46be0e592c8459acb55663c4a93127f6d5195271ede6aeedc66d09388f5c6e1c0caa792c6e19a38b469ee0294f0de8d273070 CVE-2019-12900.patch" |