aboutsummaryrefslogtreecommitdiffstats
path: root/main/fribidi
diff options
context:
space:
mode:
authorLeo <thinkabit.ukim@gmail.com>2019-11-11 07:10:01 -0300
committerNatanael Copa <ncopa@alpinelinux.org>2019-11-11 15:03:51 +0000
commit0cac76661fd3b286f052ef3d4343a5458b71b306 (patch)
tree8c65a68ed7b0ac0c5803e4b598bff9cf0a4c013d /main/fribidi
parent4906c1cf1625dcb125a2d0937a7893c3adcf0fd0 (diff)
downloadaports-0cac76661fd3b286f052ef3d4343a5458b71b306.tar.bz2
aports-0cac76661fd3b286f052ef3d4343a5458b71b306.tar.xz
main/fribidi: fix CVE-2019-18397
ref #10943
Diffstat (limited to 'main/fribidi')
-rw-r--r--main/fribidi/APKBUILD13
1 files changed, 10 insertions, 3 deletions
diff --git a/main/fribidi/APKBUILD b/main/fribidi/APKBUILD
index 242e53f759..012e3260e5 100644
--- a/main/fribidi/APKBUILD
+++ b/main/fribidi/APKBUILD
@@ -1,13 +1,19 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=fribidi
pkgver=1.0.7
-pkgrel=0
+pkgrel=1
pkgdesc="Free Implementation of the Unicode Bidirectional Algorithm"
url="https://github.com/fribidi/fribidi"
arch="all"
license="LGPL-2.0-or-later"
subpackages="$pkgname-doc $pkgname-static $pkgname-dev"
-source="https://github.com/fribidi/fribidi/releases/download/v$pkgver/fribidi-$pkgver.tar.bz2"
+source="https://github.com/fribidi/fribidi/releases/download/v$pkgver/fribidi-$pkgver.tar.bz2
+ CVE-2019-18397.patch::https://github.com/fribidi/fribidi/commit/034c6e9a1d296286305f4cfd1e0072b879f52568.patch
+ "
+
+# secfixes:
+# 1.0.7-r1:
+# - CVE-2019-18397
build() {
cd "$builddir"
@@ -31,4 +37,5 @@ package() {
make DESTDIR="$pkgdir" install
}
-sha512sums="c7a1834eb5e79e337b31c62b75e9ab61f761cc5d6eef5c9ac9610f69ed044ce9d2d2efac150cad167eea3e1d573b27765e5d01abc4b4f9e43c7903d5980ba8c0 fribidi-1.0.7.tar.bz2"
+sha512sums="c7a1834eb5e79e337b31c62b75e9ab61f761cc5d6eef5c9ac9610f69ed044ce9d2d2efac150cad167eea3e1d573b27765e5d01abc4b4f9e43c7903d5980ba8c0 fribidi-1.0.7.tar.bz2
+3d8efc59781c36203d618d3348b54fbfaff79306964e43c93d2cbe97d2e122c06a44aea519e3ea6ad78e46ecc37cf64975b8b89de0cb21048b89d0ce20e4ab46 CVE-2019-18397.patch"