main/grep: security fix for CVE-2015-1345

ref #3864

1 files changed, 17 insertions, 6 deletions

diff --git a/main/grep/APKBUILD b/main/grep/APKBUILD
index fc167a5a62..899dff048a 100644
--- a/main/grep/APKBUILD
+++ b/main/grep/APKBUILD
@@ -2,21 +2,29 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=grep
 pkgver=2.21
-pkgrel=0
+pkgrel=1
 pkgdesc="Searches input files for lines containing a match to a specified pattern"
 url="http://www.gnu.org/software/grep/grep.html"
 arch="all"
 license="GPL"
 depends=
-makedepends="pcre-dev"
+makedepends="pcre-dev autoconf automake"
 install=
 subpackages="$pkgname-doc"
-source="http://mirrors.kernel.org/gnu/$pkgname/$pkgname-$pkgver.tar.xz"
+source="http://mirrors.kernel.org/gnu/$pkgname/$pkgname-$pkgver.tar.xz
+	CVE-2015-1345.patch
+	"
 
 _builddir="$srcdir/$pkgname-$pkgver"
 
 prepare() {
 	cd "$_builddir"
+	for i in $source; do
+		case $i in
+		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
+		esac
+	done
+	aclocal && autoconf && automake --add-missing
 }
 
 build() {
@@ -42,6 +50,9 @@ package() {
 	return 0
 }
 
-md5sums="43c48064d6409862b8a850db83c8038a  grep-2.21.tar.xz"
-sha256sums="5244a11c00dee8e7e5e714b9aaa053ac6cbfa27e104abee20d3c778e4bb0e5de  grep-2.21.tar.xz"
-sha512sums="bc894325f89d37413c773d4812cb24180560037ccc8d72c015462043ef3479ea7eefd62557e3a9d191d6d94c68262563d3c68e634acd4e77ba56e96c92805dfd  grep-2.21.tar.xz"
+md5sums="43c48064d6409862b8a850db83c8038a  grep-2.21.tar.xz
+331c938bfb346f6f09553008548dccc6  CVE-2015-1345.patch"
+sha256sums="5244a11c00dee8e7e5e714b9aaa053ac6cbfa27e104abee20d3c778e4bb0e5de  grep-2.21.tar.xz
+e65dc3748044eafac90e7a0f14420b91c6ccb71d9fcbdf2a374f5b29d4bd5067  CVE-2015-1345.patch"
+sha512sums="bc894325f89d37413c773d4812cb24180560037ccc8d72c015462043ef3479ea7eefd62557e3a9d191d6d94c68262563d3c68e634acd4e77ba56e96c92805dfd  grep-2.21.tar.xz
+83c16cec05ca7d39ee455c3032d983cef8fe2d9cfd272ca55dbfee231a1782a69e92a8f528202e3a004b23fca27bd7fca331a019ab0a69d9cedeb5559c6dda11  CVE-2015-1345.patch"