diff options
author | Sergey Lukin <sergej.lukin@gmail.com> | 2017-01-31 14:58:51 +0000 |
---|---|---|
committer | Timo Teräs <timo.teras@iki.fi> | 2017-02-01 12:33:18 +0000 |
commit | c9d1081114d13e615a2bafddd82df7793666aad6 (patch) | |
tree | 197d71deed01f0ec4ba7494e7741794b439e96e0 /main/lcms2/APKBUILD | |
parent | 6e8c50b532818c09f21cacb85a5a99733687c0e6 (diff) | |
download | aports-c9d1081114d13e615a2bafddd82df7793666aad6.tar.bz2 aports-c9d1081114d13e615a2bafddd82df7793666aad6.tar.xz |
main/lcms2: security fixes #6777
CVE-2016-10165: Out-of-bounds read in Type_MLU_Read()
Diffstat (limited to 'main/lcms2/APKBUILD')
-rw-r--r-- | main/lcms2/APKBUILD | 28 |
1 files changed, 19 insertions, 9 deletions
diff --git a/main/lcms2/APKBUILD b/main/lcms2/APKBUILD index 78d86b41c6..308e8d5d82 100644 --- a/main/lcms2/APKBUILD +++ b/main/lcms2/APKBUILD @@ -1,7 +1,8 @@ +# Contributor: Sergei Lukin <sergej.lukin@gmail.com> # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=lcms2 pkgver=2.8 -pkgrel=0 +pkgrel=1 pkgdesc="Color Management Engine" url="http://www.littlecms.com/" arch="all" @@ -11,12 +12,18 @@ depends_dev="libjpeg-turbo-dev tiff-dev zlib-dev" makedepends="$depends_dev" install="" subpackages="$pkgname-dev $pkgname-doc $pkgname-utils" -source="http://www.littlecms.com/lcms2-$pkgver.tar.gz" +source="http://www.littlecms.com/lcms2-$pkgver.tar.gz + CVE-2016-10165.patch + " -_builddir="$srcdir"/lcms2-$pkgver +# secfixes: +# 2.8-r1: +# - CVE-2016-10165 + +builddir="$srcdir"/lcms2-$pkgver prepare() { local i - cd "$_builddir" + cd "$builddir" for i in $source; do case $i in *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; @@ -25,7 +32,7 @@ prepare() { } build() { - cd "$_builddir" + cd "$builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -40,7 +47,7 @@ build() { } package() { - cd "$_builddir" + cd "$builddir" make DESTDIR="$pkgdir" install || return 1 } @@ -50,6 +57,9 @@ utils() { mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ } -md5sums="87a5913f1a52464190bb655ad230539c lcms2-2.8.tar.gz" -sha256sums="66d02b229d2ea9474e62c2b6cd6720fde946155cd1d0d2bffdab829790a0fb22 lcms2-2.8.tar.gz" -sha512sums="a9478885b4892c79314a2ef9ab560e6655ac8f2d17abae0805e8b871138bb190e21f0e5c805398449f9dad528dc50baaf9e3cce8b8158eb8ff74179be5733f8f lcms2-2.8.tar.gz" +md5sums="87a5913f1a52464190bb655ad230539c lcms2-2.8.tar.gz +bd143d366e5ad5d2b7da0b1a9255704d CVE-2016-10165.patch" +sha256sums="66d02b229d2ea9474e62c2b6cd6720fde946155cd1d0d2bffdab829790a0fb22 lcms2-2.8.tar.gz +66d2b7e9ff6aa0896acf0a107e131b9d34d4d8fb7d4129f4eace3a84b17c9cd4 CVE-2016-10165.patch" +sha512sums="a9478885b4892c79314a2ef9ab560e6655ac8f2d17abae0805e8b871138bb190e21f0e5c805398449f9dad528dc50baaf9e3cce8b8158eb8ff74179be5733f8f lcms2-2.8.tar.gz +f1e4ed19d6ab8135927d08da717b141df0f63053000a308a22a903fd4c65c1fd7aefc4508a759c737df4cd5ac4347bd1999157cdfc082930254f90a88b11026e CVE-2016-10165.patch" |