diff options
| author | prspkt <prspkt@protonmail.com> | 2018-03-21 09:00:22 +0000 |
|---|---|---|
| committer | Sören Tempel <soeren+git@soeren-tempel.net> | 2018-03-24 13:04:10 +0100 |
| commit | a8f721b3404da43c439cd8940b69b59d4b00c274 (patch) | |
| tree | e8b1d9d3c1608691ca9f13dfb30f93c7522cbbd6 /main/lcms2 | |
| parent | 0e6a8948c9e28162770e6a83a0395abe247e071b (diff) | |
| download | aports-a8f721b3404da43c439cd8940b69b59d4b00c274.tar.bz2 aports-a8f721b3404da43c439cd8940b69b59d4b00c274.tar.xz | |
main/lcms2: upgrade to 2.9
Diffstat (limited to 'main/lcms2')
| -rw-r--r-- | main/lcms2/APKBUILD | 17 | ||||
| -rw-r--r-- | main/lcms2/CVE-2016-10165.patch | 20 |
2 files changed, 5 insertions, 32 deletions
diff --git a/main/lcms2/APKBUILD b/main/lcms2/APKBUILD index 35a4daa257..f3189b8796 100644 --- a/main/lcms2/APKBUILD +++ b/main/lcms2/APKBUILD @@ -1,10 +1,10 @@ # Contributor: Sergei Lukin <sergej.lukin@gmail.com> # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=lcms2 -pkgver=2.8 -pkgrel=2 +pkgver=2.9 +pkgrel=0 pkgdesc="Color Management Engine" -url="http://www.littlecms.com/" +url="http://www.littlecms.com" arch="all" license="MIT" depends="" @@ -12,9 +12,7 @@ depends_dev="libjpeg-turbo-dev tiff-dev zlib-dev" makedepends="$depends_dev" install="" subpackages="$pkgname-dev $pkgname-doc $pkgname-utils" -source="http://www.littlecms.com/lcms2-$pkgver.tar.gz - CVE-2016-10165.patch - " +source="http://www.littlecms.com/$pkgname-$pkgver.tar.gz" # secfixes: # 2.8-r1: @@ -54,9 +52,4 @@ utils() { mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ } -md5sums="87a5913f1a52464190bb655ad230539c lcms2-2.8.tar.gz -bd143d366e5ad5d2b7da0b1a9255704d CVE-2016-10165.patch" -sha256sums="66d02b229d2ea9474e62c2b6cd6720fde946155cd1d0d2bffdab829790a0fb22 lcms2-2.8.tar.gz -66d2b7e9ff6aa0896acf0a107e131b9d34d4d8fb7d4129f4eace3a84b17c9cd4 CVE-2016-10165.patch" -sha512sums="a9478885b4892c79314a2ef9ab560e6655ac8f2d17abae0805e8b871138bb190e21f0e5c805398449f9dad528dc50baaf9e3cce8b8158eb8ff74179be5733f8f lcms2-2.8.tar.gz -f1e4ed19d6ab8135927d08da717b141df0f63053000a308a22a903fd4c65c1fd7aefc4508a759c737df4cd5ac4347bd1999157cdfc082930254f90a88b11026e CVE-2016-10165.patch" +sha512sums="70b1c51fa8d137d5072425e580745ff1fbf49c6e8bb1da0a8adb0647d3b7c095208793cb02de1e8d1a01363b8575fa60c61bedbff99bbec57a44228239cb00e5 lcms2-2.9.tar.gz" diff --git a/main/lcms2/CVE-2016-10165.patch b/main/lcms2/CVE-2016-10165.patch deleted file mode 100644 index f0e452f3b5..0000000000 --- a/main/lcms2/CVE-2016-10165.patch +++ /dev/null @@ -1,20 +0,0 @@ -commit 5ca71a7bc18b6897ab21d815d15e218e204581e2 -Author: Marti <marti.maria@tktbrainpower.com> -Date: Mon Aug 15 23:31:39 2016 +0200 - - Added an extra check to MLU bounds - - Thanks to Ibrahim el-sayed for spotting the bug - -diff --git a/src/cmstypes.c b/src/cmstypes.c -index cb61860..c7328b9 100644 ---- a/src/cmstypes.c -+++ b/src/cmstypes.c -@@ -1460,6 +1460,7 @@ void *Type_MLU_Read(struct _cms_typehandler_struct* self, cmsIOHANDLER* io, cmsU - - // Check for overflow - if (Offset < (SizeOfHeader + 8)) goto Error; -+ if ((Offset + Len) > SizeOfTag + 8) goto Error; - - // True begin of the string - BeginOfThisString = Offset - SizeOfHeader - 8; |