main/libgcrypt: fix CVE-2019-12904

ref #10692

Closes GH-9725

1 files changed, 10 insertions, 6 deletions

diff --git a/main/libgcrypt/APKBUILD b/main/libgcrypt/APKBUILD
index a787e28a42..98fecfc977 100644
--- a/main/libgcrypt/APKBUILD
+++ b/main/libgcrypt/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=libgcrypt
 pkgver=1.8.4
-pkgrel=1
+pkgrel=2
 pkgdesc="general purpose crypto library based on the code used in GnuPG"
 url="http://www.gnupg.org"
 arch="all"
@@ -9,15 +9,18 @@ license="LGPL-2.1-or-later"
 depends_dev="libgpg-error-dev"
 makedepends="$depends_dev texinfo"
 subpackages="$pkgname-static $pkgname-dev $pkgname-doc"
-source="https://www.gnupg.org/ftp/gcrypt/libgcrypt/$pkgname-$pkgver.tar.bz2"
-builddir="$srcdir"/$pkgname-$pkgver
+source="https://www.gnupg.org/ftp/gcrypt/libgcrypt/$pkgname-$pkgver.tar.bz2
+	CVE-2019-12904.patch
+	"
 options="!checkroot"
 
 # secfixes:
+#   1.8.4-r2:
+#     - CVE-2019-12904
 #   1.8.3-r0:
-#   - CVE-2018-0495
+#     - CVE-2018-0495
 
-build () {
+build() {
 	cd "$builddir"
 
 	local _arch_configure=
@@ -63,4 +66,5 @@ static() {
 	mv "$pkgdir"/usr/lib/*.a "$subpkgdir"/usr/lib/
 }
 
-sha512sums="b831fc337eb14806897e224b0d1e78d1f8e9db91dffa818a015a4aa104144e2d971e5a855904907ee2bb9990a9d526de32d6787e1cae98e28a65c3258b2b1ea1  libgcrypt-1.8.4.tar.bz2"
+sha512sums="b831fc337eb14806897e224b0d1e78d1f8e9db91dffa818a015a4aa104144e2d971e5a855904907ee2bb9990a9d526de32d6787e1cae98e28a65c3258b2b1ea1  libgcrypt-1.8.4.tar.bz2
+36f5f7f99e2c4f28207f91a7a500c3bca81044027b6d37ed0399e395a36638b37c0dff3145854a6caa2e9383722862b37a82bde1af520f06a9f4b327df1ec0af  CVE-2019-12904.patch"