main/libxml2: secfix for CVE-2016-5153

1 files changed, 10 insertions, 5 deletions

diff --git a/main/libxml2/APKBUILD b/main/libxml2/APKBUILD
index 776106196b..7e4240ad08 100644
--- a/main/libxml2/APKBUILD
+++ b/main/libxml2/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: Carlo Landmeter <clandmeter@gmail.com>
 pkgname=libxml2
 pkgver=2.9.4
-pkgrel=0
+pkgrel=1
 pkgdesc="XML parsing library, version 2"
 url="http://www.xmlsoft.org/"
 arch="all"
@@ -11,7 +11,13 @@ depends=
 depends_dev="zlib-dev"
 makedepends="$depends_dev python2-dev"
 subpackages="$pkgname-doc $pkgname-dev py-$pkgname:py $pkgname-utils"
-source="ftp://ftp.xmlsoft.org/${pkgname}/${pkgname}-${pkgver}.tar.gz"
+source="ftp://ftp.xmlsoft.org/${pkgname}/${pkgname}-${pkgver}.tar.gz
+	CVE-2016-5131.patch
+	"
+
+# secfixes:
+#   2.9.4-r1:
+#     - CVE-2016-5131
 
 options="!strip"
 
@@ -66,6 +72,5 @@ utils() {
 }
 
 
-md5sums="ae249165c173b1ff386ee8ad676815f5  libxml2-2.9.4.tar.gz"
-sha256sums="ffb911191e509b966deb55de705387f14156e1a56b21824357cdf0053233633c  libxml2-2.9.4.tar.gz"
-sha512sums="f5174ab1a3a0ec0037a47f47aa47def36674e02bfb42b57f609563f84c6247c585dbbb133c056953a5adb968d328f18cbc102eb0d00d48eb7c95478389e5daf9  libxml2-2.9.4.tar.gz"
+sha512sums="f5174ab1a3a0ec0037a47f47aa47def36674e02bfb42b57f609563f84c6247c585dbbb133c056953a5adb968d328f18cbc102eb0d00d48eb7c95478389e5daf9  libxml2-2.9.4.tar.gz
+c92cda9851fdf8af6cb21aa80f39b474cddef8c749298f5b51f76f871160ac9749fdaac3fa406cc0c75a666f7627983fce0e90fb2919f3a8c778e1148583be33  CVE-2016-5131.patch"