diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2013-05-24 09:28:38 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2013-05-24 09:28:38 +0000 |
| commit | a04d1c8ff925273f3caf3a46393cf73ac2b96ab5 (patch) | |
| tree | 23a563825641ef144859bb0ada124d462b61b143 /main/libxv/APKBUILD | |
| parent | b262cf6c02f0e15dc88618b6a9e1298ace184057 (diff) | |
| download | aports-a04d1c8ff925273f3caf3a46393cf73ac2b96ab5.tar.bz2 aports-a04d1c8ff925273f3caf3a46393cf73ac2b96ab5.tar.xz | |
main/libxv: fix CVE-2013-1989,CVE-2013-2066
ref #1931
Diffstat (limited to 'main/libxv/APKBUILD')
| -rw-r--r-- | main/libxv/APKBUILD | 48 |
1 files changed, 41 insertions, 7 deletions
diff --git a/main/libxv/APKBUILD b/main/libxv/APKBUILD index d66f33db52..efb6b10857 100644 --- a/main/libxv/APKBUILD +++ b/main/libxv/APKBUILD @@ -1,28 +1,62 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=libxv pkgver=1.0.7 -pkgrel=0 +pkgrel=1 pkgdesc="X11 Video extension library" url="http://xorg.freedesktop.org/" arch="all" license="custom" subpackages="$pkgname-dev $pkgname-doc" depends= -makedepends="pkgconfig libxext-dev libx11-dev videoproto" -source="http://xorg.freedesktop.org/releases/individual/lib/libXv-$pkgver.tar.bz2" - depends_dev="xproto videoproto libx11-dev libxext-dev" +makedepends="$depends_dev libtool autoconf automake util-macros" +source="http://xorg.freedesktop.org/releases/individual/lib/libXv-$pkgver.tar.bz2 + 0001-Use-_XEatDataWords-to-avoid-overflow-of-rep.length-s.patch + 0002-integer-overflow-in-XvQueryPortAttributes-CVE-2013-1.patch + 0003-buffer-overflow-in-XvQueryPortAttributes-CVE-2013-20.patch + 0004-integer-overflow-in-XvListImageFormats-CVE-2013-1989.patch + 0005-integer-overflow-in-XvCreateImage-CVE-2013-1989-3-3.patch + " + +_builddir="$srcdir"/libXv-$pkgver +prepare() { + cd "$_builddir" + for i in $source; do + case $i in + *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; + esac + done + libtoolize --force && aclocal && autoheader && autoconf \ + && automake --add-missing +} build() { - cd "$srcdir"/libXv-$pkgver + cd "$_builddir" ./configure --prefix=/usr make || return 1 } package() { - cd "$srcdir"/libXv-$pkgver + cd "$_builddir" make DESTDIR="$pkgdir" install || return 1 rm "$pkgdir"/usr/lib/*.la || return 1 install -D -m644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING } -md5sums="5e1ac203ccd3ce3e89755ed1fbe75b0b libXv-1.0.7.tar.bz2" +md5sums="5e1ac203ccd3ce3e89755ed1fbe75b0b libXv-1.0.7.tar.bz2 +cbd5367f2b5717cab78b819aaaacd7d9 0001-Use-_XEatDataWords-to-avoid-overflow-of-rep.length-s.patch +ff8da08c2883bdc98cbac78e448e81e6 0002-integer-overflow-in-XvQueryPortAttributes-CVE-2013-1.patch +108ba64a9d7d5f3763cfbb00ffe53eb2 0003-buffer-overflow-in-XvQueryPortAttributes-CVE-2013-20.patch +53dbcb31cb08325b3a5329f16ddab3dd 0004-integer-overflow-in-XvListImageFormats-CVE-2013-1989.patch +0844dd0e117d36a70f603019af580f13 0005-integer-overflow-in-XvCreateImage-CVE-2013-1989-3-3.patch" +sha256sums="5d664aeb641f8c867331a0c6b4574a5e7e420f00bf5fcefd874e8d003ea59010 libXv-1.0.7.tar.bz2 +993a72fc67e9de4df9b19eeedd32c70b325ed5d97fdc9e476a585d5fd151469e 0001-Use-_XEatDataWords-to-avoid-overflow-of-rep.length-s.patch +583d3d8192bd11902e464213b462f24f632424c449eaa68c238910a2b1b223fb 0002-integer-overflow-in-XvQueryPortAttributes-CVE-2013-1.patch +7525a4f5df082913d614683219795e5ecaafd999fbe7696ab2e48857f1455b8c 0003-buffer-overflow-in-XvQueryPortAttributes-CVE-2013-20.patch +51edf32e1da0ef2afa7f11ef9b96c29f7d886f1a88b5610118753a36afc140ce 0004-integer-overflow-in-XvListImageFormats-CVE-2013-1989.patch +4debde18842840d7872ba3b367ca9bb5c40b2565d0d7d2c984961b10a2971955 0005-integer-overflow-in-XvCreateImage-CVE-2013-1989-3-3.patch" +sha512sums="25c81cc6d112a6b07de1c53fa5fc8bb9d886d19cffc2bcd65c4668ba53808051cf4d4720413b5c436ba356bb76f9ca05decf61909839ee19ccf9cbc7263e373b libXv-1.0.7.tar.bz2 +b4a8c457380ff3d1dd2b4da0b80f83cf577fe1345a3b8c49686e9ad88ce77f49ade7e4a7c5042bf0dff6e43af8a6adcb5706067ea87ecf5b84e74849b65cfbc9 0001-Use-_XEatDataWords-to-avoid-overflow-of-rep.length-s.patch +fb07656fcd4779c246546ec8d2cc3dd16b013d77380ecf21cf2b2ee7f37910cf9a5f016c8b97a68e5499b5af88b5cdbbe19399c278136daa72ad3321f343d66a 0002-integer-overflow-in-XvQueryPortAttributes-CVE-2013-1.patch +2ecc22e831cad3ed4701c42665d25b6c2da358a3464d8a0a29e6f081a83cdd79ce50b67692ee93e6d114f518250a979920df93e7366a5063a36ee69bdc8fd2c8 0003-buffer-overflow-in-XvQueryPortAttributes-CVE-2013-20.patch +0b63e9966e854b51df7c9db1359f4c8c868f607b0effd0c6f6f5838c9451e57e0951ae32fbe5b2cac14765e6738ba50b688539c9f5c08bc05bb794ef572c27f6 0004-integer-overflow-in-XvListImageFormats-CVE-2013-1989.patch +628cc07629f6819a435bd29f9e6d79a9cc13ee7ed6abef3c9d322c32cd78a75e386a448191fa38f01fe4597ef66e9347f0e7ed8724bb7974520cb9a7ffd5a7ef 0005-integer-overflow-in-XvCreateImage-CVE-2013-1989-3-3.patch" |