main/openjpg: security fix for CVE-2015-6581

also add upstream fix a potensial use-after-free ref #4752 fixes #4753
author: Natanael Copa <ncopa@alpinelinux.org> 2015-10-14 08:45:12 +0000
committer: Natanael Copa <ncopa@alpinelinux.org> 2015-10-14 08:46:28 +0000
commit: 35be8d73cef9bc2ec4f44f22bbb99d6f84312c9c (patch)
tree: c21627061d3f0c2beb62fdb066865a137aa3bb12 /main/openjpeg/APKBUILD
parent: a771c6d2ed6375e2018fd98a87b07e3f7193f6b4 (diff)
download: aports-35be8d73cef9bc2ec4f44f22bbb99d6f84312c9c.tar.bz2
aports-35be8d73cef9bc2ec4f44f22bbb99d6f84312c9c.tar.xz
1 files changed, 12 insertions, 4 deletions
diff --git a/main/openjpeg/APKBUILD b/main/openjpeg/APKBUILD
index fe107f92c9..9e340a68ed 100644
--- a/main/openjpeg/APKBUILD
+++ b/main/openjpeg/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer:
 pkgname=openjpeg
 pkgver=2.1.0
-pkgrel=0
+pkgrel=1
 pkgdesc="Open-source implementation of JPEG2000 image codec"
 url="http://www.openjpeg.org/"
 arch="all"
@@ -13,6 +13,8 @@ makedepends="$depends_dev libpng-dev tiff-dev lcms-dev doxygen cmake"
 install=""
 subpackages="$pkgname-dev $pkgname-tools"
 source="http://downloads.sourceforge.net/project/openjpeg.mirror/$pkgver/openjpeg-$pkgver.tar.gz
+	CVE-2015-6581.patch
+	fix-use-after-free.patch
 	"
 
 _builddir="${srcdir}/$pkgname-$pkgver"
@@ -48,6 +50,12 @@ tools() {
 	mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
 }
 
-md5sums="f6419fcc233df84f9a81eb36633c6db6  openjpeg-2.1.0.tar.gz"
-sha256sums="1232bb814fd88d8ed314c94f0bfebb03de8559583a33abbe8c64ef3fc0a8ff03  openjpeg-2.1.0.tar.gz"
-sha512sums="3da84d7828a82c738f6ea5fe776c989283ba257cc6884aebfc090cee7e33c88471dee1a93f4a87a300b11f43b98f6624b838171f06227add24afcb1d57208df1  openjpeg-2.1.0.tar.gz"
+md5sums="f6419fcc233df84f9a81eb36633c6db6  openjpeg-2.1.0.tar.gz
+c4d44799e0f048d4e8ea63dc66c043c2  CVE-2015-6581.patch
+5dfdfba1783e5f62a4270b0a3681e77f  fix-use-after-free.patch"
+sha256sums="1232bb814fd88d8ed314c94f0bfebb03de8559583a33abbe8c64ef3fc0a8ff03  openjpeg-2.1.0.tar.gz
+bb970ede0eeb5b2b849fe4a6ec93114bb8887160fdf06cc77f179866b5fc9ad8  CVE-2015-6581.patch
+fc7205e89cc8221511d8bd056254b56445ff872b3fd217bfb6295f3989b2c9cc  fix-use-after-free.patch"
+sha512sums="3da84d7828a82c738f6ea5fe776c989283ba257cc6884aebfc090cee7e33c88471dee1a93f4a87a300b11f43b98f6624b838171f06227add24afcb1d57208df1  openjpeg-2.1.0.tar.gz
+cf6b65b955de0de29af6b6be4d09c172a153f881be07e3e80435fdcdfe3fae07c4e11138ba76fb62f2ec1adb8043d580b4bfcf5e0807e82ec36307b0cb18f67f  CVE-2015-6581.patch
+a1cebeb7933bf10b47ebe420b71c0e2a83eb269028cf42aae08eb9b8a36b19df4c94c91ae1ef3d13e0a284f34ac0bd989e56f8071f0c0a3ca0326cc8d2502d91  fix-use-after-free.patch"
author	Natanael Copa <ncopa@alpinelinux.org>	2015-10-14 08:45:12 +0000
committer	Natanael Copa <ncopa@alpinelinux.org>	2015-10-14 08:46:28 +0000
commit	35be8d73cef9bc2ec4f44f22bbb99d6f84312c9c (patch)
tree	c21627061d3f0c2beb62fdb066865a137aa3bb12 /main/openjpeg/APKBUILD
parent	a771c6d2ed6375e2018fd98a87b07e3f7193f6b4 (diff)
download	aports-35be8d73cef9bc2ec4f44f22bbb99d6f84312c9c.tar.bz2 aports-35be8d73cef9bc2ec4f44f22bbb99d6f84312c9c.tar.xz