main/sdl2_image: security fix for CVE-2019-13616

1 files changed, 7 insertions, 3 deletions

diff --git a/main/sdl2_image/APKBUILD b/main/sdl2_image/APKBUILD
index 057a488ccc..f262cbaa21 100644
--- a/main/sdl2_image/APKBUILD
+++ b/main/sdl2_image/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: Francesco Colista <fcolista@alpinelinux.org>
 pkgname=sdl2_image
 pkgver=2.0.5
-pkgrel=0
+pkgrel=1
 _pkgname=SDL2_image
 pkgdesc="A simple library to load images of various formats as SDL surfaces"
 url="http://www.libsdl.org/projects/SDL_image/"
@@ -11,10 +11,13 @@ license="zlib"
 makedepends="sdl2-dev libpng-dev libjpeg-turbo-dev
 	libwebp-dev tiff-dev zlib-dev"
 subpackages="$pkgname-dev"
-source="https://www.libsdl.org/projects/SDL_image/release/$_pkgname-$pkgver.tar.gz"
+source="https://www.libsdl.org/projects/SDL_image/release/$_pkgname-$pkgver.tar.gz
+	CVE-2019-13616.patch"
 builddir="$srcdir/$_pkgname-$pkgver"
 
 # secfixes:
+#   2.0.5-r1:
+#     - CVE-2019-13616
 #   2.0.3-r0:
 #     - CVE-2017-12122 TALOS-2017-0488
 #     - CVE-2017-14440 TALOS-2017-0489
@@ -49,4 +52,5 @@ package() {
 	make DESTDIR="$pkgdir" install
 }
 
-sha512sums="77e743d3f32707e015b290c1379ae3c7d7a3fe265995713267f0d0ec6517de4808f0de9890b5ab28445941af5bc9fbff346620629e0d7d7e9f365262cab05ee7  SDL2_image-2.0.5.tar.gz"
+sha512sums="77e743d3f32707e015b290c1379ae3c7d7a3fe265995713267f0d0ec6517de4808f0de9890b5ab28445941af5bc9fbff346620629e0d7d7e9f365262cab05ee7  SDL2_image-2.0.5.tar.gz
+777f2c88efd7ead1d0d590bb08db02f8f532bd4b8acf88d5e956e3738accbba08b5d152eba3f97673a970dda1f95fdd2eb155595d158249907f9b181975d8a96  CVE-2019-13616.patch"