main/exiv2: security upgrade to 0.27.2

CVE-2019-13108, CVE-2019-13109, CVE-2019-13110, CVE-2019-13111,
CVE-2019-13112, CVE-2019-13113, CVE-2019-13114

Fixes #10725

3 files changed, 29 insertions, 84 deletions

diff --git a/main/exiv2/0000-pthread-init-fix.patch b/main/exiv2/0000-pthread-init-fix.patch
deleted file mode 100644
index ac69b14c10..0000000000
--- a/main/exiv2/0000-pthread-init-fix.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 620ef04e96f4c0d0894d976fc361588b6526a116 Mon Sep 17 00:00:00 2001
-From: clanmills <robin@clanmills.com>
-Date: Tue, 20 Jun 2017 20:41:30 +0100
-Subject: [PATCH] https://github.com/Exiv2/exiv2/issues/9 Fix submitted.
-
----
- src/actions.cpp       | 8 ++++++--
- 1 file changed, 6 insertions(+), 2 deletions(-)
-
-diff --git a/src/actions.cpp b/src/actions.cpp
-index 0ebe8505..17444c5b 100644
---- a/src/actions.cpp
-+++ b/src/actions.cpp
-@@ -2045,9 +2045,13 @@ namespace {
- #else
-  /* Unix/Linux/Cygwin/MacOSX */
-  #include <pthread.h>
-+ /* This is the critical section object (statically allocated). */
-  #if defined(__APPLE__)
--  /* This is the critical section object (statically allocated). */
--  static pthread_mutex_t cs =  PTHREAD_RECURSIVE_MUTEX_INITIALIZER;
-+  #if defined(PTHREAD_RECURSIVE_MUTEX_INITIALIZER)
-+    static pthread_mutex_t cs =  PTHREAD_RECURSIVE_MUTEX_INITIALIZER;
-+   #else
-+    static pthread_mutex_t cs =  PTHREAD_MUTEX_INITIALIZER;
-+  #endif
-  #else
-   static pthread_mutex_t cs =  PTHREAD_RECURSIVE_MUTEX_INITIALIZER_NP;
-  #endif
diff --git a/main/exiv2/0001-Amend-fix-for-9-to-apply-to-other-Unix-systems.patch b/main/exiv2/0001-Amend-fix-for-9-to-apply-to-other-Unix-systems.patch
deleted file mode 100644
index 86412532d0..0000000000
--- a/main/exiv2/0001-Amend-fix-for-9-to-apply-to-other-Unix-systems.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From d775683f579543c35463ab2a8d9425da10d2f016 Mon Sep 17 00:00:00 2001
-From: "A. Wilcox" <AWilcox@Wilcox-Tech.com>
-Date: Wed, 4 Oct 2017 00:15:30 -0500
-Subject: [PATCH] Amend fix for #9 to apply to other Unix systems
-
-At least the musl libc on Linux has the same issue as Mac OS X: the
-PTHREAD_RECURSIVE_* static initialiser does not exist.  This is a
-documented and purposeful omission:
-
-http://www.openwall.com/lists/musl/2017/02/20/3
-
-This commit uses similar logic to the Apple test on other Unixes.
----
- src/actions.cpp | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/src/actions.cpp b/src/actions.cpp
-index fe14de4..aa15ec7 100644
---- a/src/actions.cpp
-+++ b/src/actions.cpp
-@@ -2051,7 +2051,11 @@ namespace {
-     static pthread_mutex_t cs =  PTHREAD_MUTEX_INITIALIZER;
-   #endif
-  #else
--  static pthread_mutex_t cs =  PTHREAD_RECURSIVE_MUTEX_INITIALIZER_NP;
-+  #if defined(PTHREAD_RECURSIVE_MUTEX_INITIALIZER_NP)
-+    static pthread_mutex_t cs =  PTHREAD_RECURSIVE_MUTEX_INITIALIZER_NP;
-+   #else
-+    static pthread_mutex_t cs =  PTHREAD_MUTEX_INITIALIZER;
-+  #endif
-  #endif
- #endif
- 
--- 
-2.10.0
-
diff --git a/main/exiv2/APKBUILD b/main/exiv2/APKBUILD
index 1b9add3976..ac24a52912 100644
--- a/main/exiv2/APKBUILD
+++ b/main/exiv2/APKBUILD
@@ -1,6 +1,6 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=exiv2
-pkgver=0.26
+pkgver=0.27.2
 pkgrel=0
 pkgdesc="Exif and Iptc metadata manipulation library and tools."
 url="http://exiv2.org"
@@ -9,33 +9,43 @@ options="!check"  # No test suite.
 license="GPL-2.0-or-later"
 depends=""
 depends_dev="expat-dev zlib-dev"
-makedepends="$depends_dev bash"
+makedepends="$depends_dev cmake"
 subpackages="$pkgname-dev $pkgname-doc"
-source="http://exiv2.org/releases/exiv2-$pkgver-trunk.tar.gz
-	0000-pthread-init-fix.patch
-	0001-Amend-fix-for-9-to-apply-to-other-Unix-systems.patch
-	"
+source="https://exiv2.org/builds/$pkgname-$pkgver-Source.tar.gz"
+builddir="$srcdir"/$pkgname-$pkgver-Source
+
+# secfixes:
+#   0.27.2-r0:
+#     - CVE-2019-13108
+#     - CVE-2019-13109
+#     - CVE-2019-13110
+#     - CVE-2019-13111
+#     - CVE-2019-13112
+#     - CVE-2019-13113
+#     - CVE-2019-13114
 
-builddir="$srcdir"/exiv2-trunk
 prepare() {
 	default_prepare
-	cd "$builddir"
-	update_config_sub
+	mkdir build
 }
+
 build() {
-	cd "$builddir"
-	./configure \
-		--build=$CBUILD \
-		--host=$CHOST \
-		--prefix=/usr
-	make
+	cd "$builddir"/build
+	cmake .. \
+		-DCMAKE_BUILD_TYPE=Release \
+		-DCMAKE_INSTALL_PREFIX=/usr \
+		-DCMAKE_INSTALL_LIBDIR=lib
+	cmake --build .
+}
+
+check() {
+	cd "$builddir"/build
+	make test
 }
 
 package() {
-	cd "$builddir"
+	cd "$builddir"/build
 	make DESTDIR="$pkgdir" install
 }
 
-sha512sums="d1e9cab886e279b045768dd9ec781f07d2d36d573119403d0b76dc571442173aae6972f86ec55c3ea53fb3ee9ca3571eb8fd63a2a6643a970852813e88634a86  exiv2-0.26-trunk.tar.gz
-9721d359708c385be7c86a8f8a63de43b05b2578a29b4339861e82873aa81a98a7ee7252847b6c55529341187d40f552c488589b416fd9d1e27418925929c018  0000-pthread-init-fix.patch
-485bd340169f69a3ce356e59e9138250cc14592f4477bb73827c799fe465535954469634fc58a1856f690f0e0b4171cba6fdd3391d43c0efc5e89652b93eb3ce  0001-Amend-fix-for-9-to-apply-to-other-Unix-systems.patch"
+sha512sums="39eb7d920dce18b275ac66f4766c7c73f7c72ee10e3e1e43d84c611b24f48ce20a70eac6d53948914e93242a25b8b52cc4bc760ee611ddcd77481306c1f9e721  exiv2-0.27.2-Source.tar.gz"