From 64ccf246bf0c9f29e14017895a65cd46f68c36af Mon Sep 17 00:00:00 2001 From: Leo Date: Mon, 6 May 2019 03:00:32 -0300 Subject: main/libpng: upgrade to 1.6.37 - Add secfixes CVE-2019-7317 CVE-2018-14048 CVE-2018-14550 - Remove pkg-config detected depends_dev fixes #10365 --- main/libpng/APKBUILD | 26 +++++++++++++++----------- main/libpng/libpng-fix-arm-neon.patch | 8 ++------ 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/main/libpng/APKBUILD b/main/libpng/APKBUILD index 94837fed68..f121ea177d 100644 --- a/main/libpng/APKBUILD +++ b/main/libpng/APKBUILD @@ -1,22 +1,26 @@ # Contributor: Carlo Landmeter # Maintainer: Natanael Copa pkgname=libpng -pkgver=1.6.29 -pkgrel=1 +pkgver=1.6.37 +pkgrel=0 pkgdesc="Portable Network Graphics library" url="http://www.libpng.org/" arch="all" -license="GPL" -depends="" -depends_dev="zlib-dev" -makedepends="$depends_dev gawk" +license="Libpng" +makedepends="zlib-dev gawk autoconf automake libtool" subpackages="$pkgname-doc $pkgname-dev $pkgname-utils" -source="http://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz - http://downloads.sourceforge.net/sourceforge/$pkgname-apng/$pkgname-$pkgver-apng.patch.gz +source="https://downloads.sourceforge.net/libpng/$pkgname-$pkgver.tar.gz + https://downloads.sourceforge.net/sourceforge/libpng-apng/$pkgname-$pkgver-apng.patch.gz libpng-fix-arm-neon.patch " builddir="$srcdir/$pkgname-$pkgver" +# secfixes: +# 1.6.37-r0: +# - CVE-2019-7317 +# - CVE-2018-14048 +# - CVE-2018-14550 + prepare() { cd "$builddir" gunzip -c "$srcdir"/$pkgname-$pkgver-apng.patch.gz | patch -p1 || return 1 @@ -54,6 +58,6 @@ utils() { mv "$pkgdir"/usr/bin "$subpkgdir"/usr } -sha512sums="4b45fcad0e9cd220c5c6a3e3db74fbdca9cedabd1a3f66cd5c302e93a445585ef80934dcb1f1f3ee468bcd287f49b514a4f316df1b32066dadaaa8e15c8d20f4 libpng-1.6.29.tar.gz -466ce59902c45438c403d91115743adcb338dc1006063f5a3c53d27993ad82d02125437fe53a162b09ebb41b36e71b04404e98ed35580afbc137db64d831252d libpng-1.6.29-apng.patch.gz -30c8389d075b90c0e30c0be8d7630cbf98c87c610f414c529485630dd0411cced28852d2fecc96bca72bc712f0f7e13358f9fc47b6d7b8c7806d34ebeef20514 libpng-fix-arm-neon.patch" +sha512sums="2ce2b855af307ca92a6e053f521f5d262c36eb836b4810cb53c809aa3ea2dcc08f834aee0ffd66137768a54397e28e92804534a74abb6fc9f6f3127f14c9c338 libpng-1.6.37.tar.gz +226adcb3a8c60f2267fe2976ab531329ae43c2603dab4d0cf8f16217d64069936b879f3d6516b75d259c47d6f5c5b1f24f887602206c8e46abde0fb7f5c7946b libpng-1.6.37-apng.patch.gz +e3fae918f14bc34e7c126892f69527c6e1b4d72593835ece839d9a28cff55a886b2030f877cf9e29b2c97abf2e47bbb5ba54584828edd2a841c2556f330b9c7e libpng-fix-arm-neon.patch" diff --git a/main/libpng/libpng-fix-arm-neon.patch b/main/libpng/libpng-fix-arm-neon.patch index e424957ce2..2cd3f18c28 100644 --- a/main/libpng/libpng-fix-arm-neon.patch +++ b/main/libpng/libpng-fix-arm-neon.patch @@ -1,8 +1,6 @@ -diff --git a/configure.ac b/configure.ac -index 4fb0778..930bf50 100644 --- a/configure.ac +++ b/configure.ac -@@ -283,17 +283,21 @@ AC_ARG_ENABLE([arm-neon], +@@ -364,17 +364,21 @@ [case "$enableval" in no|off) # disable the default enabling on __ARM_NEON__ systems: @@ -24,11 +22,9 @@ index 4fb0778..930bf50 100644 AC_DEFINE([PNG_ARM_NEON_OPT], [2], [Enable ARM Neon optimizations]) AC_MSG_WARN([--enable-arm-neon: please specify 'check' or 'api', if] -diff --git a/pngpriv.h b/pngpriv.h -index 1997503..789206f 100644 --- a/pngpriv.h +++ b/pngpriv.h -@@ -125,7 +125,7 @@ +@@ -127,7 +127,7 @@ * associated assembler code, pass --enable-arm-neon=no to configure * or put -DPNG_ARM_NEON_OPT=0 in CPPFLAGS. */ -- cgit v1.2.3