From d2c16a8beb2a6f6db026a7cd340686d8a469158f Mon Sep 17 00:00:00 2001 From: Leonardo Arena Date: Mon, 27 Mar 2017 07:28:07 +0000 Subject: main/libxslt: security fixes #7056 (CVE-2017-5029) --- main/libxslt/APKBUILD | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/main/libxslt/APKBUILD b/main/libxslt/APKBUILD index 7191fbdbba..55814708eb 100644 --- a/main/libxslt/APKBUILD +++ b/main/libxslt/APKBUILD @@ -2,7 +2,7 @@ # Contributor: Francesco Colista pkgname=libxslt pkgver=1.1.29 -pkgrel=0 +pkgrel=1 pkgdesc="XML stylesheet transformation library" url="http://xmlsoft.org/XSLT/" arch="all" @@ -10,9 +10,16 @@ license="custom" depends= makedepends="libxml2-dev libgcrypt-dev libgpg-error-dev python2-dev" subpackages="$pkgname-dev $pkgname-doc py-$pkgname:py" -source="ftp://xmlsoft.org/$pkgname/$pkgname-$pkgver.tar.gz" +source="ftp://xmlsoft.org/$pkgname/$pkgname-$pkgver.tar.gz + CVE-2017-5029.patch + " _builddir="$srcdir"/$pkgname-$pkgver + +# secfixes: +# 1.1.29-r1: +# - CVE-2017-5029 + prepare() { cd "$_builddir" for i in $source; do @@ -44,6 +51,5 @@ py() { install -d "$subpkgdir"/usr/lib mv "$pkgdir"/usr/lib/python* "$subpkgdir"/usr/lib/ } -md5sums="a129d3c44c022de3b9dcf6d6f288d72e libxslt-1.1.29.tar.gz" -sha256sums="b5976e3857837e7617b29f2249ebb5eeac34e249208d31f1fbf7a6ba7a4090ce libxslt-1.1.29.tar.gz" -sha512sums="a1ce555a74a9dabe65e8f64bb66e27e77760fd76940d88f2d59f58dd63ca73c8ae59f3fcbd8e76c8f92ff992fb0c09328528c20ea38ccac83e63252106bf5f31 libxslt-1.1.29.tar.gz" +sha512sums="a1ce555a74a9dabe65e8f64bb66e27e77760fd76940d88f2d59f58dd63ca73c8ae59f3fcbd8e76c8f92ff992fb0c09328528c20ea38ccac83e63252106bf5f31 libxslt-1.1.29.tar.gz +586182c5cabf86605bc628c98fcc18ee7120c5917dab25e2f4c013660ccda34f44f4b6c46a7d7473baaa1c208e306c5b4012cc95770e1be88c7aec9121880aa7 CVE-2017-5029.patch" -- cgit v1.2.3