From b53e06d83f6743f8a5b6a7bac9893af4033d27be Mon Sep 17 00:00:00 2001
From: Natanael Copa <ncopa@alpinelinux.org>
Date: Fri, 30 Jan 2015 09:22:48 +0000
Subject: main/antiword: security fix for CVE-2014-8123

ref #3784
---
 main/antiword/APKBUILD | 24 +++++++++++++++++++-----
 1 file changed, 19 insertions(+), 5 deletions(-)

(limited to 'main/antiword/APKBUILD')

diff --git a/main/antiword/APKBUILD b/main/antiword/APKBUILD
index c26f50a3c1..beaf8880a2 100644
--- a/main/antiword/APKBUILD
+++ b/main/antiword/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: Michael Mason <ms13sp@gmail.com>
 pkgname=antiword
 pkgver=0.37
-pkgrel=2
+pkgrel=3
 pkgdesc="A free MS Word reader"
 url="http://www.winfield.demon.nl"
 arch="all"
@@ -11,9 +11,20 @@ depends=""
 makedepends=""
 install=""
 subpackages=""
-source="http://www.winfield.demon.nl/linux/$pkgname-$pkgver.tar.gz"
+source="http://www.winfield.demon.nl/linux/$pkgname-$pkgver.tar.gz
+	CVE-2014-8123.patch
+	"
 
 _builddir="$srcdir"/$pkgname-$pkgver
+prepare() {
+	cd "$_builddir"
+	for i in $source; do
+		case $i in
+		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
+		esac
+	done
+}
+
 build() {
 	cd "$_builddir"
 	make || return 1
@@ -26,6 +37,9 @@ package() {
 	install -m644 -D "$srcdir"/"$pkgname-$pkgver"/Resources/* "$pkgdir"/usr/share/antiword/
 }
 
-md5sums="f868e2a269edcbc06bf77e89a55898d1  antiword-0.37.tar.gz"
-sha256sums="8e2c000fcbc6d641b0e6ff95e13c846da3ff31097801e86702124a206888f5ac  antiword-0.37.tar.gz"
-sha512sums="6cd8fb9137238417544cf8754829a2d5296055d730ea62a8a025236baa79516190317d146401ff40cde73e1ee2c3c374a2ea01b2e5d24e149310bcabb8bfdce8  antiword-0.37.tar.gz"
+md5sums="f868e2a269edcbc06bf77e89a55898d1  antiword-0.37.tar.gz
+aab9daf729111a7737ae1fa117502b51  CVE-2014-8123.patch"
+sha256sums="8e2c000fcbc6d641b0e6ff95e13c846da3ff31097801e86702124a206888f5ac  antiword-0.37.tar.gz
+a8f2472788251dbb441a7985932b804218e6f367f5fc2668c91eec0559213324  CVE-2014-8123.patch"
+sha512sums="6cd8fb9137238417544cf8754829a2d5296055d730ea62a8a025236baa79516190317d146401ff40cde73e1ee2c3c374a2ea01b2e5d24e149310bcabb8bfdce8  antiword-0.37.tar.gz
+4e0714dc7b21ebd8e232656be576d05f0252bc0d7a7c10ec1511e479ef405a3627d4d14a08aac2c4481573654185492577f3376d3bc5ebf755e661a29c32a37c  CVE-2014-8123.patch"
-- 
cgit v1.2.3