From 8c50cf10d6d200a8c2485d1267c7410b96183369 Mon Sep 17 00:00:00 2001 From: Natanael Copa Date: Mon, 26 Sep 2016 19:46:19 +0200 Subject: main/bzip2: security fix for CVE-2016-3189 --- main/bzip2/APKBUILD | 27 ++++++++++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) (limited to 'main/bzip2/APKBUILD') diff --git a/main/bzip2/APKBUILD b/main/bzip2/APKBUILD index 48e5571ef0..4b05b80cf2 100644 --- a/main/bzip2/APKBUILD +++ b/main/bzip2/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa pkgname=bzip2 pkgver=1.0.6 -pkgrel=4 +pkgrel=5 pkgdesc="A high-quality data compression program" url="http://sources.redhat.com/bzip2" arch="all" @@ -16,8 +16,12 @@ source="http://www.bzip.org/$pkgver/$pkgname-$pkgver.tar.gz bzip2-1.0.2-progress.patch bzip2-1.0.3-no-test.patch bzip2-1.0.4-POSIX-shell.patch + CVE-2016-3189.patch " +# secfixes: +# 1.0.6-r5: CVE-2016-3189 + _builddir="$srcdir"/$pkgname-$pkgver prepare() { local i @@ -44,7 +48,7 @@ prepare() { bzip2.1 bzip2.txt Makefile-libbz2_so manual.* || return 1 } -build () { +build () { cd "$_builddir" make -f Makefile-libbz2_so all || return 1 make all || return 1 @@ -70,4 +74,21 @@ d47a4aa8f08d101aa5aa0dd2030338d1 bzip2-1.0.6-saneso.patch fd13ef6bc55276c7e3adc346bde56cd1 bzip2-1.0.4-man-links.patch 5f7a98f0aaaed6554126d30e28383ee0 bzip2-1.0.2-progress.patch 804bd17c96297968a89fc4eddc9a6713 bzip2-1.0.3-no-test.patch -55ac0e9be7821190b99376e0205707be bzip2-1.0.4-POSIX-shell.patch" +55ac0e9be7821190b99376e0205707be bzip2-1.0.4-POSIX-shell.patch +bb267d21004b2e756a18c3b5f31a8257 CVE-2016-3189.patch" +sha256sums="a2848f34fcd5d6cf47def00461fcb528a0484d8edef8208d6d2e2909dc61d9cd bzip2-1.0.6.tar.gz +8b625c4a37395ef94b19854b6a43f7e756edc3e238924669bc01d858853a1703 bzip2-1.0.4-makefile-CFLAGS.patch +5591ef4d3ccc1ea08750ce5650efadb0e8e2255b50e506cc8d66b131f8d891f2 bzip2-1.0.6-saneso.patch +1fc9d91f3f7bd3eecd86149b9c95b3162d9d7956f7de543aa8bc41cbcd04f88b bzip2-1.0.4-man-links.patch +a76f6d082a1a1fef2eff111177d7c7568e1d457fb2b98cde71bbbe6ea1c7c787 bzip2-1.0.2-progress.patch +3478e797662d85996c03d3b7612d548d2d377fe7efc3dc190332741a11082ef6 bzip2-1.0.3-no-test.patch +a810bda8ff824a3da6c5eb2659e388c6f6d8b7f09d08ca5b3ace18f96d5299fe bzip2-1.0.4-POSIX-shell.patch +b47515cf71a5773c5e26aa4faf1486d3a60de127cb99cdc0c6aee229d362ae7c CVE-2016-3189.patch" +sha512sums="00ace5438cfa0c577e5f578d8a808613187eff5217c35164ffe044fbafdfec9e98f4192c02a7d67e01e5a5ccced630583ad1003c37697219b0f147343a3fdd12 bzip2-1.0.6.tar.gz +58cc37430555520b6e35db2740e699cf37eacdd82989c21a222a593e36288710a0defb003662d4238235c12b3764bfc89cd646e6be9d0a08d54bd2c9baa6ad15 bzip2-1.0.4-makefile-CFLAGS.patch +8a7528b5b931bb72f637c6940bc811d54fb816fd5bb453af56d9b4a87091004eb5e191ba799d972794b24c56cf8134344a618b58946d3f1d985c508f88190845 bzip2-1.0.6-saneso.patch +2d9a306bc0f552a58916ebc702d32350a225103c487e070d2082121a54e07f1813d3228f43293cc80a4bee62053fd597294c99a1751b1685cd678f4e5c6a2fe7 bzip2-1.0.4-man-links.patch +b6810c73428f17245e0d7c2decd00c88986cd8ad1cfe4982defe34bdab808d53870ed92cb513b2d00c15301747ceb6ca958fb0e0458d0663b7d8f7c524f7ba4e bzip2-1.0.2-progress.patch +aefcafaaadc7f19b20fe023e0bd161127b9f32e0cd364621f6e5c03e95fb976e7e69e354ec46673a554392519532a3bfe56d982a5cde608c10e0b18c3847a030 bzip2-1.0.3-no-test.patch +64ab461bf739c29615383750e7f260abb2d49df7eb23916940d512bd61fd9a37aaade4d8f6f94280c95fc781b8f92587ad4f3dda51e87dec7a92a7a6f8d8ae86 bzip2-1.0.4-POSIX-shell.patch +cef6f448b661a775cc433f9636730e89c1285d07075536217657056be56e0a11e96f41f7c14f6ec59e235464b9ddd649a71fb8de1c60eda2fd5c2cdfbb6a8fdc CVE-2016-3189.patch" -- cgit v1.2.3