From 54e5c2f7374a2dba0bc5dbc825e3cb9557de2d1b Mon Sep 17 00:00:00 2001 From: Leonardo Arena Date: Wed, 17 Jul 2019 07:01:02 +0000 Subject: main/mosquitto: security fix (CVE-2018-12546) Fixes #10269 Don't build dockbook because xsltproc fails to build it --- main/mosquitto/APKBUILD | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'main/mosquitto') diff --git a/main/mosquitto/APKBUILD b/main/mosquitto/APKBUILD index 9be9820bd4..fddf51b926 100644 --- a/main/mosquitto/APKBUILD +++ b/main/mosquitto/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa pkgname=mosquitto pkgver=1.4.15 -pkgrel=4 +pkgrel=5 pkgdesc="An Open Source MQTT v3.1 Broker" url="http://mosquitto.org/" arch="all" @@ -18,6 +18,7 @@ subpackages="$pkgname-dev $pkgname-doc $pkgname-libs++:_pp $pkgname-openrc source="http://mosquitto.org/files/source/$pkgname-$pkgver.tar.gz libressl.patch config.patch + mosquitto-1.4.x-cve-2018-12546.patch mosquitto-1.4.x-cve-2018-12550.patch mosquitto-1.4.x-cve-2018-12551.patch @@ -26,6 +27,8 @@ source="http://mosquitto.org/files/source/$pkgname-$pkgver.tar.gz builddir="$srcdir/$pkgname-$pkgver" # secfixes: +# 1.4.15-r5: +# - CVE-2018-12546 # 1.4.15-r4: # - CVE-2018-12550 # - CVE-2018-12551 @@ -49,7 +52,7 @@ prepare() { build() { cd "$builddir" # PSK not supported by libressl - make \ + make mosquitto \ WITH_MEMORY_TRACKING=no \ WITH_WEBSOCKETS=yes \ WITH_SRV=yes \ @@ -96,6 +99,7 @@ clients() { sha512sums="36b06547553cf28af3ca9b728c42fc27e849c4ae84d7964572d430233ab26e2b59eee2a215ac23ddf2d0bef419e7c70e64e2a22c397fadb3e0677314d03f1100 mosquitto-1.4.15.tar.gz 53859b628f965b77f6e47910c0ceba2f2737b815131ed800dc64a80419e434d25b5ba0938ae645882e9aa5d475d4940c7d35cc6d56f54bc4937a66b32d7db4ad libressl.patch d5442373ae6ae8bc83eee59b425fbd76e80f905b9fd2bd2ed2a37a7e156fe95a9cf477c9c4dac0975c5fd90e70884de6fb8a16aefcd37b239199d5deae50b7d2 config.patch +e6544a171eb792ca80b3179e860474e6b19cfc99abe1d05173dac2bd310b2a8c6fcc9c6718812236ceb570f96a137f38eb621fe971cd63b8fe1178e0f2820207 mosquitto-1.4.x-cve-2018-12546.patch 58cf7211781c07d25ad555e982b66aca716230698ad239b964de073bb41dc2566d2c6fde379ded18106f704aba864859e36cb39c4c85762d00b5ed4f2b5cef58 mosquitto-1.4.x-cve-2018-12550.patch b1ba9d61ede7b7f0232811d6e2381a2943ed12a3c8b83ea2c2e1d3fce153260565f48ca900d4e0590688031013e1f425dfa8b1d89e0f1194516438b42dc158e2 mosquitto-1.4.x-cve-2018-12551.patch 16f96d8f7f3a8b06e2b2e04d42d7e0d89a931b52277fc017e4802f7a3bc85aff4dd290b1a0c40382ea8f5568d0ceb7319c031d9be916f346d805231a002b0433 mosquitto.initd" -- cgit v1.2.3