# Maintainer: Natanael Copa pkgname=libarchive pkgver=3.1.2 pkgrel=4 pkgdesc="library that can create and read several streaming archive formats" url="http://libarchive.googlecode.com/" arch="all" license="BSD" depends="" subpackages="$pkgname-dev $pkgname-doc $pkgname-tools" makedepends="zlib-dev bzip2-dev xz-dev acl-dev openssl-dev expat-dev" depends_dev="$makedepends" source="http://www.libarchive.org/downloads/libarchive-$pkgver.tar.gz CVE-2013-0211.patch CVE-2015-2304.patch CVE-2016-1541.patch CVE-2016-4302.patch CVE-2016-4809.patch CVE-2016-5844.patch CVE-2016-6250.patch CVE-2016-5418.patch CVE-2016-7166.patch " _builddir="$srcdir"/$pkgname-$pkgver # security fixes: # 3.1.2-r4: # - CVE-2016-4302 # - CVE-2016-4809 # - CVE-2016-5844 # - CVE-2016-6250 # 3.1.2-r5: # - CVE-2016-5418 # - CVE-2016-7166 prepare() { cd "$_builddir" for i in $source; do case $i in *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; esac done } build () { cd "$_builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ --prefix=/usr \ --without-xml2 \ || return 1 make } package() { cd "$_builddir" make DESTDIR="$pkgdir" install || return 1 rm "$pkgdir"/usr/lib/*.la || return 1 } tools() { pkgdesc="libarchive tools bsdtar and bsdcpio" mkdir -p "$subpkgdir"/usr/ mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ } md5sums="efad5a503f66329bb9d2f4308b5de98a libarchive-3.1.2.tar.gz fc5f5158d414e3a7e9f085d8d1470014 CVE-2013-0211.patch b27c60d9288780261410366994103278 CVE-2015-2304.patch 1d6acc1b95e1f6a397dbf332b6e8b0eb CVE-2016-1541.patch 671e37e5012868487c883d1d3d1a98e8 CVE-2016-4302.patch 441be3deb395c923f775e1a2d0f0d35e CVE-2016-4809.patch fffa1304e451984b8fa43047da1c9178 CVE-2016-5844.patch d5e6f412445c5b463d3761995c23f84e CVE-2016-6250.patch a608f39134680bac449c0f4659a86de4 CVE-2016-5418.patch 827e8fab29485d7d251b19f06127d098 CVE-2016-7166.patch" sha256sums="eb87eacd8fe49e8d90c8fdc189813023ccc319c5e752b01fb6ad0cc7b2c53d5e libarchive-3.1.2.tar.gz 75f30c3867d3924461bb764ea2ca3c1b1e43240aeb5b0dd93a103fd7a7ca7fe9 CVE-2013-0211.patch 5a862586b4684d819add1df9d747bc47f9a4f2fecd069175bf00f6927c9633bf CVE-2015-2304.patch cfe651e5b9a626ea51b92e762474e8bc9ef28d95a42123f69bdbed3c14547b69 CVE-2016-1541.patch f5e66529b373d23e9084c38df2c65d2406986cbb7039cf380ff884b3feb78312 CVE-2016-4302.patch c108796584bdd539eaa892b7ea83257ccf9174c6a23afe4fa7d32f90ac140220 CVE-2016-4809.patch dbdd82e4e5693fdfb3e510d6238e411f00d68d71c09d6ec84f4b6c7ca44b00d0 CVE-2016-5844.patch e46a9999388cae275c31ee758b44be99fc04b58257b0c3e068a3e58d266a0fdd CVE-2016-6250.patch 0c2015fb4c686f48c6ae6b8fe6e9a44359f58bd21f14c7b0b2f3abf630dd0c75 CVE-2016-5418.patch 14aa20637a4ca7dd1ce1d88ee4813572f3e4148088d65b9a035240de74edf3cb CVE-2016-7166.patch" sha512sums="1f3c2a675031f93c7d42ae2ed06742b0b1e2236ff57d9117791d62fb8ae77d6cafffbcb5d45b5bd98daa908bd18c576cf82e01a9b1eba699705e23eff3688114 libarchive-3.1.2.tar.gz c10470ab67dd94944489f72e4d6f39d98163f5d7a92bcd550aa323e9a1b96148588bd04ac7d8c6ff232dc388559fb3e67552bb5c83ac7626ad714517f5022fce CVE-2013-0211.patch ae3161b36605c81622d4d4c44f33c31e596506dc60ffb43a91b0f7b831d15d48abdd64725cd770bca6795230f1505d301a74db63903c91507195ccdea0737b63 CVE-2015-2304.patch ecbd54a125948c0bf172ad8d877f074e802a4f719a967a69f7c56ea7fda77ec68183bc47642f4437462132af61b91d7b94d9b87d0e84aafbeb492b28d0d1531d CVE-2016-1541.patch 94db9186246971fbad51d5d1b50719b2ae1d6baeb063fd344546fd4e1d8cec89438ea8baa299af75eb8e1157888b68e8fd53120aaccba1b802b3169baaf13c98 CVE-2016-4302.patch 464692946ad59f7f404a1ac1b123e06b407cabaece95bd062b5c0fca7c62355b4a9c2aa940055aee5b9c40fcc3077fbe2a3b5a3d416b5b2c453fc7518cbc858d CVE-2016-4809.patch 213fbf0b6ac1b6f7662a6d15119696db5c05e071ffa86cb6832677c9676040ed8df199bb22e72dc47264e8873e246737bad327d88f439d8b164c0520095210b2 CVE-2016-5844.patch 1b93ce72c4769aa7467bb68ad7953551bed3b944eeb686ebbacc7ccd450833dc3250b0e3132cf63ae35d873b021ffbcbeb0f08a60f16037ffabc45536292af35 CVE-2016-6250.patch 053e418589969d748192e9c8d232b979fbea2b8a8e323c5ce737b9ec211c41c5f697440dc3bf0e7cb0cd237289d9980d921001df077001b605d25f13ab1997af CVE-2016-5418.patch 2f554e698615e4d62df29003c7ef24a3fbab207fb1ca2f5dce9a3a665f9c4155c398c28c107daabe63877d3648912fd31286bc785d3ae2a1c7ef4c1077f3fa68 CVE-2016-7166.patch"