# Maintainer: Natanael Copa pkgname=libvorbis pkgver=1.3.5 pkgrel=3 pkgdesc="Vorbis codec library" url="http://www.xiph.org/ogg/vorbis/" arch="all" license="custom" license="BSD-3-License" subpackages="$pkgname-dev $pkgname-doc" depends= depends_dev="libogg-dev" makedepends="$depends_dev" source="http://downloads.xiph.org/releases/vorbis/libvorbis-$pkgver.tar.gz CVE-2017-14160.patch CVE-2017-14632.patch CVE-2017-14633.patch " # secfixes: # 1.3.5-r3: # - CVE-2017-14632 # - CVE-2017-14633 # 1.3.5-r2: # - CVE-2017-14160 builddir="$srcdir/$pkgname-$pkgver" build() { cd "$builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ --prefix=/usr \ --disable-static \ || return 1 make || return 1 } package() { cd "$builddir" make DESTDIR="$pkgdir" install || return 1 install -Dm644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING } md5sums="7220e089f3be3412a2317d6fde9e3944 libvorbis-1.3.5.tar.gz 943275d84d55dfa072ec3a2566fd9bfa CVE-2017-14160.patch" sha256sums="6efbcecdd3e5dfbf090341b485da9d176eb250d893e3eb378c428a2db38301ce libvorbis-1.3.5.tar.gz f93bf45de3a21db0fa9bb9cd25edefb1182bf24d61028a86cbf45fbcd11fbdf5 CVE-2017-14160.patch" sha512sums="6c729a227143abc744a779ec4d4ce9932cd1234e301b766cb5111c3894b7cd866f0267590c7864afd3841ac0d4ae2eb2386e8d14345b7c41c8ce35e996e3656c libvorbis-1.3.5.tar.gz 4c2f7be947f2159ae47175cba89950c7b7d357b37a20d54382e4fbecd8c268b148e6cb86cb148945c7b68bbe8b14f466e910b35b80903ab51f1b02cfccf5806e CVE-2017-14160.patch 656db69d915fb30e26b6370a9b6f7c2c1f1caaec7051eb13602983935d716ae78a1a3ceaa901d63e2a2169cf00c50d90a86530d461fd53191d545e8d82dbae92 CVE-2017-14632.patch 1b4b1a6a31feca7e9cabc9274149788f0134a3be7575d530092e42864ff6f6d129f923282da7378d29d953e6be4519b3aa7f782e2cca70a623024c7c050614f1 CVE-2017-14633.patch"