blob: fe8ff7925ae232207a7f3e0da08305be195572de (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
|
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=libarchive
pkgver=3.1.2
pkgrel=4
pkgdesc="library that can create and read several streaming archive formats"
url="http://libarchive.googlecode.com/"
arch="all"
license="BSD"
depends=""
subpackages="$pkgname-dev $pkgname-doc $pkgname-tools"
makedepends="zlib-dev bzip2-dev xz-dev acl-dev openssl-dev expat-dev"
depends_dev="$makedepends"
source="http://www.libarchive.org/downloads/libarchive-$pkgver.tar.gz
CVE-2013-0211.patch
CVE-2015-2304.patch
CVE-2016-1541.patch
CVE-2016-4302.patch
CVE-2016-4809.patch
CVE-2016-5844.patch
CVE-2016-6250.patch
"
_builddir="$srcdir"/$pkgname-$pkgver
# security fixes:
# 3.1.2-r4:
# - CVE-2016-4302
# - CVE-2016-4809
# - CVE-2016-5844
# - CVE-2016-6250
prepare() {
cd "$_builddir"
for i in $source; do
case $i in
*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
esac
done
}
build () {
cd "$_builddir"
./configure \
--build=$CBUILD \
--host=$CHOST \
--prefix=/usr \
--without-xml2 \
|| return 1
make
}
package() {
cd "$_builddir"
make DESTDIR="$pkgdir" install || return 1
rm "$pkgdir"/usr/lib/*.la || return 1
}
tools() {
pkgdesc="libarchive tools bsdtar and bsdcpio"
mkdir -p "$subpkgdir"/usr/
mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
}
md5sums="efad5a503f66329bb9d2f4308b5de98a libarchive-3.1.2.tar.gz
fc5f5158d414e3a7e9f085d8d1470014 CVE-2013-0211.patch
b27c60d9288780261410366994103278 CVE-2015-2304.patch
1d6acc1b95e1f6a397dbf332b6e8b0eb CVE-2016-1541.patch
671e37e5012868487c883d1d3d1a98e8 CVE-2016-4302.patch
441be3deb395c923f775e1a2d0f0d35e CVE-2016-4809.patch
fffa1304e451984b8fa43047da1c9178 CVE-2016-5844.patch
d5e6f412445c5b463d3761995c23f84e CVE-2016-6250.patch"
sha256sums="eb87eacd8fe49e8d90c8fdc189813023ccc319c5e752b01fb6ad0cc7b2c53d5e libarchive-3.1.2.tar.gz
75f30c3867d3924461bb764ea2ca3c1b1e43240aeb5b0dd93a103fd7a7ca7fe9 CVE-2013-0211.patch
5a862586b4684d819add1df9d747bc47f9a4f2fecd069175bf00f6927c9633bf CVE-2015-2304.patch
cfe651e5b9a626ea51b92e762474e8bc9ef28d95a42123f69bdbed3c14547b69 CVE-2016-1541.patch
f5e66529b373d23e9084c38df2c65d2406986cbb7039cf380ff884b3feb78312 CVE-2016-4302.patch
c108796584bdd539eaa892b7ea83257ccf9174c6a23afe4fa7d32f90ac140220 CVE-2016-4809.patch
dbdd82e4e5693fdfb3e510d6238e411f00d68d71c09d6ec84f4b6c7ca44b00d0 CVE-2016-5844.patch
e46a9999388cae275c31ee758b44be99fc04b58257b0c3e068a3e58d266a0fdd CVE-2016-6250.patch"
sha512sums="1f3c2a675031f93c7d42ae2ed06742b0b1e2236ff57d9117791d62fb8ae77d6cafffbcb5d45b5bd98daa908bd18c576cf82e01a9b1eba699705e23eff3688114 libarchive-3.1.2.tar.gz
c10470ab67dd94944489f72e4d6f39d98163f5d7a92bcd550aa323e9a1b96148588bd04ac7d8c6ff232dc388559fb3e67552bb5c83ac7626ad714517f5022fce CVE-2013-0211.patch
ae3161b36605c81622d4d4c44f33c31e596506dc60ffb43a91b0f7b831d15d48abdd64725cd770bca6795230f1505d301a74db63903c91507195ccdea0737b63 CVE-2015-2304.patch
ecbd54a125948c0bf172ad8d877f074e802a4f719a967a69f7c56ea7fda77ec68183bc47642f4437462132af61b91d7b94d9b87d0e84aafbeb492b28d0d1531d CVE-2016-1541.patch
94db9186246971fbad51d5d1b50719b2ae1d6baeb063fd344546fd4e1d8cec89438ea8baa299af75eb8e1157888b68e8fd53120aaccba1b802b3169baaf13c98 CVE-2016-4302.patch
464692946ad59f7f404a1ac1b123e06b407cabaece95bd062b5c0fca7c62355b4a9c2aa940055aee5b9c40fcc3077fbe2a3b5a3d416b5b2c453fc7518cbc858d CVE-2016-4809.patch
213fbf0b6ac1b6f7662a6d15119696db5c05e071ffa86cb6832677c9676040ed8df199bb22e72dc47264e8873e246737bad327d88f439d8b164c0520095210b2 CVE-2016-5844.patch
1b93ce72c4769aa7467bb68ad7953551bed3b944eeb686ebbacc7ccd450833dc3250b0e3132cf63ae35d873b021ffbcbeb0f08a60f16037ffabc45536292af35 CVE-2016-6250.patch"
|
