diff options
| author | Sergey Lukin <sergej.lukin@gmail.com> | 2017-01-26 07:56:15 +0000 |
|---|---|---|
| committer | Leonardo Arena <rnalrd@alpinelinux.org> | 2017-01-26 15:56:07 +0000 |
| commit | 8a9c19caf7beab76554fea239c4ba9a2d2ec95de (patch) | |
| tree | aa783f2673eb5eeeda4ef8d5fd8abd730ed6fca8 /main/libgit2 | |
| parent | 7c959f50e351cf74579797aa28a1f1f77c68fbc3 (diff) | |
| download | aports-8a9c19caf7beab76554fea239c4ba9a2d2ec95de.tar.bz2 aports-8a9c19caf7beab76554fea239c4ba9a2d2ec95de.tar.xz | |
main/libgit2: security upgrade to 0.25.1 - fixes #6739
CVE-2016-10128: smart_pkt: verify packet length exceeds PKT_LEN_SIZE
CVE-2016-10129: smart_pkt: treat empty packet lines as error
CVE-2016-10130: http: check certificate validity before clobbering the error variable
Diffstat (limited to 'main/libgit2')
| -rw-r--r-- | main/libgit2/APKBUILD | 23 | ||||
| -rw-r--r-- | main/libgit2/libressl.patch | 12 |
2 files changed, 29 insertions, 6 deletions
diff --git a/main/libgit2/APKBUILD b/main/libgit2/APKBUILD index a164327de6..c5783d0ce6 100644 --- a/main/libgit2/APKBUILD +++ b/main/libgit2/APKBUILD @@ -1,9 +1,10 @@ +# Contributor: Sergei Lukin <sergej.lukin@gmail.com> # Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net> # Contributor: Pierre-Gilas MILLON <pgmillon@gmail.com> # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=libgit2 -pkgver=0.24.3 -pkgrel=1 +pkgver=0.25.1 +pkgrel=0 pkgdesc="A linkable library for Git" url="https://libgit2.github.com/" arch="all" @@ -14,10 +15,17 @@ makedepends="$depends_dev python2 cmake zlib-dev libressl-dev" subpackages="$pkgname-dev" provides="$pkgname-libs" # for backward compatibility with v3.4 replaces="$pkgname-libs" # for backward compatibility with v3.4 -source="$pkgname-$pkgver.tar.gz::https://github.com/$pkgname/$pkgname/archive/v$pkgver.tar.gz" +source="$pkgname-$pkgver.tar.gz::https://github.com/$pkgname/$pkgname/archive/v$pkgver.tar.gz + libressl.patch + " + builddir="$srcdir/$pkgname-$pkgver" # secfixes: +# 0.25.1-r0: +# - CVE-2016-10128 +# - CVE-2016-10129 +# - CVE-2016-10130 # 0.24.3-r0: # - CVE-2016-8568 # - CVE-2016-8569 @@ -40,6 +48,9 @@ package() { -C "$builddir" install || return 1 } -md5sums="df626711b16bd5e7021123cbf1655399 libgit2-0.24.3.tar.gz" -sha256sums="0a24e6a51dbf3beecb0ebcd2cafb1e09b1212e910be6477b5de03c84a5586754 libgit2-0.24.3.tar.gz" -sha512sums="cb7b482664a5527e2d7c8f7c98755fd578f5331bc39fa2a5c8b841508e075b06b936f2c4a55cb4d10fe5d1677b596387bb16d68c220f1f23fce0a894b092f8c4 libgit2-0.24.3.tar.gz" +md5sums="3b285ce94200f00c34962711f001b192 libgit2-0.25.1.tar.gz +cbe35a6ce1ae8e87426af0c172fdaafd libressl.patch" +sha256sums="7ae8e699ff7ff9a1fa702249140ee31ea6fd556bf7968e84e38165870667bcb1 libgit2-0.25.1.tar.gz +4f9f801c6b50a731d96a2f0f75497b2ae5762ee0be0ef626964c63a50d1c40dc libressl.patch" +sha512sums="bbd0d27c95406b548185ce02e2a9288a9dcb8c3b28476ba20f4f4917f6bd67f1ddee80de3054d30b79cdb9d973c3061a15ea7847c79bfa4e0c62e41d5195cb99 libgit2-0.25.1.tar.gz +3674957d09207b11d268ba9fcb442a081b8efe318d0e8501b7afa0ae2397efc9aff8572b1ffd9f2286c46a06a647fbe943c2cc7e8f97d1a0288e74010846d439 libressl.patch" diff --git a/main/libgit2/libressl.patch b/main/libgit2/libressl.patch new file mode 100644 index 0000000000..967cdc4982 --- /dev/null +++ b/main/libgit2/libressl.patch @@ -0,0 +1,12 @@ +diff -ru src.orig/libgit2-0.25.1/src/openssl_stream.h src/libgit2-0.25.1/src/openssl_stream.h +--- libgit2-0.25.1/src/copenssl_stream.h.orig ++++ libgit2-0.25.1/src/openssl_stream.h +@@ -27,7 +27,7 @@ + + + +-# if OPENSSL_VERSION_NUMBER < 0x10100000L ++# if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + + GIT_INLINE(BIO_METHOD*) BIO_meth_new(int type, const char *name) + { |