main/tcpdump: fix CVE-2020-8037

See: #12120

main/tcpdump: fix CVE-2020-8037
See: #12120
d68aa1f7 · Leo · 42f61991 · d68aa1f7
Commit d68aa1f7 authored Nov 20, 2020 by Leo
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 3 deletions

main/tcpdump/APKBUILD main/tcpdump/APKBUILD +8 -3

No files found.
--- a/main/tcpdump/APKBUILD
+++ b/main/tcpdump/APKBUILD
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=tcpdump
 pkgver=4.9.3
-pkgrel=1
+pkgrel=2
 pkgdesc="A tool for network monitoring and data acquisition"
 url="https://www.tcpdump.org/"
 arch="all"
@@ -9,9 +9,13 @@ license="BSD-3-Clause"
 options="!check" # fail on ppc64le
 makedepends="libpcap-dev openssl-dev perl"
 subpackages="$pkgname-doc"
-source="https://www.tcpdump.org/release/tcpdump-$pkgver.tar.gz"
+source="https://www.tcpdump.org/release/tcpdump-$pkgver.tar.gz
+	CVE-2020-8037.patch::https://github.com/the-tcpdump-group/tcpdump/commit/32027e199368dad9508965aae8cd8de5b6ab5231.patch
+	"

 # secfixes:
+#   4.9.3-r1:
+#     - CVE-2020-8037
 #   4.9.3-r0:
 #     - CVE-2017-16808 (AoE)
 #     - CVE-2018-14468 (FrameRelay)
@@ -107,4 +111,5 @@ package() {
 	rm -f "$pkgdir"/usr/sbin/tcpdump.4*
 }

-sha512sums="3aec673f78b996a4df884b1240e5d0a26a2ca81ee7aca8a2e6d50255bb53476e008a5ced4409e278a956710d8a4d31d85bbb800c9f1aab92b0b1046b59292a22  tcpdump-4.9.3.tar.gz"
+sha512sums="3aec673f78b996a4df884b1240e5d0a26a2ca81ee7aca8a2e6d50255bb53476e008a5ced4409e278a956710d8a4d31d85bbb800c9f1aab92b0b1046b59292a22  tcpdump-4.9.3.tar.gz
+f53b5557ad2c68c28bbd6121b637ade43937ce4956fa9c2c8b187e8c62726c018509eb728f7f7479d078c9018f091f64114944b2d6106e6214662899f880445a  CVE-2020-8037.patch"