Commit f995a9dc authored by Leo's avatar Leo
Browse files

main/jbig2dec: fix CVE-2020-12268

See #11525
parent f2e830c2
Pipeline #17936 failed with stages
in 8 minutes and 42 seconds
......@@ -3,7 +3,7 @@
pkgname=jbig2dec
pkgver=0.16
_gsver="gs927"
pkgrel=0
pkgrel=1
pkgdesc="JBIG2 image compression format decoder"
url="https://www.ghostscript.com/jbig2dec.html"
arch="all"
......@@ -11,7 +11,13 @@ license="GPL-2.0-or-later"
makedepends="autoconf automake libtool"
checkdepends="python2"
subpackages="$pkgname-dev $pkgname-doc"
source="https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/$_gsver/jbig2dec-$pkgver.tar.gz"
source="https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/$_gsver/jbig2dec-$pkgver.tar.gz
CVE-2020-12268.patch::https://github.com/ArtifexSoftware/jbig2dec/commit/0726320a4b55078e9d8deb590e477d598b3da66e.patch
"
# secfixes:
# 0.16-r1:
# - CVE-2020-12268
builddir="$srcdir/$pkgname-$pkgver"
......@@ -45,4 +51,5 @@ package() {
make DESTDIR="$pkgdir" install
}
sha512sums="1c1a9b9fc46d40ef3bd6133fd95b02163456e4d9fb271f57c75f4dcc4ace726ec54b8d22f984e4804bbad7f1d018566e522c1924bc8ad2e807d48d57a8851949 jbig2dec-0.16.tar.gz"
sha512sums="1c1a9b9fc46d40ef3bd6133fd95b02163456e4d9fb271f57c75f4dcc4ace726ec54b8d22f984e4804bbad7f1d018566e522c1924bc8ad2e807d48d57a8851949 jbig2dec-0.16.tar.gz
f88a39384e2c4af1f4e5b879ee83c1032681cbf59bd705d679502dca3fb500ed0eaf2b20e605f1bb3f62d657fa36a843f5ff92cdf35d4ff6a4482c5d6b0af88d CVE-2020-12268.patch"
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment