Commit 12f88f96 authored by alpine-mips-patches's avatar alpine-mips-patches Committed by Leonardo Arena

community/mbedtls: upgrade to 2.14.1

- set the license to Apache 2.0 only, one have to download another
   tarball for the GPL version (2.12 was using Apache 2.0 tarball);
 - use the download link from the main web site for easier checksum
   cross-verification (github tarballs have different SHA sums);
 - sort secfixes from newer-to-older;
 - add python3 as now required for build.

Rebuild is needed for the dependent aports due to libmbedtls.so.12
version bump (was .11).
parent 856c64b1
# Contributor: Łukasz Jendrysik <scadu@yandex.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=mbedtls
pkgver=2.12.0
pkgver=2.14.1
pkgrel=0
pkgdesc="Light-weight cryptographic and SSL/TLS library"
url="https://tls.mbed.org"
arch="all"
license="GPL-2.0-or-later Apache-2.0"
makedepends="cmake perl"
license="Apache-2.0"
makedepends="cmake perl python3"
subpackages="$pkgname-static $pkgname-dev $pkgname-utils"
source="$pkgname-$pkgver.tar.gz::https://github.com/ARMmbed/$pkgname/archive/$pkgname-$pkgver.tar.gz"
builddir="$srcdir/$pkgname-$pkgname-$pkgver"
source="https://tls.mbed.org/download/$pkgname-$pkgver-apache.tgz"
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
# 2.4.2-r0:
# - CVE-2017-2784
# 2.6.0-r0:
# - CVE-2017-14032
# 2.14.1-r0:
# - CVE-2018-19608
# 2.12.0-r0:
# - CVE-2018-0498
# - CVE-2018-0497
# 2.7.0-r0:
# - CVE-2017-18187
# - CVE-2018-0487
# - CVE-2018-0488
# - CVE-2018-0487
# - CVE-2017-18187
# 2.6.0-r0:
# - CVE-2017-14032
# 2.4.2-r0:
# - CVE-2017-2784
prepare() {
default_prepare
......@@ -68,4 +73,4 @@ static() {
chmod -x "$subpkgdir"/usr/lib/*.a
}
sha512sums="c7c2aeb1717886ad87486af2dccb05b2f051372c69fc914f30e4ace1067f5be39ba04e093ad522f904e23a576c1ff430bd772e77823d0f4720f6fc5c1b8aa98c mbedtls-2.12.0.tar.gz"
sha512sums="f8a9371fcdca34f61db3676f14f83ba303194dc097fcf34b8088b2d2b1b88b2818c2ed54eef747d8dff7c799e11aee511eb179bb815ae46934b3426d09926dda mbedtls-2.14.1-apache.tgz"
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment