Commit 1d79155e authored by Leo's avatar Leo Committed by Kevin Daudt
Browse files

main/libarchive: fix CVE-2019-18408

ref #10926

Closes !962
parent 07f84335
......@@ -2,17 +2,21 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=libarchive
pkgver=3.3.3
pkgrel=0
pkgrel=1
pkgdesc="library that can create and read several streaming archive formats"
url="http://libarchive.org/"
arch="all"
license="BSD"
makedepends="zlib-dev bzip2-dev xz-dev lz4-dev acl-dev libressl-dev expat-dev"
subpackages="$pkgname-dev $pkgname-doc $pkgname-tools"
source="http://www.libarchive.org/downloads/$pkgname-$pkgver.tar.gz"
source="http://www.libarchive.org/downloads/$pkgname-$pkgver.tar.gz
CVE-2019-18408.patch::https://github.com/libarchive/libarchive/commit/b8592ecba2f9e451e1f5cb7ab6dcee8b8e7b3f60.patch
"
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
# 3.3.3-r1:
# - CVE-2019-18408
# 3.3.3-r0:
# - CVE-2017-14501
# - CVE-2017-14502
......@@ -42,4 +46,5 @@ tools() {
mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
}
sha512sums="9d12b47d6976efa9f98e62c25d8b85fd745d4e9ca7b7e6d36bfe095dfe5c4db017d4e785d110f3758f5938dad6f1a1b009267fd7e82cb7212e93e1aea237bab7 libarchive-3.3.3.tar.gz"
sha512sums="9d12b47d6976efa9f98e62c25d8b85fd745d4e9ca7b7e6d36bfe095dfe5c4db017d4e785d110f3758f5938dad6f1a1b009267fd7e82cb7212e93e1aea237bab7 libarchive-3.3.3.tar.gz
4807e01dffb83ff4ef430c66339157e9f7a61db4fc5cec2812c3ee5ad130b4fc2d3c1cbeea87930c76cd8ec3e66272e20622a48edf0c66215b626c4e0db99cab CVE-2019-18408.patch"
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment