main/botan: add mitigation for CVE-2021-40529

b29012c4 · Ariadne Conill · 119dd5c3 · b29012c4 · b29012c4 · b29012c4
Commit b29012c4 authored 3 years ago by Ariadne Conill
--- a/main/botan/APKBUILD
+++ b/main/botan/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=botan
 pkgver=2.18.1
-pkgrel=2
+pkgrel=3
 pkgdesc="Crypto and TLS for C++11"
 url="https://botan.randombit.net/"
 arch="all"
@@ -10,10 +10,14 @@ license="BSD-2-Clause"
 depends_dev="boost-dev bzip2-dev openssl1.1-compat-dev sqlite-dev xz-dev zlib-dev"
 makedepends="$depends_dev python3"
 subpackages="$pkgname-dev $pkgname-doc $pkgname-libs"
-source="https://botan.randombit.net/releases/Botan-$pkgver.tar.xz"
+source="https://botan.randombit.net/releases/Botan-$pkgver.tar.xz
+	dl-exponents.patch
+	CVE-2021-40529.patch"
 builddir="$srcdir/Botan-$pkgver"
 # secfixes:
+#   2.18.1-r3:
+#     - CVE-2021-40529
 #   2.17.3-r0:
 #     - CVE-2021-24115
 #   2.9.0-r0:
@@ -57,4 +61,8 @@ package() {
 	rm -rf "$pkgdir"/usr/lib/python*
 }
-sha512sums="2f11d1ab703d977a2d64504d2a2489ce56109a2a6c46c0dc7c8db428470ce511bcc0160f70baedad29237abd5e1622f2c155ea58c4dec4d3ae57ee7b350415c3  Botan-2.18.1.tar.xz"
+sha512sums="
+2f11d1ab703d977a2d64504d2a2489ce56109a2a6c46c0dc7c8db428470ce511bcc0160f70baedad29237abd5e1622f2c155ea58c4dec4d3ae57ee7b350415c3  Botan-2.18.1.tar.xz
+e0d5e2c07d1ea66def33cbf8d64ba87eeb46c10ff0c14a54bc518b87a668a74a184e18b89440a2ef4b78ddf97cb4e2b02f1a70b4bbf705170715e353b2abbddb  dl-exponents.patch
+fd5d29ea98de0f0ddc63340270f118a2a633e740d604cf030780fdca46a87733654c38c01f933bb607f92cbb3750250a1af6ef9fe26fec601bbe8c9f079a6660  CVE-2021-40529.patch
+"
--- a/main/botan/CVE-2021-40529.patch
+++ b/main/botan/CVE-2021-40529.patch
--- a/main/botan/dl-exponents.patch
+++ b/main/botan/dl-exponents.patch