aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2017-06-01 11:18:05 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2017-06-01 15:03:28 +0200
commit79170b170d09fe898c6c937ba588dc214dabb05c (patch)
treeb686c063637610878ec063a6eb891e835a270347
parent27e745e6b16e354f98de885984bee4ccce9e03b0 (diff)
downloadaports-79170b170d09fe898c6c937ba588dc214dabb05c.tar.gz
aports-79170b170d09fe898c6c937ba588dc214dabb05c.tar.bz2
aports-79170b170d09fe898c6c937ba588dc214dabb05c.tar.xz
main/mosquitto: security upgrade to 1.4.12 (CVE-2017-7650)
fixes #7367
-rw-r--r--main/mosquitto/APKBUILD12
-rw-r--r--main/mosquitto/config.patch27
2 files changed, 15 insertions, 24 deletions
diff --git a/main/mosquitto/APKBUILD b/main/mosquitto/APKBUILD
index b230030fd5..98b8935373 100644
--- a/main/mosquitto/APKBUILD
+++ b/main/mosquitto/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=mosquitto
-pkgver=1.4.11
-pkgrel=1
+pkgver=1.4.12
+pkgrel=0
pkgdesc="An Open Source MQTT v3.1 Broker"
url="http://mosquitto.org/"
arch="all"
@@ -20,6 +20,10 @@ source="http://mosquitto.org/files/source/$pkgname-$pkgver.tar.gz
mosquitto.initd"
builddir="$srcdir/$pkgname-$pkgver"
+# secfixes:
+# 1.4.12-r0:
+# - CVE-2017-7650
+
prepare() {
default_prepare || return 1
@@ -70,7 +74,7 @@ clients() {
mv "$pkgdir"/usr/bin/mosquitto_[ps]ub "$subpkgdir"/usr/bin/
}
-sha512sums="c05ca8679b9a6f540868f4ccf701257fcabc114d5450ac0bbbe80b91bb7cd4fc52668773e945506760c7a5bd8a494e0a56100714112e5d2713d57bfab8951587 mosquitto-1.4.11.tar.gz
+sha512sums="75e6105498869ab13265df7a0bea6052c014d59d0c0efb61162d8257d34c0153fce32130e84c28e99fd494f374949aac5e01c19f7439c2eea575b52ef1179c3c mosquitto-1.4.12.tar.gz
53859b628f965b77f6e47910c0ceba2f2737b815131ed800dc64a80419e434d25b5ba0938ae645882e9aa5d475d4940c7d35cc6d56f54bc4937a66b32d7db4ad libressl.patch
-d1e5ef833e1e624c0c45c9f7cf7cd755db7e81072e8140f5d687d6843985855aa721f72de63d738d37a43a2b2ed3de37dfaf34582958240754788aacc3c0ea5f config.patch
+d5442373ae6ae8bc83eee59b425fbd76e80f905b9fd2bd2ed2a37a7e156fe95a9cf477c9c4dac0975c5fd90e70884de6fb8a16aefcd37b239199d5deae50b7d2 config.patch
16f96d8f7f3a8b06e2b2e04d42d7e0d89a931b52277fc017e4802f7a3bc85aff4dd290b1a0c40382ea8f5568d0ceb7319c031d9be916f346d805231a002b0433 mosquitto.initd"
diff --git a/main/mosquitto/config.patch b/main/mosquitto/config.patch
index 66a034365b..a88d35366b 100644
--- a/main/mosquitto/config.patch
+++ b/main/mosquitto/config.patch
@@ -1,8 +1,6 @@
-diff --git a/config.mk b/config.mk
-index 6e369c2..ecc4990 100644
---- a/config.mk
-+++ b/config.mk
-@@ -26,7 +26,7 @@ WITH_TLS:=yes
+--- ./config.mk.orig
++++ ./config.mk
+@@ -26,7 +26,7 @@
# Comment out to disable TLS/PSK support in the broker and client. Requires
# WITH_TLS=yes.
# This must be disabled if using openssl < 1.0.
@@ -11,7 +9,7 @@ index 6e369c2..ecc4990 100644
# Comment out to disable client client threading support.
WITH_THREADING:=yes
-@@ -46,7 +46,7 @@ WITH_PERSISTENCE:=yes
+@@ -46,7 +46,7 @@
# Comment out to remove memory tracking support from the broker. If disabled,
# mosquitto won't track heap memory usage nor export '$SYS/broker/heap/current
# size', but will use slightly less memory and CPU time.
@@ -20,7 +18,7 @@ index 6e369c2..ecc4990 100644
# Compile with database upgrading support? If disabled, mosquitto won't
# automatically upgrade old database versions.
-@@ -65,7 +65,7 @@ WITH_SRV:=yes
+@@ -65,7 +65,7 @@
WITH_UUID:=yes
# Build with websockets support on the broker.
@@ -29,7 +27,7 @@ index 6e369c2..ecc4990 100644
# Use elliptic keys in broker
WITH_EC:=yes
-@@ -78,6 +78,7 @@ WITH_SOCKS:=yes
+@@ -78,6 +78,7 @@
# Build with async dns lookup support for bridges (temporary). Requires glibc.
#WITH_ADNS:=yes
@@ -37,18 +35,7 @@ index 6e369c2..ecc4990 100644
# =============================================================================
# End of user configuration
-@@ -159,10 +160,6 @@ ifeq ($(UNAME),QNX)
- LIB_LIBS:=$(LIB_LIBS) -lsocket
- endif
-
--ifeq ($(UNAME),Linux)
-- BROKER_LIBS:=$(BROKER_LIBS) -lanl
--endif
--
- ifeq ($(WITH_WRAP),yes)
- BROKER_LIBS:=$(BROKER_LIBS) -lwrap
- BROKER_CFLAGS:=$(BROKER_CFLAGS) -DWITH_WRAP
-@@ -253,7 +250,7 @@ ifeq ($(WITH_DOCS),yes)
+@@ -249,7 +250,7 @@
endif
INSTALL?=install