aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSören Tempel <soeren+git@soeren-tempel.net>2019-12-22 19:04:59 +0100
committerSören Tempel <soeren+git@soeren-tempel.net>2019-12-22 19:07:43 +0100
commit2c3c482d034409a5de8c2c754fc5985b06a97905 (patch)
tree8dbbee96d78553dbb4970eaa3c08f20596a872f8
parentf650e076f1d3707252a60bf8ca4ff19a19dc595e (diff)
downloadaports-2c3c482d034409a5de8c2c754fc5985b06a97905.tar.gz
aports-2c3c482d034409a5de8c2c754fc5985b06a97905.tar.bz2
aports-2c3c482d034409a5de8c2c754fc5985b06a97905.tar.xz
main/file: upgrade to 5.38
-rw-r--r--main/file/APKBUILD8
-rw-r--r--main/file/CVE-2019-18218.patch40
2 files changed, 3 insertions, 45 deletions
diff --git a/main/file/APKBUILD b/main/file/APKBUILD
index 13c1bd18b1..9ae5082dae 100644
--- a/main/file/APKBUILD
+++ b/main/file/APKBUILD
@@ -1,8 +1,8 @@
# Contributor: Valery Kartel <valery.kartel@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=file
-pkgver=5.37
-pkgrel=1
+pkgver=5.38
+pkgrel=0
pkgdesc="File type identification utility"
url="https://www.darwinsys.com/file"
arch="all"
@@ -10,7 +10,6 @@ license="BSD-2-Clause"
makedepends="autoconf libtool automake"
subpackages="$pkgname-dev $pkgname-doc libmagic"
source="$pkgname-$pkgver.tar.gz::https://github.com/file/file/archive/FILE${pkgver/./_}.tar.gz
- CVE-2019-18218.patch
"
builddir="$srcdir/$pkgname-FILE${pkgver/./_}"
@@ -48,5 +47,4 @@ libmagic() {
mv "$pkgdir"/usr/lib "$pkgdir"/usr/share "$subpkgdir"/usr
}
-sha512sums="9b6ae3dd910a03d2161c91ebc75ac91eb7dbd279563462b77daf902d9ae9f0a70de12c37a498b20c6357d6594059d01841bfd104592107b65c08d8343fca19d2 file-5.37.tar.gz
-d70c5d298db7f70c45feaeebb077f076e6f1b5bcccb85926afeead64838436fd42681541d56f4fbe35b97dd76bfdbf3abf2665894c18999b37d2ca3fe2f2cf17 CVE-2019-18218.patch"
+sha512sums="b8920b0b886600b50ef83d949028972e99830d5ac2e9545a5ff7177e5f4c3db20bfc00884d6b6961e4707a920f0290c59ae89439a02cd8cc2a8673284c4100c4 file-5.38.tar.gz"
diff --git a/main/file/CVE-2019-18218.patch b/main/file/CVE-2019-18218.patch
deleted file mode 100644
index e7eba44922..0000000000
--- a/main/file/CVE-2019-18218.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-Source: https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84
-
-diff --git a/src/cdf.c b/src/cdf.c
-index 556a3ff..8bb0a6d 100644
---- a/src/cdf.c
-+++ b/src/cdf.c
-@@ -1013,8 +1013,9 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
- goto out;
- }
- nelements = CDF_GETUINT32(q, 1);
-- if (nelements == 0) {
-- DPRINTF(("CDF_VECTOR with nelements == 0\n"));
-+ if (nelements > CDF_ELEMENT_LIMIT || nelements == 0) {
-+ DPRINTF(("CDF_VECTOR with nelements == %"
-+ SIZE_T_FORMAT "u\n", nelements));
- goto out;
- }
- slen = 2;
-@@ -1056,8 +1057,6 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
- goto out;
- inp += nelem;
- }
-- DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n",
-- nelements));
- for (j = 0; j < nelements && i < sh.sh_properties;
- j++, i++)
- {
-diff --git a/src/cdf.h b/src/cdf.h
-index 2f7e554..0505666 100644
---- a/src/cdf.h
-+++ b/src/cdf.h
-@@ -48,6 +48,7 @@
- typedef int32_t cdf_secid_t;
-
- #define CDF_LOOP_LIMIT 10000
-+#define CDF_ELEMENT_LIMIT 100000
-
- #define CDF_SECID_NULL 0
- #define CDF_SECID_FREE -1
-