diff options
| author | Sören Tempel <soeren+git@soeren-tempel.net> | 2019-12-22 19:04:59 +0100 |
|---|---|---|
| committer | Sören Tempel <soeren+git@soeren-tempel.net> | 2019-12-22 19:07:43 +0100 |
| commit | 2c3c482d034409a5de8c2c754fc5985b06a97905 (patch) | |
| tree | 8dbbee96d78553dbb4970eaa3c08f20596a872f8 | |
| parent | f650e076f1d3707252a60bf8ca4ff19a19dc595e (diff) | |
| download | aports-2c3c482d034409a5de8c2c754fc5985b06a97905.tar.gz aports-2c3c482d034409a5de8c2c754fc5985b06a97905.tar.bz2 aports-2c3c482d034409a5de8c2c754fc5985b06a97905.tar.xz | |
main/file: upgrade to 5.38
| -rw-r--r-- | main/file/APKBUILD | 8 | ||||
| -rw-r--r-- | main/file/CVE-2019-18218.patch | 40 |
2 files changed, 3 insertions, 45 deletions
diff --git a/main/file/APKBUILD b/main/file/APKBUILD index 13c1bd18b19..9ae5082dae3 100644 --- a/main/file/APKBUILD +++ b/main/file/APKBUILD @@ -1,8 +1,8 @@ # Contributor: Valery Kartel <valery.kartel@gmail.com> # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=file -pkgver=5.37 -pkgrel=1 +pkgver=5.38 +pkgrel=0 pkgdesc="File type identification utility" url="https://www.darwinsys.com/file" arch="all" @@ -10,7 +10,6 @@ license="BSD-2-Clause" makedepends="autoconf libtool automake" subpackages="$pkgname-dev $pkgname-doc libmagic" source="$pkgname-$pkgver.tar.gz::https://github.com/file/file/archive/FILE${pkgver/./_}.tar.gz - CVE-2019-18218.patch " builddir="$srcdir/$pkgname-FILE${pkgver/./_}" @@ -48,5 +47,4 @@ libmagic() { mv "$pkgdir"/usr/lib "$pkgdir"/usr/share "$subpkgdir"/usr } -sha512sums="9b6ae3dd910a03d2161c91ebc75ac91eb7dbd279563462b77daf902d9ae9f0a70de12c37a498b20c6357d6594059d01841bfd104592107b65c08d8343fca19d2 file-5.37.tar.gz -d70c5d298db7f70c45feaeebb077f076e6f1b5bcccb85926afeead64838436fd42681541d56f4fbe35b97dd76bfdbf3abf2665894c18999b37d2ca3fe2f2cf17 CVE-2019-18218.patch" +sha512sums="b8920b0b886600b50ef83d949028972e99830d5ac2e9545a5ff7177e5f4c3db20bfc00884d6b6961e4707a920f0290c59ae89439a02cd8cc2a8673284c4100c4 file-5.38.tar.gz" diff --git a/main/file/CVE-2019-18218.patch b/main/file/CVE-2019-18218.patch deleted file mode 100644 index e7eba449222..00000000000 --- a/main/file/CVE-2019-18218.patch +++ /dev/null @@ -1,40 +0,0 @@ -Source: https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84 - -diff --git a/src/cdf.c b/src/cdf.c -index 556a3ff..8bb0a6d 100644 ---- a/src/cdf.c -+++ b/src/cdf.c -@@ -1013,8 +1013,9 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h, - goto out; - } - nelements = CDF_GETUINT32(q, 1); -- if (nelements == 0) { -- DPRINTF(("CDF_VECTOR with nelements == 0\n")); -+ if (nelements > CDF_ELEMENT_LIMIT || nelements == 0) { -+ DPRINTF(("CDF_VECTOR with nelements == %" -+ SIZE_T_FORMAT "u\n", nelements)); - goto out; - } - slen = 2; -@@ -1056,8 +1057,6 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h, - goto out; - inp += nelem; - } -- DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n", -- nelements)); - for (j = 0; j < nelements && i < sh.sh_properties; - j++, i++) - { -diff --git a/src/cdf.h b/src/cdf.h -index 2f7e554..0505666 100644 ---- a/src/cdf.h -+++ b/src/cdf.h -@@ -48,6 +48,7 @@ - typedef int32_t cdf_secid_t; - - #define CDF_LOOP_LIMIT 10000 -+#define CDF_ELEMENT_LIMIT 100000 - - #define CDF_SECID_NULL 0 - #define CDF_SECID_FREE -1 - |