aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLeo <thinkabit.ukim@gmail.com>2020-09-22 13:05:03 -0300
committerLeo <thinkabit.ukim@gmail.com>2020-09-22 13:06:31 -0300
commit4301df495697eb23d27cc5b6a4bbe5dd90b1de87 (patch)
treeedc36edae56a19de67badda55adb1dc3cad078f9
parentafeae22eea3eb579929c58402b96dfa1f4c1b671 (diff)
main/cryptsetup: fix CVE-2020-14382
See: #11969
-rw-r--r--main/cryptsetup/APKBUILD10
1 files changed, 8 insertions, 2 deletions
diff --git a/main/cryptsetup/APKBUILD b/main/cryptsetup/APKBUILD
index e6f195d2a36..a3be1b74952 100644
--- a/main/cryptsetup/APKBUILD
+++ b/main/cryptsetup/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=cryptsetup
pkgver=2.2.2
-pkgrel=0
+pkgrel=1
pkgdesc="Userspace setup tool for transparent encryption of block devices using the Linux 2.6 cryptoapi"
url="https://gitlab.com/cryptsetup/cryptsetup"
arch="all"
@@ -17,8 +17,13 @@ source="https://www.kernel.org/pub/linux/utils/cryptsetup/v${pkgver%.*}/cryptset
flush-stdout.patch
dmcrypt.confd
dmcrypt.initd
+ CVE-2020-14382.patch::https://gitlab.com/cryptsetup/cryptsetup/-/commit/52f5cb8cedf22fb3e14c744814ec8af7614146c7.patch
"
+# secfixes:
+# 2.2.2-r1:
+# - CVE-2020-14382
+
build() {
cd "$builddir"
./configure \
@@ -62,4 +67,5 @@ libs() {
sha512sums="22fa0fd491112fe93d080c2a5b9c3b456324ed3269ad2058adbc1ffa47a35313ec05351992bed4b47984585f3204c023088f29096a14357ce27fe7d033706cf5 cryptsetup-2.2.2.tar.gz
dc896fdb7697d01443a168819f01af02db00a9de75589f062a1ebbfc0bc185b6d2109b18352309c41b818e3ad89609dcea3660d6f3cda890de825f053f94de97 flush-stdout.patch
74422d5e1614b43af894ea01da1ea80d805ec7f77981cbb80a6b1a4becad737a8825d7269812499095a7f50d39fa7da5bf4e4edae63529b1fe87b9176943a733 dmcrypt.confd
-81dad61cdecf1dc529b26eb3cdc15979a582c876b01268f88e7a71c8fae6911137c03bfa63fee64e064e5fb31f673610be27ecab9fc432229f13e7040698bd5c dmcrypt.initd"
+81dad61cdecf1dc529b26eb3cdc15979a582c876b01268f88e7a71c8fae6911137c03bfa63fee64e064e5fb31f673610be27ecab9fc432229f13e7040698bd5c dmcrypt.initd
+5a8e68f4efc68a34a917c298ccf7d45a67adb67de06bf3560d58a01b4d6c77c52b868af9f322c3b82789c2e890f120e5c6e56b96f8cff083413301f24a6befc1 CVE-2020-14382.patch"