aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2019-12-26 12:49:19 +0100
committerNatanael Copa <ncopa@alpinelinux.org>2019-12-26 12:53:24 +0100
commit4e617546654863ca795146a23e2e4c5037c7fa9f (patch)
treece6ee743270922ab2a2be8e9b37b7c6d6483f82d
parent4161c95de8dfb4fae6e54f9096a137e8562270f3 (diff)
downloadaports-4e617546654863ca795146a23e2e4c5037c7fa9f.tar.gz
aports-4e617546654863ca795146a23e2e4c5037c7fa9f.tar.bz2
aports-4e617546654863ca795146a23e2e4c5037c7fa9f.tar.xz
main/libssh: security upgrade to 0.8.8 (CVE-2019-14889)
fixes #11042
-rw-r--r--main/libssh/APKBUILD14
1 files changed, 10 insertions, 4 deletions
diff --git a/main/libssh/APKBUILD b/main/libssh/APKBUILD
index 504837ec62..7cf6d5af3d 100644
--- a/main/libssh/APKBUILD
+++ b/main/libssh/APKBUILD
@@ -1,8 +1,8 @@
# Contributor: Carlo Landmeter <clandmeter@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=libssh
-pkgver=0.7.6
-pkgrel=1
+pkgver=0.8.8
+pkgrel=0
pkgdesc="Library for accessing ssh client services through C libraries"
url="http://www.libssh.org/"
arch="all"
@@ -10,10 +10,16 @@ license="LGPL"
makedepends="zlib-dev openssl-dev cmake doxygen"
subpackages="$pkgname-dev"
options="!check"
-source="https://www.libssh.org/files/0.7/libssh-$pkgver.tar.xz
+source="https://www.libssh.org/files/${pkgver%.*}/libssh-$pkgver.tar.xz
fix-includes.patch"
builddir="$srcdir"/$pkgname-$pkgver
+# secfixes:
+# 0.8.8-r0:
+# - CVE-2019-14889
+# 0.7.6-r0:
+# - CVE-2018-10933
+
build() {
cd "$srcdir"
mkdir build && cd build
@@ -28,5 +34,5 @@ package() {
make DESTDIR="$pkgdir" install
}
-sha512sums="2a01402b5a9fab9ecc29200544ed45d3f2c40871ed1c8241ca793f8dc7fdb3ad2150f6a522c4321affa9b8778e280dc7ed10f76adfc4a73f0751ae735a42f56c libssh-0.7.6.tar.xz
+sha512sums="6cb484b0870174aa7eba996a4d0b8c00cd5f529b336bc9d16976a4b66b24c6394bac8092128268093416ec5b9a0612d7173eaebf940a3dee99c0b30e3403e51a libssh-0.8.8.tar.xz
055a8f6b97c65384a5a3ab8fe00c69d94cc30092fe926093dbbc122ce301fbe9d76127aa07b5e6107d7fa9dd2aad6b165fa0958b56520253b5d64428ff42a318 fix-includes.patch"