aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAriadne Conill <ariadne@dereferenced.org>2021-04-13 10:49:04 -0600
committerAriadne Conill <ariadne@dereferenced.org>2021-04-13 10:49:39 -0600
commit675e9209569cadb44c851402284a238b4666d0c1 (patch)
tree776158300b47ef108ec3887a887d0b02cbcc86c6
parent9a22755463ecc141330b52ee03c7b1151040a124 (diff)
downloadaports-675e9209569cadb44c851402284a238b4666d0c1.tar.gz
aports-675e9209569cadb44c851402284a238b4666d0c1.tar.bz2
aports-675e9209569cadb44c851402284a238b4666d0c1.tar.xz
community/xwayland: fix CVE-2021-3472
-rw-r--r--community/xwayland/APKBUILD10
1 files changed, 8 insertions, 2 deletions
diff --git a/community/xwayland/APKBUILD b/community/xwayland/APKBUILD
index aed40fa06d..1e8b7df49d 100644
--- a/community/xwayland/APKBUILD
+++ b/community/xwayland/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer:
pkgname=xwayland
pkgver=21.1.0
-pkgrel=3
+pkgrel=4
pkgdesc="Compact xserver to run under wayland for compatibility"
url="https://www.x.org/wiki"
arch="all"
@@ -32,9 +32,14 @@ makedepends="
meson
"
source="https://gitlab.freedesktop.org/xorg/xserver/-/archive/xwayland-$pkgver/xserver-xwayland-$pkgver.tar.gz
+ CVE-2021-3472.patch::https://gitlab.freedesktop.org/xorg/xserver/-/commit/7aaf54a1884f71dc363f0b884e57bcb67407a6cd.patch
"
builddir="$srcdir/xserver-xwayland-$pkgver"
+# secfixes:
+# 21.1.0-r4:
+# - CVE-2021-3472
+
# Required because 'apk' will install 'xwayland' before removing
# 'xorg-server-xwayland' which causes it to complain the files
# are being replaced and abort operation.
@@ -70,4 +75,5 @@ package() {
rm -f "$pkgdir"/usr/lib/xorg/protocol.txt
}
-sha512sums="9306f60dda9c08a78e6fcb162646e0d0d078e0b14aaab2385cec9f59400eb7dd299b9258b4ea1baccef3990eaf57ddf38999e9151accaf1e8dfda6bf2a3c312d xserver-xwayland-21.1.0.tar.gz"
+sha512sums="9306f60dda9c08a78e6fcb162646e0d0d078e0b14aaab2385cec9f59400eb7dd299b9258b4ea1baccef3990eaf57ddf38999e9151accaf1e8dfda6bf2a3c312d xserver-xwayland-21.1.0.tar.gz
+249e7b0142193f7828e888879d8548ef8afbe56ec7188674dcc8a16f3caa1e19b84f87d29334a991463b08ad05a2e677ebb186a2495c1dfbd39c2193570e381b CVE-2021-3472.patch"