aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLeo <thinkabit.ukim@gmail.com>2020-09-15 08:09:23 -0300
committerLeo <thinkabit.ukim@gmail.com>2020-09-15 11:25:17 +0000
commit69e1d57ff54245bda3b605e81d4212e630ed3756 (patch)
tree17b36e507e031fe186aa640c1215a70356ec5fea
parent0815a0df85ee618040ccd86d6c547a200b56c920 (diff)
downloadaports-69e1d57ff54245bda3b605e81d4212e630ed3756.tar.gz
aports-69e1d57ff54245bda3b605e81d4212e630ed3756.tar.bz2
aports-69e1d57ff54245bda3b605e81d4212e630ed3756.tar.xz
community/geary: fix CVE-2020-24661
See: #11952
-rw-r--r--community/geary/APKBUILD13
1 files changed, 10 insertions, 3 deletions
diff --git a/community/geary/APKBUILD b/community/geary/APKBUILD
index 80e24c9b90..8940a576b5 100644
--- a/community/geary/APKBUILD
+++ b/community/geary/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Rasmus Thomsen <oss@cogitri.dev>
pkgname=geary
pkgver=3.36.2
-pkgrel=0
+pkgrel=1
pkgdesc="Geary is an email application built around conversations"
url="https://wiki.gnome.org/Apps/Geary"
# libhandy is not available on s390x or mips
@@ -16,7 +16,13 @@ makedepends="meson glib-dev gtk+3.0-dev sqlite-dev webkit2gtk-dev enchant2-dev
checkdepends="xvfb-run desktop-file-utils ibus"
options="!check" # https://gitlab.gnome.org/GNOME/geary/-/issues/776
subpackages="$pkgname-lang $pkgname-doc"
-source="https://download.gnome.org/sources/geary/${pkgver%.*}/geary-$pkgver.tar.xz"
+source="https://download.gnome.org/sources/geary/${pkgver%.*}/geary-$pkgver.tar.xz
+ CVE-2020-24661.patch::https://gitlab.gnome.org/GNOME/geary/-/commit/0fc8c7c62e8af5734f3ad17f158e5bed7f05fc18.patch
+ "
+
+# secfixes:
+# 3.36.2-r1:
+# - CVE-2020-24661
build() {
meson \
@@ -38,4 +44,5 @@ package() {
DESTDIR="$pkgdir" ninja -C output install
}
-sha512sums="a3cca301a3668eb2e70f8bfc147abef9088de4e822efab4ecc44830fbc394265d1fa37267a1f8fa97b6e8d1ac8a8adb76e5dd9e509490ac567e05bd243e8ea20 geary-3.36.2.tar.xz"
+sha512sums="a3cca301a3668eb2e70f8bfc147abef9088de4e822efab4ecc44830fbc394265d1fa37267a1f8fa97b6e8d1ac8a8adb76e5dd9e509490ac567e05bd243e8ea20 geary-3.36.2.tar.xz
+3f63fd28d821eb7bfba65e1a2f147cb21a9330f1f4173ef819855c5dd5602ce12f754f99483846d43461ecf81c0103f640e5382fa6bc0e576c882e854ce6f314 CVE-2020-24661.patch"