aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLeo <thinkabit.ukim@gmail.com>2019-10-19 22:37:18 -0300
committerKevin Daudt <kdaudt@alpinelinux.org>2019-10-22 17:50:45 +0000
commit8a52368e6a35515b79c35269568b95fdcf606b4f (patch)
treede418d740ffe360bade3330f53631d7cb13f73e0
parenta91160b985e5a477fdd34cc3e5a6c4bc79f97fc4 (diff)
main/rsyslog: fix CVE-2019-17041 and CVE-2019-17042
ref #10880 Closes !544
-rw-r--r--main/rsyslog/APKBUILD13
1 files changed, 11 insertions, 2 deletions
diff --git a/main/rsyslog/APKBUILD b/main/rsyslog/APKBUILD
index 5af6c2cd158..742c4f48ac0 100644
--- a/main/rsyslog/APKBUILD
+++ b/main/rsyslog/APKBUILD
@@ -6,7 +6,7 @@
# Maintainer: Cameron Banta <cbanta@gmail.com>
pkgname=rsyslog
pkgver=8.1904.0
-pkgrel=0
+pkgrel=1
pkgdesc="Enhanced multi-threaded syslogd with database support and more."
url="https://www.rsyslog.com/"
arch="all !s390x" # limited by czmq
@@ -44,6 +44,8 @@ source="https://www.rsyslog.com/files/download/$pkgname/$pkgname-$pkgver.tar.gz
$pkgname.conf
musl-fix.patch
queue.patch
+ CVE-2019-17041.patch::https://github.com/rsyslog/rsyslog/commit/10549ba915556c557b22b3dac7e4cb73ad22d3d8.patch
+ CVE-2019-17042.patch::https://github.com/rsyslog/rsyslog/commit/abc0960a7561e18944a0e08d48f4eb570ea7435a.patch
"
builddir="$srcdir/$pkgname-$pkgver"
@@ -85,6 +87,11 @@ for _i in $_plugins; do
subpackages="$subpackages $pkgname-${_i%%:*}:_plugin"
done
+# secfixes:
+# 8.1904.0-r1:
+# - CVE-2019-17041
+# - CVE-2019-17042
+
build() {
cd "$builddir"
@@ -177,4 +184,6 @@ bcd63c8df2ac63b80f3cb51ba7f544988df6cd875f4e81020e762dff30d7537f21b72c95a4b1c08b
b5cbdcfa601ae8e7617289e7805fe71daa17bd03a7a30e1e1aad7a58a4ad4c1d89c9a203228f15816232ab6ab6d7a2752f7bbf4d259bbd5eccbe9728dc7e8aaa rsyslog.logrotate
9c9913b3367ac4d0b0f998ffa3aaaf136cf939ed4275f13f79d4c7336d0978007af13cb2c6f35d17ef25a53907fb064705f23c3b3a6a6fcd06ae85c3c51c7e38 rsyslog.conf
ce686b9529cdc74bd633a6fce169c1fdacf5266b4ca6fc731f8cea08080a1106f93dc048af9966cab09947100890170197c59d3f880992001a8ddfd084ffe2aa musl-fix.patch
-ef2e000b1c42cb5beffb26393952c2a692791e78972ee4b6f187ca53e338122b2004cc5216381c042195f12cc58f37f186a04e12a65b5bdfdcdf76b73393efb7 queue.patch"
+ef2e000b1c42cb5beffb26393952c2a692791e78972ee4b6f187ca53e338122b2004cc5216381c042195f12cc58f37f186a04e12a65b5bdfdcdf76b73393efb7 queue.patch
+e9f75ce261dcefb4bd8f1f70707e1ee4221743f562882eb0e77bee0df468b4dd6aea0513a025909a8abb82d026ab010d8fc74a868c6cd8d5e244d5335d3fcf59 CVE-2019-17041.patch
+2edf53a861d8bf20c2b7434cc13f0cf8d077dfa4d9a924742e521ff17088c5a1e6386af03ac1c1d5fd900fd0ce819f19011e4eb86d6844cb888d5d86bc268168 CVE-2019-17042.patch"