aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLeo <thinkabit.ukim@gmail.com>2020-05-27 05:35:38 -0300
committerLeo <thinkabit.ukim@gmail.com>2020-05-27 13:18:01 +0000
commitd378948d72aafb68e0f6ee3abbadfbd33ceda2fa (patch)
treeea4805c00333f797ca499815b782fc066847fbd6
parent7445adce501f8473efdb93b17b5eaf2f1445ed4c (diff)
downloadaports-d378948d72aafb68e0f6ee3abbadfbd33ceda2fa.tar.gz
aports-d378948d72aafb68e0f6ee3abbadfbd33ceda2fa.tar.bz2
aports-d378948d72aafb68e0f6ee3abbadfbd33ceda2fa.tar.xz
main/json-c: fix CVE-2020-12762
See #11581
-rw-r--r--main/json-c/APKBUILD13
1 files changed, 10 insertions, 3 deletions
diff --git a/main/json-c/APKBUILD b/main/json-c/APKBUILD
index 502b62835f..aee1802fa3 100644
--- a/main/json-c/APKBUILD
+++ b/main/json-c/APKBUILD
@@ -1,14 +1,20 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=json-c
pkgver=0.14
-pkgrel=0
+pkgrel=1
pkgdesc="A JSON implementation in C"
url="https://github.com/json-c/json-c/wiki"
arch="all"
license="MIT"
makedepends="cmake"
subpackages="$pkgname-dev"
-source="https://s3.amazonaws.com/json-c_releases/releases/json-c-$pkgver.tar.gz"
+source="https://s3.amazonaws.com/json-c_releases/releases/json-c-$pkgver.tar.gz
+ CVE-2020-12762.patch::https://github.com/json-c/json-c/pull/608.patch
+ "
+
+# secfixes:
+# 0.14-r1:
+# - CVE-2020-12762
build() {
if [ "$CBUILD" != "$CHOST" ]; then
@@ -28,4 +34,5 @@ package() {
make -C build DESTDIR="$pkgdir" install
}
-sha512sums="75537c61d0632a01f94d2394d7a4387ef1eca0b68aa56c495d3d96dd29b38ed20eb0cc3f6e5e24dc6660c8939669f8954005d9c3ba20437f3fcc9f9dd896b00d json-c-0.14.tar.gz"
+sha512sums="75537c61d0632a01f94d2394d7a4387ef1eca0b68aa56c495d3d96dd29b38ed20eb0cc3f6e5e24dc6660c8939669f8954005d9c3ba20437f3fcc9f9dd896b00d json-c-0.14.tar.gz
+e69b2dd0fd979428d3d44529877d8176ccb54f0a056eebfa1a64e68eda9d5087cffdafe11253879502048024027cc37d1bc158f17487bff06ce0386b4638843d CVE-2020-12762.patch"