community/graphicsmagick: security fix for CVE-2020-12672

fixes https://gitlab.alpinelinux.org/alpine/aports/-/issues/11631

1 files changed, 7 insertions, 3 deletions

diff --git a/community/graphicsmagick/APKBUILD b/community/graphicsmagick/APKBUILD
index dacdc248811..ddaf9937d00 100644
--- a/community/graphicsmagick/APKBUILD
+++ b/community/graphicsmagick/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: Francesco Colista <fcolista@alpinelinux.org>
 pkgname=graphicsmagick
 pkgver=1.3.35
-pkgrel=1
+pkgrel=2
 pkgdesc="Image processing system"
 url="http://www.graphicsmagick.org/"
 arch="all"
@@ -10,11 +10,14 @@ license="MIT"
 makedepends="libpng-dev tiff-dev libxml2-dev libwmf-dev freetype-dev libtool libltdl
  libwebp-dev"
 subpackages="$pkgname-dev $pkgname-doc"
-source="https://downloads.sourceforge.net/graphicsmagick/graphicsmagick/$pkgver/GraphicsMagick-$pkgver.tar.xz"
+source="https://downloads.sourceforge.net/graphicsmagick/graphicsmagick/$pkgver/GraphicsMagick-$pkgver.tar.xz
+CVE-2020-12672.patch"
 options="libtool !check"
 builddir="$srcdir"/GraphicsMagick-$pkgver
 
 # security fixes:
+#   1.3.35-r2:
+#     - CVE-2020-12672
 #   1.3.35-r0:
 #     - CVE-2020-10938
 #   1.3.32-r0:
@@ -144,4 +147,5 @@ package() {
 	make -j1 DESTDIR="$pkgdir" install
 }
 
-sha512sums="baae92089d52147ef961f93495abc8a9d8b1a963af61d87a650c1ab105d46816aa38c83f654edcb5a0e1b7f07ccc06eaeaa443b9bde3a63a0b9bfb45f3ae144c  GraphicsMagick-1.3.35.tar.xz"
+sha512sums="baae92089d52147ef961f93495abc8a9d8b1a963af61d87a650c1ab105d46816aa38c83f654edcb5a0e1b7f07ccc06eaeaa443b9bde3a63a0b9bfb45f3ae144c  GraphicsMagick-1.3.35.tar.xz
+f933ec308277523aa5d7b8f679651af207de969daa3fc0eff152db394a08dd18647e994e6b03e053e862736c8a756adea5e82b242fe6182f2288395e05c40de8  CVE-2020-12672.patch"