aboutsummaryrefslogtreecommitdiffstats
path: root/community/libyang/APKBUILD
diff options
context:
space:
mode:
authorAriadne Conill <ariadne@dereferenced.org>2021-05-31 18:35:48 -0600
committerAriadne Conill <ariadne@dereferenced.org>2021-05-31 18:35:48 -0600
commitdb25b534f847200f11649c31a3a0140775061704 (patch)
tree687a9e7951ea4b163c465b437ba08f3c7c8cf017 /community/libyang/APKBUILD
parentc8ee77c5333647d3a267d3eea51f0af15c45a8ba (diff)
downloadaports-db25b534f847200f11649c31a3a0140775061704.tar.gz
aports-db25b534f847200f11649c31a3a0140775061704.tar.bz2
aports-db25b534f847200f11649c31a3a0140775061704.tar.xz
community/libyang: add mitigations for CVE-2021-28902, CVE-2021-28903, CVE-2021-28904, CVE-2021-28905, CVE-2021-28906
Diffstat (limited to 'community/libyang/APKBUILD')
-rw-r--r--community/libyang/APKBUILD24
1 files changed, 21 insertions, 3 deletions
diff --git a/community/libyang/APKBUILD b/community/libyang/APKBUILD
index 23e5a81027..973794f475 100644
--- a/community/libyang/APKBUILD
+++ b/community/libyang/APKBUILD
@@ -2,14 +2,26 @@
# Maintainer: Christian Franke <nobody@nowhere.ws>
pkgname=libyang
pkgver=1.0.215
-pkgrel=0
+pkgrel=1
pkgdesc="YANG data modelling language parser and toolkit"
url="https://github.com/CESNET/libyang"
arch="all"
license="BSD-3-Clause-Clear"
makedepends="bison cmake cmocka-dev flex pcre-dev"
subpackages="$pkgname-dev $pkgname-doc"
-source="$pkgname-$pkgver.tar.gz::https://github.com/CESNET/libyang/archive/v$pkgver.tar.gz"
+source="$pkgname-$pkgver.tar.gz::https://github.com/CESNET/libyang/archive/v$pkgver.tar.gz
+ CVE-2021-28903.patch
+ CVE-2021-28904.patch
+ CVE-2021-28905.patch
+ CVE-2021-28906.patch"
+
+# secfixes:
+# 1.0.215-r1:
+# - CVE-2021-28902
+# - CVE-2021-28903
+# - CVE-2021-28904
+# - CVE-2021-28905
+# - CVE-2021-28906
build() {
if [ "$CBUILD" != "$CHOST" ]; then
@@ -35,4 +47,10 @@ package() {
make -C build DESTDIR="$pkgdir" install
}
-sha512sums="042e7be3a658340eebb5aaf819169a516af5489c366c026b599d673b623811b01a5cc7b2fce0fe39c5deb5cce5b1e0e6dfc4eb85a331fb3203d415011e6d2dad libyang-1.0.215.tar.gz"
+sha512sums="
+042e7be3a658340eebb5aaf819169a516af5489c366c026b599d673b623811b01a5cc7b2fce0fe39c5deb5cce5b1e0e6dfc4eb85a331fb3203d415011e6d2dad libyang-1.0.215.tar.gz
+fd51bba07f817b1186566bee324655c089f7a901015abc0e3583ba351691e14b71b8cd1512d2f0bf7be1f6770ddf237cda508df9f0a8c971b79cecb4f74d93b0 CVE-2021-28903.patch
+73c351587fab0a11f9a738e09167fc99695f9df5aca77780145c14112c1ae04baf3ba72f49a2838fcc10e9324d027d6535ded01b9df0e1ba83ffb330ac8d8885 CVE-2021-28904.patch
+c7502d18a97471c1412082adcb785e36e241223a1025839105cf8d6cba3403b47bbd843a68e1a80c4355700a06c7c8e7268f344130acbebca7196c31bd1f85cd CVE-2021-28905.patch
+746ce394985f0cb3983cce8a1789ee86041e8fa40bc53d858c6cc7093f69b343d103eb0e7d76b819a3546d69f47426090eefa711a93cae767df72a405084a3d4 CVE-2021-28906.patch
+"