diff options
Diffstat (limited to 'community/sox/APKBUILD')
| -rw-r--r-- | community/sox/APKBUILD | 63 |
1 files changed, 57 insertions, 6 deletions
diff --git a/community/sox/APKBUILD b/community/sox/APKBUILD index b9c1366c162..5689fb7c567 100644 --- a/community/sox/APKBUILD +++ b/community/sox/APKBUILD @@ -3,7 +3,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=sox pkgver=14.4.2 -pkgrel=4 +pkgrel=5 pkgdesc="The Swiss Army knife of sound processing tools" url="http://sox.sourceforge.net/" arch="all" @@ -15,13 +15,50 @@ makedepends="ffmpeg-dev libao-dev libvorbis-dev libogg-dev lame-dev " subpackages="$pkgname-static $pkgname-doc $pkgname-dev" source="https://downloads.sourceforge.net/sourceforge/$pkgname/$pkgname-$pkgver.tar.gz - sox-uclibc.patch - sox-dynamic.patch + CVE-2017-15371.patch::https://github.com/mansr/sox/commit/818bdd0.patch + CVE-2017-11358.patch::https://github.com/mansr/sox/commit/6cb44a4.patch + CVE-2017-15370.patch::https://github.com/mansr/sox/commit/ef3d8be.patch + CVE-2017-11332.patch::https://github.com/mansr/sox/commit/7405bca.patch + CVE-2017-11359.patch::https://github.com/mansr/sox/commit/8b590b3.patch + CVE-2017-15372.patch::https://github.com/mansr/sox/commit/001c337.patch + CVE-2017-15642.patch::https://github.com/mansr/sox/commit/0be259e.patch + CVE-2017-18189.patch + update-exported-symbol-list.patch + add-destdir.patch + cleanup-lsx_malloc.patch + CVE-2019-8354.patch + CVE-2019-8355.patch + CVE-2019-8356.patch + CVE-2019-8357.patch sox-14.4.2-hcom_stopwrite_big_endian_bug_fix.patch + fix-musl.patch " +# secfixes +# 14.4.2-r5: +# - CVE-2017-13571 +# - CVE-2017-11358 +# - CVE-2017-15370 +# - CVE-2017-11332 +# - CVE-2017-11359 +# - CVE-2017-15372 +# - CVE-2017-13642 +# - CVE-2017-18189 +# - CVE-2019-8354 +# - CVE-2019-8355 +# - CVE-2019-8356 +# - CVE-2019-8357 + prepare() { default_prepare + + # Fix man page installation + sed -e 's|man1/sox.1 soxeffect.7|man1/sox.1.gz soxeffect.7.gz|' \ + -i Makefile.in + + # test fails with CVE-2017-11359.patch + sed -e '/hcom/d' -i src/tests.sh + autoreconf -vif } @@ -47,6 +84,20 @@ package() { rm "$pkgdir"/usr/lib/sox/*.a } sha512sums="b5c6203f4f5577503a034fe5b3d6a033ee97fe4d171c533933e2b036118a43a14f97c9668433229708609ccf9ee16abdeca3fc7501aa0aafe06baacbba537eca sox-14.4.2.tar.gz -08c55a0de96733e10544d450f39c2205b4057b9fc024503ec97b1906a075752ee8a4b0a1b4c5bbad2eebec17bcf8d069b22d243a63d28b77c23d545efcca6aec sox-uclibc.patch -3950834db26faa0523006c6fd8e0769d080518f127d345c8ec9bf53e9db8a6bd67cd724f0f86492aaf9ce6ede2dfbde167049768f35c14ef3c2b96e7e00302b6 sox-dynamic.patch -aea1bcfdddd315d05654814e386512f0254d1707564a8370d6b2a8a2d12ecb527a7a566da8f2cfa9f0ee99369fab0f19819263d0d74de0616c9175362965e04c sox-14.4.2-hcom_stopwrite_big_endian_bug_fix.patch" +9f61fc979d0e0232aa2004a455a139950ceb998338577b94cd3bebfdf230896bde9765f9afef1af515ae0679b3afd245142027de3b7ce87eced3fbdb86558668 CVE-2017-15371.patch +b2a096659cc98bd50322441d3611e607b71c54025feaf7c2acc322fff8c0ef5a83f06bef31099c4adf1794009b050a3f2dca71c7926892c60081261384891ac4 CVE-2017-11358.patch +e5c079f8e8e4603e068a092db86ec6dea4da395f75fb4bfa284736edce2d8ea3441deda51ca7dce8865e1ac5914cdf9c6767ed74203726f26992e9d76f4d8b0b CVE-2017-15370.patch +8c26bea077b503c8ec420880539f2a6e275d2b3c26eb5b4c5af38aae16b258a29ceb946aeb2252e47aeea22e5b6513c628a7ee3eb3d201d6fa541456b16bd399 CVE-2017-11332.patch +6fb075c09cfedaec6bb6760ba2e0d55446478c8e2873884b6a940d42f44ad8e840809f8b31b59ff3d40307dd48d74dadf809859dfef190269da8800185b462a6 CVE-2017-11359.patch +b1936686a7dff2b42629d05cb59cfdb86c2a42ef843fe0cd031607d1c7174479ed8cfc0d5c6ffd3be80c9c20894dd919547e8bd861ed5b49d596ee89a19db372 CVE-2017-15372.patch +e44a2327a8808bf94acb8db1d8ea13f77bbe0600be47079b7c77dab3daab44a67c3ca9be93b32db6807c2c96c6b67529884d38bf03d02dda6be04794e711cb71 CVE-2017-15642.patch +f67e5c2ab0ef358af137685d5ac9efa4595f5a607b72a10e706fb2bd5f7bfcf22a15af950b0592893e849243353765d0adc3b2e9f5bef1a84ae4023e16f931ff CVE-2017-18189.patch +71147aff997e647afada2ca4f837e525133970c3420a67784e42e0ebd8b08bc063b20b3e6c72323c6e5980956946c9a6e1222e7ff0249587987bf863f4294da7 update-exported-symbol-list.patch +1703f3bb21cd2553929cb1e625c6d537ea92ba7873252f4e3738795ae801b3cf887ca27823eda59466f27faa50e318817f63add7b87051531ab5381e71787552 add-destdir.patch +c9aaaf8a75675cadeedb7db7660f6e438946302a48b1d7ed66ca2e5beb3e7303fd94539c97eddf4c049a761406d29ed78dcadfac9bb851f701e26d5031875042 cleanup-lsx_malloc.patch +345132037594513a74fb875634408da1748ef005506835dd248e2e57918a72c343967c5f5316ca8bcc5967fc2d1e0df4026b9e17616d5d8e405ead0336911bca CVE-2019-8354.patch +1d3d10e7d598ccddeda9138268d8fb86ac253a61e7ee980feb6c0c4da16d72a2b27bcf6fb078334c1a90e8e6ea031c33eedf304999a9f5ef18c6d9594b2603aa CVE-2019-8355.patch +8bc3fe9800a878bd9920937321dd75f0a19328dd6dcc88bba9c30e7ac12b2ba3a1d53f0e8e3ee3e0bbd42e953590f2e96c3c64e287b58c646bacbc69362917fa CVE-2019-8356.patch +8890ff942e25e94c3458ed5e1f5e587e779b3be34d7da2d3fbd5b9b8cc631738c5c76a0c25a7a2be6a7fe05c60b8efb6f784d544f573b8354c6b2cc3b573d066 CVE-2019-8357.patch +aea1bcfdddd315d05654814e386512f0254d1707564a8370d6b2a8a2d12ecb527a7a566da8f2cfa9f0ee99369fab0f19819263d0d74de0616c9175362965e04c sox-14.4.2-hcom_stopwrite_big_endian_bug_fix.patch +7322b297bae36530756d44ca9b11db8f682e97f55e9ca51164d48713486d405121c9e6557bb1ea3739a61b9dccf19257dce806b28b363062d635abbc00d2d9f6 fix-musl.patch" |