aboutsummaryrefslogtreecommitdiffstats
path: root/main/expat/APKBUILD
diff options
context:
space:
mode:
Diffstat (limited to 'main/expat/APKBUILD')
-rw-r--r--main/expat/APKBUILD59
1 files changed, 56 insertions, 3 deletions
diff --git a/main/expat/APKBUILD b/main/expat/APKBUILD
index 9bf52beab28..19e272874d6 100644
--- a/main/expat/APKBUILD
+++ b/main/expat/APKBUILD
@@ -1,16 +1,53 @@
# Maintainer: Carlo Landmeter <clandmeter@alpinelinux.org>
pkgname=expat
pkgver=2.2.10
-pkgrel=1
+pkgrel=8
pkgdesc="XML Parser library written in C"
url="http://www.libexpat.org/"
arch="all"
license='MIT'
checkdepends="bash"
-source="https://downloads.sourceforge.net/project/expat/expat/$pkgver/expat-$pkgver.tar.bz2"
+source="https://github.com/libexpat/libexpat/releases/download/R_${pkgver//./_}/expat-$pkgver.tar.xz
+ CVE-2021-45960.patch
+ CVE-2021-46143.patch
+ CVE-2022-22822.patch
+ CVE-2022-23852.patch
+ CVE-2022-23990.patch
+ CVE-2022-25235.patch
+ CVE-2022-25236.patch
+ CVE-2022-25236-regression.patch
+ CVE-2022-25313.patch
+ CVE-2022-25313-regression.patch
+ CVE-2022-25314.patch
+ CVE-2022-25315.patch
+ CVE-2022-40674.patch
+ CVE-2022-43680.patch
+ "
subpackages="$pkgname-static $pkgname-dev $pkgname-doc"
# secfixes:
+# 2.2.10-r8:
+# - CVE-2022-43680
+# 2.2.10-r7:
+# - CVE-2022-40674
+# 2.2.10-r4:
+# - CVE-2022-25235
+# - CVE-2022-25236
+# - CVE-2022-25313
+# - CVE-2022-25314
+# - CVE-2022-25315
+# 2.2.10-r3:
+# - CVE-2022-23852
+# - CVE-2022-23990
+# 2.2.10-r2:
+# - CVE-2021-45960
+# - CVE-2021-46143
+# - CVE-2022-22822
+# - CVE-2022-22823
+# - CVE-2022-22824
+# - CVE-2022-22825
+# - CVE-2022-22826
+# - CVE-2022-22827
# 2.2.7-r1:
# - CVE-2019-15903
# 2.2.7-r0:
@@ -36,4 +73,20 @@ package() {
make DESTDIR="$pkgdir/" install
}
-sha512sums="9623e86024d09e3bb0cf51fd0d56ecaee5fb8c8acb71589104a63b510f73c1e84abb0ccea4e2c196bdf1d30b5ad0633a915758f75813717d031d633e34f022b7 expat-2.2.10.tar.bz2"
+sha512sums="
+a8e0c8a9cf7e6fbacdc6e709f3c99c533ab550fba52557d24259bb8b360f9697624c7500c0e9886fa57ee2b529aadd0d1835d66fe8112e15c20df75cd3eb090f expat-2.2.10.tar.xz
+4afd3777fc682a2f9057d4cc42afe6e04680d7d24f93dc11a2677cb8b1a4b400921f6d689e2953aff4a3312118ea801c9e161f85774360b3b5c2d3bd0067f7ad CVE-2021-45960.patch
+dd0339a0cdf5b18638a5732f2f9930af7adb5b20aa3bf102317a571f0f7d4f453313f0d8fdaa60f89c7a8f2e59eeaaca4b9c2e427a45594b7e21ed7c253d547a CVE-2021-46143.patch
+dcf6bfc07b4919b1248dba5fc6d4e425d09975b09255d77456bb44b40495e92b4d4ffae6a9e949b204770848b70edfc4be1869c191cb01ebe967b1906ffc9d59 CVE-2022-22822.patch
+cb079c0b9fe7df6afe2e06d706461489527802dce811d894587221b6316784b6cf1c7cf70573f41a276b5d97f7530d17c7ed854273f4eeae9652d971f64ef282 CVE-2022-23852.patch
+7de120a34b5fc2fcb3779e259b24d47d8f40f38aab490b738eea52c55542b9cac45c897d90cb129c17c2d0057518f59b013c2af87a579c70b28a9aa70c1f27cb CVE-2022-23990.patch
+c3ed585a62d5aadd9e1d1d589b636e37ffba5b5cc0c4d264a151cf308a9bfcfe9859704f43fd6d4e1ed86633fa4672378288bdc05b5e47dcb42c75f8258035f5 CVE-2022-25235.patch
+016ca726fde03ef9049404faff7122e4f6e9b8a89d4a188e1ffa7bcf4d177fe79e00a3e1f90b45424ec60586cdde7615c6f5a39db1be1e585713f1a7385aa14c CVE-2022-25236.patch
+36d441df896a6734091c15c3cd84515114d805349123a98eb43b61a268533f36b1ae0ac437e99b26a1792863e6d23c8d0a38eac902942b768e551cf2f2ea6187 CVE-2022-25236-regression.patch
+4db9ad13e5e1461339ab93554d14acacbbdc121824a1dfd8a1d9df3194452711606da1f9f9ed5c03c0c5ca8de61237ef588897bbde95f89109160dc685fde25f CVE-2022-25313.patch
+36d310754e76db577cdeeb0ae1563867f9db65c9de12b1423d4e67f8e2604893525474d6e07b6305553308b6b06285b1b9da3c4e858ef79874296f68b82080e8 CVE-2022-25313-regression.patch
+ac7d03f3ef8be557bda0294247a645db820470be47ea7fa3dab8047f7f11ada831e4f0a4cd4b82e3b2f7715ada08435b8292257a64714c0242407ef58a661b72 CVE-2022-25314.patch
+946e0983f9159ae4b01627581a99594f0e7263438ddfd40a1705b8de39ee9c6739af08598d3bc4f145a8ff142209d3fde85c20bbebe2932d9e60596f192db5b5 CVE-2022-25315.patch
+204d9ff3aea000327a700b1a6fdf9acfb866db52ac26c7b2b1f6ea087aac4086659775f3e18bf0e78b61cef4979ebd5075ad053a7af91d5be6dc728462097a44 CVE-2022-40674.patch
+08b69782ef5db8881156a2ab4dbab4780bed52a3b07fc72c4df84a548a71d8cb72f84040fe8c45ac17e832279126d20a08f7939b103e66e2dd01bc6873910e3b CVE-2022-43680.patch
+"
generated by cgit v1.2.3 (git 2.41.0) at 2024-04-18 15:40:32 +0000