From 3e5921fae9eef23dbc7c56b7905ccbf9de168cea Mon Sep 17 00:00:00 2001 From: Natanael Copa Date: Fri, 24 May 2013 09:04:59 +0000 Subject: main/libxinerama: fix CVE-2013-1985 ref #1931 --- main/libxinerama/APKBUILD | 35 +++++++++++++++++++++++++++++------ 1 file changed, 29 insertions(+), 6 deletions(-) (limited to 'main/libxinerama/APKBUILD') diff --git a/main/libxinerama/APKBUILD b/main/libxinerama/APKBUILD index 0b5f65605e3..36c75c940ef 100644 --- a/main/libxinerama/APKBUILD +++ b/main/libxinerama/APKBUILD @@ -1,26 +1,49 @@ # Maintainer: Natanael Copa pkgname=libxinerama pkgver=1.1.2 -pkgrel=0 +pkgrel=1 pkgdesc="X11 Xinerama extension library" url="http://xorg.freedesktop.org/" arch="all" license="custom" subpackages="$pkgname-dev $pkgname-doc" depends= -makedepends="pkgconfig libxext-dev libx11-dev xineramaproto" -source="http://xorg.freedesktop.org/releases/individual/lib/libXinerama-$pkgver.tar.bz2" depends_dev="xineramaproto libx11-dev libxext-dev" +makedepends="$depends_dev libtool automake autoconf util-macros" +source="http://xorg.freedesktop.org/releases/individual/lib/libXinerama-$pkgver.tar.bz2 + 0001-Use-_XEatDataWords-to-avoid-overflow-of-_XEatData-ca.patch + 0002-integer-overflow-in-XineramaQueryScreens-CVE-2013-19.patch + " + +_builddir="$srcdir"/libXinerama-$pkgver +prepare() { + cd "$_builddir" + for i in $source; do + case $i in + *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; + esac + done + libtoolize --force && aclocal && autoheader && autoconf \ + && automake --add-missing +} build() { - cd "$srcdir"/libXinerama-$pkgver + cd "$_builddir" ./configure --prefix=/usr make || return 1 } package() { - cd "$srcdir"/libXinerama-$pkgver + cd "$_builddir" make DESTDIR="$pkgdir" install || return 1 rm "$pkgdir"/usr/lib/*.la || return 1 } -md5sums="cb45d6672c93a608f003b6404f1dd462 libXinerama-1.1.2.tar.bz2" +md5sums="cb45d6672c93a608f003b6404f1dd462 libXinerama-1.1.2.tar.bz2 +a315f9665077ca4b845a7176a6a761e6 0001-Use-_XEatDataWords-to-avoid-overflow-of-_XEatData-ca.patch +0fccb7f32a31711cadf04d1f68326ea7 0002-integer-overflow-in-XineramaQueryScreens-CVE-2013-19.patch" +sha256sums="a4e77c2fd88372e4ae365f3ca0434a23613da96c5b359b1a64bf43614ec06aac libXinerama-1.1.2.tar.bz2 +78201bfc1c9cafb0180373c0dc65edb0051f8ca541024effbfe1e146c71fb830 0001-Use-_XEatDataWords-to-avoid-overflow-of-_XEatData-ca.patch +21a7aeecf921b7cd237410458947c3fdcec45b9e4af4c94c603b1d22ee31bd0c 0002-integer-overflow-in-XineramaQueryScreens-CVE-2013-19.patch" +sha512sums="3bddf3daec22476e02bedaf3a995943c45810033dea022472130b05500985fc402e3d766c4d86acefc0237fc1b5d06ddb28377093097eeef0f9bfcbd7e2e84dc libXinerama-1.1.2.tar.bz2 +270ac2ffef12bec7629041f3a89ea3dae11f186772a8abbdbee4d2331528f670d2920a7510fa957fc8596bd66ee93f6bb3df030be6de7fdbd71de3cba486fe9f 0001-Use-_XEatDataWords-to-avoid-overflow-of-_XEatData-ca.patch +336e07a24379af596bb6ee7efa8adfe93109aa84fa5a3013edeebc2a6ecc4b88433ef60d3ffb4c71c02103b693bb5391bac7a45e177188e41139f5f4ae2c2f6b 0002-integer-overflow-in-XineramaQueryScreens-CVE-2013-19.patch" -- cgit v1.2.3