aboutsummaryrefslogtreecommitdiffstats
path: root/main/patch/APKBUILD
blob: 0e02115e46a5bee6d9b3cd7d9f0b87a9493b7c56 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=patch
pkgver=2.7.6
pkgrel=6
pkgdesc="Utility to apply diffs to files"
url="https://www.gnu.org/software/patch/patch.html"
arch="all"
license="GPL-3.0-or-later"
depends=""
makedepends="autoconf automake"
# testsuite needs coreutils due to bug in busybox `cat -ve`
# http://lists.busybox.net/pipermail/busybox/2018-April/086401.html
checkdepends="coreutils bash ed"
subpackages="$pkgname-doc"
source="ftp://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.xz
	CVE-2018-6951.patch
	CVE-2018-6952.patch
	0001-Allow-input-files-to-be-missing-for-ed-style-patches.patch
	0002-Fix-arbitrary-command-execution-in-ed-style-patches-.patch
	CVE-2019-13636.patch
	CVE-2019-13638.patch
	"
builddir="$srcdir"/$pkgname-$pkgver

# secfixes:
#   2.7.6-r6:
#     - CVE-2018-1000156
#     - CVE-2019-13638
#   2.7.6-r5:
#     - CVE-2019-13636
#   2.7.6-r2:
#     - CVE-2018-6951
#   2.7.6-r4:
#     - CVE-2018-6952

prepare() {
	default_prepare
	aclocal && autoheader && autoconf && automake --add-missing
}

build() {
	gl_cv_func_gettimeofday_clobber=no \
	gl_cv_func_tzset_clobber=no \
	./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--prefix=/usr \
		--sysconfdir=/etc \
		--mandir=/usr/share/man \
		--localstatedir=/var
	make
}

check() {
	make SHELL=bash check
}

package() {
	make prefix="$pkgdir"/usr \
		mandir="$pkgdir"/usr/share/man \
		-C "$builddir" install

	rm -f "$pkgdir"/usr/lib/charset.alias
	rmdir -p "$pkgdir"/usr/lib 2>/dev/null || true
}

sha512sums="fcca87bdb67a88685a8a25597f9e015f5e60197b9a269fa350ae35a7991ed8da553939b4bbc7f7d3cfd863c67142af403b04165633acbce4339056a905e87fbd  patch-2.7.6.tar.xz
db51d0b791d38dd4f1b373621ee18620ae339b172f58a79420fdaa4a4b1b1d9df239cf61bbddc4e6a4896b28b8cffc7c99161eb5e2facaec8df86a1bf7755bc0  CVE-2018-6951.patch
5d2eaef629bae92e5b4e5e57d140c24a73e2811306d5f2854858f846646b034d2da315071f478bcf6f8d856a065b9bb073f76322e8e3a42616bc212281ce6945  CVE-2018-6952.patch
33e8a82f5ee6b896fd434e7de1ca9e16e8d317941a021bea8c53afd5bf210774e8727df22f8d8f63f255de10de5a26428047bc710b033423d1e7a459cbbaf83a  0001-Allow-input-files-to-be-missing-for-ed-style-patches.patch
d0d46e28c5fdcd5fe16826cbcf39d5a74fdf2593375d5206aa7bad759f16dbebeca3bf259239f99c13344579044a3de1000d705065cc19e917266bca6e5c0630  0002-Fix-arbitrary-command-execution-in-ed-style-patches-.patch
029b92bb899d0b1165cfe7f55b5a4c2d7090852f52e5c85a6bb1cf5913c914a5c68c6c34517e84f0a020a56d21814f8c18b934c8ebe059ba4eddece78a3a258c  CVE-2019-13636.patch
d60f8c2364fca9b73aa73b5914cfd6571d11528d13fa7703ccfa93730cbdf8a6e4c9ca04cb7d02a40d33c38075890790b490052d5217e728b0948991da937980  CVE-2019-13638.patch"