Mail archive
alpine-aports

[alpine-aports] [PATCH v3.4] community/firefox-esr: security upgrade to 45.6.0 - fixes #6532

From: Sergey Lukin <sergej.lukin_at_gmail.com>
Date: Mon, 19 Dec 2016 11:11:41 +0000

CVE-2016-9893, CVE-2016-9895, CVE-2016-9897, CVE-2016-9898,
CVE-2016-9899, CVE-2016-9900, CVE-2016-9901, CVE-2016-9902,
CVE-2016-9904, CVE-2016-9905
---
 community/firefox-esr/APKBUILD | 49 +++++++++++++++++++++---------------------
 1 file changed, 25 insertions(+), 24 deletions(-)
diff --git a/community/firefox-esr/APKBUILD b/community/firefox-esr/APKBUILD
index e403d4b..b4f5239 100644
--- a/community/firefox-esr/APKBUILD
+++ b/community/firefox-esr/APKBUILD
_at_@ -1,7 +1,8 @@
+# Contributor: Sergey Lukin <sergej.lukin_at_gmail.com>
 # Contributor: William Pitcock <nenolod_at_dereferenced.org>
 # Maintainer: Natanael Copa <ncopa_at_alpinelinux.org>
 pkgname=firefox-esr
-pkgver=45.4.0
+pkgver=45.6.0
 _pkgver=$pkgver
 _xulver=$pkgver
 pkgrel=0
_at_@ -74,17 +75,17 @@ source="http://ftp.mozilla.org/pub/firefox/releases/${pkgver}esr/source/firefox-
 	firefox.desktop
 	firefox-safe.desktop"
 
-_builddir="${srcdir}/firefox-${pkgver}esr"
-_mozappdir=/usr/lib/firefox-$pkgver
-_mozappdirdev=/usr/lib/firefox-devel-$pkgver
+builddir="${srcdir}/firefox-${pkgver}esr"
+mozappdir=/usr/lib/firefox-$pkgver
+mozappdirdev=/usr/lib/firefox-devel-$pkgver
 
 # help our shared-object scanner to find the libs
-ldpath="$_mozappdir"
+ldpath="$mozappdir"
 
 prepare() {
 	local i
 
-	cd "$_builddir" || return 1
+	cd "$builddir" || return 1
 
 	for i in $source; do
 		case $i in
_at_@ -97,7 +98,7 @@ prepare() {
 }
 
 build() {
-	cd "$_builddir"
+	cd "$builddir"
 
 	# mozilla's buildsystem is on drugs
 	export CFLAGS="$(echo $CFLAGS | sed -e 's/-Wall//' -e 's/-fexceptions/-fno-exceptions/g')"
_at_@ -105,7 +106,7 @@ build() {
 	export SHELL=/bin/sh
 
 	# set rpath so linker finds the libs
-	export LDFLAGS="$LDFLAGS -Wl,-rpath,${_mozappdir}"
+	export LDFLAGS="$LDFLAGS -Wl,-rpath,${mozappdir}"
 
 	make -f client.mk build \
 		STRIP="/bin/true" \
_at_@ -113,7 +114,7 @@ build() {
 }
 
 package() {
-	cd "$_builddir"
+	cd "$builddir"
 
 	# only used for startupcache creation.
 	local paxflags="-msp"
_at_@ -126,7 +127,7 @@ package() {
 
 	install -m755 -d ${pkgdir}/usr/share/applications
 	install -m755 -d ${pkgdir}/usr/share/pixmaps
-	install -m644 "$_builddir"/browser/branding/official/default48.png \
+	install -m644 "$builddir"/browser/branding/official/default48.png \
 		${pkgdir}/usr/share/pixmaps/firefox.png || return 1
 	install -m644 ${srcdir}/firefox.desktop ${pkgdir}/usr/share/applications/firefox.desktop
 	install -m644 ${srcdir}/firefox-safe.desktop ${pkgdir}/usr/share/applications/firefox-safe.desktop
_at_@ -135,12 +136,12 @@ package() {
 	local paxflags="-mp"
 	[ "$CARCH" = "x86" ] && paxflags="-msp"
 
-	paxmark "$paxflags" "$pkgdir"/$_mozappdir/firefox || return 1
-	paxmark "$paxflags" "$pkgdir"/$_mozappdir/plugin-container || return 1
+	paxmark "$paxflags" "$pkgdir"/$mozappdir/firefox || return 1
+	paxmark "$paxflags" "$pkgdir"/$mozappdir/plugin-container || return 1
 
 	# xulrunner stub launcher has changed to using a symlink overlay...
 	# go figure
-	ln -sf /usr/lib/xulrunner-${_xulver} ${pkgdir}/$_mozappdir/xulrunner
+	ln -sf /usr/lib/xulrunner-${_xulver} ${pkgdir}/$mozappdir/xulrunner
 
 	# launcher as symlink is broken from firefox-7.0
 	rm "$pkgdir"/usr/bin/firefox || return 1
_at_@ -148,28 +149,28 @@ package() {
 	cat > "$pkgdir"/usr/bin/firefox << __EOF__
 #!/bin/sh
 
-exec $_mozappdir/firefox "\$_at_"
+exec $mozappdir/firefox "\$_at_"
 __EOF__
 	chmod 755 "$pkgdir"/usr/bin/firefox
 
 	# install our vendor prefs
-	install -d "$pkgdir"/$_mozappdir/browser/defaults/preferences
-	cat "$srcdir"/vendor.js >> "$pkgdir"/$_mozappdir/browser/defaults/preferences/firefox-branding.js
+	install -d "$pkgdir"/$mozappdir/browser/defaults/preferences
+	cat "$srcdir"/vendor.js >> "$pkgdir"/$mozappdir/browser/defaults/preferences/firefox-branding.js
 
 	# remove copied, huge, libraries
-	rm -f "$pkgdir"/${_mozappdirdev}/sdk/lib/libmozjs.so 
-	rm -f "$pkgdir"/${_mozappdirdev}/sdk/lib/libmozalloc.so
-	rm -f "$pkgdir"/${_mozappdirdev}/sdk/lib/libxul.so
+	rm -f "$pkgdir"/${mozappdirdev}/sdk/lib/libmozjs.so 
+	rm -f "$pkgdir"/${mozappdirdev}/sdk/lib/libmozalloc.so
+	rm -f "$pkgdir"/${mozappdirdev}/sdk/lib/libxul.so
 }
 
 dev() {
-	mkdir -p "$subpkgdir"/${_mozappdirdev%/*}
-	mv "$pkgdir"/${_mozappdirdev} "$subpkgdir"/${_mozappdirdev%/*} \
+	mkdir -p "$subpkgdir"/${mozappdirdev%/*}
+	mv "$pkgdir"/${mozappdirdev} "$subpkgdir"/${mozappdirdev%/*} \
 		|| return 1
 	default_dev
 }
 
-md5sums="20358acfbb9e11782940c180fd2b1528  firefox-45.4.0esr.source.tar.xz
+md5sums="ee3cf2401a5716cebacaae5fb70d133f  firefox-45.6.0esr.source.tar.xz
 1f4c60e662ed93784431bd06c5141719  mozconfig
 99b27aeac58923f318d083e5e71879ba  vendor.js
 6ab77b80c8c7d6fd07ab53c54561f4df  0002-Use-C99-math-isfinite.patch
_at_@ -188,7 +189,7 @@ b8b2a3cdb38f402e4eb4885908233811  libavutil.patch
 0db0cce8350d59a91ae2c4f0400f7146  mallinfo.patch
 ba96924ece1d77453e462429037a2ce5  firefox.desktop
 6f38a5899034b7786cb1f75ad42032b8  firefox-safe.desktop"
-sha256sums="cfd90096b9e1019b9de4fe061ece8c65f668b8a24bcbb657ce6b3c940ef83ad0  firefox-45.4.0esr.source.tar.xz
+sha256sums="c1e7ddf6efb0f54c8071131b6395f4942a422c2ab70f2e9a81b588373d6fbf5b  firefox-45.6.0esr.source.tar.xz
 23c2b4535ce83c92ba978e15ce328c9f140def155d12523c00df30baf41b98dc  mozconfig
 afecb8c17a2bedafe600dd572d24eff24e540cda02f675705d11168040379ce6  vendor.js
 080a55182b865471a86fa4b70a66ed9495f1e536f7fdc4060cb8c675b4749c6e  0002-Use-C99-math-isfinite.patch
_at_@ -207,7 +208,7 @@ a1ba79ec0c50c19edcfb24bb2686a718a77b02035e412989b9208b9b818abe14  allow-utf8-fal
 2f564fa5f347f3c7f20d589ef273f000ca9c9aeca2c6ad0fb5b15bfc715d8b81  mallinfo.patch
 b571c4a49884a3c98806246c9cc3e60c73d5a8f4aeb7f96217db0be1d6210eda  firefox.desktop
 4b6de45753856a890f4482055666e77f9b01bdfb7e0df08bafaa3a4d9937eed3  firefox-safe.desktop"
-sha512sums="2955e02f829a10186a8b22320fb97d4b0fc2b45721fcffa6295653fd760d516ae72b5656547685ba1e0699b381e28044996d9ee12a8738842b4e6b8acd296715  firefox-45.4.0esr.source.tar.xz
+sha512sums="b96c71aeed8a1185a085512f33d454a1735237cd9ddf37c8caa9cc91892eafab0615fc0ca6035f282ca8101489fa84c0de1087d1963c05b64df32b0c86446610  firefox-45.6.0esr.source.tar.xz
 e14b4a646230f7a752ef864b0e6a074fdac74d6c4abde2c31656eb10ac6f002a5c664d257bf3f4bd22544f10103e38d5fae49f84fcaae402b81940e72bcfe0e5  mozconfig
 cc10dba32d9c7faf1d99b8fdebc71bf0200ad10b976105edb45df696bf64a668b2b7aa8c3892a8056eb71fb071b0e0ae51c3ce2fb75acfb7e7035104c0e4fce3  vendor.js
 7e123144bc2b1efed149dfb41b255c447d43ea93a63ebe114d01945e6a6d69edc2f2a3c36980a93279106c1842355851b8b6c1d96679ee6be7b9b30513e0b1a8  0002-Use-C99-math-isfinite.patch
-- 
2.8.3
---
Unsubscribe:  alpine-aports+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-aports+help_at_lists.alpinelinux.org
---
Received on Mon Dec 19 2016 - 11:11:41 GMT