CVE-2017-14054
CVE-2017-14055
CVE-2017-14056
CVE-2017-14057
CVE-2017-14058
CVE-2017-14059
CVE-2017-14169
CVE-2017-14170
CVE-2017-14171
CVE-2017-14222
CVE-2017-14223
CVE-2017-14225
---
main/ffmpeg/APKBUILD | 21 ++++++++++++++++++---
1 file changed, 18 insertions(+), 3 deletions(-)
diff --git a/main/ffmpeg/APKBUILD b/main/ffmpeg/APKBUILD
index 3947080f98..d0a9358d9e 100644
--- a/main/ffmpeg/APKBUILD
+++ b/main/ffmpeg/APKBUILD
@@ -3,7 +3,7 @@
# Contributor: Jakub Skrzypnik <j.skrzypnik@openmailbox.org>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=ffmpeg
-pkgver=3.3.3
+pkgver=3.3.4
pkgrel=0
pkgdesc="Complete and free Internet live audio and video broadcasting solution for Linux/Unix"
url="http://ffmpeg.org/"
@@ -14,11 +14,26 @@ makedepends="gnutls-dev lame-dev libvorbis-dev xvidcore-dev zlib-dev libvdpau-de
imlib2-dev x264-dev libtheora-dev coreutils bzip2-dev perl-dev libvpx-dev
libvpx-dev sdl2-dev libxfixes-dev libva-dev alsa-lib-dev rtmpdump-dev
v4l-utils-dev yasm opus-dev x265-dev"
-source="http://ffmpeg.org/releases/ffmpeg-$pkgver.tar.bz2
+source="http://ffmpeg.org/releases/ffmpeg-$pkgver.tar.xz
0001-libavutil-clean-up-unused-FF_SYMVER-macro.patch
"
builddir="$srcdir/$pkgname-$pkgver"
+# secfixes:
+# 3.3.4-r0:
+# - CVE-2017-14054
+# - CVE-2017-14055
+# - CVE-2017-14056
+# - CVE-2017-14057
+# - CVE-2017-14058
+# - CVE-2017-14059
+# - CVE-2017-14169
+# - CVE-2017-14170
+# - CVE-2017-14171
+# - CVE-2017-14222
+# - CVE-2017-14223
+# - CVE-2017-14225
+
build() {
local _dbg="--disable-debug"
local _asm=""
@@ -74,5 +89,5 @@ libs() {
mv "$pkgdir"/usr/lib "$subpkgdir"/usr
}
-sha512sums="1cc63bf73356f4e618c0d3572a216bdf5689f10deff56b4262f6d740b0bee5a4b3eac234f45fca3d4d2da77903a507b4fba725b76d2d2070f31b6dae9e7a2dab ffmpeg-3.3.3.tar.bz2
+sha512sums="ddeab4ab3d149a1b560c8ad2242f8ea5fb37a57a06a5af1adf6d5afde9975aa4b2d72f7c5106f20d2194b546164f55f93f6b3d1bb784501b842b0eae89a6a691 ffmpeg-3.3.4.tar.xz
32652e18d4eb231a2e32ad1cacffdf33264aac9d459e0e2e6dd91484fced4e1ca5a62886057b1f0b4b1589c014bbe793d17c78adbaffec195f9a75733b5b18cb 0001-libavutil-clean-up-unused-FF_SYMVER-macro.patch"
--
2.14.1
---
Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org
Help: alpine-aports+help@lists.alpinelinux.org
---
---
main/libxml2/APKBUILD | 12 +++---------
1 file changed, 3 insertions(+), 9 deletions(-)
diff --git a/main/libxml2/APKBUILD b/main/libxml2/APKBUILD
index 8d3d0531f1..0614ea8c9b 100644
--- a/main/libxml2/APKBUILD
+++ b/main/libxml2/APKBUILD
@@ -1,8 +1,8 @@
# Contributor: Carlo Landmeter <clandmeter@gmail.com>
# Maintainer: Carlo Landmeter <clandmeter@gmail.com>
pkgname=libxml2
-pkgver=2.9.4
-pkgrel=4
+pkgver=2.9.5
+pkgrel=0
pkgdesc="XML parsing library, version 2"
url="http://www.xmlsoft.org/"
arch="all"
@@ -14,9 +14,6 @@ makedepends="$depends_dev python2-dev"
subpackages="$pkgname-doc $pkgname-dev py-$pkgname:py $pkgname-utils"
options="!strip"
source="ftp://ftp.xmlsoft.org/${pkgname}/${pkgname}-${pkgver}.tar.gz
- CVE-2016-5131.patch
- CVE-2016-9318.patch
- CVE-2017-5969.patch
"
builddir="$srcdir/$pkgname-$pkgver"
@@ -71,7 +68,4 @@ utils() {
mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
}
-sha512sums="f5174ab1a3a0ec0037a47f47aa47def36674e02bfb42b57f609563f84c6247c585dbbb133c056953a5adb968d328f18cbc102eb0d00d48eb7c95478389e5daf9 libxml2-2.9.4.tar.gz
-c92cda9851fdf8af6cb21aa80f39b474cddef8c749298f5b51f76f871160ac9749fdaac3fa406cc0c75a666f7627983fce0e90fb2919f3a8c778e1148583be33 CVE-2016-5131.patch
-508550f2f3489954abceee5404722dc7a8dcf6590219561a1ab36c2c14b1d1bfc2bad0403577db4e20c2c4e8c9114beb6bd80b165bb8e02c6cc52e6c5fb6e1ee CVE-2016-9318.patch
-c1ce2284bdd874bd6eb1b2bef0e2c8d561861f82b5f03c4b7155e3ed11e2c56743d2f624530f0c7672d65329a13199e534f51ec19f06d4b6941b861dda50ef67 CVE-2017-5969.patch"
+sha512sums="197dbd1722e5f90eea43837323352f48d215e198aa6b95685645ef7511e2beba8aadc0dd67e099c945120c5dbe7f8c9da5f376b22f447059e9ffa941c1bfd175 libxml2-2.9.5.tar.gz"
--
2.14.1
---
Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org
Help: alpine-aports+help@lists.alpinelinux.org
---