~alpine/aports

[alpine-aports] [PATCH 1/3] community/mbedtls: upgrade to 2.14.1

alpine-mips-patches <info@mobile-stream.com>
Details
Message ID
<20181225061100.935D6592E9@mx12.valuehost.ru>
Sender timestamp
1545717230
DKIM signature
missing
Download raw message
5 years ago
Patch: +17 -12 
 - set the license to Apache 2.0 only, one have to download another
   tarball for the GPL version (2.12 was using Apache 2.0 tarball);
 - use the download link from the main web site for easier checksum
   cross-verification (github tarballs have different SHA sums);
 - sort secfixes from newer-to-older;
 - add python3 as now required for build.

Rebuild is needed for the dependent aports due to libmbedtls.so.12
version bump (was .11).
---
 community/mbedtls/APKBUILD | 29 +++++++++++++++++------------
 1 file changed, 17 insertions(+), 12 deletions(-)

diff --git a/community/mbedtls/APKBUILD b/community/mbedtls/APKBUILD
index a552a43d00..89a440d23b 100644
--- a/community/mbedtls/APKBUILD
+++ b/community/mbedtls/APKBUILD
@@ -1,26 +1,31 @@
# Contributor: Łukasz Jendrysik <scadu@yandex.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=mbedtls
pkgver=2.12.0
pkgver=2.14.1
pkgrel=0
pkgdesc="Light-weight cryptographic and SSL/TLS library"
url="https://tls.mbed.org"
arch="all"
license="GPL-2.0-or-later Apache-2.0"
makedepends="cmake perl"
license="Apache-2.0"
makedepends="cmake perl python3"
subpackages="$pkgname-static $pkgname-dev $pkgname-utils"
source="$pkgname-$pkgver.tar.gz::https://github.com/ARMmbed/$pkgname/archive/$pkgname-$pkgver.tar.gz"
builddir="$srcdir/$pkgname-$pkgname-$pkgver"
source="https://tls.mbed.org/download/$pkgname-$pkgver-apache.tgz"
builddir="$srcdir/$pkgname-$pkgver"

# secfixes:
#   2.4.2-r0:
#     - CVE-2017-2784
#   2.6.0-r0:
#     - CVE-2017-14032
#   2.14.1-r0:
#     - CVE-2018-19608
#   2.12.0-r0:
#     - CVE-2018-0498
#     - CVE-2018-0497
#   2.7.0-r0:
#     - CVE-2017-18187
#     - CVE-2018-0487
#     - CVE-2018-0488
#     - CVE-2018-0487
#     - CVE-2017-18187
#   2.6.0-r0:
#     - CVE-2017-14032
#   2.4.2-r0:
#     - CVE-2017-2784

prepare() {
	default_prepare
@@ -68,4 +73,4 @@ static() {
	chmod -x "$subpkgdir"/usr/lib/*.a
}

sha512sums="c7c2aeb1717886ad87486af2dccb05b2f051372c69fc914f30e4ace1067f5be39ba04e093ad522f904e23a576c1ff430bd772e77823d0f4720f6fc5c1b8aa98c  mbedtls-2.12.0.tar.gz"
sha512sums="f8a9371fcdca34f61db3676f14f83ba303194dc097fcf34b8088b2d2b1b88b2818c2ed54eef747d8dff7c799e11aee511eb179bb815ae46934b3426d09926dda  mbedtls-2.14.1-apache.tgz"
-- 
2.20.1




---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---
Reply to thread Export thread (mbox)