~alpine/aports

[alpine-aports] [PATCH v3.5] main/ffmpeg: security upgrade to 3.1.7 - fixes #6870

Details
Message ID
<20170216121341.14412-1-sergej.lukin@gmail.com>
Sender timestamp
1487247221
DKIM signature
missing
Download raw message
Patch: +10 -4
CVE-2017-5024 (arbitrary code execution)
CVE-2017-5025 (arbitrary code execution)
---
 main/ffmpeg/APKBUILD | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/main/ffmpeg/APKBUILD b/main/ffmpeg/APKBUILD
index 69e48a2daa..54fe58864a 100644
--- a/main/ffmpeg/APKBUILD
+++ b/main/ffmpeg/APKBUILD
@@ -1,7 +1,8 @@
# Contributor: Sergei Lukin <sergej.lukin@gmail.com>
# Contributor: Łukasz Jendrysik <scadu@yandex.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=ffmpeg
pkgver=3.1.6
pkgver=3.1.7
pkgrel=0
pkgdesc="Complete and free Internet live audio and video broadcasting solution for Linux/Unix"
url="http://ffmpeg.org/"
@@ -18,6 +19,11 @@ source="http://ffmpeg.org/releases/ffmpeg-$pkgver.tar.bz2
	cflags-speed-O2.patch
	"

# secfixes:
#   3.1.7-r0:
#   - CVE-2017-5024
#   - CVE-2017-5025

_builddir="$srcdir"/$pkgname-$pkgver
prepare() {
	cd "$_builddir"
@@ -83,12 +89,12 @@ libs() {
	mv "$pkgdir"/usr/lib "$subpkgdir"/usr
}

md5sums="cedb8f7b59b03fda968b5731b2f6de7c  ffmpeg-3.1.6.tar.bz2
md5sums="6ac84f745ba9b4de8cc9ffda90c899a5  ffmpeg-3.1.7.tar.bz2
627bb0f8b28063cd5d6a090b07bd3754  0001-libavutil-clean-up-unused-FF_SYMVER-macro.patch
91167b4f601db28836dcc3de9f756ed7  cflags-speed-O2.patch"
sha256sums="7dcb2974652898d02e3ff6289e3f9c5adae38e8eb20cc518e76e6d9be14f2f31  ffmpeg-3.1.6.tar.bz2
sha256sums="7482e0e63f5b4167b51192611eda42023e3729677b74a9c1a65af1910922ae51  ffmpeg-3.1.7.tar.bz2
011f8beaf81074c9f4e522b699d27ee0ab74ec43f800286244a5b63b82ec5e8c  0001-libavutil-clean-up-unused-FF_SYMVER-macro.patch
ed75cdc99acb83b660a9e40b908adec896a9421228a620b016a22e7f647bd92b  cflags-speed-O2.patch"
sha512sums="6a7e94945a743c65af3fed0f420d49157add6d76dc71c34afa2d1a1b2bb3e3ee9a2858ba9198faad8c00337cb235e3aa27a9c2859d25157c5fcba5ab4510bfeb  ffmpeg-3.1.6.tar.bz2
sha512sums="50a877cd94bb629ca05dd4d960e5d90469c0013a260043a689b41adb13a776b617e7145b9ebe5bea33352f5e1caab501c71a6342ab3bc9f4e1e6f104228cbc9a  ffmpeg-3.1.7.tar.bz2
32652e18d4eb231a2e32ad1cacffdf33264aac9d459e0e2e6dd91484fced4e1ca5a62886057b1f0b4b1589c014bbe793d17c78adbaffec195f9a75733b5b18cb  0001-libavutil-clean-up-unused-FF_SYMVER-macro.patch
5ff940abb4265401eebb0f2fd486b51a004d62a480c5a64bc279149731b577b5c95f0b7ff2d73429ec10b1f0b76ecf7fa466b02ba3a0bf79d9b7ac2ae87ee5d5  cflags-speed-O2.patch"
-- 
2.11.1



---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---
Reply to thread Export thread (mbox)