- set the license to Apache 2.0 only, one have to download another
tarball for the GPL version (2.12 was using Apache 2.0 tarball);
- use the download link from the main web site for easier checksum
cross-verification (github tarballs have different SHA sums);
- sort secfixes from newer-to-older;
- add python3 as now required for build.
Rebuild is needed for the dependent aports due to libmbedtls.so.12
version bump (was .11).
---
community/mbedtls/APKBUILD | 29 +++++++++++++++++------------
1 file changed, 17 insertions(+), 12 deletions(-)
diff --git a/community/mbedtls/APKBUILD b/community/mbedtls/APKBUILD
index a552a43d00..89a440d23b 100644
--- a/community/mbedtls/APKBUILD
@@ -1,26 +1,31 @@
# Contributor: Łukasz Jendrysik <scadu@yandex.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=mbedtls
-pkgver=2.12.0
+pkgver=2.14.1
pkgrel=0
pkgdesc="Light-weight cryptographic and SSL/TLS library"
url="https://tls.mbed.org"
arch="all"
-license="GPL-2.0-or-later Apache-2.0"
-makedepends="cmake perl"
+license="Apache-2.0"
+makedepends="cmake perl python3"
subpackages="$pkgname-static $pkgname-dev $pkgname-utils"
-source="$pkgname-$pkgver.tar.gz::https://github.com/ARMmbed/$pkgname/archive/$pkgname-$pkgver.tar.gz"
-builddir="$srcdir/$pkgname-$pkgname-$pkgver"
+source="https://tls.mbed.org/download/$pkgname-$pkgver-apache.tgz"
+builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
-# 2.4.2-r0:
-# - CVE-2017-2784
-# 2.6.0-r0:
-# - CVE-2017-14032
+# 2.14.1-r0:
+# - CVE-2018-19608
+# 2.12.0-r0:
+# - CVE-2018-0498
+# - CVE-2018-0497
# 2.7.0-r0:
-# - CVE-2017-18187
-# - CVE-2018-0487
# - CVE-2018-0488
+# - CVE-2018-0487
+# - CVE-2017-18187
+# 2.6.0-r0:
+# - CVE-2017-14032
+# 2.4.2-r0:
+# - CVE-2017-2784
prepare() {
default_prepare
@@ -68,4 +73,4 @@ static() {
chmod -x "$subpkgdir"/usr/lib/*.a
}
-sha512sums="c7c2aeb1717886ad87486af2dccb05b2f051372c69fc914f30e4ace1067f5be39ba04e093ad522f904e23a576c1ff430bd772e77823d0f4720f6fc5c1b8aa98c mbedtls-2.12.0.tar.gz"
+sha512sums="f8a9371fcdca34f61db3676f14f83ba303194dc097fcf34b8088b2d2b1b88b2818c2ed54eef747d8dff7c799e11aee511eb179bb815ae46934b3426d09926dda mbedtls-2.14.1-apache.tgz"
--
2.20.1
---
Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org
Help: alpine-aports+help@lists.alpinelinux.org
---