X-Original-To: alpine-aports@lists.alpinelinux.org Received: from mail-lf0-f67.google.com (mail-lf0-f67.google.com [209.85.215.67]) by lists.alpinelinux.org (Postfix) with ESMTP id 67CBE5C45EA for ; Tue, 20 Dec 2016 18:11:59 +0000 (GMT) Received: by mail-lf0-f67.google.com with SMTP id 30so9794164lfy.1 for ; Tue, 20 Dec 2016 10:11:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=2jMGbDy95c1EeqWU5WrI1xbVCjSvljqX/qyVdg4LxtE=; b=uEmhNlDxG+DpvN6EqOqEB9XrjiuoeTpOIYlQSxpJmwpMqwVCFisGPafKUqCYALfUj/ l/SIVYLbCSxTS2PVycf6IMCLJA12yNV49adLIrrgctSWP/RrxhmtGkGV67KTgxLLiZx2 +vekmktLqSAHn6kqHu4CSp1bB2mswumnV5qD9J1eZRXZ2l2ah2EpBRDDR4jp4hJ8WAD3 Jjz6NjJ+6UJc9g9a6hyewzpWyKjZ8iBDi5hvPJJThDYYmHaFCVJWBM/CZwrNhpcI7xH5 U4NRjV0oR7b8W+OXruWFkPGHtYHSjj+UkGblSUjUSYuA6f7JtmDN1qeuAY3/VUJp1q6t ENmQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=2jMGbDy95c1EeqWU5WrI1xbVCjSvljqX/qyVdg4LxtE=; b=SCVJYbjFWIBwpitdSxkXB0JlmsAdOpZJAcTtJGV1uER+2WuNdBRav7F0qOY8ZHsi/f b0L+XDmT89Hefvn3kwI1vlPmZninp7sbKFu7BGy5RwTdmzHgj2oRtNnYsXQtRD2SQxLg VFf4ojdyHeGCpTzd9cMLrxkeE/F1yQTS5SGLrmyI7QuhPBIlpeFZOlaGmR/kgvKlh0Qy 6oFzwWOwqz4HLG9yAhogXPSkb5YlOEUWa2OV5Pz7iocwOLTVhNFU2l6AoTPwiLHyPMA6 Bwl+EulZPMe7a/c+IHj9lJknoA1DeLM3RepRcqnfsXOFN85JBbwx55SkzRS4mCv5HGAr t6Sg== X-Gm-Message-State: AIkVDXIXdFTrrT+kaY6D+jYL65XR9+H7msOUVqtzxXnQ4QSu7VCz29b0FKYwglsSGezE3A== X-Received: by 10.46.7.1 with SMTP id 1mr10223614ljh.76.1482243176210; Tue, 20 Dec 2016 06:12:56 -0800 (PST) Received: from edge.util.wtbts.net ([83.145.235.199]) by smtp.gmail.com with ESMTPSA id d16sm4843544lfj.14.2016.12.20.06.12.54 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 20 Dec 2016 06:12:55 -0800 (PST) From: Sergey Lukin To: alpine-aports@lists.alpinelinux.org Cc: Sergey Lukin Subject: [alpine-aports] [PATCH edge] main/icu: security upgrade to 58.2 - fixes #6548 Date: Tue, 20 Dec 2016 14:12:49 +0000 Message-Id: <20161220141249.15239-1-sergej.lukin@gmail.com> X-Mailer: git-send-email 2.11.0 X-Mailinglist: alpine-aports Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: CVE-2016-7415 Stack based buffer overflow in locid.cpp --- main/icu/APKBUILD | 34 +++++++++++++++++++--------------- 1 file changed, 19 insertions(+), 15 deletions(-) diff --git a/main/icu/APKBUILD b/main/icu/APKBUILD index a84f584f70..0cf163ecde 100644 --- a/main/icu/APKBUILD +++ b/main/icu/APKBUILD @@ -1,6 +1,7 @@ +# Contributor: Sergey Lukin # Maintainer: Natanael Copa pkgname=icu -pkgver=57.1 +pkgver=58.2 # convert x.y.z to x_y_z _ver=${pkgver//./_} @@ -15,19 +16,25 @@ depends= makedepends= source="http://download.icu-project.org/files/icu4c/${pkgver}/${pkgname}4c-$_ver-src.tgz icu-timezone.patch - CVE-2016-6293.patch " # secfixes: # 57.1-r1: # - CVE-2016-6293 -_builddir="$srcdir"/icu/source +builddir="$srcdir"/icu/source prepare() { - cd "$_builddir" + cd "$builddir" update_config_sub || return 1 + # strtod_l() is not supported by musl; also xlocale.h is missing + # It is not possible to disable its use via configure switches or env vars + # so monkey patching is needed. Idea was stollen from openembedded + # https://github.com/openembedded/openembedded-core/blob/master/meta/recipes-support/icu/icu.inc#L30 + sed -i -e 's,DU_HAVE_STRTOD_L=1,DU_HAVE_STRTOD_L=0,' configure.ac + sed -i -e 's,DU_HAVE_STRTOD_L=1,DU_HAVE_STRTOD_L=0,' configure + local x # https://bugs.icu-project.org/trac/ticket/6102 for x in ARFLAGS CFLAGS CPPFLAGS CXXFLAGS FFLAGS LDFLAGS; do @@ -46,7 +53,7 @@ prepare() { } build() { - cd "$_builddir" + cd "$builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -60,7 +67,7 @@ build() { } package() { - cd "$_builddir" + cd "$builddir" make -j1 DESTDIR="$pkgdir" install || return 1 chmod +x "$pkgdir"/usr/bin/icu-config install -Dm644 "$srcdir"/icu/license.html \ @@ -72,12 +79,9 @@ libs() { replaces="icu" } -md5sums="976734806026a4ef8bdd17937c8898b9 icu4c-57_1-src.tgz -2c81d9c9a6ea0af5b7391e001f37a5e0 icu-timezone.patch -7e65666fd48718440d819748118834ba CVE-2016-6293.patch" -sha256sums="ff8c67cb65949b1e7808f2359f2b80f722697048e90e7cfc382ec1fe229e9581 icu4c-57_1-src.tgz -1c3c432228ee254af7adc995d65b65a4c9dac3b868fe1e49fe588a0ffa55a158 icu-timezone.patch -4b7322fa2d222bf20e74f8fb5d31f3ee44f214fc4b17e60dd89cc6252348435e CVE-2016-6293.patch" -sha512sums="a3c701e9c81622db545bcf93f315c7b13159750f43f009d0aec59ceae3a8e1ccb751826d4b8a7387aca47f38bff2a85816b1a123b07d2bf731558c7b66e47b8a icu4c-57_1-src.tgz -40489c36e28e160f08e045acab6c19cdb712ad3b7f87f67099deac7d579aaf13d8841cd3278a6bb0e998b5c34a378348a13fcc8bb14c9c4eb4f6adbd10d66825 icu-timezone.patch -8fba91b583896c52c12a0c8327f12fb77826779e453f91752826143bfdd5d2a2abe8db9836cdb6e12bcd31b9c683c00163e7c787807209d2e87ee8558d6293fb CVE-2016-6293.patch" +md5sums="fac212b32b7ec7ab007a12dff1f3aea1 icu4c-58_2-src.tgz +2c81d9c9a6ea0af5b7391e001f37a5e0 icu-timezone.patch" +sha256sums="2b0a4410153a9b20de0e20c7d8b66049a72aef244b53683d0d7521371683da0c icu4c-58_2-src.tgz +1c3c432228ee254af7adc995d65b65a4c9dac3b868fe1e49fe588a0ffa55a158 icu-timezone.patch" +sha512sums="5c21af748f48b392e6c0412bd0aee92162ea931820dcbfab4ec6e0299868504b303d88f7586cc95de55c777ac0dca3a29d6c8ca0892c646ebc864c8a5b5a162a icu4c-58_2-src.tgz +40489c36e28e160f08e045acab6c19cdb712ad3b7f87f67099deac7d579aaf13d8841cd3278a6bb0e998b5c34a378348a13fcc8bb14c9c4eb4f6adbd10d66825 icu-timezone.patch" -- 2.11.0 --- Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org Help: alpine-aports+help@lists.alpinelinux.org ---