X-Original-To: alpine-aports@lists.alpinelinux.org Received: from mail-lf0-f67.google.com (mail-lf0-f67.google.com [209.85.215.67]) by lists.alpinelinux.org (Postfix) with ESMTP id 02FA45C4207 for ; Fri, 27 Jan 2017 08:01:13 +0000 (GMT) Received: by mail-lf0-f67.google.com with SMTP id x1so25488928lff.0 for ; Fri, 27 Jan 2017 00:01:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=DwAYcsuw4iU1F2AQhbwZ5LLwaSIZyN7dSekyYCQ3iA4=; b=cDkE5MDTHclzKN0ga9oCUVxv5UwSChDvPIMKjftLHSr4G+B4aclVE2+d4ORioilEMS 7Pr1wCjUBgGCnlQU4tYnkDZp7ig6y53OLlVH0ibaH3ShT7ZQTOvmLmt8P4HNapimd0DD oPfo59r9CG+2h3n+W07UYRxeRZrn7pXTuO8Q132ritYYlq+WtpN18ezp4ngvQy801IKL CS0lvhVai/J6TdwLi1kQqGCszVax4hA4e9bYT/ZgoAgBbcsBT08oylFDZqKB5VUHGmbe 31/LbfwdQlowXm0+kPVzE7pbWwx9OOzJ433f9qdiv7zCixGtscHY85jBy3tbxB9PcIRI 6yOw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=DwAYcsuw4iU1F2AQhbwZ5LLwaSIZyN7dSekyYCQ3iA4=; b=dHkyj4CGHaQjNUBTRG9GUw+yEgwUitSnXigMPsGsBrmrB6URGwI8uAanNcw+UXAITI MCSqdxxmD2HuUCFFu/xQ7J+8d5V1pRYxaNcS3R7GevFT7kjz68fG3RFXvER+ZhQU3unO 1QJuLBRIcqb6Csx2+RT+dcLxdiy3Rqsq047KAl2mKjwBKR/WNhvpWjKMfpqQ+hPpeIZ4 X5OMVP2/5LVsWGDMyeCVojUFKxfX0/W2LkCiW2tkm86ZiDGvteCvRzD1uN1xhN7zRbUO U0k13qDb71jiXGVQNPcSHZVQK97SENQxizuxSziAePsASw7NPJUumMyDMsCImmqWjZvW LiVQ== X-Gm-Message-State: AIkVDXLPx2dS6vD4iic/7bIJ52H3jOKzzOIliVXrntNYIO7P1/FY4FplweQq89ynL78JdA== X-Received: by 10.25.16.193 with SMTP id 62mr2027998lfq.75.1485504072081; Fri, 27 Jan 2017 00:01:12 -0800 (PST) Received: from v3-4.util.wtbts.net ([83.145.235.199]) by smtp.gmail.com with ESMTPSA id 33sm1086619lfs.43.2017.01.27.00.01.10 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 27 Jan 2017 00:01:11 -0800 (PST) From: Sergei Lukin To: alpine-aports@lists.alpinelinux.org Cc: Sergei Lukin Subject: [alpine-aports] [PATCH v3.4] main/libxpm: security upgrade to 3.5.12 - fixes #6752 Date: Fri, 27 Jan 2017 08:01:05 +0000 Message-Id: <20170127080105.4216-1-sergej.lukin@gmail.com> X-Mailer: git-send-email 2.8.3 X-Mailinglist: alpine-aports Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: CVE-2016-10164: Out-of-bounds write in XPM extension parsing libXpm 3.5.12 changes: https://lists.freedesktop.org/archives/xorg/2016-December/058537.html --- main/libxpm/APKBUILD | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/main/libxpm/APKBUILD b/main/libxpm/APKBUILD index 0c5fa5d..6e05424 100644 --- a/main/libxpm/APKBUILD +++ b/main/libxpm/APKBUILD @@ -1,7 +1,8 @@ +# Contributor: Sergei Lukin # Maintainer: Natanael Copa pkgname=libxpm -pkgver=3.5.11 -pkgrel=1 +pkgver=3.5.12 +pkgrel=0 pkgdesc="X11 pixmap library" url="http://xorg.freedesktop.org/" arch="all" @@ -11,6 +12,10 @@ depends= makedepends="libxt-dev libxext-dev libx11-dev util-linux-dev" source="http://xorg.freedesktop.org/releases/individual/lib/libXpm-$pkgver.tar.bz2" +# secfixes: +# 3.5.12-r0: +# - CVE-2016-10164 + depends_dev="libx11-dev" build() { cd "$srcdir"/libXpm-$pkgver @@ -29,6 +34,6 @@ package() { make DESTDIR="$pkgdir" install || return 1 install -Dm644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING } -md5sums="769ee12a43611cdebd38094eaf83f3f0 libXpm-3.5.11.tar.bz2" -sha256sums="c5bdafa51d1ae30086fac01ab83be8d47fe117b238d3437f8e965434090e041c libXpm-3.5.11.tar.bz2" -sha512sums="c089056108d4598f6c4603d6440d9ef6216e87c5cf1e30d143b0e7abc9c5d6f40050c747a57a27d751bc80786ded0390d97cbe221be628241c881d21a3ce6024 libXpm-3.5.11.tar.bz2" +md5sums="20f4627672edb2bd06a749f11aa97302 libXpm-3.5.12.tar.bz2" +sha256sums="fd6a6de3da48de8d1bb738ab6be4ad67f7cb0986c39bd3f7d51dd24f7854bdec libXpm-3.5.12.tar.bz2" +sha512sums="a5707d5f758d577414101b0723af334fc8ac223e5b9f869994765735e1cbd8dafed48ea2851ebc479fecaf84381bfd5fbef842ec971a487f7fa9e77d54d3a17e libXpm-3.5.12.tar.bz2" -- 2.8.3 --- Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org Help: alpine-aports+help@lists.alpinelinux.org ---