[alpine-aports] [PATCH 1/3] community/mbedtls: upgrade to 2.14.1

alpine-mips-patches
Details
Message ID
<20181225061100.935D6592E9@mx12.valuehost.ru>
Sender timestamp
1545717230
DKIM signature
missing
Download raw message
Patch: +17 -12
 - set the license to Apache 2.0 only, one have to download another
   tarball for the GPL version (2.12 was using Apache 2.0 tarball);
 - use the download link from the main web site for easier checksum
   cross-verification (github tarballs have different SHA sums);
 - sort secfixes from newer-to-older;
 - add python3 as now required for build.

Rebuild is needed for the dependent aports due to libmbedtls.so.12
version bump (was .11).
---
 community/mbedtls/APKBUILD | 29 +++++++++++++++++------------
 1 file changed, 17 insertions(+), 12 deletions(-)

diff --git a/community/mbedtls/APKBUILD b/community/mbedtls/APKBUILD
index a552a43d00..89a440d23b 100644
--- a/community/mbedtls/APKBUILD
+++ b/community/mbedtls/APKBUILD
@@ -1,26 +1,31 @@
 # Contributor: Ɓukasz Jendrysik <scadu@yandex.com>
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=mbedtls
-pkgver=2.12.0
+pkgver=2.14.1
 pkgrel=0
 pkgdesc="Light-weight cryptographic and SSL/TLS library"
 url="https://tls.mbed.org"
 arch="all"
-license="GPL-2.0-or-later Apache-2.0"
-makedepends="cmake perl"
+license="Apache-2.0"
+makedepends="cmake perl python3"
 subpackages="$pkgname-static $pkgname-dev $pkgname-utils"
-source="$pkgname-$pkgver.tar.gz::https://github.com/ARMmbed/$pkgname/archive/$pkgname-$pkgver.tar.gz"
-builddir="$srcdir/$pkgname-$pkgname-$pkgver"
+source="https://tls.mbed.org/download/$pkgname-$pkgver-apache.tgz"
+builddir="$srcdir/$pkgname-$pkgver"
 
 # secfixes:
-#   2.4.2-r0:
-#     - CVE-2017-2784
-#   2.6.0-r0:
-#     - CVE-2017-14032
+#   2.14.1-r0:
+#     - CVE-2018-19608
+#   2.12.0-r0:
+#     - CVE-2018-0498
+#     - CVE-2018-0497
 #   2.7.0-r0:
-#     - CVE-2017-18187
-#     - CVE-2018-0487
 #     - CVE-2018-0488
+#     - CVE-2018-0487
+#     - CVE-2017-18187
+#   2.6.0-r0:
+#     - CVE-2017-14032
+#   2.4.2-r0:
+#     - CVE-2017-2784
 
 prepare() {
 	default_prepare
@@ -68,4 +73,4 @@ static() {
 	chmod -x "$subpkgdir"/usr/lib/*.a
 }
 
-sha512sums="c7c2aeb1717886ad87486af2dccb05b2f051372c69fc914f30e4ace1067f5be39ba04e093ad522f904e23a576c1ff430bd772e77823d0f4720f6fc5c1b8aa98c  mbedtls-2.12.0.tar.gz"
+sha512sums="f8a9371fcdca34f61db3676f14f83ba303194dc097fcf34b8088b2d2b1b88b2818c2ed54eef747d8dff7c799e11aee511eb179bb815ae46934b3426d09926dda  mbedtls-2.14.1-apache.tgz"
-- 
2.20.1




---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---