X-Original-To: alpine-aports@lists.alpinelinux.org
Received: from mx12.valuehost.ru (mx12.valuehost.ru [217.112.42.215])
	by lists.alpinelinux.org (Postfix) with ESMTP id 3DD2DF85269
	for <alpine-aports@lists.alpinelinux.org>; Tue, 25 Dec 2018 06:11:01 +0000 (UTC)
Received: from mx7.valuehost.ru (unknown [127.0.0.255])
	by mx12.valuehost.ru (Postfix) with ESMTP id 935D6592E9
	for <alpine-aports@lists.alpinelinux.org>; Tue, 25 Dec 2018 09:11:00 +0300 (MSK)
From: alpine-mips-patches <info@mobile-stream.com>
Date: Tue, 25 Dec 2018 05:53:50 +0000
Subject: [alpine-aports] [PATCH 1/3] community/mbedtls: upgrade to 2.14.1
To: alpine-aports@lists.alpinelinux.org
Message-Id: <20181225061100.935D6592E9@mx12.valuehost.ru>
X-Mailinglist: alpine-aports
Precedence: list
List-Id: Alpine Development <alpine-aports.lists.alpinelinux.org>
List-Unsubscribe: 
	<mailto:alpine-aports+unsubscribe@lists.alpinelinux.org?subject=unsubscribe>
List-Post: <mailto:alpine-aports@lists.alpinelinux.org>
List-Help: <mailto:alpine-aports+help@lists.alpinelinux.org?subject=help>
List-Subscribe: 
	<mailto:alpine-aports+subscribe@lists.alpinelinux.org?subject=subscribe>

 - set the license to Apache 2.0 only, one have to download another
   tarball for the GPL version (2.12 was using Apache 2.0 tarball);
 - use the download link from the main web site for easier checksum
   cross-verification (github tarballs have different SHA sums);
 - sort secfixes from newer-to-older;
 - add python3 as now required for build.

Rebuild is needed for the dependent aports due to libmbedtls.so.12
version bump (was .11).
---
 community/mbedtls/APKBUILD | 29 +++++++++++++++++------------
 1 file changed, 17 insertions(+), 12 deletions(-)

diff --git a/community/mbedtls/APKBUILD b/community/mbedtls/APKBUILD
index a552a43d00..89a440d23b 100644
--- a/community/mbedtls/APKBUILD
+++ b/community/mbedtls/APKBUILD
@@ -1,26 +1,31 @@
 # Contributor: ��ukasz Jendrysik <scadu@yandex.com>
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=mbedtls
-pkgver=2.12.0
+pkgver=2.14.1
 pkgrel=0
 pkgdesc="Light-weight cryptographic and SSL/TLS library"
 url="https://tls.mbed.org"
 arch="all"
-license="GPL-2.0-or-later Apache-2.0"
-makedepends="cmake perl"
+license="Apache-2.0"
+makedepends="cmake perl python3"
 subpackages="$pkgname-static $pkgname-dev $pkgname-utils"
-source="$pkgname-$pkgver.tar.gz::https://github.com/ARMmbed/$pkgname/archive/$pkgname-$pkgver.tar.gz"
-builddir="$srcdir/$pkgname-$pkgname-$pkgver"
+source="https://tls.mbed.org/download/$pkgname-$pkgver-apache.tgz"
+builddir="$srcdir/$pkgname-$pkgver"
 
 # secfixes:
-#   2.4.2-r0:
-#     - CVE-2017-2784
-#   2.6.0-r0:
-#     - CVE-2017-14032
+#   2.14.1-r0:
+#     - CVE-2018-19608
+#   2.12.0-r0:
+#     - CVE-2018-0498
+#     - CVE-2018-0497
 #   2.7.0-r0:
-#     - CVE-2017-18187
-#     - CVE-2018-0487
 #     - CVE-2018-0488
+#     - CVE-2018-0487
+#     - CVE-2017-18187
+#   2.6.0-r0:
+#     - CVE-2017-14032
+#   2.4.2-r0:
+#     - CVE-2017-2784
 
 prepare() {
 	default_prepare
@@ -68,4 +73,4 @@ static() {
 	chmod -x "$subpkgdir"/usr/lib/*.a
 }
 
-sha512sums="c7c2aeb1717886ad87486af2dccb05b2f051372c69fc914f30e4ace1067f5be39ba04e093ad522f904e23a576c1ff430bd772e77823d0f4720f6fc5c1b8aa98c  mbedtls-2.12.0.tar.gz"
+sha512sums="f8a9371fcdca34f61db3676f14f83ba303194dc097fcf34b8088b2d2b1b88b2818c2ed54eef747d8dff7c799e11aee511eb179bb815ae46934b3426d09926dda  mbedtls-2.14.1-apache.tgz"
-- 
2.20.1




---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---