[arch-commits] Commit in bzip2/trunk (PKGBUILD)
Ronald van Haren
ronald at archlinux.org
Wed Dec 28 10:27:51 UTC 2016
Date: Wednesday, December 28, 2016 @ 10:27:50
Author: ronald
Revision: 284931
upgpkg: bzip2 1.0.6-6
CVE-2016-3189 heap use after free in bzip2recover
Modified:
bzip2/trunk/PKGBUILD
----------+
PKGBUILD | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2016-12-28 10:02:39 UTC (rev 284930)
+++ PKGBUILD 2016-12-28 10:27:50 UTC (rev 284931)
@@ -4,17 +4,19 @@
pkgname=bzip2
pkgver=1.0.6
-pkgrel=5
+pkgrel=6
pkgdesc="A high-quality data compression program"
arch=('i686' 'x86_64')
license=('custom')
url="http://sources.redhat.com/bzip2"
groups=('base')
-depends=('glibc')
+depends=('glibc' 'sh')
source=(http://www.bzip.org/$pkgver/bzip2-$pkgver.tar.gz
- bzip2-1.0.4-bzip2recover.patch)
+ bzip2-1.0.4-bzip2recover.patch
+ fix-heap-use-after-free-bzip2recover.patch::https://bugzilla.redhat.com/attachment.cgi?id=1169843)
sha1sums=('3f89f861209ce81a6bab1fd1998c0ef311712002'
- '85ce76fdb67f52f152bba368c1de81132dcdbdb5')
+ '85ce76fdb67f52f152bba368c1de81132dcdbdb5'
+ '9c078e00cc9103952d6117e23199c232e9ff56bc')
build() {
cd "$srcdir/$pkgname-$pkgver"
@@ -27,6 +29,7 @@
sed -i "s|-O2|${CFLAGS}|g" Makefile-libbz2_so
patch -Np1 < ../bzip2-1.0.4-bzip2recover.patch
+ patch -Np1 -i "${srcdir}/fix-heap-use-after-free-bzip2recover.patch"
make -f Makefile-libbz2_so
make bzip2 bzip2recover
More information about the arch-commits
mailing list