[arch-commits] Commit in sox/trunk (PKGBUILD)

Antonio Rojas arojas at archlinux.org
Wed Feb 21 23:13:53 UTC 2018 

    Date: Wednesday, February 21, 2018 @ 23:13:52
  Author: arojas
Revision: 317369

Fix multiple security issues (FS#57485)

Modified:
  sox/trunk/PKGBUILD

----------+
 PKGBUILD |   26 +++++++++++++++++++++++---
 1 file changed, 23 insertions(+), 3 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2018-02-21 22:38:26 UTC (rev 317368)
+++ PKGBUILD	2018-02-21 23:13:52 UTC (rev 317369)
@@ -3,7 +3,7 @@
 
 pkgname=sox
 pkgver=14.4.2
-pkgrel=2
+pkgrel=3
 pkgdesc="The Swiss Army knife of sound processing tools"
 arch=('x86_64')
 url="http://sox.sourceforge.net/"
@@ -18,14 +18,34 @@
             'libpulse: for pulse plugin'
 	    'opusfile: for opus plugin'
             'twolame: for mp3 plugin')
-source=(http://downloads.sourceforge.net/${pkgname}/${pkgname}-${pkgver}.tar.bz2 sox-dynamic.patch)
+source=(http://downloads.sourceforge.net/${pkgname}/${pkgname}-${pkgver}.tar.bz2 sox-dynamic.patch
+        CVE-2017-15371.patch::https://github.com/mansr/sox/commit/818bdd0.patch
+        CVE-2017-11358.patch::https://github.com/mansr/sox/commit/6cb44a4.patch
+        CVE-2017-15370.patch::https://github.com/mansr/sox/commit/ef3d8be.patch
+        CVE-2017-11332.patch::https://github.com/mansr/sox/commit/7405bca.patch
+        CVE-2017-11359.patch::https://github.com/mansr/sox/commit/8b590b3.patch
+        CVE-2017-15372.patch::https://github.com/mansr/sox/commit/001c337.patch
+        CVE-2017-15642.patch::https://github.com/mansr/sox/commit/0be259e.patch)
+
 sha1sums=('dc9668256b9d81ef25d672f14f12ec026b0b4087'
-          '9c71fa36596ed127b1bb367cfbab3b52cd2ecb6d')
+          '9c71fa36596ed127b1bb367cfbab3b52cd2ecb6d'
+          'e10b3903906eee6e1ac413c985de8deba1089c6c'
+          '67c701cf7b3b78b167e5c62a2deade5b92c73bf6'
+          '8cf9cda08e3da1d3cf75fa64d17859b9b2a05b73'
+          'dc832d954ea1dcddfdf80719bbcb7b4f187a9901'
+          '293e4b7942a82c686695d968a2e0b0400ba4f534'
+          'd580cfbac8e6562e9150dbd10b36fd66f4011a48'
+          '23b0012c3e214eade8e6fedeb610548f90527ee4')
 
 prepare() {
   cd ${pkgname}-${pkgver}
   sed -i 's|man1/sox.1 soxeffect.7|man1/sox.1.gz soxeffect.7.gz|' Makefile.in
   patch -p1 -i "${srcdir}/sox-dynamic.patch"
+  for _cve in 15371 11358 15370 11332 11359 15372 15642; do
+    patch -p1 -i ../CVE-2017-$_cve.patch
+  done
+  sed -e '/hcom/d' -i src/tests.sh # test fails with CVE-2017-11358.patch
+
   aclocal
   automake
 }

More information about the arch-commits mailing list