From 833bdd032e4f771854b1447ea5c284685679c45b Mon Sep 17 00:00:00 2001 From: Rasmus Thomsen Date: Tue, 2 Oct 2018 15:57:47 +0200 Subject: [PATCH] flac: add upstream patch to fix CVE-2018-6888 - cleanup template --- srcpkgs/flac/patches/CVE-2017-6888.patch | 13 +++++++++++++ srcpkgs/flac/template | 17 +++++++---------- 2 files changed, 20 insertions(+), 10 deletions(-) create mode 100644 srcpkgs/flac/patches/CVE-2017-6888.patch diff --git a/srcpkgs/flac/patches/CVE-2017-6888.patch b/srcpkgs/flac/patches/CVE-2017-6888.patch new file mode 100644 index 00000000000..65def109991 --- /dev/null +++ b/srcpkgs/flac/patches/CVE-2017-6888.patch @@ -0,0 +1,13 @@ +# Upstream: Yes +--- a/src/libFLAC/stream_decoder.c ++++ b/src/libFLAC/stream_decoder.c +@@ -1753,6 +1753,9 @@ FLAC__bool read_metadata_vorbiscomment_(FLAC__StreamDecoder *decoder, FLAC__Stre + } + memset (obj->comments[i].entry, 0, obj->comments[i].length) ; + if (!FLAC__bitreader_read_byte_block_aligned_no_crc(decoder->private_->input, obj->comments[i].entry, obj->comments[i].length)) { ++ /* Current i-th entry is bad, so we delete it. */ ++ free (obj->comments[i].entry) ; ++ obj->comments[i].entry = NULL ; + obj->num_comments = i; + goto skip; + } diff --git a/srcpkgs/flac/template b/srcpkgs/flac/template index 81ffbc1dcf6..9c85c9fba46 100644 --- a/srcpkgs/flac/template +++ b/srcpkgs/flac/template @@ -1,27 +1,24 @@ # Template file for 'flac' pkgname=flac version=1.3.2 -revision=3 +revision=4 +patch_args="-Np1" build_style=gnu-configure -configure_args="--disable-rpath --disable-doxygen-docs --disable-xmms-plugin --with-ogg=${XBPS_CROSS_BASE}/usr ---disable-thorough-tests" -hostmakedepends="automake pkg-config libtool nasm" +configure_args="--disable-rpath --disable-doxygen-docs --disable-xmms-plugin +--with-ogg=${XBPS_CROSS_BASE}/usr --disable-thorough-tests" +hostmakedepends="pkg-config nasm" makedepends="libogg-devel" short_desc="Free Lossless Audio Codec" maintainer="Juan RP " homepage="http://flac.sourceforge.net/" -license="3-clause-BSD, GPL-2" -distfiles="http://downloads.xiph.org/releases/flac/flac-${version}.tar.xz" +license="BSD-3-Clause, GPL-2" +distfiles="https://downloads.xiph.org/releases/flac/flac-${version}.tar.xz" checksum=91cfc3ed61dc40f47f050a109b08610667d73477af6ef36dcad31c31a4a8d53f post_install() { vlicense COPYING.Xiph } -pre_configure() { - autoreconf -fi -} - libflac_package() { short_desc+=" - shared libraries" pkg_install() {