ports/core (3.5): [notify] update to 2.13

crux at crux.nu crux at crux.nu
Thu Nov 7 15:21:22 UTC 2019


commit 5e7f2e255358678198594cb5b93c8db0c55afa97
Author: Juergen Daubert <jue at jue.li>
Date:   Thu Nov 7 16:18:53 2019 +0100

    [notify] update to 2.13
    
    security fixes, see
    https://lists.gnu.org/archive/html/info-gnu/2019-11/msg00002.html

diff --git a/cpio/.signature b/cpio/.signature
index a6c43afd..05faa53f 100644
--- a/cpio/.signature
+++ b/cpio/.signature
@@ -1,6 +1,5 @@
 untrusted comment: verify with /etc/ports/core.pub
-RWRJc1FUaeVeqkRVNaDIKJMoDe/Jh69kKy4ow1rZErb45aghcXR7jJADvsDsZS3ZAnPH5jxAEdEOSOWRILmgkU+Aed5jDL/iZAo=
-SHA256 (Pkgfile) = ee5f0427d665184287623c2cdbc55f3e83cccb9e55695a57c38f50c82ce8a136
+RWRJc1FUaeVeqpQgmMxnw+PgKAfnaalvtWMacljY/aRbBRwAWsu0rdI2y5bh6Sb0dcyyFQJtCNNSMB+MrmI6gfx67yGHjEdBhgE=
+SHA256 (Pkgfile) = 6930cf87b8838e8e995318b4e1831452832dd45deff59a07c3ec495bb9df4f0a
 SHA256 (.footprint) = 26cfb1dd44c5356afcdba7aa054685d535b15b4ab96897ad7bd24a6c9a14b9fe
-SHA256 (cpio-2.12.tar.bz2) = 70998c5816ace8407c8b101c9ba1ffd3ebbecba1f5031046893307580ec1296e
-SHA256 (CVE-2017-7516.patch) = 8f65ddc3cd60b1bef5032b1a4bc53f17f1c01f1b2d11c4809f3fd29dd9f3a3fa
+SHA256 (cpio-2.13.tar.bz2) = eab5bdc5ae1df285c59f2a4f140a98fc33678a0bf61bdba67d9436ae26b46f6d
diff --git a/cpio/CVE-2017-7516.patch b/cpio/CVE-2017-7516.patch
deleted file mode 100644
index cb17a306..00000000
--- a/cpio/CVE-2017-7516.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff --git a/src/copyin.c b/src/copyin.c
-index ba887ae..38ca70e 100644
---- a/src/copyin.c
-+++ b/src/copyin.c
-@@ -645,6 +645,7 @@ copyin_link (struct cpio_file_stat *file_hdr, int in_file_des)
-       link_name = xstrdup (file_hdr->c_tar_linkname);
-     }
- 
-+  cpio_safer_name_suffix (link_name, false, !no_abs_paths_flag, false);
-   res = UMASKED_SYMLINK (link_name, file_hdr->c_name,
- 			 file_hdr->c_mode);
-   if (res < 0 && create_dir_flag)
diff --git a/cpio/Pkgfile b/cpio/Pkgfile
index 275aff0a..ef497526 100644
--- a/cpio/Pkgfile
+++ b/cpio/Pkgfile
@@ -3,16 +3,13 @@
 # Maintainer:  CRUX System Team, core-ports at crux dot nu
 
 name=cpio
-version=2.12
-release=2
-source=(http://ftpmirror.gnu.org/gnu/$name/$name-$version.tar.bz2 \
-	CVE-2017-7516.patch)
+version=2.13
+release=1
+source=(http://ftpmirror.gnu.org/gnu/$name/$name-$version.tar.bz2)
 
 build() {
     cd $name-$version
-    patch -p1 -i $SRC/CVE-2017-7516.patch
-    ./configure --prefix=/usr \
-                --disable-nls
+    ./configure --prefix=/usr --disable-nls
     make
     make DESTDIR=$PKG install
     rm -r $PKG/usr/{libexec,share/info}


More information about the CRUX mailing list