diff options
author | setpill | 2021-01-31 18:30:29 +0100 |
---|---|---|
committer | setpill | 2021-01-31 18:30:29 +0100 |
commit | 81b230ee8f528c1f27ff9736101b8e53a19602bf (patch) | |
tree | e97d418487e266ec67359540dbed47bb65f151c1 | |
parent | 86e371515ab15c17cbba72ed5892e3f6cb513acf (diff) | |
download | aur-81b230ee8f528c1f27ff9736101b8e53a19602bf.tar.gz |
Harden against manifest directory traversal
-rw-r--r-- | .SRCINFO | 2 | ||||
-rw-r--r-- | PKGBUILD | 4 |
2 files changed, 3 insertions, 3 deletions
@@ -1,7 +1,7 @@ pkgbase = lnd-bin pkgdesc = Lightning Network Daemon ⚡ pkgver = 0.12.0_beta - pkgrel = 3 + pkgrel = 4 url = https://github.com/lightningnetwork/lnd arch = x86_64 license = MIT @@ -4,7 +4,7 @@ _pkgname=lnd pkgver=0.12.0_beta _pkgver="${pkgver//_/-}" __pkgver="${_pkgver//\./\\\.}" -pkgrel=3 +pkgrel=4 pkgdesc="Lightning Network Daemon ⚡" arch=('x86_64') url="https://github.com/lightningnetwork/lnd" @@ -34,7 +34,7 @@ prepare() { do echo "Verifying signatures for $maintainer" gpg -o- --verify "$_pkgname-manifest-$maintainer-v$_pkgver.txt.clearsigned" \ - | grep "^[0-9a-f]\{64\} $_pkgname-linux-amd64-v$__pkgver" \ + | grep "^[0-9a-f]\{64\} $_pkgname-linux-amd64-v$__pkgver\(\.tar\.gz\|/lnd\|/lncli\)$" \ | sha256sum -c - done } |