upgpkg: jasper 1.900.1-12

Add CVE patches (close FS#43155) git-svn-id: file:///srv/repos/svn-packages/svn@227774 eb2447ed-0c53-47e4-bac8-5bc4a241df78
author: eric 2014-12-19 03:38:02 +0000
committer: Jakob Gahde 2016-09-26 11:27:19 +0200
commit: b5dedc50e387fb8885866376a191999fc8be7376 (patch)
tree: d60a7e838352ca3bd58b94310764f713be4e2040 /PKGBUILD
parent: 9081218c1b90ce6c9423a698bce35bc5726daa90 (diff)
download: aur-b5dedc50e387fb8885866376a191999fc8be7376.tar.gz
1 files changed, 16 insertions, 3 deletions
diff --git a/PKGBUILD b/PKGBUILD
index a6846389e278..fa4d376140fc 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -3,7 +3,7 @@
 
 pkgname=jasper
 pkgver=1.900.1
-pkgrel=11
+pkgrel=12
 pkgdesc="A software-based implementation of the codec specified in the emerging JPEG-2000 Part-1 standard"
 arch=('i686' 'x86_64')
 url="http://www.ece.uvic.ca/~mdadams/jasper/"
@@ -14,13 +14,21 @@ optdepends=('freeglut: for jiv support' 'glu: for jiv support')
 source=(http://www.ece.uvic.ca/~mdadams/${pkgname}/software/${pkgname}-${pkgver}.zip
         patch-libjasper-stepsizes-overflow.diff jasper-1.900.1-CVE-2008-3520.patch
         jpc_dec.c.patch jasper-1.900.1-CVE-2008-3522.patch
-	jasper-1.900.1-CVE-2014-9029.patch)
+        jasper-1.900.1-CVE-2014-8137.patch jasper-avoid-assert-abort.diff
+        jasper-1.900.1-CVE-2014-8138.patch jasper-1.900.1-CVE-2014-9029.patch
+	jasper-1.900.1-CVE-2011-4516-and-CVE-2011-4517.patch
+        jasper-1.900.1-fix-filename-buffer-overflow.patch)
 sha1sums=('9c5735f773922e580bf98c7c7dfda9bbed4c5191'
           'f298566fef08c8a589d072582112cd51c72c3983'
           '2483dba925670bf29f531d85d73c4e5ada513b01'
           'c1a0176a15210c0af14d85e55ce566921957d780'
           '0e7b6142cd9240ffb15a1ed7297c43c76fa09ee4'
-          'f5fe80c8576379d34f372f6a7c6a76630ab9fdcd')
+          '437519aaaeff6076d11cdbea82125dbcac6f729b'
+          '98548b610a7319e569ee0425a32dc1d31a8771d2'
+          '6086e717af2f0a026f70e399e28fe115f08a8cc1'
+          'f5fe80c8576379d34f372f6a7c6a76630ab9fdcd'
+          '3bfb37a4c732caa824563bad2603fcf5f2acf7f7'
+          '577dfce40da75818c4d32eb1c4532b1370950bee')
 
 prepare() {
   cd ${pkgname}-${pkgver}
@@ -29,6 +37,11 @@ prepare() {
   patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2008-3520.patch"
   patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2008-3522.patch"
   patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2014-9029.patch"
+  patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2014-8137.patch"
+  patch -p1 -i "${srcdir}/jasper-avoid-assert-abort.diff"
+  patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2014-8138.patch"
+  patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2011-4516-and-CVE-2011-4517.patch"
+  patch -p1 -i "${srcdir}/jasper-1.900.1-fix-filename-buffer-overflow.patch"
 }
 
 build() {
author	eric	2014-12-19 03:38:02 +0000
committer	Jakob Gahde	2016-09-26 11:27:19 +0200
commit	b5dedc50e387fb8885866376a191999fc8be7376 (patch)
tree	d60a7e838352ca3bd58b94310764f713be4e2040 /PKGBUILD
parent	9081218c1b90ce6c9423a698bce35bc5726daa90 (diff)
download	aur-b5dedc50e387fb8885866376a191999fc8be7376.tar.gz