Date: Wednesday, December 9, 2020 @ 15:30:31
Author: andyrtr
Revision: 403205
upgpkg: openjpeg2 2.3.1-3: apply upstream fix for CVE-2020-27823 / FS#68906
Modified:
openjpeg2/trunk/PKGBUILD
----------+
PKGBUILD | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2020-12-09 14:33:36 UTC (rev 403204)
+++ PKGBUILD 2020-12-09 15:30:31 UTC (rev 403205)
@@ -3,7 +3,7 @@
pkgname=openjpeg2
pkgver=2.3.1
-pkgrel=2
+pkgrel=3
pkgdesc="An open source JPEG 2000 codec, version ${pkgver}"
arch=(x86_64)
license=('custom: BSD')
@@ -10,8 +10,10 @@
url="https://github.com/uclouvain/openjpeg";
makedepends=('cmake' 'doxygen')
depends=('zlib' 'libpng' 'libtiff' 'lcms2')
-source=("$pkgname-$pkgver.tar.gz::https://github.com/uclouvain/openjpeg/archive/v$pkgver.tar.gz";)
-sha256sums=('63f5a4713ecafc86de51bfad89cc07bb788e9bba24ebbf0c4ca637621aadb6a9')
+source=("$pkgname-$pkgver.tar.gz::https://github.com/uclouvain/openjpeg/archive/v$pkgver.tar.gz";
+
CVE-2020-27823.patch::https://github.com/uclouvain/openjpeg/commit/b2072402b7e14d22bba6fb8cde2a1e9996e9a919.patch)
+sha256sums=('63f5a4713ecafc86de51bfad89cc07bb788e9bba24ebbf0c4ca637621aadb6a9'
+ 'SKIP')
prepare() {
cd "${srcdir}"
@@ -19,6 +21,11 @@
# Install doxygen docs to the right directory
sed -i -e "s:DESTINATION\ share/doc:DESTINATION\ share/doc/${pkgname}:"
openjpeg-${pkgver}/doc/CMakeLists.txt
+
+ # https://bugs.archlinux.org/task/68906
+ pushd openjpeg-${pkgver}
+ patch -Np1 -i ../CVE-2020-27823.patch
+ popd
}
build() {
