Date: Sunday, December 19, 2021 @ 18:48:16 Author: dvzrv Revision: 1079087
upgpkg: mediathekview 13.8.1-3: Rebuild to fix CVE-2021-45105. Add patch to update included log4j to 2.17.0 to fix CVE-2021-45105. Added: mediathekview/trunk/mediathekview-13.8.1-CVE-2021-45105.patch Modified: mediathekview/trunk/PKGBUILD -------------------------------------------+ PKGBUILD | 9 ++++++--- mediathekview-13.8.1-CVE-2021-45105.patch | 12 ++++++++++++ 2 files changed, 18 insertions(+), 3 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2021-12-19 18:38:46 UTC (rev 1079086) +++ PKGBUILD 2021-12-19 18:48:16 UTC (rev 1079087) @@ -3,7 +3,7 @@ _name=MediathekView pkgname=mediathekview pkgver=13.8.1 -pkgrel=2 +pkgrel=3 pkgdesc="Access the Mediathek of many German TV stations" arch=(any) url="https://github.com/mediathekview/mediathekview" @@ -23,15 +23,18 @@ "de.${pkgname}.${_name}.desktop" "${pkgname}.sh" "${pkgname}-13.8.1-CVE-2021-45046.patch" + "${pkgname}-13.8.1-CVE-2021-45105.patch" ) sha512sums=('91acae0a5add48fab5d6fff54519eaac1321ad15f052ecb9c9221811eb4b793cf61a52f46d0f7f3377c89a2efaf81949c29363729a33225fff0cbecfbbdf1c3e' '24a94a078180aca7c50ed7763ef4806c116c27f901f644ef570ee413ffc3ac795b5ebd24d696a9b2ec426e7c9b6eaf8a8b22addb5ac7c9fe9700f7c04305f64b' '24313f9873aef8680eb466d756c0f537c4d2320e51296f354422bcf70f8f42ffff481c7db0cf58024b2953efb1f7442728e3e977c1ad03aaf3b9c47a535cc6a0' - '0048f32dfc1ef8cc1dc25900a8d233fe9af0aa09fd3593dea4885f95ff9d388533c0656d1b0e4aa46fbecf11225dc60741f25f2b054793402d1f332a4f8c7479') + '0048f32dfc1ef8cc1dc25900a8d233fe9af0aa09fd3593dea4885f95ff9d388533c0656d1b0e4aa46fbecf11225dc60741f25f2b054793402d1f332a4f8c7479' + '4bca64212708923b9e469f77e52dd7b217a469d3ab3273d988d0ac8e3a309c4b6a8f66b62038601d6aef3815159a6992db1897225cb4ec47ae095da48354b946') b2sums=('536a7f1d71b2893d5605b2b6a4c4cad2f63e4381b9245e8b4cc892de09f7f7848f408247f6777cade68814d57adbc2f73527698bd70259c574c5e214bf8d59dc' '6dbcdea2918009621fc132b4ff1056ef79f06e27c3299b69ccd7e3cb2b093e3a2a5f76acd6b1ab62689edd867ac1650f61bf829f2a1c575835d31e117d9b9ae5' 'cbf668c6ccfb42b575d40de256ec03bb7863ea7db0bb02586f6727728fb5f1f004169849bfa9082a40b93042dc9c8f330c743e5983847c0a20f5d613748bae60' - '495476b6377dedf057ebd0172d8f17d402b5c431d2da07505ed6b79d7559215da6c4746922eb59dc611f3dff81aecd9babfd112fdf19080df28c7335ab55f7bb') + '495476b6377dedf057ebd0172d8f17d402b5c431d2da07505ed6b79d7559215da6c4746922eb59dc611f3dff81aecd9babfd112fdf19080df28c7335ab55f7bb' + '2c63415989e031a336633fcee6bcc91bed1f47e7ee0a964e554b5157076a86459218cca3ebde73fed47a2959896b6896c07aac6a70d4c37171bc518947f8401f') prepare() { cd "${_name}-${pkgver}" Added: mediathekview-13.8.1-CVE-2021-45105.patch =================================================================== --- mediathekview-13.8.1-CVE-2021-45105.patch (rev 0) +++ mediathekview-13.8.1-CVE-2021-45105.patch 2021-12-19 18:48:16 UTC (rev 1079087) @@ -0,0 +1,12 @@ +diff -ruN a/pom.xml b/pom.xml +--- a/pom.xml 2021-12-19 19:38:54.664444722 +0100 ++++ b/pom.xml 2021-12-19 19:39:29.224576815 +0100 +@@ -96,7 +96,7 @@ + <javax.transaction-api.version>1.3</javax.transaction-api.version> + <jna.version>5.10.0</jna.version> + <junit.jupiter.version>5.8.0</junit.jupiter.version> +- <log4j2.version>2.16.0</log4j2.version> ++ <log4j2.version>2.17.0</log4j2.version> + <maven-assembly-plugin.version>3.3.0</maven-assembly-plugin.version> + <maven-clean-plugin.version>3.1.0</maven-clean-plugin.version> + <maven-compiler-plugin.version>3.8.1</maven-compiler-plugin.version>