From 8eb7cf1cd19e4a1babb7d1075088f7df2c8d71fc Mon Sep 17 00:00:00 2001 From: Krassy Boykinov Date: Fri, 29 Dec 2023 11:21:18 +0100 Subject: [PATCH] main/libde265: security upgrade to 1.0.15 --- main/libde265/APKBUILD | 12 ++++++++---- main/libde265/disable_tools.patch | 31 ++++--------------------------- 2 files changed, 12 insertions(+), 31 deletions(-) diff --git a/main/libde265/APKBUILD b/main/libde265/APKBUILD index 0b3961b6af3..a486f972150 100644 --- a/main/libde265/APKBUILD +++ b/main/libde265/APKBUILD @@ -1,7 +1,7 @@ # Contributor: Jakub Jirutka # Maintainer: Jakub Jirutka pkgname=libde265 -pkgver=1.0.12 +pkgver=1.0.15 pkgrel=0 pkgdesc="Open h.265 video codec implementation" url="https://github.com/strukturag/libde265" @@ -11,10 +11,14 @@ makedepends="autoconf automake libtool" options="!check" # no tests provided subpackages="$pkgname-dev $pkgname-examples" source="https://github.com/strukturag/libde265/releases/download/v$pkgver/libde265-$pkgver.tar.gz - export-only-decoder-api.patch disable_tools.patch + export-only-decoder-api.patch " # secfixes: +# 1.0.15-r0: +# - CVE-2023-49465 +# - CVE-2023-49467 +# - CVE-2023-49468 # 1.0.11-r1: # - CVE-2023-27102 # - CVE-2023-27103 @@ -89,7 +93,7 @@ examples() { } sha512sums=" -2cd105f3ce15a075da758f5429670b78ec162217017d1057eb828d7bc45414d35f2a8ab3b2cd5f247320c361740f4ab92d2ce5a6d943feeb33dc28c273e1ed64 libde265-1.0.12.tar.gz +375d8e781108247e0e8b4d7a036d20cc5d0670bdbf6ddb40a6d3dbf912fa776d2f001fb762301cb97e4d43be29eb415b0cdbfc6e07aa18b3f2346f7409c64fce libde265-1.0.15.tar.gz +1c702f229e2bafb2e72c90aed55b14691fa8f216ea855931197b8cd266c701ce2679a8f143651bdf984d7ac79a66a0d84b603822601a800ffb504461399d84ee disable_tools.patch f7bd3799f4e4440e7efb98671eca425a5926dd526f8b1147cee2e49b1995853f67b63287c12739ef8ea680713af903517820f83f7f88eac6459f37bae01b4d50 export-only-decoder-api.patch -1f12bf8c7f52932ab8a205996b4439afb75baf9bd6aab13126791f281784f5c7f1b3e20f9c20cfb0ab889b8643da5737a51d5571b54a3a8733ff5da835564eca disable_tools.patch " diff --git a/main/libde265/disable_tools.patch b/main/libde265/disable_tools.patch index 8fb5ddd25b5..e927ac1e0f7 100644 --- a/main/libde265/disable_tools.patch +++ b/main/libde265/disable_tools.patch @@ -1,34 +1,11 @@ Description: Disable building of some internal tools that no longer link - because internal symbols are no longer exported. -Author: Joachim Bauch + because internal symbols are no longer exported. -Patch-Source: https://launchpad.net/~strukturag/+archive/ubuntu/libde265/+sourcefiles/libde265/1.0.8-1~ppa1~ubuntu20.10.1/libde265_1.0.8-1~ppa1~ubuntu20.10.1.debian.tar.gz - ---- a/dec265/Makefile.am -+++ b/dec265/Makefile.am -@@ -1,5 +1,5 @@ - --bin_PROGRAMS = dec265 hdrcopy -+bin_PROGRAMS = dec265 - - AM_CPPFLAGS = -I$(top_srcdir)/libde265 -I$(top_srcdir) - -@@ -9,12 +9,6 @@ - dec265_LDADD = ../libde265/libde265.la -lstdc++ - dec265_SOURCES = dec265.cc - --hdrcopy_DEPENDENCIES = ../libde265/libde265.la --hdrcopy_CXXFLAGS = --hdrcopy_LDFLAGS = --hdrcopy_LDADD = ../libde265/libde265.la -lstdc++ --hdrcopy_SOURCES = hdrcopy.cc -- - if HAVE_VIDEOGFX - dec265_CXXFLAGS += $(VIDEOGFX_CFLAGS) - dec265_LDFLAGS += $(VIDEOGFX_LIBS) +diff --git a/Makefile.am b/Makefile.am +index b4098f8..0d66934 100644 --- a/Makefile.am +++ b/Makefile.am -@@ -8,13 +8,6 @@ +@@ -8,13 +8,6 @@ if ENABLE_DEC265 SUBDIRS+=dec265 endif