Date: Wednesday, August 10, 2016 @ 10:54:03
Author: arcanis
Revision: 186312
upgpkg: jq 1.5-4
Modified:
jq/trunk/ChangeLog
jq/trunk/PKGBUILD
-----------+
ChangeLog | 3 +++
PKGBUILD | 13 ++++++++++---
2 files changed, 13 insertions(+), 3 deletions(-)
Modified: ChangeLog
===================================================================
--- ChangeLog 2016-08-10 10:50:12 UTC (rev 186311)
+++ ChangeLog 2016-08-10 10:54:03 UTC (rev 186312)
@@ -1,3 +1,6 @@
+1.5-4:
+fix CVE-2015-8863 (FS#50330)
+
1.5-2:
add oniguruma for regexp support
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2016-08-10 10:50:12 UTC (rev 186311)
+++ PKGBUILD 2016-08-10 10:54:03 UTC (rev 186312)
@@ -5,7 +5,7 @@
pkgname=jq
pkgver=1.5
-pkgrel=3
+pkgrel=4
pkgdesc='Command-line JSON processor'
arch=('i686' 'x86_64')
url='http://stedolan.github.io/jq/'
@@ -12,10 +12,17 @@
license=('MIT')
depends=('glibc' 'oniguruma')
makedepends=('autoconf' 'automake' 'bison' 'flex' 'python2')
-source=("https://github.com/stedolan/jq/releases/download/${pkgname}-${pkgver}/${pkgname}-${pkgver}.tar.gz";)
+source=("https://github.com/stedolan/jq/releases/download/${pkgname}-${pkgver}/${pkgname}-${pkgver}.tar.gz";
+
"cve-2015-8863.patch::https://github.com/stedolan/jq/commit/8eb1367ca44e772963e704a700ef72ae2e12babd.patch";)
changelog=ChangeLog
-md5sums=('0933532b086bd8b6a41c1b162b1731f9')
+md5sums=('0933532b086bd8b6a41c1b162b1731f9'
+ '104f363774c8f312943db55a4dd59ac6')
+prepare() {
+ cd "${pkgname}-${pkgver}"
+ patch -p2 -i "${srcdir}/cve-2015-8863.patch"
+}
+
build() {
cd "${pkgname}-${pkgver}"
./configure --prefix=/usr
