From 411017db80dcea5cacb306ad305afca996643c71 Mon Sep 17 00:00:00 2001
From: Paul Menzel <pmenzel@molgen.mpg.de>
Date: Fri, 5 Jul 2019 10:47:47 +0200
Subject: [PATCH] bzip2: Update version from 1.0.6 to 1.0.7

From the [announcement][1]:

> We are happy to announce the release of bzip2 1.0.7.
>
> This is an emergency release because the old bzip2 home
> is gone and there were outstanding security issues.
> The original bzip2 home, downloads and documentation
> can now be found at: https://sourceware.org/bzip2/
>
> bzip2 1.0.7 contains only the following bug/security fixes:
>
> * Fix undefined behavior in the macros SET_BH, CLEAR_BH, & ISSET_BH
> * bzip2: Fix return value when combining --test,-t and -q.
> * bzip2recover: Fix buffer overflow for large argv[0]
> * bzip2recover: Fix use after free issue with outFile (CVE-2016-3189)
> * Make sure nSelectors is not out of range (CVE-2019-12900)
>
> A future 1.1.x release is being prepared by Federico Mena Quintero
> which will include more fixes, an updated build system and possibly
> an updated SONAME default.
>
> Please read his blog for more background on this:
> https://people.gnome.org/~federico/blog/tag/bzip2.html

More details can be found in [2] and [3].

[1]: https://sourceware.org/ml/bzip2-devel/2019-q2/msg00022.html
[2]: https://people.gnome.org/~federico/blog/preparing-the-bzip2-107-release.html
[3]: https://gnu.wildebeest.org/blog/mjw/2019/06/27/bzip2-1-0-7/
---
 bzip2.be0 | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/bzip2.be0 b/bzip2.be0
index 5eab0b5d6..429a3a17f 100755
--- a/bzip2.be0
+++ b/bzip2.be0
@@ -1,6 +1,6 @@
 #!/usr/bin/env beesh
 
-# BEE_VERSION bzip2-1.0.6-4
+# BEE_VERSION bzip2-1.0.7-0
 
 ## this file was created by bee init and should be executed to build a
 ## bee-package. (Additional hints are located at the end of this file.)
@@ -9,7 +9,7 @@
 ## The source URL(s) define the location of the sources that will be
 ## downloaded. Version variables may be used to simplify reuse of this bee-file.
 
-SRCURL[0]="http://www.bzip.org/${PKGVERSION}/bzip2-${PKGVERSION}.tar.gz"
+SRCURL[0]="https://sourceware.org/pub/bzip2/bzip2-${PKGVERSION}.tar.gz"
 
 ###############################################################################
 ## Add URLs/pathes to patch files to the PATCHURL array.
@@ -76,7 +76,7 @@ mee_install() {
 
     ln -sv libbz2.so.1.0 ${D}${LIBDIR}/libbz2.so
 
-    ln -sv libbz2.so.1.0.6 ${D}${LIBDIR}/libbz2.so.1
+    ln -sv libbz2.so.1.0 ${D}${LIBDIR}/libbz2.so.1
 
     rm -v ${D}${BINDIR}/{bunzip2,bzcat}