prosody: upgrade to 0.9.9

  fixes:
    * path traversal vulnerability in mod_http_files (CVE-2016-1231)
    * use of weak PRNG in generation of dialback secrets (CVE-2016-1232)

Signed-off-by: heil <heil@terminal-consulting.de>

diff --git a/net/prosody/Makefile b/net/prosody/Makefile
index 4ff6d38adfd7a07f26882e8e24ad72208c8e3d3c..eff3e2efb8c7aadd15c8ab8c701899cac2663cec 100644 (file)
--- a/net/prosody/Makefile
+++ b/net/prosody/Makefile
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=prosody
-PKG_VERSION:=0.9.8
+PKG_VERSION:=0.9.9
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://prosody.im/downloads/source
-PKG_MD5SUM:=5144cd832a1860443e21e336dc560ee7
+PKG_MD5SUM:=8f7c529b072e78ab9e82ecbedfee7145
 PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>
 PKG_LICENSE:=MIT/X11
 

diff --git a/net/prosody/patches/010-fix-randomseed.patch b/net/prosody/patches/010-fix-randomseed.patch
deleted file mode 100644 (file)
index 05bdffa..0000000
--- a/net/prosody/patches/010-fix-randomseed.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -u --recursive prosody-0.9.7-vanilla/net/dns.lua prosody-0.9.7/net/dns.lua
---- prosody-0.9.7-vanilla/net/dns.lua  2015-01-02 00:26:19.981433830 -0500
-+++ prosody-0.9.7/net/dns.lua  2015-01-02 00:33:10.467077715 -0500
-@@ -225,7 +225,7 @@
- 
- 
- function dns.random(...)    -- - - - - - - - - - - - - - - - - - -  dns.random
--      math.randomseed(math.floor(10000*socket.gettime()) % 0x100000000);
-+      math.randomseed(math.floor(10000*socket.gettime()) % 0x80000000);
-       dns.random = math.random;
-       return dns.random(...);
- end