DSub: add maintainer note about a security vulnerability

Closes fdroid/fdroiddata#1474.
2018-12-22 09:13:38 +03:00 · 2018-12-22 09:13:38 +03:00 · 985ee17c9d
parent 41019aa99d
commit 985ee17c9d
1 changed files with 12 additions and 5 deletions
--- a/metadata/github.daneren2005.dsub.txt
+++ b/metadata/github.daneren2005.dsub.txt
@ -144,13 +144,20 @@ Build:5.0.3,158
    patch=0001-Remove-Google-Play-Services-dependency.patch
    gradle=yes

-Build:5.1.1,166
-    disable=patch does not apply
-    commit=5.1.1
+Build:5.4.3,200
+    disable=unknown maven repo 'http://4thline.org/m2'
+    commit=5.4.3
    subdir=app
    submodules=yes
-    patch=0001-Remove-Google-Play-Services-dependency.patch
-    gradle=yes
+    gradle=floss
+    prebuild=sed -i -e '/com.google.android.gms/d' build.gradle
+
+Maintainer Notes:
+DSub 5.4.1 has a vulnerability: https://www.cvedetails.com/cve/CVE-2018-1000664/
+
+Check whether it's fixed before adding a new version. If not, add a KnownVuln
+antifeature.
+.

 Auto Update Mode:None
 Update Check Mode:Tags