net-libs/libsignal-protocol-c: Fix CVE-2022-48468

This commit fixes CVE-2022-48468 for this package's bundled
protobuf-c.

Here are some reference links about the issue:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48468
https://bugzilla.redhat.com/show_bug.cgi?id=2186673

For reference, here is the commit I made in Fedora to address the issue,
which includes this patch:

https://src.fedoraproject.org/rpms/libsignal-protocol-c/c/152eb06d164e7973fda49139bc5a51f3b23c0cf6?branch=rawhide

Closes: https://bugs.gentoo.org/905098
Signed-off-by: Randy Barlow <randy@electronsweatshop.com>
Closes: https://github.com/gentoo/gentoo/pull/30764
Signed-off-by: Joonas Niilola <juippis@gentoo.org>

1 files changed, 18 insertions, 0 deletions

diff --git a/net-libs/libsignal-protocol-c/libsignal-protocol-c-2.3.3-r1.ebuild b/net-libs/libsignal-protocol-c/libsignal-protocol-c-2.3.3-r1.ebuild
new file mode 100644
index 000000000000..27fe1d46128e
--- /dev/null
+++ b/net-libs/libsignal-protocol-c/libsignal-protocol-c-2.3.3-r1.ebuild
@@ -0,0 +1,18 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit cmake
+
+DESCRIPTION="Signal Protocol C Library"
+HOMEPAGE="https://www.whispersystems.org/"
+SRC_URI="https://github.com/signalapp/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+KEYWORDS="~amd64 ~arm64 ~x86"
+
+LICENSE="GPL-3"
+SLOT="0"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-2.3.3-CVE-2022-48468.patch
+)