From: Heiko Thiery <heiko.thiery@gmail.com>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH] package/linuxptp: security bump version to 3.1.1
Date: Tue, 6 Jul 2021 11:15:01 +0200 [thread overview]
Message-ID: <20210706091500.3236-1-heiko.thiery@gmail.com> (raw)
This fixes the following CVEs:
- CVE-2021-3570 linuxptp: missing length check of forwarded messages
- CVE-2021-3571 linuxptp: wrong length of one-step follow-up in transparent clock
See mailing list post for details: https://sourceforge.net/p/linuxptp/mailman/message/37315519/
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
---
package/linuxptp/linuxptp.hash | 8 ++++----
package/linuxptp/linuxptp.mk | 2 +-
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/package/linuxptp/linuxptp.hash b/package/linuxptp/linuxptp.hash
index 4f8a1f89fc..a5479b0ebc 100644
--- a/package/linuxptp/linuxptp.hash
+++ b/package/linuxptp/linuxptp.hash
@@ -1,9 +1,9 @@
-# From https://sourceforge.net/projects/linuxptp/files/v3.0/
-sha1 9a3869dbd322252c9a6bc0dbdfe8941586810a7f linuxptp-3.1.tgz
-md5 2264cb69c9af947028835c12c89a7572 linuxptp-3.1.tgz
+# From https://sourceforge.net/projects/linuxptp/files/v3.1.1/
+sha1 f905eabc6fd0f03c6a353f9c4ba188a3bd1b774c linuxptp-3.1.1.tgz
+md5 3b79ab5e77c5b5cf06bc1c8350d405bb linuxptp-3.1.1.tgz
# Locally computed:
-sha256 f58f5b11cf14dc7c4f7c9efdfb27190e43d02cf20c3525f6639edac10528ce7d linuxptp-3.1.tgz
+sha256 94d6855f9b7f2d8e9b0ca6d384e3fae6226ce6fc012dbad02608bdef3be1c0d9 linuxptp-3.1.1.tgz
# Hash for license file:
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
diff --git a/package/linuxptp/linuxptp.mk b/package/linuxptp/linuxptp.mk
index f91be921af..da23631d20 100644
--- a/package/linuxptp/linuxptp.mk
+++ b/package/linuxptp/linuxptp.mk
@@ -4,7 +4,7 @@
#
################################################################################
-LINUXPTP_VERSION = 3.1
+LINUXPTP_VERSION = 3.1.1
LINUXPTP_SOURCE = linuxptp-$(LINUXPTP_VERSION).tgz
LINUXPTP_SITE = http://downloads.sourceforge.net/linuxptp
LINUXPTP_LICENSE = GPL-2.0+
--
2.30.0
next reply other threads:[~2021-07-06 9:15 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-06 9:15 Heiko Thiery [this message]
2021-07-16 21:30 ` [Buildroot] [PATCH] package/linuxptp: security bump version to 3.1.1 Thomas Petazzoni
2021-08-03 14:25 ` Peter Korsgaard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210706091500.3236-1-heiko.thiery@gmail.com \
--to=heiko.thiery@gmail.com \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.