* [Buildroot] [PATCH 1/1] package/sshfs: security bump version to 3.7.6
@ 2026-05-31 13:43 Bernd Kuhls
2026-05-31 17:10 ` Thomas Petazzoni via buildroot
0 siblings, 1 reply; 2+ messages in thread
From: Bernd Kuhls @ 2026-05-31 13:43 UTC (permalink / raw)
To: buildroot
https://github.com/libfuse/sshfs/blob/sshfs-3.7.6/ChangeLog.rst
Fixes CVE-2026-47187 & CVE-2026-48711.
Switched to sha256 tarball hash provided by upstream.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
---
Gitlab pipelines passed:
https://gitlab.com/bkuhls/buildroot/-/commits/07cc0d4bd91ba47ee9e28949fc01a52a13d195ea
with the exception of an unrelated build error of the openssh package
with the bootlin-powerpc64le-power8-glibc defconfig.
package/sshfs/sshfs.hash | 5 +++--
package/sshfs/sshfs.mk | 2 +-
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/package/sshfs/sshfs.hash b/package/sshfs/sshfs.hash
index 9372e471c2..57698aeace 100644
--- a/package/sshfs/sshfs.hash
+++ b/package/sshfs/sshfs.hash
@@ -1,3 +1,4 @@
-# Locally calculated after checking pgp signature
-sha256 5218ce7bdd2ce0a34137a0d7798e0f6d09f0e6d21b1e98ee730a18b0699c2e99 sshfs-3.7.3.tar.xz
+# From https://github.com/libfuse/sshfs/releases/tag/sshfs-3.7.6
+sha256 6a1bcb31450a077e9cb1b7ff158c71de34db697c3c0da6cb362502131e495893 sshfs-3.7.6.tar.xz
+# Locally calculated
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
diff --git a/package/sshfs/sshfs.mk b/package/sshfs/sshfs.mk
index 61f11af55f..8557b98353 100644
--- a/package/sshfs/sshfs.mk
+++ b/package/sshfs/sshfs.mk
@@ -4,7 +4,7 @@
#
################################################################################
-SSHFS_VERSION = 3.7.3
+SSHFS_VERSION = 3.7.6
SSHFS_SOURCE = sshfs-$(SSHFS_VERSION).tar.xz
SSHFS_SITE = https://github.com/libfuse/sshfs/releases/download/sshfs-$(SSHFS_VERSION)
SSHFS_LICENSE = GPL-2.0
--
2.47.3
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/sshfs: security bump version to 3.7.6
2026-05-31 13:43 [Buildroot] [PATCH 1/1] package/sshfs: security bump version to 3.7.6 Bernd Kuhls
@ 2026-05-31 17:10 ` Thomas Petazzoni via buildroot
0 siblings, 0 replies; 2+ messages in thread
From: Thomas Petazzoni via buildroot @ 2026-05-31 17:10 UTC (permalink / raw)
To: Bernd Kuhls; +Cc: buildroot
On Sun, May 31, 2026 at 03:43:42PM +0200, Bernd Kuhls wrote:
> https://github.com/libfuse/sshfs/blob/sshfs-3.7.6/ChangeLog.rst
>
> Fixes CVE-2026-47187 & CVE-2026-48711.
>
> Switched to sha256 tarball hash provided by upstream.
>
> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Applied to master, thanks!
Thomas
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering and training
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2026-05-31 17:11 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-05-31 13:43 [Buildroot] [PATCH 1/1] package/sshfs: security bump version to 3.7.6 Bernd Kuhls
2026-05-31 17:10 ` Thomas Petazzoni via buildroot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.