Buildroot Archive on lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [PATCH] gnupg: security bump to version 1.4.18
@ 2014-07-17 21:13 Gustavo Zacarias
  2014-07-17 21:45 ` Thomas Petazzoni
  0 siblings, 1 reply; 2+ messages in thread
From: Gustavo Zacarias @ 2014-07-17 21:13 UTC (permalink / raw)
  To: buildroot

Fixes CVE-2014-4617 (The do_uncompress function in g10/compress.c
allows context-dependent attackers to cause a denial of service
(infinite loop) via malformed compressed packets, as demonstrated by an
a3 01 5b ff byte sequence.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
 package/gnupg/gnupg.mk | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package/gnupg/gnupg.mk b/package/gnupg/gnupg.mk
index 4c96967..fca6d51 100644
--- a/package/gnupg/gnupg.mk
+++ b/package/gnupg/gnupg.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-GNUPG_VERSION = 1.4.17
+GNUPG_VERSION = 1.4.18
 GNUPG_SOURCE = gnupg-$(GNUPG_VERSION).tar.bz2
 GNUPG_SITE = ftp://ftp.gnupg.org/gcrypt/gnupg
 GNUPG_LICENSE = GPLv3+
-- 
1.8.5.5

^ permalink raw reply related	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-07-17 21:45 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-07-17 21:13 [Buildroot] [PATCH] gnupg: security bump to version 1.4.18 Gustavo Zacarias
2014-07-17 21:45 ` Thomas Petazzoni

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox