* [Buildroot] [PATCH] libsndfile: security bump to version 1.0.26
@ 2015-12-15 17:44 Gustavo Zacarias
2015-12-15 20:36 ` Thomas Petazzoni
0 siblings, 1 reply; 2+ messages in thread
From: Gustavo Zacarias @ 2015-12-15 17:44 UTC (permalink / raw)
To: buildroot
Fixes:
CVE-2014-9496 - SD2 buffer read overflow.
CVE-2014-9756 - file_io.c divide by zero.
CVE-2015-7805 - AIIF heap write overflow.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
package/libsndfile/libsndfile.hash | 2 +-
package/libsndfile/libsndfile.mk | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/libsndfile/libsndfile.hash b/package/libsndfile/libsndfile.hash
index a19c262..04d091b 100644
--- a/package/libsndfile/libsndfile.hash
+++ b/package/libsndfile/libsndfile.hash
@@ -1,2 +1,2 @@
# Locally calculated after checking pgp signature
-sha256 59016dbd326abe7e2366ded5c344c853829bebfd1702ef26a07ef662d6aa4882 libsndfile-1.0.25.tar.gz
+sha256 cd6520ec763d1a45573885ecb1f8e4e42505ac12180268482a44b28484a25092 libsndfile-1.0.26.tar.gz
diff --git a/package/libsndfile/libsndfile.mk b/package/libsndfile/libsndfile.mk
index 88db576..107a356 100644
--- a/package/libsndfile/libsndfile.mk
+++ b/package/libsndfile/libsndfile.mk
@@ -4,7 +4,7 @@
#
################################################################################
-LIBSNDFILE_VERSION = 1.0.25
+LIBSNDFILE_VERSION = 1.0.26
LIBSNDFILE_SITE = http://www.mega-nerd.com/libsndfile/files
LIBSNDFILE_INSTALL_STAGING = YES
LIBSNDFILE_LICENSE = LGPLv2.1+
--
2.4.10
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [Buildroot] [PATCH] libsndfile: security bump to version 1.0.26
2015-12-15 17:44 [Buildroot] [PATCH] libsndfile: security bump to version 1.0.26 Gustavo Zacarias
@ 2015-12-15 20:36 ` Thomas Petazzoni
0 siblings, 0 replies; 2+ messages in thread
From: Thomas Petazzoni @ 2015-12-15 20:36 UTC (permalink / raw)
To: buildroot
Dear Gustavo Zacarias,
On Tue, 15 Dec 2015 14:44:45 -0300, Gustavo Zacarias wrote:
> Fixes:
> CVE-2014-9496 - SD2 buffer read overflow.
> CVE-2014-9756 - file_io.c divide by zero.
> CVE-2015-7805 - AIIF heap write overflow.
>
> Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
> ---
> package/libsndfile/libsndfile.hash | 2 +-
> package/libsndfile/libsndfile.mk | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
Applied, thanks.
Thomas
--
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2015-12-15 20:36 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-12-15 17:44 [Buildroot] [PATCH] libsndfile: security bump to version 1.0.26 Gustavo Zacarias
2015-12-15 20:36 ` Thomas Petazzoni
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox