* [Buildroot] [PATCH] opus: security bump to 1.1.4
@ 2017-01-21 13:40 Peter Korsgaard
2017-01-22 6:52 ` Thomas Petazzoni
0 siblings, 1 reply; 2+ messages in thread
From: Peter Korsgaard @ 2017-01-21 13:40 UTC (permalink / raw)
To: buildroot
Fixes CVE-2017-0381: A remote code execution vulnerability in
silk/NLSF_stabilize.c in libopus in Mediaserver could enable an attacker
using a specially crafted file to cause memory corruption during media file
and data processing.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
package/opus/opus.hash | 2 +-
package/opus/opus.mk | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/opus/opus.hash b/package/opus/opus.hash
index 2aac69b06..7349ec4b7 100644
--- a/package/opus/opus.hash
+++ b/package/opus/opus.hash
@@ -1,2 +1,2 @@
# From http://downloads.xiph.org/releases/opus/SHA256SUMS.txt
-sha256 58b6fe802e7e30182e95d0cde890c0ace40b6f125cffc50635f0ad2eef69b633 opus-1.1.3.tar.gz
+sha256 9122b6b380081dd2665189f97bfd777f04f92dc3ab6698eea1dbb27ad59d8692 opus-1.1.4.tar.gz
diff --git a/package/opus/opus.mk b/package/opus/opus.mk
index 5cd727f1e..020be88b6 100644
--- a/package/opus/opus.mk
+++ b/package/opus/opus.mk
@@ -4,7 +4,7 @@
#
################################################################################
-OPUS_VERSION = 1.1.3
+OPUS_VERSION = 1.1.4
OPUS_SITE = http://downloads.xiph.org/releases/opus
OPUS_LICENSE = BSD-3c
OPUS_LICENSE_FILES = COPYING
--
2.11.0
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [Buildroot] [PATCH] opus: security bump to 1.1.4
2017-01-21 13:40 [Buildroot] [PATCH] opus: security bump to 1.1.4 Peter Korsgaard
@ 2017-01-22 6:52 ` Thomas Petazzoni
0 siblings, 0 replies; 2+ messages in thread
From: Thomas Petazzoni @ 2017-01-22 6:52 UTC (permalink / raw)
To: buildroot
Hello,
On Sat, 21 Jan 2017 14:40:37 +0100, Peter Korsgaard wrote:
> Fixes CVE-2017-0381: A remote code execution vulnerability in
> silk/NLSF_stabilize.c in libopus in Mediaserver could enable an attacker
> using a specially crafted file to cause memory corruption during media file
> and data processing.
>
> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
> ---
> package/opus/opus.hash | 2 +-
> package/opus/opus.mk | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2017-01-22 6:52 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-01-21 13:40 [Buildroot] [PATCH] opus: security bump to 1.1.4 Peter Korsgaard
2017-01-22 6:52 ` Thomas Petazzoni
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox