* [Buildroot] [PATCH] libsoup: security bump to version 2.56.1
@ 2017-09-07 15:07 Peter Korsgaard
2017-09-08 9:14 ` Peter Korsgaard
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Peter Korsgaard @ 2017-09-07 15:07 UTC (permalink / raw)
To: buildroot
Fixes CVE-2017-2885: stack based buffer overflow with HTTP Chunked Encoding
For more details, see
https://bugzilla.gnome.org/show_bug.cgi?id=785774
While we're at it, add a hash for the license file.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
package/libsoup/libsoup.hash | 6 ++++--
package/libsoup/libsoup.mk | 2 +-
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/package/libsoup/libsoup.hash b/package/libsoup/libsoup.hash
index b42cf2f711..6e1ff428af 100644
--- a/package/libsoup/libsoup.hash
+++ b/package/libsoup/libsoup.hash
@@ -1,2 +1,4 @@
-# From http://ftp.gnome.org/pub/gnome/sources/libsoup/2.56/libsoup-2.56.0.sha256sum
-sha256 d8216b71de8247bc6f274ec054c08547b2e04369c1f8add713e9350c8ef81fe5 libsoup-2.56.0.tar.xz
+# From http://ftp.gnome.org/pub/gnome/sources/libsoup/2.56/libsoup-2.56.1.sha256sum
+sha256 c32a46d77b4da433b51d8fd09a57a44b198e03bdc93e5219afcc687c7948eac3 libsoup-2.56.1.tar.xz
+# Locally calculated
+sha256 b7993225104d90ddd8024fd838faf300bea5e83d91203eab98e29512acebd69c COPYING
diff --git a/package/libsoup/libsoup.mk b/package/libsoup/libsoup.mk
index 1c27138f02..a3ce686aa7 100644
--- a/package/libsoup/libsoup.mk
+++ b/package/libsoup/libsoup.mk
@@ -5,7 +5,7 @@
################################################################################
LIBSOUP_VERSION_MAJOR = 2.56
-LIBSOUP_VERSION = $(LIBSOUP_VERSION_MAJOR).0
+LIBSOUP_VERSION = $(LIBSOUP_VERSION_MAJOR).1
LIBSOUP_SOURCE = libsoup-$(LIBSOUP_VERSION).tar.xz
LIBSOUP_SITE = http://ftp.gnome.org/pub/gnome/sources/libsoup/$(LIBSOUP_VERSION_MAJOR)
LIBSOUP_LICENSE = LGPL-2.0+
--
2.11.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [Buildroot] [PATCH] libsoup: security bump to version 2.56.1
2017-09-07 15:07 [Buildroot] [PATCH] libsoup: security bump to version 2.56.1 Peter Korsgaard
@ 2017-09-08 9:14 ` Peter Korsgaard
2017-09-18 7:45 ` Peter Korsgaard
2017-10-16 21:51 ` Peter Korsgaard
2 siblings, 0 replies; 4+ messages in thread
From: Peter Korsgaard @ 2017-09-08 9:14 UTC (permalink / raw)
To: buildroot
>>>>> "Peter" == Peter Korsgaard <peter@korsgaard.com> writes:
> Fixes CVE-2017-2885: stack based buffer overflow with HTTP Chunked Encoding
> For more details, see
> https://bugzilla.gnome.org/show_bug.cgi?id=785774
> While we're at it, add a hash for the license file.
> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Committed, thanks.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Buildroot] [PATCH] libsoup: security bump to version 2.56.1
2017-09-07 15:07 [Buildroot] [PATCH] libsoup: security bump to version 2.56.1 Peter Korsgaard
2017-09-08 9:14 ` Peter Korsgaard
@ 2017-09-18 7:45 ` Peter Korsgaard
2017-10-16 21:51 ` Peter Korsgaard
2 siblings, 0 replies; 4+ messages in thread
From: Peter Korsgaard @ 2017-09-18 7:45 UTC (permalink / raw)
To: buildroot
>>>>> "Peter" == Peter Korsgaard <peter@korsgaard.com> writes:
> Fixes CVE-2017-2885: stack based buffer overflow with HTTP Chunked Encoding
> For more details, see
> https://bugzilla.gnome.org/show_bug.cgi?id=785774
> While we're at it, add a hash for the license file.
> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Committed to 2017.02.x, thanks.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Buildroot] [PATCH] libsoup: security bump to version 2.56.1
2017-09-07 15:07 [Buildroot] [PATCH] libsoup: security bump to version 2.56.1 Peter Korsgaard
2017-09-08 9:14 ` Peter Korsgaard
2017-09-18 7:45 ` Peter Korsgaard
@ 2017-10-16 21:51 ` Peter Korsgaard
2 siblings, 0 replies; 4+ messages in thread
From: Peter Korsgaard @ 2017-10-16 21:51 UTC (permalink / raw)
To: buildroot
>>>>> "Peter" == Peter Korsgaard <peter@korsgaard.com> writes:
> Fixes CVE-2017-2885: stack based buffer overflow with HTTP Chunked Encoding
> For more details, see
> https://bugzilla.gnome.org/show_bug.cgi?id=785774
> While we're at it, add a hash for the license file.
> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Committed to 2017.08.x, thanks.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2017-10-16 21:51 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-09-07 15:07 [Buildroot] [PATCH] libsoup: security bump to version 2.56.1 Peter Korsgaard
2017-09-08 9:14 ` Peter Korsgaard
2017-09-18 7:45 ` Peter Korsgaard
2017-10-16 21:51 ` Peter Korsgaard
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox