From: Heiko Thiery <heiko.thiery@gmail.com>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH] package/linuxptp: security bump version to 3.1.1
Date: Tue, 6 Jul 2021 11:15:01 +0200 [thread overview]
Message-ID: <20210706091500.3236-1-heiko.thiery@gmail.com> (raw)
This fixes the following CVEs:
- CVE-2021-3570 linuxptp: missing length check of forwarded messages
- CVE-2021-3571 linuxptp: wrong length of one-step follow-up in transparent clock
See mailing list post for details: https://sourceforge.net/p/linuxptp/mailman/message/37315519/
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
---
package/linuxptp/linuxptp.hash | 8 ++++----
package/linuxptp/linuxptp.mk | 2 +-
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/package/linuxptp/linuxptp.hash b/package/linuxptp/linuxptp.hash
index 4f8a1f89fc..a5479b0ebc 100644
--- a/package/linuxptp/linuxptp.hash
+++ b/package/linuxptp/linuxptp.hash
@@ -1,9 +1,9 @@
-# From https://sourceforge.net/projects/linuxptp/files/v3.0/
-sha1 9a3869dbd322252c9a6bc0dbdfe8941586810a7f linuxptp-3.1.tgz
-md5 2264cb69c9af947028835c12c89a7572 linuxptp-3.1.tgz
+# From https://sourceforge.net/projects/linuxptp/files/v3.1.1/
+sha1 f905eabc6fd0f03c6a353f9c4ba188a3bd1b774c linuxptp-3.1.1.tgz
+md5 3b79ab5e77c5b5cf06bc1c8350d405bb linuxptp-3.1.1.tgz
# Locally computed:
-sha256 f58f5b11cf14dc7c4f7c9efdfb27190e43d02cf20c3525f6639edac10528ce7d linuxptp-3.1.tgz
+sha256 94d6855f9b7f2d8e9b0ca6d384e3fae6226ce6fc012dbad02608bdef3be1c0d9 linuxptp-3.1.1.tgz
# Hash for license file:
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
diff --git a/package/linuxptp/linuxptp.mk b/package/linuxptp/linuxptp.mk
index f91be921af..da23631d20 100644
--- a/package/linuxptp/linuxptp.mk
+++ b/package/linuxptp/linuxptp.mk
@@ -4,7 +4,7 @@
#
################################################################################
-LINUXPTP_VERSION = 3.1
+LINUXPTP_VERSION = 3.1.1
LINUXPTP_SOURCE = linuxptp-$(LINUXPTP_VERSION).tgz
LINUXPTP_SITE = http://downloads.sourceforge.net/linuxptp
LINUXPTP_LICENSE = GPL-2.0+
--
2.30.0
next reply other threads:[~2021-07-06 9:15 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-06 9:15 Heiko Thiery [this message]
2021-07-16 21:30 ` [Buildroot] [PATCH] package/linuxptp: security bump version to 3.1.1 Thomas Petazzoni
2021-08-03 14:25 ` Peter Korsgaard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210706091500.3236-1-heiko.thiery@gmail.com \
--to=heiko.thiery@gmail.com \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox