Re: [Buildroot] [PATCH 1/1] package/hwlock: security bump to version 2.9.3

From: "Yann E. MORIN" <yann.morin.1998@free.fr>
To: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Cc: Steven Noonan <steven@uplinklabs.net>, buildroot@buildroot.org
Subject: Re: [Buildroot] [PATCH 1/1] package/hwlock: security bump to version 2.9.3
Date: Fri, 15 Sep 2023 23:24:18 +0200	[thread overview]
Message-ID: <20230915212418.GG2571@scaer> (raw)
In-Reply-To: <20230915170412.855864-1-fontaine.fabrice@gmail.com>

Fabrice, All,

On 2023-09-15 19:04 +0200, Fabrice Fontaine spake thusly:
> Fix CVE-2022-47022: An issue was discovered in open-mpi hwloc 2.1.0
> allows attackers to cause a denial of service or other unspecified
> impacts via glibc-cpuset in topology-linux.c.
> 
> https://github.com/open-mpi/hwloc/blob/hwloc-2.9.3/NEWS
> https://github.com/open-mpi/hwloc/compare/hwloc-2.9.2...hwloc-2.9.3
> 
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>

Applied to master, thanks.

Regards,
Yann E. MORIN.

> ---
>  package/hwloc/hwloc.hash | 4 ++--
>  package/hwloc/hwloc.mk   | 2 +-
>  2 files changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/package/hwloc/hwloc.hash b/package/hwloc/hwloc.hash
> index d40315a3af..8010b857f0 100644
> --- a/package/hwloc/hwloc.hash
> +++ b/package/hwloc/hwloc.hash
> @@ -1,5 +1,5 @@
>  # From https://www.open-mpi.org/software/hwloc/v2.9/
> -sha1  be2a4f299c0da7670d39724986268bfa3fac6aee  hwloc-2.9.2.tar.bz2
> -sha256  0a87fdf677f8b00b567d229b6320bf6b25c693edaa43e0b85268d999d6b060cf  hwloc-2.9.2.tar.bz2
> +sha1  76b49087619b46d71e18bd1131d35a5ccf5de791  hwloc-2.9.3.tar.bz2
> +sha256  5c4062ce556f6d3451fc177ffb8673a2120f81df6835dea6a21a90fbdfff0dec  hwloc-2.9.3.tar.bz2
>  # Locally computed
>  sha256  d79a936a42f3c6cb7c8375a023d43f4435f4664d3a5a2ea6b4623cff83c7fc06  COPYING
> diff --git a/package/hwloc/hwloc.mk b/package/hwloc/hwloc.mk
> index f6cf5433c4..0524ec17fd 100644
> --- a/package/hwloc/hwloc.mk
> +++ b/package/hwloc/hwloc.mk
> @@ -5,7 +5,7 @@
>  ################################################################################
>  
>  HWLOC_VERSION_MAJOR = 2.9
> -HWLOC_VERSION = $(HWLOC_VERSION_MAJOR).2
> +HWLOC_VERSION = $(HWLOC_VERSION_MAJOR).3
>  HWLOC_SOURCE = hwloc-$(HWLOC_VERSION).tar.bz2
>  HWLOC_SITE = https://download.open-mpi.org/release/hwloc/v$(HWLOC_VERSION_MAJOR)
>  HWLOC_LICENSE = BSD-3-Clause
> -- 
> 2.40.1
> 
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot