* [Buildroot] [PATCH] libbsd: security bump to version 0.8.2
@ 2016-02-05 18:28 Gustavo Zacarias
2016-02-05 20:16 ` Bernd Kuhls
0 siblings, 1 reply; 3+ messages in thread
From: Gustavo Zacarias @ 2016-02-05 18:28 UTC (permalink / raw)
To: buildroot
Fixes:
CVE-2016-2090 - denial of service due to a buffer overflow in the
"fgetwln"-function.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
package/libbsd/libbsd.hash | 2 +-
package/libbsd/libbsd.mk | 3 +--
2 files changed, 2 insertions(+), 3 deletions(-)
diff --git a/package/libbsd/libbsd.hash b/package/libbsd/libbsd.hash
index be4ba50..f77c0aa 100644
--- a/package/libbsd/libbsd.hash
+++ b/package/libbsd/libbsd.hash
@@ -1,2 +1,2 @@
# Locally calculated after checking pgp signature
-sha256 9e8f34ffa9c8579c87965a55a82d8ac37a1dc64858f717b7c49452ade277cc62 libbsd-0.6.0.tar.xz
+sha256 b2f644cae94a6e2fe109449c20ad79a0f6ee4faec2205b07eefa0020565e250a libbsd-0.8.2.tar.xz
diff --git a/package/libbsd/libbsd.mk b/package/libbsd/libbsd.mk
index 99a9572..62dee06 100644
--- a/package/libbsd/libbsd.mk
+++ b/package/libbsd/libbsd.mk
@@ -4,12 +4,11 @@
#
################################################################################
-LIBBSD_VERSION = 0.6.0
+LIBBSD_VERSION = 0.8.2
LIBBSD_SOURCE = libbsd-$(LIBBSD_VERSION).tar.xz
LIBBSD_SITE = http://libbsd.freedesktop.org/releases
LIBBSD_LICENSE = BSD-3c, MIT
LIBBSD_LICENSE_FILES = COPYING
-
LIBBSD_INSTALL_STAGING = YES
$(eval $(autotools-package))
--
2.4.10
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [Buildroot] [PATCH] libbsd: security bump to version 0.8.2
2016-02-05 18:28 [Buildroot] [PATCH] libbsd: security bump to version 0.8.2 Gustavo Zacarias
@ 2016-02-05 20:16 ` Bernd Kuhls
2016-02-05 20:19 ` Gustavo Zacarias
0 siblings, 1 reply; 3+ messages in thread
From: Bernd Kuhls @ 2016-02-05 20:16 UTC (permalink / raw)
To: buildroot
Am Fri, 05 Feb 2016 15:28:19 -0300 schrieb Gustavo Zacarias:
> -LIBBSD_VERSION = 0.6.0
> +LIBBSD_VERSION = 0.8.2
Hi Gustavo,
your patch looks like a duplicate to http://patchwork.ozlabs.org/patch/578996/
Regards, Bernd
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Buildroot] [PATCH] libbsd: security bump to version 0.8.2
2016-02-05 20:16 ` Bernd Kuhls
@ 2016-02-05 20:19 ` Gustavo Zacarias
0 siblings, 0 replies; 3+ messages in thread
From: Gustavo Zacarias @ 2016-02-05 20:19 UTC (permalink / raw)
To: buildroot
On 05/02/16 17:16, Bernd Kuhls wrote:
>> -LIBBSD_VERSION = 0.6.0
>> +LIBBSD_VERSION = 0.8.2
>
> Hi Gustavo,
>
> your patch looks like a duplicate to http://patchwork.ozlabs.org/patch/578996/
>
> Regards, Bernd
Hi, thanks, missed that one.
It should be noted that right now it's urgent since it's a security bump.
Regards.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-02-05 20:19 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-02-05 18:28 [Buildroot] [PATCH] libbsd: security bump to version 0.8.2 Gustavo Zacarias
2016-02-05 20:16 ` Bernd Kuhls
2016-02-05 20:19 ` Gustavo Zacarias
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox