* [Buildroot] [PATCH 1/1] package/libkrb5: security bump to version 1.21.3
@ 2024-11-14 21:09 Julien Olivain
2024-11-16 9:48 ` Peter Korsgaard
2024-11-26 13:24 ` Peter Korsgaard
0 siblings, 2 replies; 3+ messages in thread
From: Julien Olivain @ 2024-11-14 21:09 UTC (permalink / raw)
To: buildroot; +Cc: André Zwing, Julien Olivain
For the change log, see [1].
The license hash file changed, due to the year update. See [2].
This commit also adds a comment in the hash file the pgp signature file
source and key id used for the verification.
Fixes:
- https://nvd.nist.gov/vuln/detail/CVE-2024-37370
- https://nvd.nist.gov/vuln/detail/CVE-2024-37371
[1] https://web.mit.edu/kerberos/www/krb5-1.21/
[2] https://github.com/krb5/krb5/commit/fec2c44ee93bfd3282bed99509a941d56a6e2c21
Signed-off-by: Julien Olivain <ju.o@free.fr>
---
Patch tested (compilation only) in:
https://gitlab.com/jolivain/buildroot/-/pipelines/1543592409
---
package/libkrb5/libkrb5.hash | 6 ++++--
package/libkrb5/libkrb5.mk | 2 +-
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/package/libkrb5/libkrb5.hash b/package/libkrb5/libkrb5.hash
index 02c0e3396e..0403b3aed0 100644
--- a/package/libkrb5/libkrb5.hash
+++ b/package/libkrb5/libkrb5.hash
@@ -1,5 +1,7 @@
# Locally calculated after checking pgp signature
-sha256 9560941a9d843c0243a71b17a7ac6fe31c7cebb5bce3983db79e52ae7e850491 krb5-1.21.2.tar.gz
+# from https://web.mit.edu/kerberos/dist/krb5/1.21/krb5-1.21.3.tar.gz.asc
+# with key C4493CB739F4A89F9852CBC20CBA08575F8372DF
+sha256 b7a4cd5ead67fb08b980b21abd150ff7217e85ea320c9ed0c6dadd304840ad35 krb5-1.21.3.tar.gz
# Hash for license file:
-sha256 0d5373486138cb176c063db98274b4c4ab6ef3518c4191360736384b780306c2 NOTICE
+sha256 7601361a275aadbe35c90185519323c28730d60c553683e56fd06cf9c5f749a6 NOTICE
diff --git a/package/libkrb5/libkrb5.mk b/package/libkrb5/libkrb5.mk
index def627d422..e57a2b98a2 100644
--- a/package/libkrb5/libkrb5.mk
+++ b/package/libkrb5/libkrb5.mk
@@ -5,7 +5,7 @@
################################################################################
LIBKRB5_VERSION_MAJOR = 1.21
-LIBKRB5_VERSION = $(LIBKRB5_VERSION_MAJOR).2
+LIBKRB5_VERSION = $(LIBKRB5_VERSION_MAJOR).3
LIBKRB5_SITE = https://web.mit.edu/kerberos/dist/krb5/$(LIBKRB5_VERSION_MAJOR)
LIBKRB5_SOURCE = krb5-$(LIBKRB5_VERSION).tar.gz
LIBKRB5_SUBDIR = src
--
2.47.0
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/libkrb5: security bump to version 1.21.3
2024-11-14 21:09 [Buildroot] [PATCH 1/1] package/libkrb5: security bump to version 1.21.3 Julien Olivain
@ 2024-11-16 9:48 ` Peter Korsgaard
2024-11-26 13:24 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2024-11-16 9:48 UTC (permalink / raw)
To: Julien Olivain; +Cc: buildroot, André Zwing
>>>>> "Julien" == Julien Olivain <ju.o@free.fr> writes:
> For the change log, see [1].
> The license hash file changed, due to the year update. See [2].
> This commit also adds a comment in the hash file the pgp signature file
> source and key id used for the verification.
> Fixes:
> - https://nvd.nist.gov/vuln/detail/CVE-2024-37370
> - https://nvd.nist.gov/vuln/detail/CVE-2024-37371
> [1] https://web.mit.edu/kerberos/www/krb5-1.21/
> [2] https://github.com/krb5/krb5/commit/fec2c44ee93bfd3282bed99509a941d56a6e2c21
> Signed-off-by: Julien Olivain <ju.o@free.fr>
> ---
> Patch tested (compilation only) in:
> https://gitlab.com/jolivain/buildroot/-/pipelines/1543592409
Committed, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/libkrb5: security bump to version 1.21.3
2024-11-14 21:09 [Buildroot] [PATCH 1/1] package/libkrb5: security bump to version 1.21.3 Julien Olivain
2024-11-16 9:48 ` Peter Korsgaard
@ 2024-11-26 13:24 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2024-11-26 13:24 UTC (permalink / raw)
To: Julien Olivain; +Cc: buildroot, André Zwing
>>>>> "Julien" == Julien Olivain <ju.o@free.fr> writes:
> For the change log, see [1].
> The license hash file changed, due to the year update. See [2].
> This commit also adds a comment in the hash file the pgp signature file
> source and key id used for the verification.
> Fixes:
> - https://nvd.nist.gov/vuln/detail/CVE-2024-37370
> - https://nvd.nist.gov/vuln/detail/CVE-2024-37371
> [1] https://web.mit.edu/kerberos/www/krb5-1.21/
> [2] https://github.com/krb5/krb5/commit/fec2c44ee93bfd3282bed99509a941d56a6e2c21
> Signed-off-by: Julien Olivain <ju.o@free.fr>
Committed to 2024.02.x and 2024.08.x, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2024-11-26 13:24 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-11-14 21:09 [Buildroot] [PATCH 1/1] package/libkrb5: security bump to version 1.21.3 Julien Olivain
2024-11-16 9:48 ` Peter Korsgaard
2024-11-26 13:24 ` Peter Korsgaard
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox