| Message ID | 20220315173429.1987326-1-fontaine.fabrice@gmail.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [1/1] package/libiec61850: security bump to version 1.5.1 | expand |
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes: > - Retrieve official tarball > - Fix CVE-2021-45769: A NULL pointer dereference in > AcseConnection_parseMessage at src/mms/iso_acse/acse.c of libiec61850 > v1.5.0 can lead to a segmentation fault or application crash. > - Fix many other vulnerabilities: > https://libiec61850.com/new-release-1-5-1-of-libiec61850 > Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Committed, thanks.
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes: > - Retrieve official tarball > - Fix CVE-2021-45769: A NULL pointer dereference in > AcseConnection_parseMessage at src/mms/iso_acse/acse.c of libiec61850 > v1.5.0 can lead to a segmentation fault or application crash. > - Fix many other vulnerabilities: > https://libiec61850.com/new-release-1-5-1-of-libiec61850 > Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Committed to 2021.02.x, 2021.11.x and 2022.02.x, thanks.
diff --git a/package/libiec61850/libiec61850.hash b/package/libiec61850/libiec61850.hash index 3a024be7c6..a416ecdb4d 100644 --- a/package/libiec61850/libiec61850.hash +++ b/package/libiec61850/libiec61850.hash @@ -1,3 +1,3 @@ # Locally computed -sha256 7b832c195ae9f42faa1ccfe1b82b9ff187103155ce45aaca08881be98459d164 libiec61850-1.5.0.tar.gz +sha256 b6d7ffac831e7d9aec3470e45e2f1734071859c95cab4cfe99ffd1091776b3cc libiec61850-1.5.1.tar.gz sha256 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903 COPYING diff --git a/package/libiec61850/libiec61850.mk b/package/libiec61850/libiec61850.mk index 6da782ad39..9bd55cb76a 100644 --- a/package/libiec61850/libiec61850.mk +++ b/package/libiec61850/libiec61850.mk @@ -4,8 +4,8 @@ # ################################################################################ -LIBIEC61850_VERSION = 1.5.0 -LIBIEC61850_SITE = $(call github,mz-automation,libiec61850,v$(LIBIEC61850_VERSION)) +LIBIEC61850_VERSION = 1.5.1 +LIBIEC61850_SITE = https://libiec61850.com/wp-content/uploads/2022/03 LIBIEC61850_INSTALL_STAGING = YES LIBIEC61850_LICENSE = GPL-3.0+ LIBIEC61850_LICENSE_FILES = COPYING
- Retrieve official tarball - Fix CVE-2021-45769: A NULL pointer dereference in AcseConnection_parseMessage at src/mms/iso_acse/acse.c of libiec61850 v1.5.0 can lead to a segmentation fault or application crash. - Fix many other vulnerabilities: https://libiec61850.com/new-release-1-5-1-of-libiec61850 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> --- package/libiec61850/libiec61850.hash | 2 +- package/libiec61850/libiec61850.mk | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-)