From patchwork Mon Mar 13 12:31:20 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
X-Patchwork-Id: 738087
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 3vhcgB0C7Dz9s75
	for <incoming@patchwork.ozlabs.org>;
	Mon, 13 Mar 2017 23:31:33 +1100 (AEDT)
Received: from localhost (localhost [127.0.0.1])
	by whitealder.osuosl.org (Postfix) with ESMTP id 7E9338970C;
	Mon, 13 Mar 2017 12:31:31 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from whitealder.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id py8leGoldjFz; Mon, 13 Mar 2017 12:31:30 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by whitealder.osuosl.org (Postfix) with ESMTP id 21DB5896EF;
	Mon, 13 Mar 2017 12:31:30 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136])
	by ash.osuosl.org (Postfix) with ESMTP id DA78E1C2035
	for <buildroot@lists.busybox.net>;
	Mon, 13 Mar 2017 12:31:28 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by silver.osuosl.org (Postfix) with ESMTP id D409A2E890
	for <buildroot@lists.busybox.net>;
	Mon, 13 Mar 2017 12:31:28 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from silver.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id mRKumL8kG7+u for <buildroot@lists.busybox.net>;
	Mon, 13 Mar 2017 12:31:27 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from mailapp01.imgtec.com (mailapp01.imgtec.com [195.59.15.196])
	by silver.osuosl.org (Postfix) with ESMTP id C8ECE2E406
	for <buildroot@buildroot.org>; Mon, 13 Mar 2017 12:31:27 +0000 (UTC)
Received: from hhmail02.hh.imgtec.org (unknown [10.100.10.20])
	by Forcepoint Email with ESMTPS id E55A546ABFB78
	for <buildroot@buildroot.org>; Mon, 13 Mar 2017 12:31:22 +0000 (GMT)
Received: from vriera-linux.le.imgtec.org (192.168.154.36) by
	hhmail02.hh.imgtec.org (10.100.10.21) with Microsoft SMTP Server
	(TLS) id 14.3.294.0; Mon, 13 Mar 2017 12:31:25 +0000
From: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
To: <buildroot@buildroot.org>
Date: Mon, 13 Mar 2017 12:31:20 +0000
Message-ID: <20170313123120.8847-1-Vincent.Riera@imgtec.com>
X-Mailer: git-send-email 2.10.2
MIME-Version: 1.0
X-Originating-IP: [192.168.154.36]
Subject: [Buildroot] [PATCH] rpm: bump version to 4.13.0.1 (security)
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=subscribe>
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

Security fixes:
 - Fix several out of bounds reads in the OpenPGP parser
 - Fix handling of OpenPGP reserved tag (should be rejected)
 - Fix various crashes from malformed packages with invalid tags

Release notes:
  http://rpm.org/wiki/Releases/4.13.0.1

This patch also switches from GitHub to rpm.org since the last one seems
to be more up-to-date.

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
---
 package/rpm/rpm.hash | 4 ++--
 package/rpm/rpm.mk   | 5 +++--
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/package/rpm/rpm.hash b/package/rpm/rpm.hash
index c9c4d65..fd77d33 100644
--- a/package/rpm/rpm.hash
+++ b/package/rpm/rpm.hash
@@ -1,5 +1,5 @@
-# From http://rpm.org/wiki/Releases/4.13.0
-sha1	c6ce4f879ca6a75340921093105e5ef9d33381d3	rpm-4.13.0.tar.bz2
+# From http://rpm.org/wiki/Releases/4.13.0.1
+sha1 9566f95f38fcb214e439c552f378c2f64ba0aff9  rpm-4.13.0.1.tar.bz2
 # Locally computed
 sha256	a3e5568d721737a24141737e6036bb39ba9dfbeaa03fa4a51cc7881a243e0c5d b5f1895aae096836d6e8e155ee289e1b10fcabcb.patch
 sha256	7ab0e08e143bb2d43d5b0553ee22ea34da15a611c597860a6110745467d20fa8 c810a0aca3f1148d2072d44b91b8cc9caeb4cf19.patch
diff --git a/package/rpm/rpm.mk b/package/rpm/rpm.mk
index 2e829d7..3fb1480 100644
--- a/package/rpm/rpm.mk
+++ b/package/rpm/rpm.mk
@@ -4,9 +4,10 @@
 #
 ################################################################################
 
-RPM_VERSION = 4.13.0
+RPM_MAJOR_VERSION = 4.13
+RPM_VERSION = $(RPM_MAJOR_VERSION).0.1
 RPM_SOURCE = rpm-$(RPM_VERSION).tar.bz2
-RPM_SITE = https://github.com/rpm-software-management/rpm/releases/download/rpm-$(RPM_VERSION)-release
+RPM_SITE = http://ftp.rpm.org/releases/rpm-$(RPM_MAJOR_VERSION).x
 RPM_DEPENDENCIES = host-pkgconf berkeleydb file popt zlib
 RPM_LICENSE = GPLv2 or LGPLv2 (library only)
 RPM_LICENSE_FILES = COPYING