| Message ID | 20231226170333.820436-1-fontaine.fabrice@gmail.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [1/1] package/libebml: security bump to version 1.4.5 | expand |
Fabrice, All, On 2023-12-26 18:03 +0100, Fabrice Fontaine spake thusly: > Fix invalid memory access (reading beyond allocated memory) due to > missing integer overflow check. > > https://github.com/Matroska-Org/libebml/blob/release-1.4.5/NEWS.md > > Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Applied to master, thanks. Regards, Yann E. MORIN. > --- > package/libebml/libebml.hash | 2 +- > package/libebml/libebml.mk | 2 +- > 2 files changed, 2 insertions(+), 2 deletions(-) > > diff --git a/package/libebml/libebml.hash b/package/libebml/libebml.hash > index c83fde32ab..34626eb1f4 100644 > --- a/package/libebml/libebml.hash > +++ b/package/libebml/libebml.hash > @@ -1,3 +1,3 @@ > # Locally calculated > -sha256 82dc5f83356cc9340aee76ed7512210b3a4edf5f346bc9c2c7044f55052687a7 libebml-1.4.4.tar.xz > +sha256 4971640b0592da29c2d426f303e137a9b0b3d07e1b81d069c1e56a2f49ab221b libebml-1.4.5.tar.xz > sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 LICENSE.LGPL > diff --git a/package/libebml/libebml.mk b/package/libebml/libebml.mk > index c85638c03e..0f69de8c81 100644 > --- a/package/libebml/libebml.mk > +++ b/package/libebml/libebml.mk > @@ -4,7 +4,7 @@ > # > ################################################################################ > > -LIBEBML_VERSION = 1.4.4 > +LIBEBML_VERSION = 1.4.5 > LIBEBML_SOURCE = libebml-$(LIBEBML_VERSION).tar.xz > LIBEBML_SITE = http://dl.matroska.org/downloads/libebml > LIBEBML_INSTALL_STAGING = YES > -- > 2.43.0 > > _______________________________________________ > buildroot mailing list > buildroot@buildroot.org > https://lists.buildroot.org/mailman/listinfo/buildroot
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes: > Fix invalid memory access (reading beyond allocated memory) due to > missing integer overflow check. > https://github.com/Matroska-Org/libebml/blob/release-1.4.5/NEWS.md > Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Committed to 2023.02.x and 2023.11.x, thanks.
diff --git a/package/libebml/libebml.hash b/package/libebml/libebml.hash index c83fde32ab..34626eb1f4 100644 --- a/package/libebml/libebml.hash +++ b/package/libebml/libebml.hash @@ -1,3 +1,3 @@ # Locally calculated -sha256 82dc5f83356cc9340aee76ed7512210b3a4edf5f346bc9c2c7044f55052687a7 libebml-1.4.4.tar.xz +sha256 4971640b0592da29c2d426f303e137a9b0b3d07e1b81d069c1e56a2f49ab221b libebml-1.4.5.tar.xz sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 LICENSE.LGPL diff --git a/package/libebml/libebml.mk b/package/libebml/libebml.mk index c85638c03e..0f69de8c81 100644 --- a/package/libebml/libebml.mk +++ b/package/libebml/libebml.mk @@ -4,7 +4,7 @@ # ################################################################################ -LIBEBML_VERSION = 1.4.4 +LIBEBML_VERSION = 1.4.5 LIBEBML_SOURCE = libebml-$(LIBEBML_VERSION).tar.xz LIBEBML_SITE = http://dl.matroska.org/downloads/libebml LIBEBML_INSTALL_STAGING = YES
Fix invalid memory access (reading beyond allocated memory) due to missing integer overflow check. https://github.com/Matroska-Org/libebml/blob/release-1.4.5/NEWS.md Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> --- package/libebml/libebml.hash | 2 +- package/libebml/libebml.mk | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)