| Message ID | 20240519133113.16738-1-ps.report@gmx.net |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [for,2024.02.x,v1] package/git: security bump version to 2.43.4 | expand |
>>>>> "Peter" == Peter Seiderer via buildroot <buildroot@buildroot.org> writes: > Fixes CVE-2024-32002, CVE-2024-32004, CVE-2024-32020 and CVE-2024-32021 > (for details see [1]). > [1] https://lore.kernel.org/lkml/xmqqv83g4937.fsf@gitster.g/ > Signed-off-by: Peter Seiderer <ps.report@gmx.net> Committed to 2024.02.x, thanks.
diff --git a/package/git/git.hash b/package/git/git.hash index 9cf044cc07..f24023f2f3 100644 --- a/package/git/git.hash +++ b/package/git/git.hash @@ -1,5 +1,5 @@ # From: https://www.kernel.org/pub/software/scm/git/sha256sums.asc -sha256 5446603e73d911781d259e565750dcd277a42836c8e392cac91cf137aa9b76ec git-2.43.0.tar.xz +sha256 6b7aadda1787f0c1eaa257c1df56bb12e43d12bce55cfe7e5ade00228ee3d886 git-2.43.4.tar.xz # Locally calculated sha256 5b2198d1645f767585e8a88ac0499b04472164c0d2da22e75ecf97ef443ab32e COPYING sha256 1922f45d2c49e390032c9c0ba6d7cac904087f7cec51af30c2b2ad022ce0e76a LGPL-2.1 diff --git a/package/git/git.mk b/package/git/git.mk index 1502968186..15a29d1f6c 100644 --- a/package/git/git.mk +++ b/package/git/git.mk @@ -4,7 +4,7 @@ # ################################################################################ -GIT_VERSION = 2.43.0 +GIT_VERSION = 2.43.4 GIT_SOURCE = git-$(GIT_VERSION).tar.xz GIT_SITE = $(BR2_KERNEL_MIRROR)/software/scm/git GIT_LICENSE = GPL-2.0, LGPL-2.1+
Fixes CVE-2024-32002, CVE-2024-32004, CVE-2024-32020 and CVE-2024-32021 (for details see [1]). [1] https://lore.kernel.org/lkml/xmqqv83g4937.fsf@gitster.g/ Signed-off-by: Peter Seiderer <ps.report@gmx.net> --- package/git/git.hash | 2 +- package/git/git.mk | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)