aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Fabrice Fontaine <fontaine.fabrice@gmail.com>2021-01-27 22:44:56 +0100
committerGravatar Peter Korsgaard <peter@korsgaard.com>2021-01-30 16:39:02 +0100
commit2fbe3f4b24309d2bdcf61d1378190c3ca1f92683 (patch)
tree9e3c818073907768c68ec6727587911d635b1f79
parentae67317ca2f7eb8bbcdbd8e33141a6139bf7b073 (diff)
downloadbuildroot-2fbe3f4b24309d2bdcf61d1378190c3ca1f92683.tar.gz
buildroot-2fbe3f4b24309d2bdcf61d1378190c3ca1f92683.tar.bz2
package/socat: security bump to version 1.7.4.1
Buffer size option (-b) is internally doubled for CR-CRLF conversion, but not checked for integer overflow. This could lead to heap based buffer overflow, assuming the attacker could provide this parameter. - Update indentation in hash file (two spaces) - Update hash of README file due to minor updates: https://repo.or.cz/socat.git/commit/b145170837d75bd7a1a5803283910ab075d47bea https://repo.or.cz/socat.git/commit/0a115feadc3102f17e0a8a1a985319af0295f704 http://www.dest-unreach.org/socat/doc/CHANGES Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 1b18d9104f7b2f4e7710a094501d72d457c8001f) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
-rw-r--r--package/socat/socat.hash10
-rw-r--r--package/socat/socat.mk2
2 files changed, 6 insertions, 6 deletions
diff --git a/package/socat/socat.hash b/package/socat/socat.hash
index e5b65925d1..5a4c520455 100644
--- a/package/socat/socat.hash
+++ b/package/socat/socat.hash
@@ -1,8 +1,8 @@
# From http://www.dest-unreach.org/socat/download.md5sum
-md5 3cca4f8cd9d2d1caabd9cc099451bac9 socat-1.7.3.4.tar.bz2
+md5 36cad050ecf4981ab044c3fbd75c643f socat-1.7.4.1.tar.bz2
# From http://www.dest-unreach.org/socat/download.sha256sum
-sha256 972374ca86f65498e23e3259c2ee1b8f9dbeb04d12c2a78c0c9b5d1cb97dfdfc socat-1.7.3.4.tar.bz2
+sha256 3faca25614e89123dff5045680549ecef519d02e331aaf3c4f5a8f6837c675e9 socat-1.7.4.1.tar.bz2
# Locally calculated
-sha256 4846488cea98a2905dc75b7aa5eea721568e372447efe06b85bd896ee8c54f10 README
-sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
-sha256 fd9e48ca316a5032069b9521f4f4b4d9b1c60365012bae1e62286bcd5bd2e761 COPYING.OpenSSL
+sha256 b1ebebbce145027f4268211f36d121b083aeeabdc1736eb144b8afd8e86ce8da README
+sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
+sha256 fd9e48ca316a5032069b9521f4f4b4d9b1c60365012bae1e62286bcd5bd2e761 COPYING.OpenSSL
diff --git a/package/socat/socat.mk b/package/socat/socat.mk
index 4bfdc18f91..ad450727e0 100644
--- a/package/socat/socat.mk
+++ b/package/socat/socat.mk
@@ -4,7 +4,7 @@
#
################################################################################
-SOCAT_VERSION = 1.7.3.4
+SOCAT_VERSION = 1.7.4.1
SOCAT_SOURCE = socat-$(SOCAT_VERSION).tar.bz2
SOCAT_SITE = http://www.dest-unreach.org/socat/download
SOCAT_LICENSE = GPL-2.0 with OpenSSL exception