libidn: security bump to version 1.33

Fixes: CVE-2015-8948 - out-of-bounds read in CLI tool. CVE-2016-6261 - out-of-bounds stack read in idna_to_ascii_4i. CVE-2016-6262 - followup fix to CVE-2015-8948. CVE-2016-6263 - stringprep_utf8_nfkc_normalize reject invalid UTF-8. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-07-22 20:38:34 -03:00 · 2016-07-22 20:38:34 -03:00 · 153827c901
commit 153827c901
parent 4b67c011bf
2 changed files with 5 additions and 3 deletions
--- a/package/libidn/libidn.hash
+++ b/package/libidn/libidn.hash
@ -1,2 +1,4 @@
-# From http://lists.nongnu.org/archive/html/help-libidn/2015-08/msg00001.html
-sha1	ddd018611b98af7c67d434aa42d15d39f45129f5	libidn-1.32.tar.gz
+# From http://lists.nongnu.org/archive/html/help-libidn/2016-07/msg00009.html
+sha1	57872fdc665dcc585e16f4ac0bb35374b1103f7e	libidn-1.33.tar.gz
+# Calculated based on the hash above
+sha256	44a7aab635bb721ceef6beecc4d49dfd19478325e1b47f3196f7d2acc4930e19	libidn-1.33.tar.gz
--- a/package/libidn/libidn.mk
+++ b/package/libidn/libidn.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-LIBIDN_VERSION = 1.32
+LIBIDN_VERSION = 1.33
 LIBIDN_SITE = $(BR2_GNU_MIRROR)/libidn
 LIBIDN_INSTALL_STAGING = YES
 LIBIDN_CONF_ENV = EMACS="no"