From 1dedb69aef6b1d495eb255fa4a3d6917913df13c Mon Sep 17 00:00:00 2001
From: Peter Korsgaard <peter@korsgaard.com>
Date: Wed, 11 Oct 2023 10:39:51 +0200
Subject: [PATCH] package/libcue: security bump to version 2.3.0

Fixes the following security issue:

CVE-2023-43641: Out-of-bounds array access in track_set_index
https://github.com/lipnitsk/libcue/security/advisories/GHSA-5982-x7hv-r9cj

For more details, see the github writeup:
https://github.blog/2023-10-09-coordinated-disclosure-1-click-rce-on-gnome-cve-2023-43641/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3aee3a326d37ae5ddaf99bbc7bcf26a5c1ea7b2a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/libcue/libcue.hash | 2 +-
 package/libcue/libcue.mk   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/package/libcue/libcue.hash b/package/libcue/libcue.hash
index 93ae2dacdb..47fe906e1a 100644
--- a/package/libcue/libcue.hash
+++ b/package/libcue/libcue.hash
@@ -1,3 +1,3 @@
 # Locally computed:
-sha256  f27bc3ebb2e892cd9d32a7bee6d84576a60f955f29f748b9b487b173712f1200  libcue-2.2.1.tar.gz
+sha256  cc1b3a65c60bd88b77a1ddd1574042d83cf7cc32b85fe9481c99613359eb7cfe  libcue-2.3.0.tar.gz
 sha256  c388d36583fa54e13b6d73ad924d0b68d073ed8a5771e17cb49104705df4504f  LICENSE
diff --git a/package/libcue/libcue.mk b/package/libcue/libcue.mk
index 3edb4f3b69..7ef27f5a17 100644
--- a/package/libcue/libcue.mk
+++ b/package/libcue/libcue.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBCUE_VERSION = 2.2.1
+LIBCUE_VERSION = 2.3.0
 LIBCUE_SITE = $(call github,lipnitsk,libcue,v$(LIBCUE_VERSION))
 LIBCUE_LICENSE = GPL-2.0, BSD-2-Clause (rem.c)
 LIBCUE_LICENSE_FILES = LICENSE