From 202ca784874aa08c61fe46a707600e592f2c4f6f Mon Sep 17 00:00:00 2001 From: Fabrice Fontaine Date: Sun, 19 Jun 2022 18:32:55 +0200 Subject: [PATCH] package/tcpreplay: security bump to version 4.4.1 - Fix CVE-2021-45386: tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c - Fix CVE-2021-45387: tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c. https://github.com/appneta/tcpreplay/blob/v4.4.1/docs/CHANGELOG Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard (cherry picked from commit cc66cf922b0481b66011b171db7985a27c79c381) Signed-off-by: Peter Korsgaard --- package/tcpreplay/tcpreplay.hash | 4 ++-- package/tcpreplay/tcpreplay.mk | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package/tcpreplay/tcpreplay.hash b/package/tcpreplay/tcpreplay.hash index 8bcdae958c..32bfd219d4 100644 --- a/package/tcpreplay/tcpreplay.hash +++ b/package/tcpreplay/tcpreplay.hash @@ -1,5 +1,5 @@ # Locally calculated after checking pgp signature -# https://github.com/appneta/tcpreplay/releases/download/v4.3.4/tcpreplay-4.3.4.tar.xz.asc +# https://github.com/appneta/tcpreplay/releases/download/v4.4.1/tcpreplay-4.4.1.tar.xz.asc # using key 84E4FA215C934A7D97DC76D5E9E2149793BDE17E -sha256 42c055106e55852c29d94bb6e1b9e001a0723349f2985eb893a47d384c85002b tcpreplay-4.3.4.tar.xz +sha256 51f70ed14be5913f19c25cdfa530e98c14cedab1c76fbdd26eca7b61b57344f2 tcpreplay-4.4.1.tar.xz sha256 07cf5e92d475287a7d1663b33097f40cae5adf03ed8920fcd4374e3dfb48c8ad docs/LICENSE diff --git a/package/tcpreplay/tcpreplay.mk b/package/tcpreplay/tcpreplay.mk index 9f2da6439b..86894e468e 100644 --- a/package/tcpreplay/tcpreplay.mk +++ b/package/tcpreplay/tcpreplay.mk @@ -4,7 +4,7 @@ # ################################################################################ -TCPREPLAY_VERSION = 4.3.4 +TCPREPLAY_VERSION = 4.4.1 TCPREPLAY_SITE = https://github.com/appneta/tcpreplay/releases/download/v$(TCPREPLAY_VERSION) TCPREPLAY_SOURCE = tcpreplay-$(TCPREPLAY_VERSION).tar.xz TCPREPLAY_LICENSE = GPL-3.0