NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/jhead: security bump to version 3.08

Browse Source 
Fixes the following security issue:

- CVE-2022-41751: Jhead 3.06.0.1 allows attackers to execute arbitrary OS
  commands by placing them in a JPEG filename and then using the
  regeneration -rgt50 option.

Update readme.txt hash after a minor tweak of the text:
a0eed69daa

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Peter Korsgaard 2023-06-17 23:42:55 +02:00
parent c3c4b6356e
commit 39ffadd6ae
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/jhead/jhead.hash
View File

@ -1,3 +1,3 @@
# Locally calculated from download (no sig, hash)
sha256 5c5258c3d7a840bf831e22174e4a24cb1de3baf442f7cb73d5ab31b4ae0b0058 jhead-3.06.0.1.tar.gz
sha256 8b709512c737fc0c1e1024800b9a44c54d14ab02132c636a66c3ac66955c3e95 readme.txt
sha256 999a81b489c7b2a7264118f194359ecf4c1b714996a2790ff6d5d2f3940f1e9f jhead-3.08.tar.gz
sha256 b3971a74d00c834bc7f112d8a0027b25663fd1637a21381a3e5df4bd2b614dff readme.txt

2
package/jhead/jhead.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
JHEAD_VERSION = 3.06.0.1
JHEAD_VERSION = 3.08
JHEAD_SITE = $(call github,Matthias-Wandel,jhead,$(JHEAD_VERSION))
JHEAD_LICENSE = Public Domain
JHEAD_LICENSE_FILES = readme.txt