NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

augeas: security bump to version 1.8.1

Browse Source 
Fixes CVE-2017-7555 - Augeas versions up to and including 1.8.0 are
vulnerable to heap-based buffer overflow due to improper handling of escaped
strings.  Attacker could send crafted strings that would cause the
application using augeas to copy past the end of a buffer, leading to a
crash or possible code execution.

[Peter: extend description]
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Jörg Krause 2017-09-20 15:09:31 +02:00 committed by Peter Korsgaard
parent f1e499b778
commit 74ac045c80
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package/augeas/augeas.hash
View File

@ -1,2 +1,2 @@
# Locally calculated
sha256 515ce904138d99ff51d45ba7ed0d809bdee6c42d3bc538c8c820e010392d4cc5 augeas-1.8.0.tar.gz
sha256 65cf75b5a573fee2a5c6c6e3c95cad05f0101e70d3f9db10d53f6cc5b11bc9f9 augeas-1.8.1.tar.gz

2
package/augeas/augeas.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
AUGEAS_VERSION = 1.8.0
AUGEAS_VERSION = 1.8.1
AUGEAS_SITE = http://download.augeas.net
AUGEAS_INSTALL_STAGING = YES
AUGEAS_LICENSE = LGPL-2.1+