package/libyang: security bump to version 2.1.111

- Fix CVE-2023-26916: libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c. - Fix CVE-2023-26917: libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c. https://github.com/CESNET/libyang/releases/tag/v2.1.55 https://github.com/CESNET/libyang/releases/tag/v2.1.80 https://github.com/CESNET/libyang/releases/tag/v2.1.111 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-27 22:51:00 +02:00 · 2023-09-27 22:51:00 +02:00 · 799512e149
commit 799512e149
parent 54f6e1f81f
2 changed files with 2 additions and 2 deletions
--- a/package/libyang/libyang.hash
+++ b/package/libyang/libyang.hash
@ -1,3 +1,3 @@
 # Locally calculated
-sha256  761cfd959342b147f6a43a84c931c7fde68dd3a1ad540a0e5302288b204f073d  libyang-2.1.30.tar.gz
+sha256  3e52b922fcf371933ad7de1686ad83504e3358236e7817b5af795b0db52fa221  libyang-2.1.111.tar.gz
 sha256  0b7ec43747d211a1e49c53588b0822062947bab6bdcc95238578beab34cba5bb  LICENSE
--- a/package/libyang/libyang.mk
+++ b/package/libyang/libyang.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-LIBYANG_VERSION = 2.1.30
+LIBYANG_VERSION = 2.1.111
 LIBYANG_SITE = $(call github,CESNET,libyang,v$(LIBYANG_VERSION))
 LIBYANG_LICENSE = BSD-3-Clause
 LIBYANG_LICENSE_FILES = LICENSE