NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/netatalk: security bump to version 3.1.23

Browse Source 
Fixes CVE-2018-1160: Netatalk before 3.1.12 is vulnerable to an out of
bounds write in dsi_opensess.c.  This is due to lack of bounds checking on
attacker controlled data.  A remote unauthenticated attacker can leverage
this vulnerability to achieve arbitrary code execution.

For more details, see the release notes:
http://netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Peter Korsgaard 2018-12-21 13:56:59 +01:00
parent 0774dec62a
commit 8aaf05916c
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
package/netatalk/netatalk.hash
View File

@ -1,3 +1,3 @@
# From http://sourceforge.net/projects/netatalk/files/netatalk/3.1.11/
md5 8f79ce2a275b128ebb07188766f088fc netatalk-3.1.11.tar.bz2
sha1 5aa7900e6f7de3c7ee812aa1130c1245d1974586 netatalk-3.1.11.tar.bz2
# From http://sourceforge.net/projects/netatalk/files/netatalk/3.1.12/
md5 021d2330cb7f7cd2977aec46299dcc1b netatalk-3.1.12.tar.bz2
sha1 cc1fe1ebdbdb4da9cf82835c440e82ba28a832c5 netatalk-3.1.12.tar.bz2

2
package/netatalk/netatalk.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
NETATALK_VERSION = 3.1.11
NETATALK_VERSION = 3.1.12
NETATALK_SITE = http://downloads.sourceforge.net/project/netatalk/netatalk/$(NETATALK_VERSION)
NETATALK_SOURCE = netatalk-$(NETATALK_VERSION).tar.bz2
# For 0001-Fix-setting-of-LD_LIBRARY_FLAGS-shlibpath_var.patch