package/collectd: security bump to version 5.7.2

Fixes the following security issue: - CVE-2017-7401: Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile" options) via a crafted UDP packet Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-01 22:06:15 +02:00 · 2019-09-01 22:06:15 +02:00 · 91bb43f529
commit 91bb43f529
parent e563427a12
2 changed files with 2 additions and 2 deletions
--- a/package/collectd/collectd.hash
+++ b/package/collectd/collectd.hash
@ -1,5 +1,5 @@
 # From https://collectd.org/files/SHA256SUM
-sha256	7edd3643c0842215553b2421d5456f4e9a8a58b07e216b40a7e8e91026d8e501	collectd-5.7.1.tar.bz2
+sha256	9d20a0221569a8d6b80bbc52b86e5e84965f5bafdbf5dfc3790e0fed0763e592	collectd-5.7.2.tar.bz2

 # Hash for license files
 sha256	ed0409b2b1c30566dab5fcdaf46ee70e140c99788e22f0267645a9357b476ae4	COPYING
--- a/package/collectd/collectd.mk
+++ b/package/collectd/collectd.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-COLLECTD_VERSION = 5.7.1
+COLLECTD_VERSION = 5.7.2
 COLLECTD_SITE = http://collectd.org/files
 COLLECTD_SOURCE = collectd-$(COLLECTD_VERSION).tar.bz2
 COLLECTD_CONF_ENV = ac_cv_lib_yajl_yajl_alloc=yes