NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/libxcrypt: security bump to version 4.4.25

Browse Source 
- Fix several issues found by Covscan in the testsuite. These include:
  - CWE-170: String not null terminated (STRING_NULL)
  - CWE-188: Reliance on integer endianness (INCOMPATIBLE_CAST)
  - CWE-190: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
  - CWE-569: Wrong sizeof argument (SIZEOF_MISMATCH)
  - CWE-573: Missing varargs init or cleanup (VARARGS)
  - CWE-687: Argument cannot be negative (NEGATIVE_RETURNS)
- Update hash of LICENSING due to files being updated with:
  44e9eb57b4
  578271c377

https://github.com/besser82/libxcrypt/blob/v4.4.25/NEWS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Fabrice Fontaine 2021-09-12 22:32:56 +02:00 committed by Peter Korsgaard
parent 834e543b97
commit a071bec0a0
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/libxcrypt/libxcrypt.hash
View File

@ -1,4 +1,4 @@
# Locally calculated
sha256 3801f0263a8596b15ec466343fc1fdc4ad4ec7416c51e038a3528fd47f3be01a libxcrypt-4.4.18.tar.gz
sha256 f8198fcc4f002bf54512bac2e68e1e3f04af7d105f4f4f98d7d22cb110e04715 LICENSING
sha256 caea3d032a46c4855ff818637884c7f5719ad228b79387b62ee023c8fbef17b4 libxcrypt-4.4.25.tar.gz
sha256 3c1ff7a7c9da111853ada463c54b65b42b7b1d3d6592dd527281db0827331d77 LICENSING
sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING.LIB

2
package/libxcrypt/libxcrypt.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
LIBXCRYPT_VERSION = 4.4.18
LIBXCRYPT_VERSION = 4.4.25
LIBXCRYPT_SITE = $(call github,besser82,libxcrypt,v$(LIBXCRYPT_VERSION))
LIBXCRYPT_LICENSE = LGPL-2.1+
LIBXCRYPT_LICENSE_FILES = LICENSING COPYING.LIB