package/libarchive: security bump to version 3.5.2
Fix CVE-2021-36976: libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block). https://github.com/libarchive/libarchive/releases/tag/v3.5.2 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This commit is contained in:
parent
a4a4330b73
commit
a223dd4aef
@ -1,4 +1,4 @@
|
||||
# From https://www.libarchive.de/downloads/sha256sums
|
||||
sha256 9015d109ec00bb9ae1a384b172bf2fc1dff41e2c66e5a9eeddf933af9db37f5a libarchive-3.5.1.tar.gz
|
||||
sha256 f0b19ff39c3c9a5898a219497ababbadab99d8178acc980155c7e1271089b5a0 libarchive-3.5.2.tar.xz
|
||||
# Locally computed:
|
||||
sha256 b2cdf763345de2de34cebf54394df3c61a105c3b71288603c251f2fa638200ba COPYING
|
||||
|
@ -4,7 +4,8 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
LIBARCHIVE_VERSION = 3.5.1
|
||||
LIBARCHIVE_VERSION = 3.5.2
|
||||
LIBARCHIVE_SOURCE = libarchive-$(LIBARCHIVE_VERSION).tar.xz
|
||||
LIBARCHIVE_SITE = https://www.libarchive.de/downloads
|
||||
LIBARCHIVE_INSTALL_STAGING = YES
|
||||
LIBARCHIVE_LICENSE = BSD-2-Clause, BSD-3-Clause, CC0-1.0, OpenSSL, Apache-2.0
|
||||
|
Loading…
Reference in New Issue
Block a user