NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/lapack: security bump to version 3.10.0

Browse Source 
- Fix CVE-2021-4048: An out-of-bounds read flaw was found in the CLARRV,
  DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0,
  as also used in OpenBLAS before version 0.3.18. Specially crafted
  inputs passed to these functions could cause an application using
  lapack to crash or possibly disclose portions of its memory.
- Update license hash, year changed:
  f67034373e
- Update indentation in hash file (two spaces)

http://netlib.org/lapack/lapack-3.10.0.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 59a1fcc696)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Fabrice Fontaine 2021-12-16 08:02:01 +01:00 committed by Peter Korsgaard
parent 56228062dd
commit a4a84a9aa9
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/lapack/lapack.hash
View File

@ -1,3 +1,3 @@
# Locally computed:
sha256 106087f1bb5f46afdfba7f569d0cbe23dacb9a07cd24733765a0e89dbe1ad573 lapack-3.9.0.tar.gz
sha256 d56bd4441b999b80c88df04faf0d8b3d7d3b2bd781cf91242c4188e8a6d0f8be LICENSE
sha256 328c1bea493a32cac5257d84157dc686cc3ab0b004e2bea22044e0a59f6f8a19 lapack-3.10.0.tar.gz
sha256 66246b7d3e6736aea46e63fd5e087659474d07edfe2f9b051d085d9b42aaac61 LICENSE

2
package/lapack/lapack.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
LAPACK_VERSION = 3.9.0
LAPACK_VERSION = 3.10.0
LAPACK_LICENSE = BSD-3-Clause
LAPACK_LICENSE_FILES = LICENSE
LAPACK_SITE = $(call github,Reference-LAPACK,lapack,v$(LAPACK_VERSION))