NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

mpg123: security bump to version 1.23.8

Browse Source 
Fixes an out-of-bounds memory read in the ID3v2 parser for tags that
claim an unrealistically small length. This crashes mpg123 or any
application using libmpg123 with activated ID3v2 parsing.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Gustavo Zacarias 2016-09-27 07:10:20 -03:00 committed by Peter Korsgaard
parent b62fdfdc27
commit ac5fa840df
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package/mpg123/mpg123.hash
View File

@ -1,2 +1,2 @@
# Locally calculated after checking pgp signature
sha256 934047120953159e364c790e059684b681d7e670884fe179e1954d17d1c6334b mpg123-1.23.7.tar.bz2
sha256 de2303c8ecb65593e39815c0a2f2f2d91f708c43b85a55fdd1934c82e677cf8e mpg123-1.23.8.tar.bz2

2
package/mpg123/mpg123.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
MPG123_VERSION = 1.23.7
MPG123_VERSION = 1.23.8
MPG123_SOURCE = mpg123-$(MPG123_VERSION).tar.bz2
MPG123_SITE = http://downloads.sourceforge.net/project/mpg123/mpg123/$(MPG123_VERSION)
MPG123_CONF_OPTS = --disable-lfs-alias