package/libtommath: security bump to version 1.2.1

This is a bugfix release only containing the fix to a potential integer underflow which got assigned CVE-2023-36328. Signed-off-by: Francois Perrad <francois.perrad@gadz.org> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-04 18:34:36 +02:00 · 2023-09-04 18:34:36 +02:00 · b7488b4d68
commit b7488b4d68
parent 19921699b3
3 changed files with 3 additions and 3 deletions
--- a/package/libtommath/0001-Build-test-bn_mp_set_double-c-on-more-platforms.patch
+++ b/package/libtommath/0001-Build-test-bn_mp_set_double-c-on-more-platforms.patch
@ -20,7 +20,7 @@ diff --git a/demo/test.c b/demo/test.c
 index 998f14b3..f719709d 100644
 --- a/demo/test.c
 +++ b/demo/test.c
-@@ -522,7 +522,7 @@ static int test_mp_invmod(void)
+@@ -625,7 +625,7 @@ static int test_mp_invmod(void)
 
 }
 
--- a/package/libtommath/libtommath.hash
+++ b/package/libtommath/libtommath.hash
@ -1,5 +1,5 @@
 # Locally computed
-sha256  b7c75eecf680219484055fcedd686064409254ae44bc31a96c5032843c0e18b1  ltm-1.2.0.tar.xz
+sha256  986025d7b374276fee2e30e99f3649e4ac0db8a02257a37ee10eae72abed0d1f  ltm-1.2.1.tar.xz

 # Hashes for license files:
 sha256  2fa64b163659f41965c9815882a8296d3d03ff546b76153e11445f9bdecf955a  LICENSE
--- a/package/libtommath/libtommath.mk
+++ b/package/libtommath/libtommath.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-LIBTOMMATH_VERSION = 1.2.0
+LIBTOMMATH_VERSION = 1.2.1
 LIBTOMMATH_SITE = https://github.com/libtom/libtommath/releases/download/v$(LIBTOMMATH_VERSION)
 LIBTOMMATH_SOURCE = ltm-$(LIBTOMMATH_VERSION).tar.xz
 LIBTOMMATH_LICENSE = Unlicense