package/mongoose: security bump to version 6.17

- Fix CVE-2019-19307: An integer overflow in parse_mqtt in mongoose.c in Cesanta Mongoose 6.16 allows an attacker to achieve remote DoS (infinite loop), or possibly cause an out-of-bounds write, by sending a crafted MQTT protocol packet. - Update indentation of hash file (two spaces) Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-02-12 22:21:34 +01:00 · 2020-02-12 22:21:34 +01:00 · c18562a82a
commit c18562a82a
parent 436679d954
2 changed files with 3 additions and 3 deletions
--- a/package/mongoose/mongoose.hash
+++ b/package/mongoose/mongoose.hash
@ -1,3 +1,3 @@
 # Locally computed:
-sha256	1f20f2781862560ddf3203dfb0e6fcf248a68bf92aefbeafb9d2a629c4767c02  mongoose-6.16.tar.gz
-sha256	fdc34eeea97327d75c83492abd34f1a3200c53dec04422ecda8071dc60a36d10  LICENSE
+sha256  5bff3cc70bb2248cf87d06a3543f120f3b29b9368d25a7715443cb10612987cc  mongoose-6.17.tar.gz
+sha256  fdc34eeea97327d75c83492abd34f1a3200c53dec04422ecda8071dc60a36d10  LICENSE
--- a/package/mongoose/mongoose.mk
+++ b/package/mongoose/mongoose.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-MONGOOSE_VERSION = 6.16
+MONGOOSE_VERSION = 6.17
 MONGOOSE_SITE = $(call github,cesanta,mongoose,$(MONGOOSE_VERSION))
 MONGOOSE_LICENSE = GPL-2.0
 MONGOOSE_LICENSE_FILES = LICENSE