NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
13de7eb434
kumquat-buildroot/package/lynx/lynx.hash
Peter Korsgaard 5bb9d79f27 package/lynx: add security patch for CVE-2021-38165 
Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which
allows remote attackers to discover cleartext credentials because they may
appear in SNI data.

https://lists.nongnu.org/archive/html/lynx-dev/2021-08/msg00002.html

Upstream unfortunately does not provide a public VCS (only source
snapshots), so fetch the security patch from Debian.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-09-22 21:20:02 +02:00

5 lines
299 B
Plaintext
Raw Blame History

# Locally calculated:
sha256 387f193d7792f9cfada14c60b0e5c0bff18f227d9257a39483e14fa1aaf79595 lynx2.8.9rel.1.tar.bz2
sha256 b2207e757dbbefc34a20a32b1b4a216b4a4316e1dc812bceca4ac6294871119a 90_CVE-2021-38165.patch
sha256 8406a30ff3134ec23cf752d1ceda92ddaabbe41b4f2dc07ea3cfa139de12d6d6 COPYING
Reference in New Issue View Git Blame Copy Permalink