kumquat-buildroot/package/protobuf-c
Fabrice Fontaine cbbd2dae9e package/protobuf-c: security bump to version 1.4.1
- Fix CVE-2022-33070: Protobuf-c v1.4.0 was discovered to contain an
  invalid arithmetic shift via the function parse_tag_and_wiretype in
  protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause
  a Denial of Service (DoS) via unspecified vectors.
- Use official tarball (and so drop autoreconf)
- Update hash of COPYING (year updated with
  471aaa5f6d)

https://github.com/protobuf-c/protobuf-c/releases/tag/v1.4.1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-07-23 17:00:49 +02:00
..
Config.in
protobuf-c.hash
protobuf-c.mk