kumquat-buildroot/package/sox/sox.hash
Fabrice Fontaine b6871f9d93 package/sox: security bump to latest git commit
Bump to the latest git commit as this will fix the following CVEs:

git log|grep CVE
  sox-fmt: validate comments_bytes before use (CVE-2019-13590) [bug #325]
  fix possible null pointer deref in lsx_make_lpf() (CVE-2019-8357)
  fft4g: bail if size too large (CVE-2019-8356)
  fix possible overflow in lsx_(re)valloc() size calculation (CVE-2019-8355)
  fix possible buffer size overflow in lsx_make_lpf() (CVE-2019-8354)
  xa: validate channel count (CVE-2017-18189)
  aiff: fix crash on empty comment chunk (CVE-2017-15642)
  adpcm: fix stack overflow with >4 channels (CVE-2017-15372)
  flac: fix crash on corrupt metadata (CVE-2017-15371)
  wav: ima_adpcm: fix buffer overflow on corrupt input (CVE-2017-15370)
  wav: fix crash writing header when channel count >64k (CVE-2017-11359)
  hcom: fix crash on input with corrupt dictionary (CVE-2017-11358)
  wav: fix crash if channel count is zero (CVE-2017-11332)

- Tweak configuration options due to
  6ff0e9322f
- libgsm is now an optional dependency since
  e548827ffc
- Add patch to put back --disable-stack-protector

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-04 18:19:11 +01:00

5 lines
322 B
Plaintext

# Locally computed
sha256 3d06ba8fc39ac92f16da73593be48afe0a704fe4dc4f6eca2e5137ef77cd5115 sox-7524160b29a476f7e87bc14fddf12d349f9a3c5e-br1.tar.gz
sha256 ab15fd526bd8dd18a9e77ebc139656bf4d33e97fc7238cd11bf60e2b9b8666c6 LICENSE.GPL
sha256 5df07007198989c622f5d41de8d703e7bef3d0e79d62e24332ee739a452af62a LICENSE.LGPL