NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
45c7276a97
kumquat-buildroot/package/libjwt
History
Fabrice Fontaine a513846df7 package/libjwt: security bump to version 1.17.0 
- Use official tarball and so drop autoreconf
- Update hash of LICENSE file, verbatim copy of the current MPL 2.0 with
  ebebb5027f
- Fix CVE-2024-25189: libjwt 1.15.3 uses strcmp (which is not constant
  time) to verify authentication, which makes it easier to bypass
  authentication via a timing side channel.

https://github.com/benmcollins/libjwt/compare/v1.15.3...v1.17.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c65639ebd5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-05-31 17:16:46 +02:00
..
Config.in
libjwt.hash package/libjwt: security bump to version 1.17.0 2024-05-31 17:16:46 +02:00
libjwt.mk package/libjwt: security bump to version 1.17.0 2024-05-31 17:16:46 +02:00