NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6ce55ab0ed
kumquat-buildroot/package/libconfuse/libconfuse.mk
Fabrice Fontaine d7561a8c5e package/libconfuse: fix CVE-2022-40320 
cfg_tilde_expand in confuse.c in libConfuse 3.3 has a heap-based buffer
over-read.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-09-18 21:48:31 +02:00

22 lines
758 B
Makefile
Raw Blame History

################################################################################
#
# libconfuse
#
################################################################################
LIBCONFUSE_VERSION = 3.3
LIBCONFUSE_SOURCE = confuse-$(LIBCONFUSE_VERSION).tar.xz
LIBCONFUSE_SITE = https://github.com/martinh/libconfuse/releases/download/v$(LIBCONFUSE_VERSION)
LIBCONFUSE_INSTALL_STAGING = YES
LIBCONFUSE_CONF_OPTS = --disable-rpath
LIBCONFUSE_LICENSE = ISC
LIBCONFUSE_LICENSE_FILES = LICENSE
LIBCONFUSE_CPE_ID_VENDOR = libconfuse_project
LIBCONFUSE_DEPENDENCIES = $(TARGET_NLS_DEPENDENCIES)
# 0001-Fix-163-unterminated-username-used-with-getpwnam.patch
LIBCONFUSE_IGNORE_CVES += CVE-2022-40320
$(eval $(autotools-package))
$(eval $(host-autotools-package))
Reference in New Issue View Git Blame Copy Permalink