NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6e000dba5f
kumquat-buildroot/package/tar/tar.hash
Fabrice Fontaine d4d483451f package/tar: security bump to version 1.35 
- Fix CVE-2022-48303: GNU Tar through 1.34 has a one-byte out-of-bounds
  read that results in use of uninitialized memory for a conditional
  jump. Exploitation to change the flow of control has not been
  demonstrated. The issue occurs in from_header in list.c via a V7
  archive in which mtime has approximately 11 whitespace characters.
- Update hash of COPYING (http replaced by https)

https://lists.gnu.org/archive/html/info-gnu/2023-07/msg00005.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-10-01 16:46:25 +02:00

5 lines
309 B
Plaintext
Raw Blame History

# Locally calculated after checking signature
sha256 4d62ff37342ec7aed748535323930c7cf94acf71c3591882b26a7ea50f3edc16 tar-1.35.tar.xz
sha256 c77a38fcf25b21fd8209d20d35638744344ded239cfc7df80138bf46d3c6b16d tar-1.35.cpio.gz
sha256 3972dc9744f6499f0f9b2dbf76696f2ae7ad8af9b23dde66d6af86c9dfb36986 COPYING
Reference in New Issue View Git Blame Copy Permalink