kumquat-buildroot/package/lz4/lz4.hash
Fabrice Fontaine 4390b365a2 package/lz4: security bump to version 1.9.2
- Fix CVE-2019-17543: LZ4 before 1.9.2 has a heap-based buffer overflow
  in LZ4_write32 (related to LZ4_compress_destSize), affecting
  applications that call LZ4_compress_fast with a large input. (This
  issue can also lead to data corruption.) NOTE: the vendor states "only
  a few specific / uncommon usages of the API are at risk."
- Update indentation of hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-02-29 08:39:06 +01:00

5 lines
294 B
Plaintext

# sha256 locally computed
sha256 658ba6191fa44c92280d4aa2c271b0f4fbc0e34d249578dd05e50e76d0e5efcc lz4-1.9.2.tar.gz
sha256 d15d99c8dc6b0ec22174c0e563a95bc40f9363ca7f9d9d793bb5c5a8e8d0af71 lib/LICENSE
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 programs/COPYING