NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
c1c32fc617
kumquat-buildroot/package/libesmtp/libesmtp.hash
Fabrice Fontaine b72401692e package/libesmtp: security bump to version 1.1.0 
After more than a decade, libESMTP version 1.0.6 is superceded. Despite
proving robust a little bitrot has occurred, especially regarding
OpenSSL support. The original application data APIs are prone to memory
leaks and are deprecated in favour of safer replacements. Version 1.1
updates libESMTP without breaking API and ABI compatibility and
provides a basis for future development.

In addition to updates to the codebase, documentation is modernised and
is more comprehensive.

All libESMTP users are encouraged to upgrade from version 1.0.6.

- Update license files
- Update indentation in hash file (two spaces)
- Switch to meson-package
- Handle threads and tls meson options
- libesmtp-config has been dropped:
  https://github.com/libesmtp/libESMTP/issues/8
- Fix CVE-2019-19977: libESMTP through 1.0.6 mishandles domain copying
  into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c, as
  demonstrated by a stack-based buffer over-read.

https://github.com/libesmtp/libESMTP/releases/tag/v1.1.0
https://libesmtp.github.io/changes-since-v1.0.6.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-08-05 23:47:32 +02:00

5 lines
285 B
Plaintext
Raw Blame History

# Locally calculated
sha256 32bc3614ca12d21c7d933f32d43410e8744b6f91fdca7732da9877a385e4e6c3 libesmtp-1.1.0.tar.gz
sha256 204d8eff92f95aac4df6c8122bc1505f468f3a901e5a4cc08940e0ede1938994 COPYING.GPL
sha256 20c17d8b8c48a600800dfd14f95d5cb9ff47066a9641ddeab48dc54aec96e331 LICENSE
Reference in New Issue View Git Blame Copy Permalink