diff options
author | Baruch Siach <baruch@tkos.co.il> | 2017-02-09 15:32:30 +0200 |
---|---|---|
committer | Peter Korsgaard <peter@korsgaard.com> | 2017-02-09 14:52:24 +0100 |
commit | 42eabd755130d3a8cabc5f8fe81f5d46b55d37b8 (patch) | |
tree | 40719dbe4818d2995b5002ed168e15cb99d5c327 | |
parent | ae73226476e5ca449cf0b312aa03a18dfe31d3a9 (diff) |
ed: security bump to version 1.14.1
Fixes CVE-2017-5357: crash with some malformed commands.
Upstream now provides .tar.lz archive. Add the necessary extract command.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
-rw-r--r-- | package/ed/ed.hash | 6 | ||||
-rw-r--r-- | package/ed/ed.mk | 9 |
2 files changed, 12 insertions, 3 deletions
diff --git a/package/ed/ed.hash b/package/ed/ed.hash index 7871fb11b..22c1e671d 100644 --- a/package/ed/ed.hash +++ b/package/ed/ed.hash @@ -1,2 +1,4 @@ -# From http://lists.gnu.org/archive/html/bug-ed/2013-06/msg00001.html -md5 565b6d1d5a9a8816b9b304fc4ed9405d ed-1.9.tar.gz +# From http://lists.gnu.org/archive/html/bug-ed/2017-01/msg00002.html +sha1 a91f785f7e16dc68e1c9c86d532ebd9698171ba0 ed-1.14.1.tar.lz +# Locally computed +sha256 ffb97eb8f2a2b5a71a9b97e3872adce953aa1b8958e04c5b7bf11d556f32552a ed-1.14.1.tar.lz diff --git a/package/ed/ed.mk b/package/ed/ed.mk index 36f2f2ed2..50adeb4ec 100644 --- a/package/ed/ed.mk +++ b/package/ed/ed.mk @@ -4,14 +4,21 @@ # ################################################################################ -ED_VERSION = 1.9 +ED_VERSION = 1.14.1 ED_SITE = $(BR2_GNU_MIRROR)/ed +ED_SOURCE = ed-$(ED_VERSION).tar.lz ED_CONF_OPTS = \ CC="$(TARGET_CC)" CFLAGS="$(TARGET_CFLAGS)" \ LDFLAGS="$(TARGET_LDFLAGS)" +ED_DEPENDENCIES = host-lzip ED_LICENSE = GPLv3+ ED_LICENSE_FILES = COPYING +define ED_EXTRACT_CMDS + $(HOST_DIR)/usr/bin/lzip -d -c $(DL_DIR)/$(ED_SOURCE) | \ + tar --strip-components=1 -C $(@D) $(TAR_OPTIONS) - +endef + define ED_CONFIGURE_CMDS (cd $(@D); \ $(TARGET_MAKE_ENV) ./configure \ |