diff options
author | Gustavo Zacarias <gustavo@zacarias.com.ar> | 2015-04-13 18:17:56 -0300 |
---|---|---|
committer | Thomas Petazzoni <thomas.petazzoni@free-electrons.com> | 2015-04-14 10:06:43 +0200 |
commit | 3c52e364ebd6c8f834db8c7533fba817acaf8d6e (patch) | |
tree | 5d448f2250060db01b270cab0556095b3d25a9de /package/libksba | |
parent | 2c06a807ccf1e240e42b153c7a904a8c43e0e04e (diff) |
libksba: security bump to version 1.3.3
Fixes (no CVEs assigned yet):
* integer overflow in the DN decoder src/dn.c (append_quoted,
append_atv)
* integer overflow in the BER decoder src/ber-decoder.c (ber_decoder_s)
* denial of service due to stack overflow in src/ber-decoder.c
(push_decoder_state, pop_decoder_state)
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Diffstat (limited to 'package/libksba')
-rw-r--r-- | package/libksba/libksba.hash | 4 | ||||
-rw-r--r-- | package/libksba/libksba.mk | 2 |
2 files changed, 3 insertions, 3 deletions
diff --git a/package/libksba/libksba.hash b/package/libksba/libksba.hash index 3bd6ef028..f7727f10b 100644 --- a/package/libksba/libksba.hash +++ b/package/libksba/libksba.hash @@ -1,2 +1,2 @@ -# From http://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000359.html -sha1 37d0893a587354af2b6e49f6ae701ca84f52da67 libksba-1.3.2.tar.bz2 +# Locally calculated after checking pgp signature +sha256 0c7f5ffe34d0414f6951d9880a46fcc2985c487f7c36369b9f11ad41131c7786 libksba-1.3.3.tar.bz2 diff --git a/package/libksba/libksba.mk b/package/libksba/libksba.mk index b48cac553..765153473 100644 --- a/package/libksba/libksba.mk +++ b/package/libksba/libksba.mk @@ -4,7 +4,7 @@ # ################################################################################ -LIBKSBA_VERSION = 1.3.2 +LIBKSBA_VERSION = 1.3.3 LIBKSBA_SOURCE = libksba-$(LIBKSBA_VERSION).tar.bz2 LIBKSBA_SITE = ftp://ftp.gnupg.org/gcrypt/libksba LIBKSBA_LICENSE = LGPLv3+ or GPLv2+ (library, headers), GPLv3+ (manual, tests, build system) |