diff options
author | Gustavo Zacarias <gustavo@zacarias.com.ar> | 2016-09-27 07:10:20 -0300 |
---|---|---|
committer | Peter Korsgaard <peter@korsgaard.com> | 2016-09-27 16:59:40 +0200 |
commit | ac5fa840df09cf532240df8ef4c773c4d84fa2f7 (patch) | |
tree | e61d531be794d1bef1c88f60add7edd0d6c1636b /package/mpg123 | |
parent | b62fdfdc274e592675a4894b893841991e72c913 (diff) |
mpg123: security bump to version 1.23.8
Fixes an out-of-bounds memory read in the ID3v2 parser for tags that
claim an unrealistically small length. This crashes mpg123 or any
application using libmpg123 with activated ID3v2 parsing.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'package/mpg123')
-rw-r--r-- | package/mpg123/mpg123.hash | 2 | ||||
-rw-r--r-- | package/mpg123/mpg123.mk | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/package/mpg123/mpg123.hash b/package/mpg123/mpg123.hash index 66a80ac70..fa5580948 100644 --- a/package/mpg123/mpg123.hash +++ b/package/mpg123/mpg123.hash @@ -1,2 +1,2 @@ # Locally calculated after checking pgp signature -sha256 934047120953159e364c790e059684b681d7e670884fe179e1954d17d1c6334b mpg123-1.23.7.tar.bz2 +sha256 de2303c8ecb65593e39815c0a2f2f2d91f708c43b85a55fdd1934c82e677cf8e mpg123-1.23.8.tar.bz2 diff --git a/package/mpg123/mpg123.mk b/package/mpg123/mpg123.mk index b14efe7fa..27c46dcbc 100644 --- a/package/mpg123/mpg123.mk +++ b/package/mpg123/mpg123.mk @@ -4,7 +4,7 @@ # ################################################################################ -MPG123_VERSION = 1.23.7 +MPG123_VERSION = 1.23.8 MPG123_SOURCE = mpg123-$(MPG123_VERSION).tar.bz2 MPG123_SITE = http://downloads.sourceforge.net/project/mpg123/mpg123/$(MPG123_VERSION) MPG123_CONF_OPTS = --disable-lfs-alias |