projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6259a98) | patch
powerpc-utils: security bump to 1.2.24
authorBaruch Siach <baruch@tkos.co.il>
Fri, 20 Mar 2015 05:55:47 +0000 (07:55 +0200)
committerThomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fri, 20 Mar 2015 13:04:14 +0000 (14:04 +0100)
commit0a12a5a1b94465fd0aef6185e81715880be26ab0
treed2e37b861df5df936edef040054d47a221cf68edtree
parent6259a985a28a74f4c36dfebbca5fad8c3595e56dcommit | diff
powerpc-utils: security bump to 1.2.24

Fixes CVE-2014-4040: A local attacker could obtain sensitive information from
the generated archive such as plain text passwords.

Yes, version 1.2.24 seems to be newer than 1.4, which is equivalent to 1.2.20.

Also, switch from git clone to tarball download , and add a .hash file.

The configure script seems to misdetect stack smashing protection support in
the toolchain. gcc accepts -fstack_protector_all, but the linker complains:
"ld: cannot find -lssp".

Cc: Jeremy Kerr <jk@ozlabs.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
package/powerpc-utils/powerpc-utils.hash [new file with mode: 0644] blob
package/powerpc-utils/powerpc-utils.mk diff | blob | history