package/thrift: security bump to version 0.14.1
Fix CVE-2020-13949: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC
clients could send short messages which would result in a large memory
allocation, potentially leading to denial of service.
- Disable javascript and nodejs which have been added with
https://github.com/apache/thrift/commit/
61d502075bf5da10331c201f604acdfefc4d5edc
- Update hash of LICENSE, license for windows-specific files added:
https://github.com/apache/thrift/commit/
98854c48744f20b3f551817273ed502835477f09
https://github.com/apache/thrift/blob/v0.14.1/CHANGES.md
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
projects / buildroot.git / commit