projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d27b5c7) | patch
package/gnupg2: security bump to version 2.2.23
authorPeter Korsgaard <peter@korsgaard.com>
Fri, 4 Sep 2020 10:24:15 +0000 (12:24 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Sat, 5 Sep 2020 07:35:50 +0000 (09:35 +0200)
commit918a9fb455aeda08a04d87fdd4bb36e688594d91
tree3b7a89b6133c97da20a64fc1bdebdceb09a724e0tree
parentd27b5c7b7214608c8f9c54b2723dac4422d41948commit | diff
package/gnupg2: security bump to version 2.2.23

Fixes the following security issues:

CVE-2020-25125: Importing an OpenPGP key having a preference list for AEAD
algorithms will lead to an array overflow and thus often to a crash or other
undefined behaviour (affected: 2.2.21 / 2.2.22)

For more details, see the announcement:
https://lists.gnupg.org/pipermail/gnupg-announce/2020q3/000448.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/gnupg2/gnupg2.hash diff | blob | history
package/gnupg2/gnupg2.mk diff | blob | history