projects / buildroot.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c27ecf4)
libarchive: security bump to version 3.2.1
authorGustavo Zacarias <gustavo@zacarias.com.ar>
Thu, 23 Jun 2016 00:56:15 +0000 (21:56 -0300)
committerPeter Korsgaard <peter@korsgaard.com>
Thu, 23 Jun 2016 19:13:15 +0000 (21:13 +0200)
Fixes:
CVE-2016-4302 - Libarchive Rar RestartModel Code Execution Vulnerability
CVE-2016-4300 - Libarchive 7zip read_SubStreamsInfo Code Execution
Vulnerability
CVE-2016-4809 - Memory allocate error in corrupted cpio archives

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/libarchive/libarchive.hash patch | blob | history
package/libarchive/libarchive.mk patch | blob | history

diff --git a/package/libarchive/libarchive.hash b/package/libarchive/libarchive.hash
index 6a782c626500cc3f82455035730695b714672c69..2c39bd3e077dbeaca00a9b0882624ba59182e2a6 100644 (file)
--- a/package/libarchive/libarchive.hash
+++ b/package/libarchive/libarchive.hash
@@ -1,2 +1,2 @@
 # Locally computed:
-sha256  7bce45fd71ff01dc20d19edd78322d4965583d81b8bed8e26cacb65d6f5baa87  libarchive-3.2.0.tar.gz
+sha256  72ee1a4e3fd534525f13a0ba1aa7b05b203d186e0c6072a8a4738649d0b3cfd2  libarchive-3.2.1.tar.gz
diff --git a/package/libarchive/libarchive.mk b/package/libarchive/libarchive.mk
index 0e1e517b9b05b4d9eeb33c19325f4491c6a231bf..6e9c0a1e867bb6e16975863146d618e50dcfaaea 100644 (file)
--- a/package/libarchive/libarchive.mk
+++ b/package/libarchive/libarchive.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBARCHIVE_VERSION = 3.2.0
+LIBARCHIVE_VERSION = 3.2.1
 LIBARCHIVE_SITE = http://www.libarchive.org/downloads
 LIBARCHIVE_INSTALL_STAGING = YES
 LIBARCHIVE_LICENSE = BSD-2c, BSD-3c