projects / buildroot.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 71caed4)
rsyslog: security bump to version 7.6.7
authorGustavo Zacarias <gustavo@zacarias.com.ar>
Thu, 2 Oct 2014 19:59:00 +0000 (16:59 -0300)
committerPeter Korsgaard <peter@korsgaard.com>
Thu, 2 Oct 2014 20:02:02 +0000 (22:02 +0200)
The previous security fix was incomplete, so now we've got:
CVE-2014-3683 Remote syslog PRI vulnerability.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/rsyslog/rsyslog-0001-revert-strdup.patch [deleted file] patch | blob | history
package/rsyslog/rsyslog.hash patch | blob | history
package/rsyslog/rsyslog.mk patch | blob | history

diff --git a/package/rsyslog/rsyslog-0001-revert-strdup.patch b/package/rsyslog/rsyslog-0001-revert-strdup.patch
deleted file mode 100644 (file)
index 5e82018..0000000
--- a/package/rsyslog/rsyslog-0001-revert-strdup.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-Revert upstream 0403361ac57082dc47840d1f31832f1a0e319078
-It breaks the build when it's defined.
-
-Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
-
-diff -Nura rsyslog-7.6.6.orig/grammar/lexer.c rsyslog-7.6.6/grammar/lexer.c
---- rsyslog-7.6.6.orig/grammar/lexer.c 2014-10-01 10:12:34.960082719 -0300
-+++ rsyslog-7.6.6/grammar/lexer.c      2014-10-01 10:13:24.512769964 -0300
-@@ -1459,7 +1459,6 @@
- #line 32 "lexer.l"
- #include "config.h"
- #include "parserif.h"
--extern char *strdup(char*); /* somehow we do not get this from string.h... */
- /*%option noyywrap nodefault case-insensitive */
- /* avoid compiler warning: `yyunput' defined but not used */
- #define YY_NO_INPUT 1
-diff -Nura rsyslog-7.6.6.orig/grammar/lexer.l rsyslog-7.6.6/grammar/lexer.l
---- rsyslog-7.6.6.orig/grammar/lexer.l 2014-10-01 10:12:34.960082719 -0300
-+++ rsyslog-7.6.6/grammar/lexer.l      2014-10-01 10:13:41.935363172 -0300
-@@ -31,7 +31,6 @@
- %{
- #include "config.h"
- #include "parserif.h"
--extern char *strdup(char*); /* somehow we do not get this from string.h... */
- %}
- %option noyywrap nodefault case-insensitive yylineno
diff --git a/package/rsyslog/rsyslog.hash b/package/rsyslog/rsyslog.hash
index afc75cc608e87b78675ec5634e56512b4307d6a3..ed51326ddb09622655b912d1b4fdd7fc5e6a858f 100644 (file)
--- a/package/rsyslog/rsyslog.hash
+++ b/package/rsyslog/rsyslog.hash
@@ -1,2 +1,2 @@
 # From http://www.rsyslog.com/downloads/download-v7-stable/
-sha256 c77ae0db6204c5bd670fa96c354ee5fe1c62c876bd84ec06ed429138c78885bb        rsyslog-7.6.6.tar.gz
+sha256 fc29d2d9cbf3396091dd0bab2eb6f847aed4a44ef73138a97ddf9447446125ee        rsyslog-7.6.7.tar.gz
diff --git a/package/rsyslog/rsyslog.mk b/package/rsyslog/rsyslog.mk
index 17fd13baddaf7ff1b33dcf103686552d5050b036..1a7d8906f65754bd6ad725b79e574251c3090c4e 100644 (file)
--- a/package/rsyslog/rsyslog.mk
+++ b/package/rsyslog/rsyslog.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-RSYSLOG_VERSION = 7.6.6
+RSYSLOG_VERSION = 7.6.7
 RSYSLOG_SITE = http://rsyslog.com/files/download/rsyslog
 RSYSLOG_LICENSE = GPLv3 LGPLv3 Apache-2.0
 RSYSLOG_LICENSE_FILES = COPYING COPYING.LESSER COPYING.ASL20