projects / buildroot.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c8a021c)
rpm: bump version to 4.13.0.1 (security)
authorVicente Olivert Riera <Vincent.Riera@imgtec.com>
Mon, 13 Mar 2017 12:31:20 +0000 (12:31 +0000)
committerPeter Korsgaard <peter@korsgaard.com>
Wed, 15 Mar 2017 12:32:10 +0000 (13:32 +0100)
Security fixes:
 - Fix several out of bounds reads in the OpenPGP parser
 - Fix handling of OpenPGP reserved tag (should be rejected)
 - Fix various crashes from malformed packages with invalid tags

Release notes:
  http://rpm.org/wiki/Releases/4.13.0.1

This patch also switches from GitHub to rpm.org since the last one seems
to be more up-to-date.

[Peter: use RPM_VERSION_MAJOR as suggested by Jerzy Grzegorek]
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/rpm/rpm.hash patch | blob | history
package/rpm/rpm.mk patch | blob | history

diff --git a/package/rpm/rpm.hash b/package/rpm/rpm.hash
index c9c4d659a1eb52370a12bb37f6f88aaa6b94b4f1..fd77d33fa2ee3852255517cf25c06097b4cb3760 100644 (file)
--- a/package/rpm/rpm.hash
+++ b/package/rpm/rpm.hash
@@ -1,5 +1,5 @@
-# From http://rpm.org/wiki/Releases/4.13.0
-sha1   c6ce4f879ca6a75340921093105e5ef9d33381d3        rpm-4.13.0.tar.bz2
+# From http://rpm.org/wiki/Releases/4.13.0.1
+sha1 9566f95f38fcb214e439c552f378c2f64ba0aff9  rpm-4.13.0.1.tar.bz2
 # Locally computed
 sha256 a3e5568d721737a24141737e6036bb39ba9dfbeaa03fa4a51cc7881a243e0c5d b5f1895aae096836d6e8e155ee289e1b10fcabcb.patch
 sha256 7ab0e08e143bb2d43d5b0553ee22ea34da15a611c597860a6110745467d20fa8 c810a0aca3f1148d2072d44b91b8cc9caeb4cf19.patch
diff --git a/package/rpm/rpm.mk b/package/rpm/rpm.mk
index 2e829d751a25cb859c021d5eced27570034ab0cb..1c03f2eaa1a73b6c18371502e1a77bf9adfc7a37 100644 (file)
--- a/package/rpm/rpm.mk
+++ b/package/rpm/rpm.mk
@@ -4,9 +4,10 @@
 #
 ################################################################################
 
-RPM_VERSION = 4.13.0
+RPM_VERSION_MAJOR = 4.13
+RPM_VERSION = $(RPM_VERSION_MAJOR).0.1
 RPM_SOURCE = rpm-$(RPM_VERSION).tar.bz2
-RPM_SITE = https://github.com/rpm-software-management/rpm/releases/download/rpm-$(RPM_VERSION)-release
+RPM_SITE = http://ftp.rpm.org/releases/rpm-$(RPM_VERSION_MAJOR).x
 RPM_DEPENDENCIES = host-pkgconf berkeleydb file popt zlib
 RPM_LICENSE = GPLv2 or LGPLv2 (library only)
 RPM_LICENSE_FILES = COPYING