From: Gustavo Zacarias <gustavo@zacarias.com.ar>
Date: Fri, 23 Jan 2015 10:47:56 +0000 (-0300)
Subject: patch: security bump to version 2.7.3
X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=78cb8c81fa81f2a4dd63bcc2621ac5436edf26f6;p=buildroot.git

patch: security bump to version 2.7.3

Fixes CVE-2015-1196 - allows remote attackers to write to arbitrary
files via a symlink attack in a patch file.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---

diff --git a/package/patch/patch.hash b/package/patch/patch.hash
new file mode 100644
index 0000000000..7f1b024ddd
--- /dev/null
+++ b/package/patch/patch.hash
@@ -0,0 +1,2 @@
+# Locally calculated after checking pgp signature
+sha256	d09022de9d629561bf4dad44625ef4b1ead15178b210412113531730cdb6f19d	patch-2.7.3.tar.xz
diff --git a/package/patch/patch.mk b/package/patch/patch.mk
index 2dd45336f8..4fa0e4102e 100644
--- a/package/patch/patch.mk
+++ b/package/patch/patch.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-PATCH_VERSION = 2.7.1
+PATCH_VERSION = 2.7.3
 PATCH_SOURCE = patch-$(PATCH_VERSION).tar.xz
 PATCH_SITE = $(BR2_GNU_MIRROR)/patch
 PATCH_LICENSE = GPLv3+