[Buildroot] [PATCH 1/1] package/libplist: security bump to version 2.0.0
Peter Korsgaard
peter at korsgaard.com
Sun Nov 5 19:43:40 UTC 2017
>>>>> "Bernd" == Bernd Kuhls <bernd.kuhls at t-online.de> writes:
> Release notes:
> https://github.com/libimobiledevice/libplist/blob/master/NEWS
> This version bump fixes
> * CVE-2017-6440
> * CVE-2017-6439
> * CVE-2017-6438
> * CVE-2017-6437
> * CVE-2017-6436
> * CVE-2017-6435
> * CVE-2017-5836
> * CVE-2017-5835
> * CVE-2017-5834
> * CVE-2017-5545
> * CVE-2017-5209
> ... and several others that didn't receive any CVE (yet).
> The dependency to libxml2 was removed.
> Autoreconf is not needed anymore, the upstream tarball includes a
> configure script.
> Signed-off-by: Bernd Kuhls <bernd.kuhls at t-online.de>
> ---
> package/libplist/Config.in | 1 -
> package/libplist/libplist.hash | 2 +-
> package/libplist/libplist.mk | 7 ++-----
> 3 files changed, 3 insertions(+), 7 deletions(-)
> diff --git a/package/libplist/Config.in b/package/libplist/Config.in
> index 5f96746ea9..4a9575f545 100644
> --- a/package/libplist/Config.in
> +++ b/package/libplist/Config.in
> @@ -1,7 +1,6 @@
> config BR2_PACKAGE_LIBPLIST
> bool "libplist"
> depends on BR2_INSTALL_LIBSTDCPP
> - select BR2_PACKAGE_LIBXML2
> help
> libplist is a client for manipulating Apple Property List
> (.plist) files
> diff --git a/package/libplist/libplist.hash b/package/libplist/libplist.hash
> index 06d1b16426..63c2515062 100644
> --- a/package/libplist/libplist.hash
> +++ b/package/libplist/libplist.hash
> @@ -1,2 +1,2 @@
> # Locally calculated
> -sha256 0effdedcb3de128c4930d8c03a3854c74c426c16728b8ab5f0a5b6bdc0b644be libplist-1.12.tar.bz2
> +sha256 3a7e9694c2d9a85174ba1fa92417cfabaea7f6d19631e544948dc7e17e82f602 libplist-2.0.0.tar.bz2
> diff --git a/package/libplist/libplist.mk b/package/libplist/libplist.mk
> index 0d3e417d47..50ddbaf607 100644
> --- a/package/libplist/libplist.mk
> +++ b/package/libplist/libplist.mk
> @@ -4,17 +4,14 @@
> #
> ################################################################################
> -LIBPLIST_VERSION = 1.12
> +LIBPLIST_VERSION = 2.0.0
> LIBPLIST_SOURCE = libplist-$(LIBPLIST_VERSION).tar.bz2
> LIBPLIST_SITE = http://www.libimobiledevice.org/downloads
> -LIBPLIST_DEPENDENCIES = libxml2 host-pkgconf
> +LIBPLIST_DEPENDENCIES = host-pkgconf
host-pkgconf also isn't needed any more, as it is only used in the
cython conditional and we explicitly disable cython support, so I've
dropped the line completely and committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list