[Buildroot] [PATCH 1/2] package/slirp: security bump to version 4.3.1
Peter Korsgaard
peter at korsgaard.com
Tue Nov 10 09:35:50 UTC 2020
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
> - Use an up to date fork (spice slirp is archived and has not been
> updated since 2012)
> - Add COPYRIGHT as the license file
> - BSD-4-Clause has been replaced by BSD-3-Clause since
> https://gitlab.freedesktop.org/slirp/libslirp/-/commit/3bac39137a652b24b89d5b9e2a39600619fbe1d3
> https://gitlab.freedesktop.org/slirp/libslirp/-/commit/f9f6e69c4e1d9a43af30bfe791b31789ffa04954
> - Add hash file
> - Switch to meson-package
> - Fix multiple security vulnerabilities: CVE-2014-3640, CVE-2017-11434,
> CVE-2019-6778, CVE-2019-9824, CVE-2019-14378 and CVE-2020-10756
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Committed, thanks.
I believe qemu also uses an embedded copy of slirp. Could/should we
change it to use this package instead?
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list