[Buildroot] [PATCH 1/2] package/slirp: security bump to version 4.3.1

Peter Korsgaard peter at korsgaard.com
Tue Nov 10 09:35:50 UTC 2020


>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:

 > - Use an up to date fork (spice slirp is archived and has not been
 >   updated since 2012)
 > - Add COPYRIGHT as the license file
 > - BSD-4-Clause has been replaced by BSD-3-Clause since
 >   https://gitlab.freedesktop.org/slirp/libslirp/-/commit/3bac39137a652b24b89d5b9e2a39600619fbe1d3
 >   https://gitlab.freedesktop.org/slirp/libslirp/-/commit/f9f6e69c4e1d9a43af30bfe791b31789ffa04954
 > - Add hash file
 > - Switch to meson-package
 > - Fix multiple security vulnerabilities: CVE-2014-3640, CVE-2017-11434,
 >   CVE-2019-6778, CVE-2019-9824, CVE-2019-14378 and CVE-2020-10756

 > Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>

Committed, thanks.

I believe qemu also uses an embedded copy of slirp. Could/should we
change it to use this package instead?

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list