[Buildroot] [git commit branch/2020.02.x] package/socat: security bump to version 1.7.4.1
Peter Korsgaard
peter at korsgaard.com
Sat Jan 30 15:39:02 UTC 2021
commit: https://git.buildroot.net/buildroot/commit/?id=2fbe3f4b24309d2bdcf61d1378190c3ca1f92683
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2020.02.x
Buffer size option (-b) is internally doubled for CR-CRLF conversion,
but not checked for integer overflow. This could lead to heap based
buffer overflow, assuming the attacker could provide this parameter.
- Update indentation in hash file (two spaces)
- Update hash of README file due to minor updates:
https://repo.or.cz/socat.git/commit/b145170837d75bd7a1a5803283910ab075d47bea
https://repo.or.cz/socat.git/commit/0a115feadc3102f17e0a8a1a985319af0295f704
http://www.dest-unreach.org/socat/doc/CHANGES
Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
(cherry picked from commit 1b18d9104f7b2f4e7710a094501d72d457c8001f)
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
package/socat/socat.hash | 10 +++++-----
package/socat/socat.mk | 2 +-
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/package/socat/socat.hash b/package/socat/socat.hash
index e5b65925d1..5a4c520455 100644
--- a/package/socat/socat.hash
+++ b/package/socat/socat.hash
@@ -1,8 +1,8 @@
# From http://www.dest-unreach.org/socat/download.md5sum
-md5 3cca4f8cd9d2d1caabd9cc099451bac9 socat-1.7.3.4.tar.bz2
+md5 36cad050ecf4981ab044c3fbd75c643f socat-1.7.4.1.tar.bz2
# From http://www.dest-unreach.org/socat/download.sha256sum
-sha256 972374ca86f65498e23e3259c2ee1b8f9dbeb04d12c2a78c0c9b5d1cb97dfdfc socat-1.7.3.4.tar.bz2
+sha256 3faca25614e89123dff5045680549ecef519d02e331aaf3c4f5a8f6837c675e9 socat-1.7.4.1.tar.bz2
# Locally calculated
-sha256 4846488cea98a2905dc75b7aa5eea721568e372447efe06b85bd896ee8c54f10 README
-sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
-sha256 fd9e48ca316a5032069b9521f4f4b4d9b1c60365012bae1e62286bcd5bd2e761 COPYING.OpenSSL
+sha256 b1ebebbce145027f4268211f36d121b083aeeabdc1736eb144b8afd8e86ce8da README
+sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
+sha256 fd9e48ca316a5032069b9521f4f4b4d9b1c60365012bae1e62286bcd5bd2e761 COPYING.OpenSSL
diff --git a/package/socat/socat.mk b/package/socat/socat.mk
index 4bfdc18f91..ad450727e0 100644
--- a/package/socat/socat.mk
+++ b/package/socat/socat.mk
@@ -4,7 +4,7 @@
#
################################################################################
-SOCAT_VERSION = 1.7.3.4
+SOCAT_VERSION = 1.7.4.1
SOCAT_SOURCE = socat-$(SOCAT_VERSION).tar.bz2
SOCAT_SITE = http://www.dest-unreach.org/socat/download
SOCAT_LICENSE = GPL-2.0 with OpenSSL exception
More information about the buildroot
mailing list