[Buildroot] [PATCH] libksba: security bump to version 1.3.2

Gustavo Zacarias gustavo at zacarias.com.ar
Tue Nov 25 22:39:23 UTC 2014


Fixes a buffer overflow in ksba_oid_to_str.

Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
---
 package/libksba/libksba.hash | 4 ++--
 package/libksba/libksba.mk   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/libksba/libksba.hash b/package/libksba/libksba.hash
index c7d209a..3bd6ef0 100644
--- a/package/libksba/libksba.hash
+++ b/package/libksba/libksba.hash
@@ -1,2 +1,2 @@
-# Locally calculated after checking pgp signature
-sha256	bc96b95516bd2b67f413bc8b5cc5a75a2583c6e666d24dfd0d5bcc6b1aab46f9	libksba-1.3.1.tar.bz2
+# From http://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000359.html
+sha1	37d0893a587354af2b6e49f6ae701ca84f52da67	libksba-1.3.2.tar.bz2
diff --git a/package/libksba/libksba.mk b/package/libksba/libksba.mk
index aaf9b62..b48cac5 100644
--- a/package/libksba/libksba.mk
+++ b/package/libksba/libksba.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBKSBA_VERSION = 1.3.1
+LIBKSBA_VERSION = 1.3.2
 LIBKSBA_SOURCE = libksba-$(LIBKSBA_VERSION).tar.bz2
 LIBKSBA_SITE = ftp://ftp.gnupg.org/gcrypt/libksba
 LIBKSBA_LICENSE = LGPLv3+ or GPLv2+ (library, headers), GPLv3+ (manual, tests, build system)
-- 
2.0.4



More information about the buildroot mailing list