* [Buildroot] [PATCH v2 1/1] package/libzlib: security bump version to 1.2.12
@ 2022-03-30 18:06 Bernd Kuhls
2022-03-31 15:52 ` Peter Korsgaard
2022-04-04 12:31 ` Peter Korsgaard
0 siblings, 2 replies; 3+ messages in thread
From: Bernd Kuhls @ 2022-03-30 18:06 UTC (permalink / raw)
To: buildroot
Fixes CVE-2018-25032.
Release notes:
http://madler.net/pipermail/zlib-announce_madler.net/2022/000012.html
Changelog: https://github.com/madler/zlib/blob/master/ChangeLog
Added upstream patch to fix build error.
Updated license hash due to version bump, reformatted hashes:
https://github.com/madler/zlib/commit/21767c654d31d2dccdde4330529775c6c5fd5389
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
---
v2: added upstream patch to fix build error
...hat-discarded-provided-CC-definition.patch | 28 +++++++++++++++++++
package/libzlib/libzlib.hash | 4 +--
package/libzlib/libzlib.mk | 2 +-
3 files changed, 31 insertions(+), 3 deletions(-)
create mode 100644 package/libzlib/0001-Fix-configure-issue-that-discarded-provided-CC-definition.patch
diff --git a/package/libzlib/0001-Fix-configure-issue-that-discarded-provided-CC-definition.patch b/package/libzlib/0001-Fix-configure-issue-that-discarded-provided-CC-definition.patch
new file mode 100644
index 0000000000..398e1c9481
--- /dev/null
+++ b/package/libzlib/0001-Fix-configure-issue-that-discarded-provided-CC-definition.patch
@@ -0,0 +1,28 @@
+From 05796d3d8d5546cf1b4dfe2cd72ab746afae505d Mon Sep 17 00:00:00 2001
+From: Mark Adler <madler@alumni.caltech.edu>
+Date: Mon, 28 Mar 2022 18:34:10 -0700
+Subject: [PATCH] Fix configure issue that discarded provided CC definition.
+
+Downloaded from upstream commit:
+https://github.com/madler/zlib/commit/05796d3d8d5546cf1b4dfe2cd72ab746afae505d
+
+Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
+---
+ configure | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/configure b/configure
+index 52ff4a04e..3fa3e8618 100755
+--- a/configure
++++ b/configure
+@@ -174,7 +174,10 @@ if test -z "$CC"; then
+ else
+ cc=${CROSS_PREFIX}cc
+ fi
++else
++ cc=${CC}
+ fi
++
+ cflags=${CFLAGS-"-O3"}
+ # to force the asm version use: CFLAGS="-O3 -DASMV" ./configure
+ case "$cc" in
diff --git a/package/libzlib/libzlib.hash b/package/libzlib/libzlib.hash
index e3736b1011..e6ca974e2f 100644
--- a/package/libzlib/libzlib.hash
+++ b/package/libzlib/libzlib.hash
@@ -1,4 +1,4 @@
# From http://www.zlib.net/
-sha256 4ff941449631ace0d4d203e3483be9dbc9da454084111f97ea0a2114e19bf066 zlib-1.2.11.tar.xz
+sha256 7db46b8d7726232a621befaab4a1c870f00a90805511c0e0090441dac57def18 zlib-1.2.12.tar.xz
# License files, locally calculated
-sha256 7960b6b1cc63e619abb77acaea5427159605afee8c8b362664f4effc7d7f7d15 README
+sha256 fc2c3368901700f0acdeb1d8afeaca5923296768ec6824ecdf627aac396001fd README
diff --git a/package/libzlib/libzlib.mk b/package/libzlib/libzlib.mk
index a10fc748d1..933732d6ba 100644
--- a/package/libzlib/libzlib.mk
+++ b/package/libzlib/libzlib.mk
@@ -4,7 +4,7 @@
#
################################################################################
-LIBZLIB_VERSION = 1.2.11
+LIBZLIB_VERSION = 1.2.12
LIBZLIB_SOURCE = zlib-$(LIBZLIB_VERSION).tar.xz
LIBZLIB_SITE = http://www.zlib.net
LIBZLIB_LICENSE = Zlib
--
2.30.2
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH v2 1/1] package/libzlib: security bump version to 1.2.12
2022-03-30 18:06 [Buildroot] [PATCH v2 1/1] package/libzlib: security bump version to 1.2.12 Bernd Kuhls
@ 2022-03-31 15:52 ` Peter Korsgaard
2022-04-04 12:31 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2022-03-31 15:52 UTC (permalink / raw)
To: Bernd Kuhls; +Cc: buildroot
>>>>> "Bernd" == Bernd Kuhls <bernd.kuhls@t-online.de> writes:
> Fixes CVE-2018-25032.
> Release notes:
> http://madler.net/pipermail/zlib-announce_madler.net/2022/000012.html
> Changelog: https://github.com/madler/zlib/blob/master/ChangeLog
> Added upstream patch to fix build error.
> Updated license hash due to version bump, reformatted hashes:
> https://github.com/madler/zlib/commit/21767c654d31d2dccdde4330529775c6c5fd5389
> Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
> ---
> v2: added upstream patch to fix build error
Committed, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH v2 1/1] package/libzlib: security bump version to 1.2.12
2022-03-30 18:06 [Buildroot] [PATCH v2 1/1] package/libzlib: security bump version to 1.2.12 Bernd Kuhls
2022-03-31 15:52 ` Peter Korsgaard
@ 2022-04-04 12:31 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2022-04-04 12:31 UTC (permalink / raw)
To: Bernd Kuhls; +Cc: buildroot
>>>>> "Bernd" == Bernd Kuhls <bernd.kuhls@t-online.de> writes:
> Fixes CVE-2018-25032.
> Release notes:
> http://madler.net/pipermail/zlib-announce_madler.net/2022/000012.html
> Changelog: https://github.com/madler/zlib/blob/master/ChangeLog
> Added upstream patch to fix build error.
> Updated license hash due to version bump, reformatted hashes:
> https://github.com/madler/zlib/commit/21767c654d31d2dccdde4330529775c6c5fd5389
> Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
> ---
> v2: added upstream patch to fix build error
Committed to 2021.02.x and 2022.02.x, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-04-04 12:32 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-03-30 18:06 [Buildroot] [PATCH v2 1/1] package/libzlib: security bump version to 1.2.12 Bernd Kuhls
2022-03-31 15:52 ` Peter Korsgaard
2022-04-04 12:31 ` Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.