* [Buildroot] [git commit branch/2022.05.x] package/qdecoder: security bump to version 12.1.0
@ 2022-07-19 16:00 Peter Korsgaard
0 siblings, 0 replies; only message in thread
From: Peter Korsgaard @ 2022-07-19 16:00 UTC (permalink / raw)
To: buildroot
commit: https://git.buildroot.net/buildroot/commit/?id=830d99ad6b02873fc920f4cebd9ed2bae6cc98e1
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2022.05.x
This is a maintenance release includes important security updates that
fixes possible vulnerability in URL decoding (see the report attached
below). All the qDecoder users are recommended to upgrade to this
version as soon as possible.
Fix CVE-2022-32265
Update hash of COPYING (change in year and URL removed:
https://github.com/wolkykim/qdecoder/commit/51bdcc2c158f2a12a817e8ebcb18f56e3121a808
https://github.com/wolkykim/qdecoder/commit/745878212df963a7a8081f09a747730e74faae63)
https://github.com/wolkykim/qdecoder/releases/tag/v12.1.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit c79d8cb72c9042c950336a3978504925570bd759)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
package/qdecoder/qdecoder.hash | 4 ++--
package/qdecoder/qdecoder.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/qdecoder/qdecoder.hash b/package/qdecoder/qdecoder.hash
index e3fb837597..05337777b4 100644
--- a/package/qdecoder/qdecoder.hash
+++ b/package/qdecoder/qdecoder.hash
@@ -1,3 +1,3 @@
# Locally calculated
-sha256 3911576ad8766697a9c8c767458edc953ae686eb53cd31d21e38edd7831ed9aa qdecoder-12.0.8.tar.gz
-sha256 17e647523e5c5c75fd02861dcf3ea91a146d918ab303460ee58135c9dd70904e COPYING
+sha256 edd32bd5119d276afa9e01cd54a1c23049cad4e96dc6a8e48ac324580e085ebb qdecoder-12.1.0.tar.gz
+sha256 41f34ba1ed6e5d8d3488992311f474cd3f614b82bada88ae53216946026cfae7 COPYING
diff --git a/package/qdecoder/qdecoder.mk b/package/qdecoder/qdecoder.mk
index 8cb5d3bc97..05ee657131 100644
--- a/package/qdecoder/qdecoder.mk
+++ b/package/qdecoder/qdecoder.mk
@@ -4,7 +4,7 @@
#
################################################################################
-QDECODER_VERSION = 12.0.8
+QDECODER_VERSION = 12.1.0
QDECODER_SITE = $(call github,wolkykim,qdecoder,v$(QDECODER_VERSION))
QDECODER_LICENSE = BSD-2-Clause
QDECODER_LICENSE_FILES = COPYING
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2022-07-19 16:01 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-07-19 16:00 [Buildroot] [git commit branch/2022.05.x] package/qdecoder: security bump to version 12.1.0 Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.