[Buildroot] [PATCH 1/1] package/sdl2_image: bump version to 2.6.2

[Buildroot] [PATCH 1/1] package/sdl2_image: bump version to 2.6.2

[Michael Fischer]

Fixed a number of security issues

Signed-off-by: Michael Fischer <mf@go-sys.de>
---
 package/sdl2_image/sdl2_image.hash | 6 +++---
 package/sdl2_image/sdl2_image.mk   | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/package/sdl2_image/sdl2_image.hash b/package/sdl2_image/sdl2_image.hash
index 6572ee8d54..4a48e591aa 100644
--- a/package/sdl2_image/sdl2_image.hash
+++ b/package/sdl2_image/sdl2_image.hash
@@ -1,3 +1,3 @@
-# Locally calculated
-sha256  bdd5f6e026682f7d7e1be0b6051b209da2f402a2dd8bd1c4bd9c25ad263108d0  SDL2_image-2.0.5.tar.gz
-sha256  45079362e2230154205413a6940544ca94e3479ccf76205c71c4f542a6815d25  COPYING.txt
+# Locally calculated after checking https://www.libsdl.org/projects/SDL_image/release/SDL2_image-2.6.2.tar.gz.sig
+sha256  48355fb4d8d00bac639cd1c4f4a7661c4afef2c212af60b340e06b7059814777  SDL2_image-2.6.2.tar.gz
+sha256  28aabfed22b3cb0b7e23ef40385e4f66297c960082f029c96d073cc1d4e008d5  LICENSE.txt
diff --git a/package/sdl2_image/sdl2_image.mk b/package/sdl2_image/sdl2_image.mk
index 13de7b1268..4490efd82e 100644
--- a/package/sdl2_image/sdl2_image.mk
+++ b/package/sdl2_image/sdl2_image.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-SDL2_IMAGE_VERSION = 2.0.5
+SDL2_IMAGE_VERSION = 2.6.2
 SDL2_IMAGE_SOURCE = SDL2_image-$(SDL2_IMAGE_VERSION).tar.gz
 SDL2_IMAGE_SITE = http://www.libsdl.org/projects/SDL_image/release
 SDL2_IMAGE_INSTALL_STAGING = YES
-- 
2.20.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

Re: [Buildroot] [PATCH 1/1] package/sdl2_image: bump version to 2.6.2

[Thomas Petazzoni via buildroot]

Hello Michael,

On Mon, 22 Aug 2022 10:09:23 +0200
Michael Fischer <mf@go-sys.de> wrote:

> Fixed a number of security issues

Could you clarify which security issues?

When I look at https://github.com/libsdl-org/SDL_image/releases, 2.0.5
did fix some security issues, but we're already using 2.0.5. For the
next releases, I only see new features, or fixes for regressions.

Am I missing something?

Thanks!

Thomas
-- 
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering and training
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

Re: [Buildroot] [PATCH 1/1] package/sdl2_image: bump version to 2.6.2

[Michael Fischer]

Hello Thomas,
sorry I mean the fixes from version 2.05. 

I compared it to the wrong version.

 Michael.

> -----Ursprüngliche Nachricht-----
> Von: Thomas Petazzoni [mailto:thomas.petazzoni@bootlin.com]
> Gesendet: Dienstag, 23. August 2022 21:35
> An: Michael Fischer <mf@go-sys.de>
> Cc: buildroot@busybox.net
> Betreff: Re: [Buildroot] [PATCH 1/1] package/sdl2_image: bump version to
> 2.6.2
> 
> Hello Michael,
> 
> On Mon, 22 Aug 2022 10:09:23 +0200
> Michael Fischer <mf@go-sys.de> wrote:
> 
> > Fixed a number of security issues
> 
> Could you clarify which security issues?
> 
> When I look at https://github.com/libsdl-org/SDL_image/releases, 2.0.5 did
> fix some security issues, but we're already using 2.0.5. For the next releases,
> I only see new features, or fixes for regressions.
> 
> Am I missing something?
> 
> Thanks!
> 
> Thomas
> --
> Thomas Petazzoni, co-owner and CEO, Bootlin Embedded Linux and Kernel
> engineering and training https://bootlin.com
> 
> 

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

Re: [Buildroot] [PATCH 1/1] package/sdl2_image: bump version to 2.6.2

[Thomas Petazzoni]

On Mon, 22 Aug 2022 10:09:23 +0200
Michael Fischer <mf@go-sys.de> wrote:

> Fixed a number of security issues

As discussed, I dropped this part from the commit log.

> -sha256  bdd5f6e026682f7d7e1be0b6051b209da2f402a2dd8bd1c4bd9c25ad263108d0  SDL2_image-2.0.5.tar.gz
> -sha256  45079362e2230154205413a6940544ca94e3479ccf76205c71c4f542a6815d25  COPYING.txt
> +# Locally calculated after checking https://www.libsdl.org/projects/SDL_image/release/SDL2_image-2.6.2.tar.gz.sig
> +sha256  48355fb4d8d00bac639cd1c4f4a7661c4afef2c212af60b340e06b7059814777  SDL2_image-2.6.2.tar.gz
> +sha256  28aabfed22b3cb0b7e23ef40385e4f66297c960082f029c96d073cc1d4e008d5  LICENSE.txt

So indeed, COPYING.txt is gone, and LICENSE.txt is now there, but you
had forgotten to update the SDL2_IMAGE_LICENSE_FILES variable, causing
a build failure when doing "make legal-info".

I fixed both aspects, and applied to master. Thanks!

Thomas
-- 
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering and training
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot