* [Buildroot] [PATCH 1/1] package/lldpd: security bump to version 1.0.15
@ 2022-10-29 20:40 Fabrice Fontaine
2022-10-30 11:07 ` Thomas Petazzoni via buildroot
2022-11-08 20:27 ` Peter Korsgaard
0 siblings, 2 replies; 3+ messages in thread
From: Fabrice Fontaine @ 2022-10-29 20:40 UTC (permalink / raw)
To: buildroot; +Cc: Fabrice Fontaine
- Fix heap overflow when reading SONMP. CVE-2021-43612.
- https://vincentbernat.github.io/lldpd/ is redirecting to
https://lldpd.github.io/
https://github.com/lldpd/lldpd/blob/1.0.15/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
package/lldpd/Config.in | 2 +-
package/lldpd/lldpd.hash | 4 ++--
package/lldpd/lldpd.mk | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/package/lldpd/Config.in b/package/lldpd/Config.in
index 9a9517b5b0..3e0446986f 100644
--- a/package/lldpd/Config.in
+++ b/package/lldpd/Config.in
@@ -18,7 +18,7 @@ config BR2_PACKAGE_LLDPD
lldpd is an ISC-licensed implementation of LLDP for various
Unixes. It also supports some proprietary protocols.
- https://vincentbernat.github.io/lldpd/
+ https://lldpd.github.io/
if BR2_PACKAGE_LLDPD
diff --git a/package/lldpd/lldpd.hash b/package/lldpd/lldpd.hash
index 6e809b2796..6db5ca98f1 100644
--- a/package/lldpd/lldpd.hash
+++ b/package/lldpd/lldpd.hash
@@ -1,5 +1,5 @@
# Locally computed after checking gpg key
-# https://media.luffy.cx/files/lldpd/lldpd-1.0.9.tar.gz.gpg
+# https://media.luffy.cx/files/lldpd/lldpd-1.0.15.tar.gz.gpg
# using key AEF2348766F371C689A7360095A42FE8353525F9
-sha256 6b64eb3125952b1e33472198b054e8aa0dee45f45d3d4be22789090a474949f5 lldpd-1.0.9.tar.gz
+sha256 f7fe3a130be98a19c491479ef60f36b8ee41a9e6bc4d7f2c41033f63956a3126 lldpd-1.0.15.tar.gz
sha256 0e96a5aea65f16e2239231ce4ab90497f8bc3bb8fe6abe9299aade4726ff7c8d LICENSE
diff --git a/package/lldpd/lldpd.mk b/package/lldpd/lldpd.mk
index b88dd002e4..dd6f8dcf5d 100644
--- a/package/lldpd/lldpd.mk
+++ b/package/lldpd/lldpd.mk
@@ -4,7 +4,7 @@
#
################################################################################
-LLDPD_VERSION = 1.0.9
+LLDPD_VERSION = 1.0.15
LLDPD_SITE = https://media.luffy.cx/files/lldpd
LLDPD_DEPENDENCIES = \
$(if $(BR2_PACKAGE_CHECK),check) \
--
2.35.1
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/lldpd: security bump to version 1.0.15
2022-10-29 20:40 [Buildroot] [PATCH 1/1] package/lldpd: security bump to version 1.0.15 Fabrice Fontaine
@ 2022-10-30 11:07 ` Thomas Petazzoni via buildroot
2022-11-08 20:27 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Thomas Petazzoni via buildroot @ 2022-10-30 11:07 UTC (permalink / raw)
To: Fabrice Fontaine; +Cc: buildroot
On Sat, 29 Oct 2022 22:40:23 +0200
Fabrice Fontaine <fontaine.fabrice@gmail.com> wrote:
> - Fix heap overflow when reading SONMP. CVE-2021-43612.
> - https://vincentbernat.github.io/lldpd/ is redirecting to
> https://lldpd.github.io/
>
> https://github.com/lldpd/lldpd/blob/1.0.15/NEWS
>
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
> ---
> package/lldpd/Config.in | 2 +-
> package/lldpd/lldpd.hash | 4 ++--
> package/lldpd/lldpd.mk | 2 +-
> 3 files changed, 4 insertions(+), 4 deletions(-)
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/lldpd: security bump to version 1.0.15
2022-10-29 20:40 [Buildroot] [PATCH 1/1] package/lldpd: security bump to version 1.0.15 Fabrice Fontaine
2022-10-30 11:07 ` Thomas Petazzoni via buildroot
@ 2022-11-08 20:27 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2022-11-08 20:27 UTC (permalink / raw)
To: Fabrice Fontaine; +Cc: buildroot
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:
> - Fix heap overflow when reading SONMP. CVE-2021-43612.
> - https://vincentbernat.github.io/lldpd/ is redirecting to
> https://lldpd.github.io/
> https://github.com/lldpd/lldpd/blob/1.0.15/NEWS
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Committed to 2022.08.x and 2022.02.x, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-11-08 20:28 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-10-29 20:40 [Buildroot] [PATCH 1/1] package/lldpd: security bump to version 1.0.15 Fabrice Fontaine
2022-10-30 11:07 ` Thomas Petazzoni via buildroot
2022-11-08 20:27 ` Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.