* [Buildroot] [PATCH] harfbuzz: security bump to version 1.4.4
@ 2017-03-06 14:54 Gustavo Zacarias
2017-03-06 16:46 ` Thomas Petazzoni
0 siblings, 1 reply; 3+ messages in thread
From: Gustavo Zacarias @ 2017-03-06 14:54 UTC (permalink / raw)
To: buildroot
Fixes a buffer-overrun in Bengali.
Switch to https URL to avoid a small delay in protocol redirection.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
package/harfbuzz/harfbuzz.hash | 4 ++--
package/harfbuzz/harfbuzz.mk | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/package/harfbuzz/harfbuzz.hash b/package/harfbuzz/harfbuzz.hash
index 6bf5bee..b7da64b 100644
--- a/package/harfbuzz/harfbuzz.hash
+++ b/package/harfbuzz/harfbuzz.hash
@@ -1,2 +1,2 @@
-# From http://www.freedesktop.org/software/harfbuzz/release/harfbuzz-1.4.2.tar.bz2.sha256
-sha256 8f234dcfab000fdec24d43674fffa2fdbdbd654eb176afbde30e8826339cb7b3 harfbuzz-1.4.2.tar.bz2
+# From https://www.freedesktop.org/software/harfbuzz/release/harfbuzz-1.4.4.tar.bz2.sha256
+sha256 35d2f8ca476cbbec64ee824eca6b0209ff8db0334990b9f5af893b94f119d255 harfbuzz-1.4.4.tar.bz2
diff --git a/package/harfbuzz/harfbuzz.mk b/package/harfbuzz/harfbuzz.mk
index 458b072..6464480 100644
--- a/package/harfbuzz/harfbuzz.mk
+++ b/package/harfbuzz/harfbuzz.mk
@@ -4,8 +4,8 @@
#
################################################################################
-HARFBUZZ_VERSION = 1.4.2
-HARFBUZZ_SITE = http://www.freedesktop.org/software/harfbuzz/release
+HARFBUZZ_VERSION = 1.4.4
+HARFBUZZ_SITE = https://www.freedesktop.org/software/harfbuzz/release
HARFBUZZ_SOURCE = harfbuzz-$(HARFBUZZ_VERSION).tar.bz2
HARFBUZZ_LICENSE = MIT, ISC (ucdn library)
HARFBUZZ_LICENSE_FILES = COPYING src/hb-ucdn/COPYING
--
2.10.2
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [Buildroot] [PATCH] harfbuzz: security bump to version 1.4.4
2017-03-06 14:54 [Buildroot] [PATCH] harfbuzz: security bump to version 1.4.4 Gustavo Zacarias
@ 2017-03-06 16:46 ` Thomas Petazzoni
2017-03-07 15:09 ` Peter Korsgaard
0 siblings, 1 reply; 3+ messages in thread
From: Thomas Petazzoni @ 2017-03-06 16:46 UTC (permalink / raw)
To: buildroot
Hello,
On Mon, 6 Mar 2017 11:54:49 -0300, Gustavo Zacarias wrote:
> Fixes a buffer-overrun in Bengali.
> Switch to https URL to avoid a small delay in protocol redirection.
>
> Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
> ---
> package/harfbuzz/harfbuzz.hash | 4 ++--
> package/harfbuzz/harfbuzz.mk | 4 ++--
> 2 files changed, 4 insertions(+), 4 deletions(-)
Applied to master, thanks. Peter: we want this one for LTS I guess.
Thomas
--
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Buildroot] [PATCH] harfbuzz: security bump to version 1.4.4
2017-03-06 16:46 ` Thomas Petazzoni
@ 2017-03-07 15:09 ` Peter Korsgaard
0 siblings, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2017-03-07 15:09 UTC (permalink / raw)
To: buildroot
>>>>> "Thomas" == Thomas Petazzoni <thomas.petazzoni@free-electrons.com> writes:
> Hello,
> On Mon, 6 Mar 2017 11:54:49 -0300, Gustavo Zacarias wrote:
>> Fixes a buffer-overrun in Bengali.
>> Switch to https URL to avoid a small delay in protocol redirection.
>>
>> Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
>> ---
>> package/harfbuzz/harfbuzz.hash | 4 ++--
>> package/harfbuzz/harfbuzz.mk | 4 ++--
>> 2 files changed, 4 insertions(+), 4 deletions(-)
> Applied to master, thanks. Peter: we want this one for LTS I guess.
Committed to 2017.02.x, thanks.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2017-03-07 15:09 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-03-06 14:54 [Buildroot] [PATCH] harfbuzz: security bump to version 1.4.4 Gustavo Zacarias
2017-03-06 16:46 ` Thomas Petazzoni
2017-03-07 15:09 ` Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.