All of lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [git commit] package/gupnp: security bump to version 1.2.3
@ 2020-07-13 16:29 Yann E. MORIN
  2020-07-21 20:11 ` Peter Korsgaard
  0 siblings, 1 reply; 2+ messages in thread
From: Yann E. MORIN @ 2020-07-13 16:29 UTC (permalink / raw)
  To: buildroot

commit: https://git.buildroot.net/buildroot/commit/?id=4420af7c3b70ca2c7a04d8f2bb9c819f53554762
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master

It includes the following commits:
https://github.com/GNOME/gupnp/commit/66a73e96f5a733a149803a985686a4e4e196f90b
https://github.com/GNOME/gupnp/commit/f943904e2d7f21601337b90058faf74b49c02796
which mitigate CVE-2020-12695

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
---
 package/gupnp/gupnp.hash | 4 ++--
 package/gupnp/gupnp.mk   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/gupnp/gupnp.hash b/package/gupnp/gupnp.hash
index 24a0d36631..6baf105318 100644
--- a/package/gupnp/gupnp.hash
+++ b/package/gupnp/gupnp.hash
@@ -1,5 +1,5 @@
-# Hash from: http://ftp.gnome.org/pub/gnome/sources/gupnp/1.2/gupnp-1.2.2.sha256sum:
-sha256  9a80bd953e5c8772ad26b72f8da01cbe7241a113edd6084903f413ce751c9989  gupnp-1.2.2.tar.xz
+# Hash from: http://ftp.gnome.org/pub/gnome/sources/gupnp/1.2/gupnp-1.2.3.sha256sum:
+sha256  d447e54d88e4a8fab84ad1766070e9208e21166fc7e2ce95df6e33e49e8d29b1  gupnp-1.2.3.tar.xz
 
 # Hash for license file:
 sha256  d245807f90032872d1438d741ed21e2490e1175dc8aa3afa5ddb6c8e529b58e5  COPYING
diff --git a/package/gupnp/gupnp.mk b/package/gupnp/gupnp.mk
index dfe25e16c5..953beb2559 100644
--- a/package/gupnp/gupnp.mk
+++ b/package/gupnp/gupnp.mk
@@ -5,7 +5,7 @@
 ################################################################################
 
 GUPNP_VERSION_MAJOR = 1.2
-GUPNP_VERSION = $(GUPNP_VERSION_MAJOR).2
+GUPNP_VERSION = $(GUPNP_VERSION_MAJOR).3
 GUPNP_SOURCE = gupnp-$(GUPNP_VERSION).tar.xz
 GUPNP_SITE = http://ftp.gnome.org/pub/gnome/sources/gupnp/$(GUPNP_VERSION_MAJOR)
 GUPNP_LICENSE = LGPL-2.0+

^ permalink raw reply related	[flat|nested] 2+ messages in thread

* [Buildroot] [git commit] package/gupnp: security bump to version 1.2.3
  2020-07-13 16:29 [Buildroot] [git commit] package/gupnp: security bump to version 1.2.3 Yann E. MORIN
@ 2020-07-21 20:11 ` Peter Korsgaard
  0 siblings, 0 replies; 2+ messages in thread
From: Peter Korsgaard @ 2020-07-21 20:11 UTC (permalink / raw)
  To: buildroot

>>>>> "Yann" == Yann E MORIN <yann.morin.1998@free.fr> writes:

 > commit: https://git.buildroot.net/buildroot/commit/?id=4420af7c3b70ca2c7a04d8f2bb9c819f53554762
 > branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master

 > It includes the following commits:
 > https://github.com/GNOME/gupnp/commit/66a73e96f5a733a149803a985686a4e4e196f90b
 > https://github.com/GNOME/gupnp/commit/f943904e2d7f21601337b90058faf74b49c02796
 > which mitigate CVE-2020-12695

 > Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
 > Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

Committed to 2020.05.x, thanks.

For 2020.02.x I will instead bump to 1.0.5.

-- 
Bye, Peter Korsgaard

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2020-07-21 20:11 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-13 16:29 [Buildroot] [git commit] package/gupnp: security bump to version 1.2.3 Yann E. MORIN
2020-07-21 20:11 ` Peter Korsgaard

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.