* [Buildroot] [PATCH 1/1] package/tor: security bump version to 0.4.5.7
@ 2021-03-17 6:52 Bernd Kuhls
2021-03-20 21:47 ` Thomas Petazzoni
2021-03-26 19:24 ` Peter Korsgaard
0 siblings, 2 replies; 3+ messages in thread
From: Bernd Kuhls @ 2021-03-17 6:52 UTC (permalink / raw)
To: buildroot
Updated license hash due to upstream commit:
https://gitweb.torproject.org/tor.git/commit/LICENSE?h=tor-0.4.5.7&id=02230575c4da6cd6342516e6682f95dad3e3e29e
Fixes CVE-2021-28089 & CVE-2021-28090.
Release notes: https://blog.torproject.org/node/2009
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
---
package/tor/tor.hash | 4 ++--
package/tor/tor.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/tor/tor.hash b/package/tor/tor.hash
index ecbe738574..e46335f79c 100644
--- a/package/tor/tor.hash
+++ b/package/tor/tor.hash
@@ -1,3 +1,3 @@
# Locally computed
-sha256 22cba3794fedd5fa87afc1e512c6ce2c21bc20b4e1c6f8079d832dc1e545e733 tor-0.4.5.6.tar.gz
-sha256 ae2afe6cd3fd9d512afbaa1ef218757eb00aa6b6aa5e2dfc2774b6837e373fa1 LICENSE
+sha256 447fcaaa133e2ef22427e98098a60a9c495edf9ff3e0dd13f484b9ad0185f074 tor-0.4.5.7.tar.gz
+sha256 47b54ed17e8fdcab3c44729a1789a09b208f9a63a845a7e50def9df729eebad0 LICENSE
diff --git a/package/tor/tor.mk b/package/tor/tor.mk
index 1c9d2f2367..56779f1633 100644
--- a/package/tor/tor.mk
+++ b/package/tor/tor.mk
@@ -4,7 +4,7 @@
#
################################################################################
-TOR_VERSION = 0.4.5.6
+TOR_VERSION = 0.4.5.7
TOR_SITE = https://dist.torproject.org
TOR_LICENSE = BSD-3-Clause
TOR_LICENSE_FILES = LICENSE
--
2.29.2
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [Buildroot] [PATCH 1/1] package/tor: security bump version to 0.4.5.7
2021-03-17 6:52 [Buildroot] [PATCH 1/1] package/tor: security bump version to 0.4.5.7 Bernd Kuhls
@ 2021-03-20 21:47 ` Thomas Petazzoni
2021-03-26 19:24 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Thomas Petazzoni @ 2021-03-20 21:47 UTC (permalink / raw)
To: buildroot
On Wed, 17 Mar 2021 07:52:31 +0100
Bernd Kuhls <bernd.kuhls@t-online.de> wrote:
> Updated license hash due to upstream commit:
> https://gitweb.torproject.org/tor.git/commit/LICENSE?h=tor-0.4.5.7&id=02230575c4da6cd6342516e6682f95dad3e3e29e
>
> Fixes CVE-2021-28089 & CVE-2021-28090.
>
> Release notes: https://blog.torproject.org/node/2009
>
> Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
> ---
> package/tor/tor.hash | 4 ++--
> package/tor/tor.mk | 2 +-
> 2 files changed, 3 insertions(+), 3 deletions(-)
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Buildroot] [PATCH 1/1] package/tor: security bump version to 0.4.5.7
2021-03-17 6:52 [Buildroot] [PATCH 1/1] package/tor: security bump version to 0.4.5.7 Bernd Kuhls
2021-03-20 21:47 ` Thomas Petazzoni
@ 2021-03-26 19:24 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2021-03-26 19:24 UTC (permalink / raw)
To: buildroot
>>>>> "Bernd" == Bernd Kuhls <bernd.kuhls@t-online.de> writes:
> Updated license hash due to upstream commit:
> https://gitweb.torproject.org/tor.git/commit/LICENSE?h=tor-0.4.5.7&id=02230575c4da6cd6342516e6682f95dad3e3e29e
> Fixes CVE-2021-28089 & CVE-2021-28090.
> Release notes: https://blog.torproject.org/node/2009
> Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Committed to 2021.02.x, thanks.
For 2020.02.x / 2020.11.x, I will instead bump to 0.4.4.8.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-03-26 19:24 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-03-17 6:52 [Buildroot] [PATCH 1/1] package/tor: security bump version to 0.4.5.7 Bernd Kuhls
2021-03-20 21:47 ` Thomas Petazzoni
2021-03-26 19:24 ` Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.