All of lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [PATCH] package/uclibc: update to 1.0.41
@ 2022-05-20 15:42 Waldemar Brodkorb
  2022-06-01 21:48 ` Thomas Petazzoni via buildroot
  0 siblings, 1 reply; 3+ messages in thread
From: Waldemar Brodkorb @ 2022-05-20 15:42 UTC (permalink / raw)
  To: buildroot

Fixes CVE-2022-30295.

See here:
https://www.nozominetworks.com/blog/nozomi-networks-discovers-unpatched-dns-bug-in-popular-c-standard-library-putting-iot-at-risk/

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
---
 package/uclibc/uclibc.hash | 4 ++--
 package/uclibc/uclibc.mk   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/uclibc/uclibc.hash b/package/uclibc/uclibc.hash
index 989c9d887a..3b29c351b5 100644
--- a/package/uclibc/uclibc.hash
+++ b/package/uclibc/uclibc.hash
@@ -1,4 +1,4 @@
-# From https://downloads.uclibc-ng.org/releases/1.0.40/uClibc-ng-1.0.40.tar.xz.sha256
-sha256  d863f01815a64174d5019c73475e8aff5b60848a13876e79daf5d3d83ce7f889  uClibc-ng-1.0.40.tar.xz
+# From https://downloads.uclibc-ng.org/releases/1.0.41/uClibc-ng-1.0.41.tar.xz.sha256
+sha256  b32a92a0218d95922d6976464e6ef51e2ebacfbcdb605820458d9dbb8a61e025  uClibc-ng-1.0.41.tar.xz
 # Locally calculated
 sha256  6095e9ffa777dd22839f7801aa845b31c9ed07f3d6bf8a26dc5d2dec8ccc0ef3  COPYING.LIB
diff --git a/package/uclibc/uclibc.mk b/package/uclibc/uclibc.mk
index d79eaa1d0d..5006aa0cb6 100644
--- a/package/uclibc/uclibc.mk
+++ b/package/uclibc/uclibc.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-UCLIBC_VERSION = 1.0.40
+UCLIBC_VERSION = 1.0.41
 UCLIBC_SOURCE = uClibc-ng-$(UCLIBC_VERSION).tar.xz
 UCLIBC_SITE = https://downloads.uclibc-ng.org/releases/$(UCLIBC_VERSION)
 UCLIBC_LICENSE = LGPL-2.1+
-- 
2.30.2

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH] package/uclibc: update to 1.0.41
  2022-05-20 15:42 [Buildroot] [PATCH] package/uclibc: update to 1.0.41 Waldemar Brodkorb
@ 2022-06-01 21:48 ` Thomas Petazzoni via buildroot
  2022-06-07 14:00   ` Peter Korsgaard
  0 siblings, 1 reply; 3+ messages in thread
From: Thomas Petazzoni via buildroot @ 2022-06-01 21:48 UTC (permalink / raw)
  To: Waldemar Brodkorb; +Cc: buildroot

On Fri, 20 May 2022 17:42:42 +0200
Waldemar Brodkorb <wbx@openadk.org> wrote:

> Fixes CVE-2022-30295.
> 
> See here:
> https://www.nozominetworks.com/blog/nozomi-networks-discovers-unpatched-dns-bug-in-popular-c-standard-library-putting-iot-at-risk/
> 
> Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
> ---
>  package/uclibc/uclibc.hash | 4 ++--
>  package/uclibc/uclibc.mk   | 2 +-
>  2 files changed, 3 insertions(+), 3 deletions(-)

Applied to master, thanks. I've changed the commit title to "security
bump to 1.0.41". For future security related version bumps, please make
sure that the commit title includes "security" so that it gets handled
in priority.

Thanks a lot!

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH] package/uclibc: update to 1.0.41
  2022-06-01 21:48 ` Thomas Petazzoni via buildroot
@ 2022-06-07 14:00   ` Peter Korsgaard
  0 siblings, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2022-06-07 14:00 UTC (permalink / raw)
  To: Thomas Petazzoni via buildroot; +Cc: Thomas Petazzoni

>>>>> "Thomas" == Thomas Petazzoni via buildroot <buildroot@buildroot.org> writes:

 > On Fri, 20 May 2022 17:42:42 +0200
 > Waldemar Brodkorb <wbx@openadk.org> wrote:

 >> Fixes CVE-2022-30295.
 >> 
 >> See here:
 >> https://www.nozominetworks.com/blog/nozomi-networks-discovers-unpatched-dns-bug-in-popular-c-standard-library-putting-iot-at-risk/
 >> 
 >> Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
 >> ---
 >> package/uclibc/uclibc.hash | 4 ++--
 >> package/uclibc/uclibc.mk   | 2 +-
 >> 2 files changed, 3 insertions(+), 3 deletions(-)

 > Applied to master, thanks. I've changed the commit title to "security
 > bump to 1.0.41". For future security related version bumps, please make
 > sure that the commit title includes "security" so that it gets handled
 > in priority.

Committed to 2022.02.x, thanks.

-- 
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-06-07 14:01 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-05-20 15:42 [Buildroot] [PATCH] package/uclibc: update to 1.0.41 Waldemar Brodkorb
2022-06-01 21:48 ` Thomas Petazzoni via buildroot
2022-06-07 14:00   ` Peter Korsgaard

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.