From: Arnout Vandecappelle <arnout@mind.be>
To: Fabrice Fontaine <fontaine.fabrice@gmail.com>, buildroot@buildroot.org
Cc: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Subject: Re: [Buildroot] [PATCH 1/1] package/matio: security bump to version 1.5.22
Date: Mon, 28 Mar 2022 21:55:38 +0200 [thread overview]
Message-ID: <d9ea6ca6-eb82-e5f9-f447-658bab42a915@mind.be> (raw)
In-Reply-To: <20220327203218.1331528-1-fontaine.fabrice@gmail.com>
On 27/03/2022 22:32, Fabrice Fontaine wrote:
> - Fixed heap-based buffer overflows when reading (crafted) MAT file
> (CVE-2020-36428, CVE-2021-36977)
> - Update hash pf COPYING (year updated and contributors added:
> https://github.com/tbeu/matio/commit/a3730c09797372a5919140b4618f217bb54bd1a1)
>
> https://github.com/tbeu/matio/releases/tag/v1.5.22
>
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Applied to master, thanks.
Regards,
Arnout
> ---
> package/matio/matio.hash | 6 +++---
> package/matio/matio.mk | 2 +-
> 2 files changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/package/matio/matio.hash b/package/matio/matio.hash
> index 4dd05dee07..4634074ca0 100644
> --- a/package/matio/matio.hash
> +++ b/package/matio/matio.hash
> @@ -1,4 +1,4 @@
> -# From https://sourceforge.net/projects/matio/files/matio/1.5.21/
> -sha512 b00bcad807e6a7e10afa656eb77a0e3e9fb08d9cecc3e94ba41ef91ce60367d6686e6d387a874bbb83eb2f895d4a97caac554a70e7f5f6f5cb750052702d411c matio-1.5.21.tar.gz
> +# From https://sourceforge.net/projects/matio/files/matio/1.5.22/
> +sha512 33fd3991413e94dfc9aba13ffd08b09ddcbdb9dfa579124d981449e195a8c61a3dc95b55e46bba360d48456c117cf36403af1c3448689c26b8aea5fa9cf38323 matio-1.5.22.tar.gz
> # Locally computed
> -sha256 69143d4a8f1933022bb909327df1ce812dd2420ed57949812dd8f370856bf2a1 COPYING
> +sha256 3ed9a50d754fcc92d4accb8448e397eafeab686796b2a7445557ce782806e239 COPYING
> diff --git a/package/matio/matio.mk b/package/matio/matio.mk
> index 236466d4d9..d282852d37 100644
> --- a/package/matio/matio.mk
> +++ b/package/matio/matio.mk
> @@ -4,7 +4,7 @@
> #
> ################################################################################
>
> -MATIO_VERSION = 1.5.21
> +MATIO_VERSION = 1.5.22
> MATIO_SITE = http://downloads.sourceforge.net/project/matio/matio/$(MATIO_VERSION)
> MATIO_LICENSE = BSD-2-Clause
> MATIO_LICENSE_FILES = COPYING
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
next prev parent reply other threads:[~2022-03-28 19:55 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-27 20:32 [Buildroot] [PATCH 1/1] package/matio: security bump to version 1.5.22 Fabrice Fontaine
2022-03-28 19:55 ` Arnout Vandecappelle [this message]
2022-03-31 12:15 ` Peter Korsgaard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d9ea6ca6-eb82-e5f9-f447-658bab42a915@mind.be \
--to=arnout@mind.be \
--cc=buildroot@buildroot.org \
--cc=fontaine.fabrice@gmail.com \
--cc=gwenhael.goavec-merou@trabucayre.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.