deepcrayon
/
buildroot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

gnupg: security bump to version 1.4.23 

Fixes CVE-2018-12020: Unsanitized file names might cause injection of
terminal control characters into the status output of gnupg.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018.08.x
Baruch Siach 2018-06-11 19:08:43 +03:00 committed by Peter Korsgaard
parent b78a365b56
commit 0647268416
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/gnupg/gnupg.hash
View File

@ -1,3 +1,3 @@
# Locally computed based on signature
# https://gnupg.org/ftp/gcrypt/gnupg/gnupg-1.4.22.tar.bz2.sig
sha256 9594a24bec63a21568424242e3f198b9d9828dea5ff0c335e47b06f835f930b4 gnupg-1.4.22.tar.bz2
# https://gnupg.org/ftp/gcrypt/gnupg/gnupg-1.4.23.tar.bz2.sig
sha256 c9462f17e651b6507848c08c430c791287cd75491f8b5a8b50c6ed46b12678ba gnupg-1.4.23.tar.bz2

2
package/gnupg/gnupg.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
GNUPG_VERSION = 1.4.22
GNUPG_VERSION = 1.4.23
GNUPG_SOURCE = gnupg-$(GNUPG_VERSION).tar.bz2
GNUPG_SITE = https://gnupg.org/ftp/gcrypt/gnupg
GNUPG_LICENSE = GPL-3.0+