deepcrayon/buildroot
deepcrayon/buildroot
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

libgcrypt: security bump to version to version 1.7.3

Browse source 
Fixes CVE-2016-6316: Bug in the mixing functions of Libgcrypt's random number
generator. An attacker who obtains 4640 bits from the RNG can trivially
predict the next 160 bits of output.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Baruch Siach 2016-08-18 08:43:03 +03:00 committed by Peter Korsgaard
parent 7f273cf7b6
commit 55c74d6b97
2 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
package/libgcrypt/libgcrypt.hash
View file

@ -1,4 +1,4 @@
# From https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000392.html
sha1 85a6a936bcab4c3c05f5efbf6ce847f23d35c0c4 libgcrypt-1.7.2.tar.bz2
# From https://lists.gnu.org/archive/html/info-gnu/2016-08/msg00008.html
sha1 5a034291e7248592605db448481478e6c963aa9c libgcrypt-1.7.3.tar.bz2
# Calculated based on the hash above
sha256 3d35df906d6eab354504c05d749a9b021944cb29ff5f65c8ef9c3dd5f7b6689f libgcrypt-1.7.2.tar.bz2
sha256 ddac6111077d0a1612247587be238c5294dd0ee4d76dc7ba783cc55fb0337071 libgcrypt-1.7.3.tar.bz2

2
package/libgcrypt/libgcrypt.mk
View file

@ -4,7 +4,7 @@
#
################################################################################
LIBGCRYPT_VERSION = 1.7.2
LIBGCRYPT_VERSION = 1.7.3
LIBGCRYPT_SOURCE = libgcrypt-$(LIBGCRYPT_VERSION).tar.bz2
LIBGCRYPT_LICENSE = LGPLv2.1+
LIBGCRYPT_LICENSE_FILES = COPYING.LIB