deepcrayon/buildroot
deepcrayon/buildroot
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

iperf3: security bump to version 3.1.3

Browse source 
Fixes:
ESNET-SECADV-2016-0001 - A malicious process can connect to an iperf3
server and, by sending a malformed message on the control channel,
corrupt the server process's heap area.  This can lead to a crash (and a
denial of service), or theoretically a remote code execution as the user
running the iperf3 server. A malicious iperf3 server could potentially
mount a similar attack on an iperf3 client.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit is contained in:
Gustavo Zacarias 2016-06-09 19:17:05 -03:00 committed by Thomas Petazzoni
parent 0f60f4dde2
commit 678db6ba60
2 changed files with 5 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
package/iperf3/iperf3.hash
View file

@ -1,2 +1,2 @@
# Locally calculated
sha256 48b5c783bb4a9c44f2bdcfe52c5d45b77ab1e1c82de3d0131f692457950811f9 iperf3-3.1.2.tar.gz
# From http://software.es.net/iperf/news.html#security-issue-iperf-3-1-3-iperf-3-0-12-released
sha256 60d8db69b1d74a64d78566c2317c373a85fef691b8d277737ee5d29f448595bf iperf-3.1.3.tar.gz

5
package/iperf3/iperf3.mk
View file

@ -4,8 +4,9 @@
#
################################################################################
IPERF3_VERSION = 3.1.2
IPERF3_SITE = $(call github,esnet,iperf,$(IPERF3_VERSION))
IPERF3_VERSION = 3.1.3
IPERF3_SITE = http://downloads.es.net/pub/iperf
IPERF3_SOURCE = iperf-$(IPERF3_VERSION).tar.gz
IPERF3_LICENSE = BSD-3c, BSD-2c, MIT
IPERF3_LICENSE_FILES = LICENSE