package/rauc: security bump to version 1.5

Fixes the following security issue: - CVE-2020-25860: Time-of-Check-Time-of-Use Vulnerability in code that checks and installs a firmware bundle. For more details, see the advisory: https://github.com/rauc/rauc/security/advisories/GHSA-cgf3-h62j-w9vv Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 41bbe8df54) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-12-21 12:24:14 +01:00 · 2020-12-21 12:24:14 +01:00 · 9e7fc6024c
parent 1126cdf639
commit 9e7fc6024c
2 changed files with 3 additions and 3 deletions
--- a/package/rauc/rauc.hash
+++ b/package/rauc/rauc.hash
@ -1,4 +1,4 @@
 # Locally calculated, after verifying against
-# https://github.com/rauc/rauc/releases/download/v1.4/rauc-1.4.tar.xz.asc
-sha256  85aabf214cd93a37f7ad0b3aaad89eb94facf0f3ebf6e2edca945acbca9b0967  rauc-1.4.tar.xz
+# https://github.com/rauc/rauc/releases/download/v1.5/rauc-1.5.tar.xz.asc
+sha256  5dfbc46e808240c5014d318cfe64f0431307c37aa79cb2b013caa12daaf96d9d  rauc-1.5.tar.xz
 sha256  dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551  COPYING
--- a/package/rauc/rauc.mk
+++ b/package/rauc/rauc.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-RAUC_VERSION = 1.4
+RAUC_VERSION = 1.5
 RAUC_SITE = https://github.com/rauc/rauc/releases/download/v$(RAUC_VERSION)
 RAUC_SOURCE = rauc-$(RAUC_VERSION).tar.xz
 RAUC_LICENSE = LGPL-2.1