deepcrayon
/
buildroot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

gnupg2: security bump to version 2.2.8 

Fixes CVE-2018-12020: Unsanitized file names might cause injection of
terminal control characters into the status output of gnupg.

Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018.08.x
Baruch Siach 2018-06-11 18:53:12 +03:00 committed by Peter Korsgaard
parent 693b27e225
commit b78a365b56
2 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
package/gnupg2/gnupg2.hash
View File

@ -1,6 +1,6 @@
# From https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000424.html
sha1 e222cda63409a86992369df8976f6c7511e10ea0 gnupg-2.2.7.tar.bz2
# From https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000425.html
sha1 d87553a125832ea90e8aeb3ceeecf24f88de56fb gnupg-2.2.8.tar.bz2
# Calculated based on the hash above and signature
# https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.7.tar.bz2.sig
sha256 d95b361ee6ef7eff86af40c8c72bf9313736ac9f7010d6604d78bf83818e976e gnupg-2.2.7.tar.bz2
# https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.8.tar.bz2.sig
sha256 777b4cb8ced21965a5053d4fa20fe11484f0a478f3d011cef508a1a49db50dcd gnupg-2.2.8.tar.bz2
sha256 bc2d6664f6276fa0a72d57633b3ae68dc7dcb677b71018bf08c8e93e509f1357 COPYING

2
package/gnupg2/gnupg2.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
GNUPG2_VERSION = 2.2.7
GNUPG2_VERSION = 2.2.8
GNUPG2_SOURCE = gnupg-$(GNUPG2_VERSION).tar.bz2
GNUPG2_SITE = https://gnupg.org/ftp/gcrypt/gnupg
GNUPG2_LICENSE = GPL-3.0+