buildroot/package/expat/expat.hash at 0d643fd3e8d2e3deb5de936f176286ca2c4f0b62 - deepcrayon/buildroot - SpaceCruft!

deepcrayon/buildroot

Peter Korsgaard c0ad6ded01 expat: security bump to version 2.2.1

Fixes:

- CVE-2017-9233 - External entity infinite loop DoS. See:
  https://libexpat.github.io/doc/cve-2017-9233/

- CVE-2016-9063 -- Detect integer overflow

And further more:

- Fix regression from fix to CVE-2016-0718 cutting off longer tag names.

- Extend fix for CVE-2016-5300 (use getrandom() if available).

- Extend fix for CVE-2012-0876 (Change hash algorithm to William Ahern's
  version of SipHash).

Also add an upstream patch to fix detection of getrandom().

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

2017-06-19 22:06:03 +02:00

6 lines

319 B

Plaintext

Raw Blame History

 # From https://sourceforge.net/projects/expat/files/expat/2.2.1/
 md5	d9c3baeab58774cefc2f04faf29f2cf8	expat-2.2.1.tar.bz2
 sha1	f45eb724f182776a9cacec9ed70d549e87198987	expat-2.2.1.tar.bz2
 # Calculated based on the hashes above
 sha256	1868cadae4c82a018e361e2b2091de103cd820aaacb0d6cfa49bd2cd83978885	expat-2.2.1.tar.bz2