deepcrayon/buildroot
deepcrayon/buildroot
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
buildroot/package/libarchive/libarchive.hash
Pierre-Jean Texier bbc64eae62 package/libarchive: security bump to version 3.4.1 
Fixes the following security vulnerabilities:

- CVE-2019-19221: In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c
 has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example,
 bsdtar crashes via a crafted archive.

And adds various security fixes.  For details, see :

https://github.com/libarchive/libarchive/releases/tag/v3.4.1

Also remove upstreamed patch.

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-01-06 23:29:20 +01:00

5 lines
254 B
Plaintext
Raw Blame History

# From https://www.libarchive.de/downloads/sha256sums
sha256 fcf87f3ad8db2e4f74f32526dee62dd1fb9894782b0a503a89c9d7a70a235191 libarchive-3.4.1.tar.gz
# Locally computed:
sha256 e1e3d4ba9d0b0ccba333b5f5539f7c6c9a3ef3d57a96cd165d2c45eaa1cd026d COPYING
Reference in a new issue View git blame Copy permalink