[Buildroot] [git commit] package/libxcrypt: security bump to version 4.4.25
Peter Korsgaard
peter at korsgaard.com
Mon Sep 13 20:39:13 UTC 2021
commit: https://git.buildroot.net/buildroot/commit/?id=a071bec0a0cd928443223132d47564c90bc64713
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master
- Fix several issues found by Covscan in the testsuite. These include:
- CWE-170: String not null terminated (STRING_NULL)
- CWE-188: Reliance on integer endianness (INCOMPATIBLE_CAST)
- CWE-190: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
- CWE-569: Wrong sizeof argument (SIZEOF_MISMATCH)
- CWE-573: Missing varargs init or cleanup (VARARGS)
- CWE-687: Argument cannot be negative (NEGATIVE_RETURNS)
- Update hash of LICENSING due to files being updated with:
https://github.com/besser82/libxcrypt/commit/44e9eb57b462cfbaeb085cea0e308511565f4a12
https://github.com/besser82/libxcrypt/commit/578271c3776a442fa55ac5f5ea83c7dc83ede979
https://github.com/besser82/libxcrypt/blob/v4.4.25/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
package/libxcrypt/libxcrypt.hash | 4 ++--
package/libxcrypt/libxcrypt.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/libxcrypt/libxcrypt.hash b/package/libxcrypt/libxcrypt.hash
index bf187413e5..e0b96406cc 100644
--- a/package/libxcrypt/libxcrypt.hash
+++ b/package/libxcrypt/libxcrypt.hash
@@ -1,4 +1,4 @@
# Locally calculated
-sha256 3801f0263a8596b15ec466343fc1fdc4ad4ec7416c51e038a3528fd47f3be01a libxcrypt-4.4.18.tar.gz
-sha256 f8198fcc4f002bf54512bac2e68e1e3f04af7d105f4f4f98d7d22cb110e04715 LICENSING
+sha256 caea3d032a46c4855ff818637884c7f5719ad228b79387b62ee023c8fbef17b4 libxcrypt-4.4.25.tar.gz
+sha256 3c1ff7a7c9da111853ada463c54b65b42b7b1d3d6592dd527281db0827331d77 LICENSING
sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING.LIB
diff --git a/package/libxcrypt/libxcrypt.mk b/package/libxcrypt/libxcrypt.mk
index 3cf0555ac0..4627d21b62 100644
--- a/package/libxcrypt/libxcrypt.mk
+++ b/package/libxcrypt/libxcrypt.mk
@@ -4,7 +4,7 @@
#
################################################################################
-LIBXCRYPT_VERSION = 4.4.18
+LIBXCRYPT_VERSION = 4.4.25
LIBXCRYPT_SITE = $(call github,besser82,libxcrypt,v$(LIBXCRYPT_VERSION))
LIBXCRYPT_LICENSE = LGPL-2.1+
LIBXCRYPT_LICENSE_FILES = LICENSING COPYING.LIB
More information about the buildroot
mailing list