[Buildroot] [PATCH v1] package/libfcgi: bump to 2.4.5 to fix CVE-2025-23016
Thomas Devoogdt
thomas at devoogdt.com
Mon Apr 14 21:24:53 UTC 2025
From: Thomas Devoogdt <thomas.devoogdt at barco.com>
Announcement:
- https://github.com/FastCGI-Archives/fcgi2/releases/tag/2.4.5
See:
- https://nvd.nist.gov/vuln/detail/CVE-2025-23016
- https://github.com/advisories/GHSA-9825-56cx-cfg6
- https://github.com/FastCGI-Archives/fcgi2/issues/67
Signed-off-by: Thomas Devoogdt <thomas.devoogdt at barco.com>
---
package/libfcgi/libfcgi.hash | 2 +-
package/libfcgi/libfcgi.mk | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/libfcgi/libfcgi.hash b/package/libfcgi/libfcgi.hash
index ca660c6ebd..371dba8939 100644
--- a/package/libfcgi/libfcgi.hash
+++ b/package/libfcgi/libfcgi.hash
@@ -1,3 +1,3 @@
# Locally calculated
-sha256 c0e0d9cc7d1e456d7278c974e2826f593ef5ca555783eba81e7e9c1a07ae0ecc libfcgi-2.4.4.tar.gz
+sha256 92b0111a98d8636e06c128444a3d4d7a720bdd54e6ee4dd0c7b67775b1b0abff libfcgi-2.4.5.tar.gz
sha256 f0a8fe4513a43e8eebb24cdcf9d2e7efc52e4d8259178c6d76d3d84418397d81 LICENSE
diff --git a/package/libfcgi/libfcgi.mk b/package/libfcgi/libfcgi.mk
index 3c90b30e39..2348af843b 100644
--- a/package/libfcgi/libfcgi.mk
+++ b/package/libfcgi/libfcgi.mk
@@ -4,7 +4,7 @@
#
################################################################################
-LIBFCGI_VERSION = 2.4.4
+LIBFCGI_VERSION = 2.4.5
LIBFCGI_SITE = $(call github,FastCGI-Archives,fcgi2,$(LIBFCGI_VERSION))
LIBFCGI_LICENSE = OML
LIBFCGI_LICENSE_FILES = LICENSE
--
2.43.0
More information about the buildroot
mailing list