diff options
author | Gustavo Zacarias <gustavo@zacarias.com.ar> | 2015-01-23 07:47:56 -0300 |
---|---|---|
committer | Peter Korsgaard <peter@korsgaard.com> | 2015-01-23 16:40:50 +0100 |
commit | 78cb8c81fa81f2a4dd63bcc2621ac5436edf26f6 (patch) | |
tree | c2266492eb35c7c5aff16abc02374b21e5033c00 /package/patch | |
parent | 9711d8b824ff0cee786ef9c131e8f38ddc324b91 (diff) | |
download | buildroot-78cb8c81fa81f2a4dd63bcc2621ac5436edf26f6.tar.gz buildroot-78cb8c81fa81f2a4dd63bcc2621ac5436edf26f6.zip |
patch: security bump to version 2.7.3
Fixes CVE-2015-1196 - allows remote attackers to write to arbitrary
files via a symlink attack in a patch file.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'package/patch')
-rw-r--r-- | package/patch/patch.hash | 2 | ||||
-rw-r--r-- | package/patch/patch.mk | 2 |
2 files changed, 3 insertions, 1 deletions
diff --git a/package/patch/patch.hash b/package/patch/patch.hash new file mode 100644 index 0000000000..7f1b024ddd --- /dev/null +++ b/package/patch/patch.hash @@ -0,0 +1,2 @@ +# Locally calculated after checking pgp signature +sha256 d09022de9d629561bf4dad44625ef4b1ead15178b210412113531730cdb6f19d patch-2.7.3.tar.xz diff --git a/package/patch/patch.mk b/package/patch/patch.mk index 2dd45336f8..4fa0e4102e 100644 --- a/package/patch/patch.mk +++ b/package/patch/patch.mk @@ -4,7 +4,7 @@ # ################################################################################ -PATCH_VERSION = 2.7.1 +PATCH_VERSION = 2.7.3 PATCH_SOURCE = patch-$(PATCH_VERSION).tar.xz PATCH_SITE = $(BR2_GNU_MIRROR)/patch PATCH_LICENSE = GPLv3+ |