[Buildroot] [PATCH 1/1] package/libosip2: security bump to version 5.3.1
Fabrice Fontaine
fontaine.fabrice at gmail.com
Sun Oct 16 20:52:54 UTC 2022
Fix CVE-2022-41550: GNU oSIP v5.3.0 was discovered to contain an integer
overflow via the component osip_body_parse_header.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
---
package/libosip2/libosip2.hash | 2 +-
package/libosip2/libosip2.mk | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/libosip2/libosip2.hash b/package/libosip2/libosip2.hash
index 071ad7e61a..a563f0c4cd 100644
--- a/package/libosip2/libosip2.hash
+++ b/package/libosip2/libosip2.hash
@@ -1,5 +1,5 @@
# Locally calculated after checking pgp signature
-sha256 f4725916c22cf514969efb15c3c207233d64739383f7d42956038b78f6cae8c8 libosip2-5.3.0.tar.gz
+sha256 fe82fe841608266ac15a5c1118216da00c554d5006e2875a8ac3752b1e6adc79 libosip2-5.3.1.tar.gz
# Hash for license file:
sha256 8d9e95ed0e48df46dc758eb0d86df611f771eab4eed94bebb77dca87f1c897de COPYING
diff --git a/package/libosip2/libosip2.mk b/package/libosip2/libosip2.mk
index 2f9b7a9242..618d98a85c 100644
--- a/package/libosip2/libosip2.mk
+++ b/package/libosip2/libosip2.mk
@@ -4,7 +4,7 @@
#
################################################################################
-LIBOSIP2_VERSION = 5.3.0
+LIBOSIP2_VERSION = 5.3.1
LIBOSIP2_SITE = $(BR2_GNU_MIRROR)/osip
LIBOSIP2_INSTALL_STAGING = YES
LIBOSIP2_LICENSE = LGPL-2.1+
--
2.35.1
More information about the buildroot
mailing list