[Buildroot] [git commit] package/libtommath: security bump to version 1.2.1

Peter Korsgaard peter at korsgaard.com
Tue Sep 5 13:24:38 UTC 2023 

commit: https://git.buildroot.net/buildroot/commit/?id=b7488b4d685657e7d724d18ab1e7982e2148e271
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master

This is a bugfix release only containing the fix to a potential integer underflow
which got assigned CVE-2023-36328.

Signed-off-by: Francois Perrad <francois.perrad at gadz.org>
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
 .../0001-Build-test-bn_mp_set_double-c-on-more-platforms.patch          | 2 +-
 package/libtommath/libtommath.hash                                      | 2 +-
 package/libtommath/libtommath.mk                                        | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/libtommath/0001-Build-test-bn_mp_set_double-c-on-more-platforms.patch b/package/libtommath/0001-Build-test-bn_mp_set_double-c-on-more-platforms.patch
index c25002ba70..1cf411b391 100644
--- a/package/libtommath/0001-Build-test-bn_mp_set_double-c-on-more-platforms.patch
+++ b/package/libtommath/0001-Build-test-bn_mp_set_double-c-on-more-platforms.patch
@@ -20,7 +20,7 @@ diff --git a/demo/test.c b/demo/test.c
 index 998f14b3..f719709d 100644
 --- a/demo/test.c
 +++ b/demo/test.c
-@@ -522,7 +522,7 @@ static int test_mp_invmod(void)
+@@ -625,7 +625,7 @@ static int test_mp_invmod(void)
  
  }
  
diff --git a/package/libtommath/libtommath.hash b/package/libtommath/libtommath.hash
index 9af489ef1a..4f5dd40231 100644
--- a/package/libtommath/libtommath.hash
+++ b/package/libtommath/libtommath.hash
@@ -1,5 +1,5 @@
 # Locally computed
-sha256  b7c75eecf680219484055fcedd686064409254ae44bc31a96c5032843c0e18b1  ltm-1.2.0.tar.xz
+sha256  986025d7b374276fee2e30e99f3649e4ac0db8a02257a37ee10eae72abed0d1f  ltm-1.2.1.tar.xz
 
 # Hashes for license files:
 sha256  2fa64b163659f41965c9815882a8296d3d03ff546b76153e11445f9bdecf955a  LICENSE
diff --git a/package/libtommath/libtommath.mk b/package/libtommath/libtommath.mk
index bd3957d6c2..25d4e836bb 100644
--- a/package/libtommath/libtommath.mk
+++ b/package/libtommath/libtommath.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBTOMMATH_VERSION = 1.2.0
+LIBTOMMATH_VERSION = 1.2.1
 LIBTOMMATH_SITE = https://github.com/libtom/libtommath/releases/download/v$(LIBTOMMATH_VERSION)
 LIBTOMMATH_SOURCE = ltm-$(LIBTOMMATH_VERSION).tar.xz
 LIBTOMMATH_LICENSE = Unlicense

More information about the buildroot mailing list