Commit b67ee0ae authored by Jan Pavlinec's avatar Jan Pavlinec

libtasn1: update to version 4.13 (security fix)

CVE-2018-6003 - An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS.

Issue #160
parent 8b13bab1
......@@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=libtasn1
PKG_VERSION:=4.8
PKG_RELEASE:=2
PKG_VERSION:=4.13
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=ftp://ftp.gnu.org/gnu/libtasn1
PKG_MD5SUM:=9a6767705725544f2b86670dcfb34107
PKG_SOURCE_URL:=@GNU/$(PKG_NAME)
PKG_MD5SUM:=7e528e8c317ddd156230c4e31d082cd13e7ddeb7a54824be82632209550c8cca
PKG_LICENSE:=LGPLv2.1+
PKG_LICENSE_FILES:=COPYING.LIB
......@@ -27,7 +27,7 @@ define Package/libtasn1
CATEGORY:=Libraries
TITLE:=An ASN.1 and DER structures manipulation library
MAINTAINER:=Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
URL:=ftp://ftp.gnu.org/gnu/libtasn1/
URL:=https://www.gnu.org/software/libtasn1/
endef
define Package/libtasn1/description
......@@ -39,6 +39,7 @@ TARGET_CFLAGS += $(FPIC)
CONFIGURE_ARGS += \
--enable-shared \
--disable-gcc-warnings \
--enable-static
define Build/InstallDev
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment