[Buildroot] [PATCH 1/1] package/exfatprogs: security bump to version 1.2.2
Fabrice Fontaine
fontaine.fabrice at gmail.com
Mon Nov 27 21:25:58 UTC 2023
Fix CVE-2023-45897: exfatprogs before 1.2.2 allows out-of-bounds memory
access, such as in read_file_dentry_set.
https://github.com/exfatprogs/exfatprogs/blob/1.2.2/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
---
package/exfatprogs/exfatprogs.hash | 4 ++--
package/exfatprogs/exfatprogs.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/exfatprogs/exfatprogs.hash b/package/exfatprogs/exfatprogs.hash
index 49135b1da7..9f3100db7f 100644
--- a/package/exfatprogs/exfatprogs.hash
+++ b/package/exfatprogs/exfatprogs.hash
@@ -1,5 +1,5 @@
-# From https://github.com/exfatprogs/exfatprogs/releases/download/1.2.0/exfatprogs-1.2.0.tar.xz.sha256
-sha256 56d9a49465deafc367d428afc71c8098705a30ee19a3cdf3c5320650b8880742 exfatprogs-1.2.0.tar.xz
+# From https://github.com/exfatprogs/exfatprogs/releases/download/1.2.2/exfatprogs-1.2.2.tar.xz.sha256
+sha256 61d517231f8ec177eeb5955fd6edb89748d3f88ba412c48bcb32741b430e359a exfatprogs-1.2.2.tar.xz
# Hash for license file
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
diff --git a/package/exfatprogs/exfatprogs.mk b/package/exfatprogs/exfatprogs.mk
index fcc9ff0788..40d9072571 100644
--- a/package/exfatprogs/exfatprogs.mk
+++ b/package/exfatprogs/exfatprogs.mk
@@ -4,7 +4,7 @@
#
################################################################################
-EXFATPROGS_VERSION = 1.2.0
+EXFATPROGS_VERSION = 1.2.2
EXFATPROGS_SOURCE = exfatprogs-$(EXFATPROGS_VERSION).tar.xz
EXFATPROGS_SITE = https://github.com/exfatprogs/exfatprogs/releases/download/$(EXFATPROGS_VERSION)
EXFATPROGS_LICENSE = GPL-2.0+
--
2.42.0
More information about the buildroot
mailing list