aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Peter Korsgaard <peter@korsgaard.com>2017-02-16 19:38:46 +0100
committerGravatar Peter Korsgaard <peter@korsgaard.com>2017-02-26 22:09:47 +0100
commit17a052f38adb321c8c6533494932362827c088d0 (patch)
tree7f336a93d2fa2601dec49377dc94dfc087003c84
parent27970846347ecd1ac389d5567b8143857e0cecfc (diff)
downloadbuildroot-17a052f38adb321c8c6533494932362827c088d0.tar.gz
buildroot-17a052f38adb321c8c6533494932362827c088d0.tar.bz2
dbus: security bump to version 1.10.16
>From http://www.openwall.com/lists/oss-security/2017/02/16/4 The latest dbus release 1.10.16 fixes two symlink attacks in non-production-suitable configurations. I am treating these as bugs rather than practical vulnerabilities, and very much hope neither of these is going to affect any real users, but I'm reporting them to oss-security in case there's an attack vector that I've missed. No CVEs assigned so far. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit c9556ed90f22185b3abf822f0fe07afea661938a)
-rw-r--r--package/dbus/dbus.hash2
-rw-r--r--package/dbus/dbus.mk2
2 files changed, 2 insertions, 2 deletions
diff --git a/package/dbus/dbus.hash b/package/dbus/dbus.hash
index 14bee20455..af8143d315 100644
--- a/package/dbus/dbus.hash
+++ b/package/dbus/dbus.hash
@@ -1,2 +1,2 @@
# Locally calculated after checking pgp signature
-sha256 23238f70353e38ce5ca183ebc9525c0d97ac00ef640ad29cf794782af6e6a083 dbus-1.10.14.tar.gz
+sha256 a7b0ba6ea3e8d0e08afec5e3030d0245614268276620c536726f8fa6e5c43388 dbus-1.10.16.tar.gz
diff --git a/package/dbus/dbus.mk b/package/dbus/dbus.mk
index c765e0ae26..2d1583e550 100644
--- a/package/dbus/dbus.mk
+++ b/package/dbus/dbus.mk
@@ -4,7 +4,7 @@
#
################################################################################
-DBUS_VERSION = 1.10.14
+DBUS_VERSION = 1.10.16
DBUS_SITE = http://dbus.freedesktop.org/releases/dbus
DBUS_LICENSE = AFLv2.1 or GPLv2+ (library, tools), GPLv2+ (tools)
DBUS_LICENSE_FILES = COPYING