aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Baruch Siach <baruch@tkos.co.il>2017-02-09 14:31:28 +0200
committerGravatar Peter Korsgaard <peter@korsgaard.com>2017-02-16 09:08:05 +0100
commit4b4b74b0562383a2eab4da8df284ae20055ca4f1 (patch)
tree1223d3df9c6fd83288608a09a704a4ccc96c5730
parent0d74852e6d8c7d534115d5b977d688f7105c1c45 (diff)
downloadbuildroot-4b4b74b0562383a2eab4da8df284ae20055ca4f1.tar.gz
buildroot-4b4b74b0562383a2eab4da8df284ae20055ca4f1.tar.bz2
quagga: security bump to version 1.1.1
Fixes CVE-2017-5495: Telnet interface input buffer allocates unbounded amounts of memory, leading to DoS. Add optional dependency on protobuf-c. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit ae73226476e5ca449cf0b312aa03a18dfe31d3a9) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
-rw-r--r--package/quagga/quagga.hash2
-rw-r--r--package/quagga/quagga.mk12
2 files changed, 10 insertions, 4 deletions
diff --git a/package/quagga/quagga.hash b/package/quagga/quagga.hash
index 23a0a8245b..6da37cf806 100644
--- a/package/quagga/quagga.hash
+++ b/package/quagga/quagga.hash
@@ -1,2 +1,2 @@
# Locally calculated after checking pgp signature
-sha256 d284af5dd875dbba90ab875d40db5d68fdc9ede17a76f2af525f85344be56767 quagga-1.0.20160315.tar.xz
+sha256 b5a94e5bdad3062e04595a5692b8cc435f0a85102f75dfdca0a06d093b4ef63f quagga-1.1.1.tar.gz
diff --git a/package/quagga/quagga.mk b/package/quagga/quagga.mk
index ad2aff4ea8..c17ceaade3 100644
--- a/package/quagga/quagga.mk
+++ b/package/quagga/quagga.mk
@@ -4,10 +4,9 @@
#
################################################################################
-QUAGGA_VERSION = 1.0.20160315
-QUAGGA_SOURCE = quagga-$(QUAGGA_VERSION).tar.xz
+QUAGGA_VERSION = 1.1.1
QUAGGA_SITE = http://download.savannah.gnu.org/releases/quagga
-QUAGGA_DEPENDENCIES = host-gawk
+QUAGGA_DEPENDENCIES = host-gawk host-pkgconf
QUAGGA_LICENSE = GPLv2+
QUAGGA_LICENSE_FILES = COPYING
@@ -29,6 +28,13 @@ else
QUAGGA_CONF_OPTS += --disable-capabilities
endif
+ifeq ($(BR2_PACKAGE_PROTOBUF_C),y)
+QUAGGA_CONF_OPTS += --enable-protobuf
+QUAGGA_DEPENDENCIES += protobuf-c
+else
+QUAGGA_CONF_OPTS += --disable-protobuf
+endif
+
QUAGGA_CONF_OPTS += $(if $(BR2_PACKAGE_QUAGGA_ZEBRA),--enable-zebra,--disable-zebra)
QUAGGA_CONF_OPTS += $(if $(BR2_PACKAGE_QUAGGA_BGPD),--enable-bgpd,--disable-bgpd)
QUAGGA_CONF_OPTS += $(if $(BR2_PACKAGE_QUAGGA_RIPD),--enable-ripd,--disable-ripd)