buildroot/package/protobuf-c/protobuf-c.hash
Fabrice Fontaine cbbd2dae9e package/protobuf-c: security bump to version 1.4.1
- Fix CVE-2022-33070: Protobuf-c v1.4.0 was discovered to contain an
  invalid arithmetic shift via the function parse_tag_and_wiretype in
  protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause
  a Denial of Service (DoS) via unspecified vectors.
- Use official tarball (and so drop autoreconf)
- Update hash of COPYING (year updated with
  471aaa5f6d)

https://github.com/protobuf-c/protobuf-c/releases/tag/v1.4.1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-07-23 17:00:49 +02:00

4 lines
201 B
Plaintext

# Locally calculated
sha256 4cc4facd508172f3e0a4d3a8736225d472418aee35b4ad053384b137b220339f protobuf-c-1.4.1.tar.gz
sha256 b8999cb392cc5bbe8cd679de59584ad8d2f26033123e76f1d662fa14b9d4f287 LICENSE