godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-06 18:09:44 +03:00
Code Issues Packages Projects Releases Wiki Activity

package/gnuplot: security bump to version 5.4.1

Browse Source 
- Fix CVE-2020-25412: com_line() in command.c in gnuplot 5.4 leads to an
  out-of-bounds-write from strncpy() that may lead to arbitrary code
  execution.
- Drop second patch (already in version)
- Update indentation in hash file (two spaces)

http://gnuplot.info/ReleaseNotes_5_4_1.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Fabrice Fontaine
2020-12-02 07:32:43 +01:00
committed by Peter Korsgaard
parent 1e1d1278c7
commit bd5b91fb42
3 changed files with 5 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
package/gnuplot/gnuplot.hash
View File

@@ -1,6 +1,6 @@
# From https://sourceforge.net/projects/gnuplot/files/gnuplot/5.4.0/
md5 ac586178f3b031dea82cd3890cefb21b gnuplot-5.4.0.tar.gz
sha1 b4660dff7d047a453c55fd77faba11f63bb2d5ed gnuplot-5.4.0.tar.gz
# From https://sourceforge.net/projects/gnuplot/files/gnuplot/5.4.1/
md5 80f75b684f1175d36cd6908ff1ceb588 gnuplot-5.4.1.tar.gz
sha1 bb1cd34f8ec0357eccef70122f0fd531ced5dd29 gnuplot-5.4.1.tar.gz
# Locally computed
sha256 eb4082f03a399fd1e9e2b380cf7a4f785e77023d8dcc7e17570c1b5570a49c47 gnuplot-5.4.0.tar.gz
sha256 6b690485567eaeb938c26936e5e0681cf70c856d273cc2c45fabf64d8bc6590e gnuplot-5.4.1.tar.gz
sha256 895928ec0735cca1c8cec42656c7e314a065d0242813bb8693c0c1bf61fd4e4d Copyright