dpkg: upgrade to 1.17.25

upgrade to fix two CVE defects: CVE-2014-8625 and CVE-2015-0840 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8625 Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or (2) architecture name. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0840 The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x before 1.17.25 allows remote attackers to bypass signature verification via a crafted Debian source control file (.dsc). (From OE-Core rev: 079445990f51f98c8d4f9397dec0ed91ca2490c3) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Roy Li <rongqing.li@windriver.com> 2015-04-29 16:09:38 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2015-04-30 23:04:15 +0100
commit: 150fe3720309367185afd96f7e9931566bbb3516 (patch)
tree: 6524b40adc9eb7b6472e0d57ed24349d10e65253 /meta/recipes-devtools/dpkg
parent: 8ca6988e93fb7437a3200523df292eb982513cf9 (diff)
download: poky-150fe3720309367185afd96f7e9931566bbb3516.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/meta/recipes-devtools/dpkg/dpkg_1.17.21.bb b/meta/recipes-devtools/dpkg/dpkg_1.17.25.bb
index ebb8671473..74b1dd000f 100644
--- a/meta/recipes-devtools/dpkg/dpkg_1.17.21.bb
+++ b/meta/recipes-devtools/dpkg/dpkg_1.17.25.bb
@@ -15,6 +15,6 @@ SRC_URI += "file://noman.patch \
            file://add_armeb_triplet_entry.patch \
           "
-SRC_URI[md5sum] = "765a96fd0180196613bbfa3c4aef0775"
+SRC_URI[md5sum] = "e48fcfdb2162e77d72c2a83432d537ca"
-SRC_URI[sha256sum] = "3ed776627181cb9c1c9ba33f94a6319084be2e9ec9c23dd61ce784c4f602cf05"
+SRC_URI[sha256sum] = "07019d38ae98fb107c79dbb3690cfadff877f153b8c4970e3a30d2e59aa66baa"
author	Roy Li <rongqing.li@windriver.com>	2015-04-29 16:09:38 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2015-04-30 23:04:15 +0100
commit	150fe3720309367185afd96f7e9931566bbb3516 (patch)
tree	6524b40adc9eb7b6472e0d57ed24349d10e65253 /meta/recipes-devtools/dpkg
parent	8ca6988e93fb7437a3200523df292eb982513cf9 (diff)
download	poky-150fe3720309367185afd96f7e9931566bbb3516.tar.gz

diff --git a/meta/recipes-devtools/dpkg/dpkg_1.17.21.bb b/meta/recipes-devtools/dpkg/dpkg_1.17.25.bb index ebb8671473..74b1dd000f 100644 --- a/meta/recipes-devtools/dpkg/dpkg_1.17.21.bb +++ b/meta/recipes-devtools/dpkg/dpkg_1.17.25.bb
@@ -15,6 +15,6 @@ SRC_URI += "file://noman.patch \
15	file://add_armeb_triplet_entry.patch \	15	file://add_armeb_triplet_entry.patch \
16	"	16	"
17		17
18	SRC_URI[md5sum] = "765a96fd0180196613bbfa3c4aef0775"	18	SRC_URI[md5sum] = "e48fcfdb2162e77d72c2a83432d537ca"
19	SRC_URI[sha256sum] = "3ed776627181cb9c1c9ba33f94a6319084be2e9ec9c23dd61ce784c4f602cf05"	19	SRC_URI[sha256sum] = "07019d38ae98fb107c79dbb3690cfadff877f153b8c4970e3a30d2e59aa66baa"
20		20