首页 发现 帮助
登录
PUBLIC_REPOS
/
buildroot
镜像自地址 git://git.buildroot.net/buildroot
2
1
派生 0
文件
浏览代码

package/ncurses: security bump to 6.4.20230429

Update to 6.4 and use latest snapshot to fix CVE-2023-29491.
COPYING has been changed in snapshot 20230107 to update the year [0].
Update CVE version to major.minor.snapshot, as NVD uses the snapshot date as patch version [1].

[0]: https://github.com/ThomasDickey/ncurses-snapshots/commit/eedb756850fdddcd2767d488ed5ea323d40b37ec
[1]: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe:2.3:a:gnu:ncurses

Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Daniel Lang 2 年之前
父节点
f9c196598d
当前提交
aee4f42ba0
共有 2 个文件被更改,包括 5 次插入8 次删除
分列视图 显示文件统计
  1. 2 2
      package/ncurses/ncurses.hash
  2. 3 6
      package/ncurses/ncurses.mk

+ 2 - 2
package/ncurses/ncurses.hash
查看文件 

@@ -1,4 +1,4 @@
 
 # Locally calculated
 
-sha256  4057d800ee96623ae70d06b05b2dadb481a80c030e4968aa5d9bcea4439441da  ncurses-6.3-20221224.tar.gz
 
+sha256  004603a9b3ec51599ef0a0089482004ee3d33b0240d87ce17b6f77525b51fb4e  ncurses-6.4-20230429.tar.gz
 
 # Locally computed
 
-sha256  63de87399e9fc8860236082b6b0520e068e9eb1fad0ebd30202aa30bb6f690ac  COPYING
 
+sha256  0413b2f4ea863194c174673032f0fca84f1ea1ed4eed6476baea68c075a631ce  COPYING

+ 3 - 6
package/ncurses/ncurses.mk
查看文件 

@@ -5,8 +5,8 @@
 
 ################################################################################
 
 
 # When there is no snapshost yet for a new version, set it to the empty string
 
-NCURSES_VERSION_MAJOR = 6.3
 
-NCURSES_SNAPSHOT_DATE = 20221224
 
+NCURSES_VERSION_MAJOR = 6.4
 
+NCURSES_SNAPSHOT_DATE = 20230429
 
 NCURSES_VERSION = $(NCURSES_VERSION_MAJOR)$(if $(NCURSES_SNAPSHOT_DATE),-$(NCURSES_SNAPSHOT_DATE))
 
 NCURSES_VERSION_GIT = $(subst .,_,$(subst -,_,$(NCURSES_VERSION)))
 
 NCURSES_SITE = $(call github,ThomasDickey,ncurses-snapshots,v$(NCURSES_VERSION_GIT))
 
@@ -15,12 +15,9 @@ NCURSES_DEPENDENCIES = host-ncurses
 
 NCURSES_LICENSE = MIT with advertising clause
 
 NCURSES_LICENSE_FILES = COPYING
 
 NCURSES_CPE_ID_VENDOR = gnu
 
-NCURSES_CPE_ID_VERSION = $(NCURSES_VERSION_MAJOR)
 
+NCURSES_CPE_ID_VERSION = $(NCURSES_VERSION_MAJOR)$(if $(NCURSES_SNAPSHOT_DATE),.$(NCURSES_SNAPSHOT_DATE))
 
 NCURSES_CONFIG_SCRIPTS = ncurses$(NCURSES_LIB_SUFFIX)6-config
 
 
-# Fixed since snapshot 20220416
 
-NCURSES_IGNORE_CVES += CVE-2022-29458
 
-
 
 NCURSES_CONF_OPTS = \
 
 	--without-cxx \
 
 	--without-cxx-binding \