[ptxdist] [PATCH] libtasn1: version bump 4.19.0 -> 4.20.0

mailarchive of the ptxdist mailing list
 help / color / mirror / Atom feed

* [ptxdist] [PATCH] libtasn1: version bump 4.19.0 -> 4.20.0
@ 2025-10-15 14:22 Sven Püschel
  0 siblings, 0 replies; only message in thread
From: Sven Püschel @ 2025-10-15 14:22 UTC (permalink / raw)
  To: ptxdist; +Cc: Sven Püschel

This release fixes CVE-2024-12133: Potential DoS in handling of
numerous SEQUENCE OF or SET OF elements.

Also the licenses were split into separate license files. Based on the
source code the or-later licenses have been selected.

https://gitlab.com/gnutls/libtasn1/-/blob/a3d48c2d9845e54e099769242366d47c09c8464e/NEWS#L8

Signed-off-by: Sven Püschel <s.pueschel@pengutronix.de>
---
 rules/libtasn1.make | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/rules/libtasn1.make b/rules/libtasn1.make
index ce06ddfe4..440986d00 100644
--- a/rules/libtasn1.make
+++ b/rules/libtasn1.make
@@ -14,16 +14,19 @@ PACKAGES-$(PTXCONF_LIBTASN1) += libtasn1
 #
 # Paths and names
 #
-LIBTASN1_VERSION	:= 4.19.0
-LIBTASN1_MD5		:= f701ab57eb8e7d9c105b2cd5d809b29a
+LIBTASN1_VERSION	:= 4.20.0
+LIBTASN1_MD5		:= 930f71d788cf37505a0327c1b84741be
 LIBTASN1		:= libtasn1-$(LIBTASN1_VERSION)
 LIBTASN1_SUFFIX		:= tar.gz
 LIBTASN1_URL		:= $(call ptx/mirror, GNU, libtasn1/$(LIBTASN1).$(LIBTASN1_SUFFIX))
 LIBTASN1_SOURCE		:= $(SRCDIR)/$(LIBTASN1).$(LIBTASN1_SUFFIX)
 LIBTASN1_DIR		:= $(BUILDDIR)/$(LIBTASN1)
-LIBTASN1_LICENSE	:= LGPL-2.1-only AND GPL-3.0-only
+LIBTASN1_LICENSE	:= GPL-3.0-or-later or LGPL-2.1-or-later
 LIBTASN1_LICENSE_FILES	:= \
-	file://COPYING;md5=75ac100ec923f959898182307970c360
+	file://COPYING;md5=1ebbd3e34237af26da5dc08a4e440464 \
+	file://COPYING.LESSERv2;md5=4bf661c1e3793e55c8d1051bc5e0ae21 \
+	file://src/asn1Decoding.c;startline=2;endline=19;md5=0f8220e37b07ef6094c916bf78630262 \
+	file://lib/decoding.c;startline=1;endline=19;md5=c157bbdf0f0275a2f313aee933e95aa7
 
 # ----------------------------------------------------------------------------
 # Prepare
@@ -35,13 +38,15 @@ LIBTASN1_LICENSE_FILES	:= \
 LIBTASN1_CONF_TOOL := autoconf
 LIBTASN1_CONF_OPT := \
 	$(CROSS_AUTOCONF_USR) \
+	$(GLOBAL_LARGE_FILE_OPTION) \
 	--disable-doc \
 	--disable-gtk-doc \
 	--disable-gtk-doc-html \
 	--disable-gtk-doc-pdf \
 	--disable-valgrind-tests \
 	--disable-code-coverage \
-	--disable-gcc-warnings
+	--disable-gcc-warnings \
+	--$(call ptx/endis, PTXDIST_Y2038)-year2038
 
 # ----------------------------------------------------------------------------
 # Target-Install
-- 
2.47.3




^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2025-10-15 14:23 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-10-15 14:22 [ptxdist] [PATCH] libtasn1: version bump 4.19.0 -> 4.20.0 Sven Püschel

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox