From: Michael Olbrich <m.olbrich@pengutronix.de>
To: ptxdist@pengutronix.de
Cc: "Sven Püschel" <s.pueschel@pengutronix.de>
Subject: Re: [ptxdist] [APPLIED] libtasn1: version bump 4.19.0 -> 4.20.0
Date: Sun, 19 Oct 2025 14:05:34 +0200 [thread overview]
Message-ID: <20251019120534.656704-1-m.olbrich@pengutronix.de> (raw)
In-Reply-To: <20251015142306.3817297-1-s.pueschel@pengutronix.de>
Thanks, applied as 9d221d03308ddc1d5af2b7abda0386c82db3b48b.
Michael
[sent from post-receive hook]
On Sun, 19 Oct 2025 14:05:34 +0200, Sven Püschel <s.pueschel@pengutronix.de> wrote:
> This release fixes CVE-2024-12133: Potential DoS in handling of
> numerous SEQUENCE OF or SET OF elements.
>
> Also the licenses were split into separate license files. Based on the
> source code the or-later licenses have been selected.
>
> https://gitlab.com/gnutls/libtasn1/-/blob/a3d48c2d9845e54e099769242366d47c09c8464e/NEWS#L8
>
> Signed-off-by: Sven Püschel <s.pueschel@pengutronix.de>
> Message-Id: <20251015142306.3817297-1-s.pueschel@pengutronix.de>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
>
> diff --git a/rules/libtasn1.make b/rules/libtasn1.make
> index ce06ddfe4687..440986d00247 100644
> --- a/rules/libtasn1.make
> +++ b/rules/libtasn1.make
> @@ -14,16 +14,19 @@ PACKAGES-$(PTXCONF_LIBTASN1) += libtasn1
> #
> # Paths and names
> #
> -LIBTASN1_VERSION := 4.19.0
> -LIBTASN1_MD5 := f701ab57eb8e7d9c105b2cd5d809b29a
> +LIBTASN1_VERSION := 4.20.0
> +LIBTASN1_MD5 := 930f71d788cf37505a0327c1b84741be
> LIBTASN1 := libtasn1-$(LIBTASN1_VERSION)
> LIBTASN1_SUFFIX := tar.gz
> LIBTASN1_URL := $(call ptx/mirror, GNU, libtasn1/$(LIBTASN1).$(LIBTASN1_SUFFIX))
> LIBTASN1_SOURCE := $(SRCDIR)/$(LIBTASN1).$(LIBTASN1_SUFFIX)
> LIBTASN1_DIR := $(BUILDDIR)/$(LIBTASN1)
> -LIBTASN1_LICENSE := LGPL-2.1-only AND GPL-3.0-only
> +LIBTASN1_LICENSE := GPL-3.0-or-later or LGPL-2.1-or-later
> LIBTASN1_LICENSE_FILES := \
> - file://COPYING;md5=75ac100ec923f959898182307970c360
> + file://COPYING;md5=1ebbd3e34237af26da5dc08a4e440464 \
> + file://COPYING.LESSERv2;md5=4bf661c1e3793e55c8d1051bc5e0ae21 \
> + file://src/asn1Decoding.c;startline=2;endline=19;md5=0f8220e37b07ef6094c916bf78630262 \
> + file://lib/decoding.c;startline=1;endline=19;md5=c157bbdf0f0275a2f313aee933e95aa7
>
> # ----------------------------------------------------------------------------
> # Prepare
> @@ -35,13 +38,15 @@ LIBTASN1_LICENSE_FILES := \
> LIBTASN1_CONF_TOOL := autoconf
> LIBTASN1_CONF_OPT := \
> $(CROSS_AUTOCONF_USR) \
> + $(GLOBAL_LARGE_FILE_OPTION) \
> --disable-doc \
> --disable-gtk-doc \
> --disable-gtk-doc-html \
> --disable-gtk-doc-pdf \
> --disable-valgrind-tests \
> --disable-code-coverage \
> - --disable-gcc-warnings
> + --disable-gcc-warnings \
> + --$(call ptx/endis, PTXDIST_Y2038)-year2038
>
> # ----------------------------------------------------------------------------
> # Target-Install
prev parent reply other threads:[~2025-10-19 12:06 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-15 14:22 [ptxdist] [PATCH] " Sven Püschel
2025-10-19 12:05 ` Michael Olbrich [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251019120534.656704-1-m.olbrich@pengutronix.de \
--to=m.olbrich@pengutronix.de \
--cc=ptxdist@pengutronix.de \
--cc=s.pueschel@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox