diff options
| author | Petr Štetiar <ynezz@true.cz> | 2024-03-29 17:31:17 +0000 |
|---|---|---|
| committer | Petr Štetiar <ynezz@true.cz> | 2024-03-29 17:31:17 +0000 |
| commit | 9e46b47ca3ece6de6bb185ba3645299167150b59 (patch) | |
| tree | dd3dcd3130512d7c5a27c09c1c83ee8877fa12b1 /utils/xz | |
| parent | ccabe6d8e65b5db76156488ffa51fd347a0c486d (diff) | |
Revert "tools/xz: update to 5.6.1" (CVE-2024-3094)
This reverts commit 714c91d1a63f29650abaa9cf69ffa47cf2c70297 as probably
the upstream xz repository and the xz tarballs have been backdoored.
References: https://www.openwall.com/lists/oss-security/2024/03/29/4
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Diffstat (limited to 'utils/xz')
| -rw-r--r-- | utils/xz/Makefile | 8 | ||||
| -rw-r--r-- | utils/xz/patches/001-relative-pkg-config-paths.patch | 2 |
2 files changed, 5 insertions, 5 deletions
diff --git a/utils/xz/Makefile b/utils/xz/Makefile index 45db54626..f982a54d3 100644 --- a/utils/xz/Makefile +++ b/utils/xz/Makefile @@ -9,12 +9,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=xz -PKG_VERSION:=5.6.1 +PKG_VERSION:=5.4.6 PKG_RELEASE:=1 -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz -PKG_SOURCE_URL:=https://github.com/tukaani-project/xz/releases/download/v$(PKG_VERSION) -PKG_HASH:=f334777310ca3ae9ba07206d78ed286a655aa3f44eec27854f740c26b2cd2ed0 +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 +PKG_SOURCE_URL:=@SF/lzmautils +PKG_HASH:=913851b274e8e1d31781ec949f1c23e8dbcf0ecf6e73a2436dc21769dd3e6f49 PKG_MAINTAINER:= PKG_LICENSE:=Public-Domain LGPL-2.1-or-later GPL-2.0-or-later GPL-3.0-or-later diff --git a/utils/xz/patches/001-relative-pkg-config-paths.patch b/utils/xz/patches/001-relative-pkg-config-paths.patch index ba2cb36c2..b89c13f75 100644 --- a/utils/xz/patches/001-relative-pkg-config-paths.patch +++ b/utils/xz/patches/001-relative-pkg-config-paths.patch @@ -1,6 +1,6 @@ --- a/src/liblzma/liblzma.pc.in +++ b/src/liblzma/liblzma.pc.in -@@ -3,8 +3,8 @@ +@@ -7,8 +7,8 @@ prefix=@prefix@ exec_prefix=@exec_prefix@ |