path: root/package/libseccomp/libseccomp.hash
diff options
authorGravatar Peter Korsgaard <peter@korsgaard.com>2019-03-21 08:40:43 +0100
committerGravatar Peter Korsgaard <peter@korsgaard.com>2019-03-24 09:01:02 +0100
commit02300786c2fcba2cf641a040a2d87c4022ddb7fc (patch)
treece6dfd4c87cfb43999974083f1b4558399583f2f /package/libseccomp/libseccomp.hash
parentecc2c563696abf584ac78d00c2293648a7cfed89 (diff)
package/libseccomp: security bump to version 2.4.0
>From the advisory: Jann Horn identified a problem in current versions of libseccomp where the library did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE). Jann has done a search using codesearch.debian.net and it would appear that only systemd and Tor are using libseccomp in such a way as to trigger the bad code. In the case of systemd this appears to affect the socket address family and scheduling class filters. In the case of Tor it appears that the bad filters could impact the memory addresses passed to mprotect(2). The libseccomp v2.4.0 release fixes this problem, and should be a direct drop-in replacement for previous v2.x releases. https://www.openwall.com/lists/oss-security/2019/03/15/1 v2.4.0 adds a new scmp_api_level utility, so update 0001-remove-static.patch to match. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'package/libseccomp/libseccomp.hash')
1 files changed, 1 insertions, 1 deletions
diff --git a/package/libseccomp/libseccomp.hash b/package/libseccomp/libseccomp.hash
index 0362ce9ba4..0823903c36 100644
--- a/package/libseccomp/libseccomp.hash
+++ b/package/libseccomp/libseccomp.hash
@@ -1,3 +1,3 @@
# Locally calculated
-sha256 5a52495207f00d1254707f11226e17c16ec53f5038d65bbabf1892873fa2fe5b libseccomp-v2.3.3.tar.gz
+sha256 b7ee0299157fb7a6a81c99f2e0d7e64429b7d7c0eae43c3a6ef91e87eeed2868 libseccomp-v2.4.0.tar.gz
sha256 102900208eef27b766380135906d431dba87edaa7ec6aa72e6ebd3dd67f3a97b LICENSE