mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-18 13:26:34 +00:00
Revert "tools/xz: update to 5.6.1" (CVE-2024-3094)
This reverts commit 714c91d1a6
as probably
the upstream xz repository and the xz tarballs have been backdoored.
References: https://www.openwall.com/lists/oss-security/2024/03/29/4.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This commit is contained in:
parent
f9f2426e39
commit
d4b6b76443
@ -7,11 +7,12 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=xz
|
||||
PKG_VERSION:=5.6.1
|
||||
PKG_VERSION:=5.4.6
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
|
||||
PKG_SOURCE_URL:=https://github.com/tukaani-project/xz/releases/download/v$(PKG_VERSION)
|
||||
PKG_HASH:=d300422649a0124b1121630be559c890ceedf32667d7064b8128933166c217c8
|
||||
PKG_SOURCE_URL:=@SF/lzmautils \
|
||||
http://tukaani.org/xz
|
||||
PKG_HASH:=913851b274e8e1d31781ec949f1c23e8dbcf0ecf6e73a2436dc21769dd3e6f49
|
||||
PKG_CPE_ID:=cpe:/a:tukaani:xz
|
||||
|
||||
HOST_BUILD_PARALLEL:=1
|
||||
|
Loading…
Reference in New Issue
Block a user