From: wangmy Date: Mon, 30 May 2022 06:40:47 +0000 (+0800) Subject: logrotate: upgrade 3.19.0 -> 3.20.1 X-Git-Tag: lucaceresoli/bug-15201-perf-libtraceevent-missing~3979 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=391fdcf742c4669c1c4654f9b022b3d277aa0038;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git logrotate: upgrade 3.19.0 -> 3.20.1 Changelog: ========= drop world-readable permission on state file even when ACLs are enabled (#446) fix potential DoS from unprivileged users via the state file (CVE-2022-1348) fix a misleading debug message with copytruncate and rotate 0 (#443) add support for unsigned time_t (#438) do not lock state file /dev/null (#433) Signed-off-by: Wang Mingyu Signed-off-by: Luca Ceresoli Signed-off-by: Richard Purdie --- diff --git a/meta/recipes-extended/logrotate/logrotate_3.19.0.bb b/meta/recipes-extended/logrotate/logrotate_3.20.1.bb similarity index 97% rename from meta/recipes-extended/logrotate/logrotate_3.19.0.bb rename to meta/recipes-extended/logrotate/logrotate_3.20.1.bb index 2a60d9b31f0..35977535aa2 100644 --- a/meta/recipes-extended/logrotate/logrotate_3.19.0.bb +++ b/meta/recipes-extended/logrotate/logrotate_3.20.1.bb @@ -15,7 +15,7 @@ UPSTREAM_CHECK_REGEX = "logrotate-(?P\d+(\.\d+)+).tar" SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BP}.tar.xz" -SRC_URI[sha256sum] = "ddd5274d684c5c99ca724e8069329f343ebe376e07493d537d9effdc501214ba" +SRC_URI[sha256sum] = "742f6d6e18eceffa49a4bacd933686d3e42931cfccfb694d7f6369b704e5d094" # These CVEs are debian, gentoo or SUSE specific on the way logrotate was installed/used CVE_CHECK_IGNORE += "CVE-2011-1548 CVE-2011-1549 CVE-2011-1550"