From: Alexander Marx <alexander.marx@ipfire.org>
Date: Mon, 18 Apr 2016 07:07:04 +0000 (+0200)
Subject: lzo: Update to 2.09
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=refs%2Fheads%2Flzo;p=people%2Famarx%2Fipfire-3.x.git

lzo: Update to 2.09

Changes in 2.09 (04 Feb 2015)
  * Work around gcc bug #64516 that could affect architectures like
    armv4, armv5 and sparc.

Changes in 2.08 (29 Jun 2014)
  * Updated the Autoconf scripts to fix some reported build problems.
  * Added CMake build support.
  * Fixed lzo_init() on big-endian architectures like Sparc.

Changes in 2.07 (25 Jun 2014)
  * Fixed a potential integer overflow condition in the "safe" decompressor
    variants which could result in a possible buffer overrun when
    processing maliciously crafted compressed input data.

    Fortunately this issue only affects 32-bit systems and also can only happen
    if you use uncommonly huge buffer sizes where you have to decompress more
    than 16 MiB (> 2^24 bytes) untrusted compressed bytes within a single
    function call, so the practical implications are limited.

    POTENTIAL SECURITY ISSUE. CVE-2014-4607.

  * Removed support for ancient configurations like 16-bit "huge" pointers -
    LZO now requires a flat 32-bit or 64-bit memory model.
  * Assorted cleanups.

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
---

diff --git a/lzo/lzo.nm b/lzo/lzo.nm
index 71696afd7..7bd25afac 100644
--- a/lzo/lzo.nm
+++ b/lzo/lzo.nm
@@ -4,7 +4,7 @@
 ###############################################################################
 
 name       = lzo
-version    = 2.06
+version    = 2.09
 release    = 1
 
 groups     = Applications/Compression