Home Explore Help
Sign In
PUBLIC_REPOS
/
buildroot
mirror of git://git.buildroot.net/buildroot
2
1
Fork 0
Files
Browse Source

iperf3: security bump to version 3.1.3

Fixes:
ESNET-SECADV-2016-0001 - A malicious process can connect to an iperf3
server and, by sending a malformed message on the control channel,
corrupt the server process's heap area.  This can lead to a crash (and a
denial of service), or theoretically a remote code execution as the user
running the iperf3 server. A malicious iperf3 server could potentially
mount a similar attack on an iperf3 client.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Gustavo Zacarias 9 years ago
parent
0f60f4dde2
commit
678db6ba60
2 changed files with 5 additions and 4 deletions
Split View Show Diff Stats
  1. 2 2
      package/iperf3/iperf3.hash
  2. 3 2
      package/iperf3/iperf3.mk

+ 2 - 2
package/iperf3/iperf3.hash
View File 

@@ -1,2 +1,2 @@
 
-# Locally calculated
 
-sha256  48b5c783bb4a9c44f2bdcfe52c5d45b77ab1e1c82de3d0131f692457950811f9  iperf3-3.1.2.tar.gz
 
+# From http://software.es.net/iperf/news.html#security-issue-iperf-3-1-3-iperf-3-0-12-released
 
+sha256  60d8db69b1d74a64d78566c2317c373a85fef691b8d277737ee5d29f448595bf  iperf-3.1.3.tar.gz

+ 3 - 2
package/iperf3/iperf3.mk
View File 

@@ -4,8 +4,9 @@
 
 #
 
 ################################################################################
 
 
-IPERF3_VERSION = 3.1.2
 
-IPERF3_SITE = $(call github,esnet,iperf,$(IPERF3_VERSION))
 
+IPERF3_VERSION = 3.1.3
 
+IPERF3_SITE = http://downloads.es.net/pub/iperf
 
+IPERF3_SOURCE = iperf-$(IPERF3_VERSION).tar.gz
 
 IPERF3_LICENSE = BSD-3c, BSD-2c, MIT
 
 IPERF3_LICENSE_FILES = LICENSE