[openwrt/openwrt] tools: xz: update to 5.6.4
LEDE Commits
lede-commits at lists.infradead.org
Sun Feb 23 03:21:57 PST 2025
nick pushed a commit to openwrt/openwrt.git, branch main:
https://git.openwrt.org/3ffe54a1e19fa0f26c158e8fc7d2af2b8e409ba4
commit 3ffe54a1e19fa0f26c158e8fc7d2af2b8e409ba4
Author: Shiji Yang <yangshiji66 at qq.com>
AuthorDate: Fri Feb 21 21:18:22 2025 +0800
tools: xz: update to 5.6.4
The serious liblzma backdoor vulnerability (CVE-2024-3094) has
been fixed since v5.6.2. It's time to bump this tool to the
latest version. This patch also added a new GitHub package URL.
Changelogs:
https://github.com/tukaani-project/xz/releases/tag/v5.6.2
https://github.com/tukaani-project/xz/releases/tag/v5.6.3
https://github.com/tukaani-project/xz/releases/tag/v5.6.4
Signed-off-by: Shiji Yang <yangshiji66 at qq.com>
Link: https://github.com/openwrt/openwrt/pull/18063
Signed-off-by: Nick Hainke <vincent at systemli.org>
---
tools/xz/Makefile | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/tools/xz/Makefile b/tools/xz/Makefile
index a90cec86bf..97a47041d2 100644
--- a/tools/xz/Makefile
+++ b/tools/xz/Makefile
@@ -7,12 +7,13 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=xz
-PKG_VERSION:=5.4.6
+PKG_VERSION:=5.6.4
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_SOURCE_URL:=@SF/lzmautils \
+PKG_SOURCE_URL:=https://github.com/tukaani-project/xz/releases/download/v$(PKG_VERSION) \
+ @SF/lzmautils \
http://tukaani.org/xz
-PKG_HASH:=913851b274e8e1d31781ec949f1c23e8dbcf0ecf6e73a2436dc21769dd3e6f49
+PKG_HASH:=176d510c30d80a23b8050bbc048f2ecaacb823ae48b6821727ed6591f0df9200
PKG_CPE_ID:=cpe:/a:tukaani:xz
HOST_BUILD_PARALLEL:=1
More information about the lede-commits
mailing list