Accepting request 912878 from Base:System

- Update to 4.4.25
  * Fix several issues found by Covscan in the testsuite.  These include:
    - CWE-170: String not null terminated (STRING_NULL)
    - CWE-188: Reliance on integer endianness (INCOMPATIBLE_CAST)
    - CWE-190: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
    - CWE-569: Wrong sizeof argument (SIZEOF_MISMATCH)
    - CWE-573: Missing varargs init or cleanup (VARARGS)
    - CWE-687: Argument cannot be negative (NEGATIVE_RETURNS)
  * Stricter checking of invalid salt characters (issue #135). (forwarded request 912877 from Andreas_Schwab)

OBS-URL: https://build.opensuse.org/request/show/912878
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libxcrypt?expand=0&rev=12
This commit is contained in:
Dominique Leuenberger 2021-08-25 18:55:53 +00:00 committed by Git OBS Bridge
commit 4800b64113
4 changed files with 17 additions and 4 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:9cbbcb795ed5d121a1613eb0e40c77173b53e15a746796fc7cd7bd71cfd64533
size 536009

3
libxcrypt-4.4.25.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:caea3d032a46c4855ff818637884c7f5719ad228b79387b62ee023c8fbef17b4
size 523797

View File

@ -1,3 +1,16 @@
-------------------------------------------------------------------
Wed Aug 18 10:22:27 UTC 2021 - Andreas Schwab <schwab@suse.de>
- Update to 4.4.25
* Fix several issues found by Covscan in the testsuite. These include:
- CWE-170: String not null terminated (STRING_NULL)
- CWE-188: Reliance on integer endianness (INCOMPATIBLE_CAST)
- CWE-190: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
- CWE-569: Wrong sizeof argument (SIZEOF_MISMATCH)
- CWE-573: Missing varargs init or cleanup (VARARGS)
- CWE-687: Argument cannot be negative (NEGATIVE_RETURNS)
* Stricter checking of invalid salt characters (issue #135).
-------------------------------------------------------------------
Thu Jun 24 08:48:06 UTC 2021 - Paolo Stivanin <info@paolostivanin.com>

View File

@ -17,7 +17,7 @@
Name: libxcrypt
Version: 4.4.23
Version: 4.4.25
Release: 0
Summary: Extended crypt library for DES, MD5, Blowfish and others
License: BSD-2-Clause AND GPL-3.0-or-later AND LGPL-2.1-or-later AND BSD-3-Clause AND SUSE-Public-Domain