logrotate: upgrade 3.19.0 -> 3.20.1

Changelog: ========= drop world-readable permission on state file even when ACLs are enabled (#446) fix potential DoS from unprivileged users via the state file (CVE-2022-1348) fix a misleading debug message with copytruncate and rotate 0 (#443) add support for unsigned time_t (#438) do not lock state file /dev/null (#433) (From OE-Core rev: 391fdcf742c4669c1c4654f9b022b3d277aa0038) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-04-23 00:32:12 +02:00 · 2022-05-30 14:40:47 +08:00
parent dd6f2f61e0
commit 1abf09d4cf
1 changed files with 1 additions and 1 deletions
--- a/meta/recipes-extended/logrotate/logrotate_3.20.1.bb
+++ b/meta/recipes-extended/logrotate/logrotate_3.20.1.bb
@@ -15,7 +15,7 @@ UPSTREAM_CHECK_REGEX = "logrotate-(?P<pver>\d+(\.\d+)+).tar"

 SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BP}.tar.xz"

-SRC_URI[sha256sum] = "ddd5274d684c5c99ca724e8069329f343ebe376e07493d537d9effdc501214ba"
+SRC_URI[sha256sum] = "742f6d6e18eceffa49a4bacd933686d3e42931cfccfb694d7f6369b704e5d094"

 # These CVEs are debian, gentoo or SUSE specific on the way logrotate was installed/used
 CVE_CHECK_IGNORE += "CVE-2011-1548 CVE-2011-1549 CVE-2011-1550"