Bug 11480 - libusb can be updated to 1.0.23
Summary: libusb can be updated to 1.0.23
Status: CLOSED FIXED
Alias: None
Product: IPFire
Classification: Unclassified
Component: --- (show other bugs)
Version: 2
Hardware: all All
: Will affect all users Security
Assignee: Peter Müller
QA Contact:
URL:
Keywords: 5MinuteJob, Security
Depends on:
Blocks:
 
Reported: 2017-08-27 17:58 UTC by gerd
Modified: 2020-06-06 13:04 UTC (History)
2 users (show)

See Also:

Attachments
LFS for Lib USB (3.54 KB, text/x-matlab)
2019-03-26 12:25 UTC, gerd 		Details
Rootfile for new LibUSB (239 bytes, text/plain)
2019-03-26 12:26 UTC, gerd 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description gerd 2017-08-27 17:58:15 UTC 
the src can be updated to 1.0.21 => works here with x86_64
Comment 1 gerd 2018-11-27 12:39:09 UTC 
Can also updated to 1.0.22 works..
Comment 2 Michael Tremer 2018-11-27 12:45:11 UTC 
This is not really how a bug tracker works. Please submit a patch if you have updated and tested a new version of this package.
Comment 3 gerd 2019-03-26 12:25:40 UTC 
Created attachment 664 [details]
LFS for Lib USB
Comment 4 gerd 2019-03-26 12:26:06 UTC 
Created attachment 665 [details]
Rootfile for new LibUSB
Comment 5 gerd 2019-03-26 12:28:22 UTC 
Meanwhile whe havelibusb 1.0.22 and it works...
Comment 6 gerd 2019-03-26 12:31:02 UTC 
(In reply to Michael Tremer from comment #2)
> This is not really how a bug tracker works. Please submit a patch if you
> have updated and tested a new version of this package.

Don runs since i submitted that Bug LFS and root is now included (rootfile isn't usually needed because update will be a system update.... (i only created rootfile to test package locally)

KR  Gerd
Comment 7 Michael Tremer 2019-03-26 12:31:20 UTC 
Please submit the patch as described here:

> https://wiki.ipfire.org/devel/submit-patches

It HAS to be sent to the mailing list.

And please do not change the component to anything that belongs to IPFire 3.
Comment 8 Peter Müller 2019-03-26 12:38:10 UTC 
I did trying to update libusb in the past, but stumbled across #11810. @gerd: Do you experiencing the same problem or know how to fix it?
Comment 9 gerd 2019-03-26 12:45:07 UTC 
(In reply to Peter Müller from comment #8)
> I did trying to update libusb in the past, but stumbled across #11810.
> @gerd: Do you experiencing the same problem or know how to fix it?

No i do notuse USB NICs :)

Ciao Gerd
Comment 10 Peter Müller 2020-04-10 11:28:10 UTC 
I will take care about this...
Comment 11 gerd 2020-04-17 22:23:35 UTC 
meanwhile you can use 1.0.23 :)

Ciao gerd
Comment 12 Peter Müller 2020-04-18 10:06:28 UTC 
https://patchwork.ipfire.org/patch/2984/
Comment 13 Michael Tremer 2020-04-20 07:14:30 UTC 
@Peter: Why has this been marked as security-relevant? Could you please quote the changelog in those occasions?
Comment 14 Peter Müller 2020-04-26 09:37:40 UTC 
(In reply to Michael Tremer from comment #13)
> @Peter: Why has this been marked as security-relevant? Could you please
> quote the changelog in those occasions?

Because I consider USB stuff being security-relevant in general. While I am not aware of any precise security vulnerability, libusb attempted to close several flaws mostly detected by fuzzing sessions within the last releases.

However: Good point. One should always quote the changelog in such cases.