diff mbox series

[master] socat: upgrade 1.8.1.1 -> 1.8.1.3

Message ID 20260709053949.2422283-2-sudumbha@cisco.com
State Under Review
Headers show
Series [master] socat: upgrade 1.8.1.1 -> 1.8.1.3 | expand

Commit Message

Sudhir Dumbhare July 9, 2026, 5:39 a.m. UTC
From: Sudhir Dumbhare <sudumbha@cisco.com>

According to [1]:
this upgrade includes the fix for Socat security advisory 10, CVE-2026-56123.
The issue is a possible heap overflow in the SOCKS5 client code that can be
triggered by connecting to a malicious SOCKS5 server with knowledge of details
about the client binary code. It also introduced Test: SOCKS5_OVERFL as well.

Version 1.8.1.3 also fixes a false positive in the SOCKS5_OVERFL regression
test on platforms with a non-bash default shell.

[1] http://www.dest-unreach.org/socat/CHANGES
[2] https://nvd.nist.gov/vuln/detail/CVE-2026-56123

Signed-off-by: Sudhir Dumbhare <sudumbha@cisco.com>
---
 .../socat/{socat_1.8.1.1.bb => socat_1.8.1.3.bb}                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-connectivity/socat/{socat_1.8.1.1.bb => socat_1.8.1.3.bb} (94%)
diff mbox series

Patch

diff --git a/meta/recipes-connectivity/socat/socat_1.8.1.1.bb b/meta/recipes-connectivity/socat/socat_1.8.1.3.bb
similarity index 94%
rename from meta/recipes-connectivity/socat/socat_1.8.1.1.bb
rename to meta/recipes-connectivity/socat/socat_1.8.1.3.bb
index e662c79a75..636c75b117 100644
--- a/meta/recipes-connectivity/socat/socat_1.8.1.1.bb
+++ b/meta/recipes-connectivity/socat/socat_1.8.1.3.bb
@@ -13,7 +13,7 @@  SRC_URI = "http://www.dest-unreach.org/socat/download/socat-${PV}.tar.bz2 \
            file://0001-fix-compile-procan.c-failed.patch \
 "
 
-SRC_URI[sha256sum] = "5ebc636b7f427053f98806696521653a614c7e06464910353cbf54e2327adc1b"
+SRC_URI[sha256sum] = "25bc6476292b2e614220989c77b0b6fca87bb2525d9747b31a6639b1fb602418"
 
 inherit autotools