libmodbus: add v3.1.10 (fix CVE) (#46968)

* libmodbus: add v3.1.10 * libmodbus: deprecate older versions
2024-10-14 22:51:59 -05:00 · 2024-10-14 22:51:59 -05:00 · 3918f83ddc
commit 3918f83ddc
parent d4dc13fffb
1 changed files with 14 additions and 11 deletions
--- a/var/spack/repos/builtin/packages/libmodbus/package.py
+++ b/var/spack/repos/builtin/packages/libmodbus/package.py
@ -12,10 +12,13 @@ class Libmodbus(AutotoolsPackage):
    and supports RTU (serial) and TCP (Ethernet) communications."""

    homepage = "https://libmodbus.org/"
-    url = "https://libmodbus.org/releases/libmodbus-3.0.8.tar.gz"
+    url = "https://github.com/stephane/libmodbus/releases/download/v3.1.10/libmodbus-3.1.10.tar.gz"

    license("LGPL-2.1-or-later")

+    version("3.1.10", sha256="899be4e25ab7fe5799d43f9567510d6f063d2e8f56136dd726b6fd976f9b2253")
+    with default_args(deprecated=True):
+        # https://nvd.nist.gov/vuln/detail/CVE-2022-0367
        version("3.1.6", sha256="d7d9fa94a16edb094e5fdf5d87ae17a0dc3f3e3d687fead81835d9572cf87c16")
        version("3.1.5", sha256="f7a9538f23a8786b1ee62a4b75879b5c0e194e728350de1b741ce7d595970f06")
        version("3.1.4", sha256="c8c862b0e9a7ba699a49bc98f62bdffdfafd53a5716c0e162696b4bf108d3637")