From 77ef9c333cdc13d1a51d88dbad8c4459c2dca156 Mon Sep 17 00:00:00 2001 From: Fabrice Fontaine Date: Thu, 27 Aug 2020 23:20:44 +0200 Subject: [PATCH] package/openjpeg: add CVE-2020-15389 entry Commit b006cc373f96ec86c027779e113c8f70bc40d1c3 forgot to add the OPENJPEG_IGNORE_CVES entry Signed-off-by: Fabrice Fontaine Signed-off-by: Thomas Petazzoni --- package/openjpeg/openjpeg.mk | 3 +++ 1 file changed, 3 insertions(+) diff --git a/package/openjpeg/openjpeg.mk b/package/openjpeg/openjpeg.mk index 1ff3111d64..b65dbce807 100644 --- a/package/openjpeg/openjpeg.mk +++ b/package/openjpeg/openjpeg.mk @@ -20,6 +20,9 @@ OPENJPEG_IGNORE_CVES += CVE-2020-6851 # 0007-opj_tcd_init_tile-avoid-integer-overflow.patch OPENJPEG_IGNORE_CVES += CVE-2020-8112 +# 0008-opj_decompress-fix-double-free-on-input-directory-with-mix-of-valid.patch +OPENJPEG_IGNORE_CVES += CVE-2020-15389 + OPENJPEG_DEPENDENCIES += $(if $(BR2_PACKAGE_ZLIB),zlib) OPENJPEG_DEPENDENCIES += $(if $(BR2_PACKAGE_LIBPNG),libpng) OPENJPEG_DEPENDENCIES += $(if $(BR2_PACKAGE_TIFF),tiff)