NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/imagemagick: security bump to version 7.0.10-62

Browse Source 
Fixes the following security issue:

CVE-2021-20176: A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and
7.0.10-57 in gem.c.  This flaw allows an attacker who submits a crafted file
that is processed by ImageMagick to trigger undefined behavior through a
division by zero.  The highest threat from this vulnerability is to system
availability.

For more details, see the bugtracker:
https://github.com/ImageMagick/ImageMagick/issues/3077

- bump version to 7.0.10-62
- update license file hash (copyright year update)

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Peter: mention security fix]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Peter Seiderer 2021-02-20 00:02:52 +01:00 committed by Peter Korsgaard
parent ba05d01476
commit a11b6beab9
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/imagemagick/imagemagick.hash
View File

@ -1,3 +1,3 @@
# Locally computed
sha256 fa993169a06052267eaf81cf85bbf5a30c0bf243511017d986f47abbe65ff262 imagemagick-7.0.10-51.tar.gz
sha256 7b43ee798e835f5e0dc03c92c52d288b46a771c4561d57ef2a9a8b2c76bf33cb LICENSE
sha256 84442158aea070095efa832cfe868fd99d6befdf609444f0c9e9f1b4f25480cd imagemagick-7.0.10-62.tar.gz
sha256 040badb77b659e751ea16113490a937e1e01f3f5d32181e966b8982413533fb2 LICENSE

2
package/imagemagick/imagemagick.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
IMAGEMAGICK_VERSION = 7.0.10-51
IMAGEMAGICK_VERSION = 7.0.10-62
IMAGEMAGICK_SITE = $(call github,ImageMagick,ImageMagick,$(IMAGEMAGICK_VERSION))
IMAGEMAGICK_LICENSE = Apache-2.0
IMAGEMAGICK_LICENSE_FILES = LICENSE