NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/jasper: security bump version to 2.0.25

Browse Source 
Changes:

* Fix memory-related bugs in the JPEG-2000 codec resulting from
  attempting to decode invalid code streams. (#264, #265)
  This fix is associated with CVE-2021-26926 and CVE-2021-26927.
* Fix wrong return value under some compilers (#260)
* Fix CVE-2021-3272 heap buffer overflow in jp2_decode (#259)

Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 72b801010c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Michael Vetter 2021-02-15 11:45:28 +01:00 committed by Peter Korsgaard
parent 56d75bd8fd
commit a818fa67bb
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package/jasper/jasper.hash
View File

@ -1,3 +1,3 @@
# Locally calculated
sha256 d2d28e115968d38499163cf8086179503668ce0d71b90dd33855b3de96a1ca1d jasper-2.0.24.tar.gz
sha256 f5bc48e2884bcabd2aca1737baff4ca962ec665b6eb673966ced1f7adea07edb jasper-2.0.25.tar.gz
sha256 4ad1bb42aff888c4403d792e6e2c5f1716d6c279fea70b296333c9d577d30b81 LICENSE

2
package/jasper/jasper.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
JASPER_VERSION = 2.0.24
JASPER_VERSION = 2.0.25
JASPER_SITE = $(call github,jasper-software,jasper,version-$(JASPER_VERSION))
JASPER_INSTALL_STAGING = YES
JASPER_LICENSE = JasPer-2.0