NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/libjpeg: security bump to version 9e

Browse Source 
rdgif.c, cderror.h: add sanity check for GIF image dimensions.
Thank to Casper Sun for cjpeg potential vulnerability report.

- Update hash of README (changes not related to license)
- Update indentation in hash file (two spaces)

https://jpegclub.org/reference/reference-sources/

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit is contained in:
Fabrice Fontaine 2022-01-17 23:30:26 +01:00 committed by Thomas Petazzoni
parent 2915d5a9f1
commit b5e36f80a6
2 changed files with 4 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/libjpeg/libjpeg.hash
View File

@ -1,3 +1,3 @@
# locally computed hash
sha256 99cb50e48a4556bc571dadd27931955ff458aae32f68c4d9c39d624693f69c32 jpegsrc.v9d.tar.gz
sha256 3dc4e4a145c907a96bd6a0e40be3f722fecf061951909143cdff5365cba9c78c README
sha256 4077d6a6a75aeb01884f708919d25934c93305e49f7e3f36db9129320e6f4f3d jpegsrc.v9e.tar.gz
sha256 50c1c5978d490c7f13062d91c4b89affc83774f87bc4568a714f748b62a5b216 README

8
package/libjpeg/libjpeg.mk
View File

@ -4,12 +4,8 @@
#
################################################################################
LIBJPEG_VERSION = 9d
# 9d was released 2020-01-12, but the tarball was replaced upstream circa
# 2021-03, causing hash mismatch. Until there is a new version released,
# use our cached copy from s.b.o.
#LIBJPEG_SITE = http://www.ijg.org/files
LIBJPEG_SITE = http://sources.buildroot.org/libjpeg
LIBJPEG_VERSION = 9e
LIBJPEG_SITE = http://www.ijg.org/files
LIBJPEG_SOURCE = jpegsrc.v$(LIBJPEG_VERSION).tar.gz
LIBJPEG_LICENSE = IJG
LIBJPEG_LICENSE_FILES = README