kumquat-buildroot/package/jpeg-turbo
Baruch Siach f60925beda package/jpeg-turbo: add upstream security fixes
CVE-2018-20330: Integer overflow causing segfault occurred when
attempting to load a BMP file with more than 1 billion pixels using the
`tjLoadImage()` function.

CVE-2018-19664: Buffer overrun occurred when attempting to decompress a
specially-crafted malformed JPEG image to a 256-color BMP using djpeg.

Cc: Murat Demirten <mdemirten@yh.com.tr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-12 19:59:46 +01:00
..
0001-tjLoadImage-Fix-int-overflow-segfault-w-big-BMP.patch package/jpeg-turbo: add upstream security fixes 2019-02-12 19:59:46 +01:00
0002-wrbmp.c-Don-t-allow-quantization-w-non-RGB-CS.patch package/jpeg-turbo: add upstream security fixes 2019-02-12 19:59:46 +01:00
jpeg-turbo.hash
jpeg-turbo.mk