kumquat-buildroot/package/libpng/libpng.hash
Peter Korsgaard a26fe00782 package/libpng: security bump to version 1.6.37
Fixes the following security issue:

CVE-2019-7317: png_image_free in png.c in libpng 1.6.36 has a use-after-free
because png_image_free_function is called under png_safe_execute.

Update license hash for a change in copyright year and typo fixes.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit bc4ac7da33)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-04-27 18:25:45 +02:00

7 lines
392 B
Plaintext

# From https://sourceforge.net/projects/libpng/files/libpng16/1.6.37/
md5 015e8e15db1eecde5f2eb9eb5b6e59e9 libpng-1.6.37.tar.xz
sha1 3ab93fabbf4c27e1c4724371df408d9a1bd3f656 libpng-1.6.37.tar.xz
# Locally computed:
sha256 505e70834d35383537b6491e7ae8641f1a4bed1876dbfe361201fc80868d88ca libpng-1.6.37.tar.xz
sha256 bf5e22b9dce8464064ae17a48ea1133c3369ac9e1d80ef9e320e5219aa14ea9b LICENSE