]> Git Repo - buildroot-mgba.git/commit
projects / buildroot-mgba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d3343d3) | patch
package/jpeg-turbo: security bump to version 2.0.5
authorHeiko Stuebner <[email protected]>
Fri, 13 Nov 2020 12:28:35 +0000 (13:28 +0100)
committerPeter Korsgaard <[email protected]>
Tue, 17 Nov 2020 20:39:13 +0000 (21:39 +0100)
commit105d61c85062b18bc9555011f909c8c8a5a33277
tree673d49e9da37766684e240052d1469ac2c3532c8tree | snapshot
parentd3343d3f7a6cea5c7261a79ece6cbf01ceaa41decommit | diff
package/jpeg-turbo: security bump to version 2.0.5

Fixes the following security issue:

- CVE-2020-13790: ibjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based
  buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input
  file

For more details, see the release notes:
https://github.com/libjpeg-turbo/libjpeg-turbo/releases/tag/2.0.5

Signed-off-by: Heiko Stuebner <[email protected]>
[Peter: mark as security bump / extend commit message]
Signed-off-by: Peter Korsgaard <[email protected]>
package/jpeg-turbo/jpeg-turbo.hash diff | blob | blame | history
package/jpeg-turbo/jpeg-turbo.mk diff | blob | blame | history
Empty description
This page took 0.04428 seconds and 4 git commands to generate.