* [Buildroot] [PATCH 1/1] package/jasper: security bump to 2.0.23
@ 2020-12-08 7:54 Michael Vetter
2020-12-10 21:27 ` Thomas Petazzoni
2020-12-13 10:13 ` Peter Korsgaard
0 siblings, 2 replies; 3+ messages in thread
From: Michael Vetter @ 2020-12-08 7:54 UTC (permalink / raw)
To: buildroot
Changes:
* Fix CVE-2020-27828, heap-overflow in cp_create() in jpc_enc.c
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
---
package/jasper/jasper.hash | 2 +-
package/jasper/jasper.mk | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/jasper/jasper.hash b/package/jasper/jasper.hash
index 5edf45e6db..2a0a4fdff0 100644
--- a/package/jasper/jasper.hash
+++ b/package/jasper/jasper.hash
@@ -1,3 +1,3 @@
# Locally calculated
-sha256 afc4166bff29b8a0dc46ed5e8d6a208d7976fccfd0b1146e3400c8b2948794a2 jasper-2.0.22.tar.gz
+sha256 20facc904bd9d38c20e0c090b1be3ae02ae5b2703b803013be2ecad586a18927 jasper-2.0.23.tar.gz
sha256 4ad1bb42aff888c4403d792e6e2c5f1716d6c279fea70b296333c9d577d30b81 LICENSE
diff --git a/package/jasper/jasper.mk b/package/jasper/jasper.mk
index ab7cb933bc..3386108323 100644
--- a/package/jasper/jasper.mk
+++ b/package/jasper/jasper.mk
@@ -4,7 +4,7 @@
#
################################################################################
-JASPER_VERSION = 2.0.22
+JASPER_VERSION = 2.0.23
JASPER_SITE = $(call github,jasper-software,jasper,version-$(JASPER_VERSION))
JASPER_INSTALL_STAGING = YES
JASPER_LICENSE = JasPer-2.0
--
2.26.2
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [Buildroot] [PATCH 1/1] package/jasper: security bump to 2.0.23
2020-12-08 7:54 [Buildroot] [PATCH 1/1] package/jasper: security bump to 2.0.23 Michael Vetter
@ 2020-12-10 21:27 ` Thomas Petazzoni
2020-12-13 10:13 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Thomas Petazzoni @ 2020-12-10 21:27 UTC (permalink / raw)
To: buildroot
On Tue, 8 Dec 2020 08:54:04 +0100
Michael Vetter <jubalh@iodoru.org> wrote:
> Changes:
> * Fix CVE-2020-27828, heap-overflow in cp_create() in jpc_enc.c
>
> Signed-off-by: Michael Vetter <jubalh@iodoru.org>
> ---
> package/jasper/jasper.hash | 2 +-
> package/jasper/jasper.mk | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Buildroot] [PATCH 1/1] package/jasper: security bump to 2.0.23
2020-12-08 7:54 [Buildroot] [PATCH 1/1] package/jasper: security bump to 2.0.23 Michael Vetter
2020-12-10 21:27 ` Thomas Petazzoni
@ 2020-12-13 10:13 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2020-12-13 10:13 UTC (permalink / raw)
To: buildroot
>>>>> "Michael" == Michael Vetter <jubalh@iodoru.org> writes:
> Changes:
> * Fix CVE-2020-27828, heap-overflow in cp_create() in jpc_enc.c
> Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Committed to 2020.02.x, 2020.08.x and 2020.11.x, thanks.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-12-13 10:13 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-12-08 7:54 [Buildroot] [PATCH 1/1] package/jasper: security bump to 2.0.23 Michael Vetter
2020-12-10 21:27 ` Thomas Petazzoni
2020-12-13 10:13 ` Peter Korsgaard
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox