* [Buildroot] [PATCH 1/1] package/libheif: security bump to version 1.17.6
@ 2023-12-26 15:07 Fabrice Fontaine
2024-01-10 9:37 ` Peter Korsgaard
0 siblings, 1 reply; 2+ messages in thread
From: Fabrice Fontaine @ 2023-12-26 15:07 UTC (permalink / raw)
To: buildroot; +Cc: Bernd Kuhls, Fabrice Fontaine
A couple of build fixes and bug fixes detected by fuzzing.
Corrects these issues:
- CVE-2023-49462
- CVE-2023-49463
https://github.com/strukturag/libheif/releases/tag/v1.17.6
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
package/libheif/libheif.hash | 2 +-
package/libheif/libheif.mk | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/libheif/libheif.hash b/package/libheif/libheif.hash
index 6ea3ba6eec..a2ca065b7a 100644
--- a/package/libheif/libheif.hash
+++ b/package/libheif/libheif.hash
@@ -1,3 +1,3 @@
# Locally computed:
-sha256 38ab01938ef419dbebb98346dc0b1c8bb503a0449ea61a0e409a988786c2af5b libheif-1.17.5.tar.gz
+sha256 8390baf4913eda0a183e132cec62b875fb2ef507ced5ddddc98dfd2f17780aee libheif-1.17.6.tar.gz
sha256 b2eb4f6588b005bebac44cfb2dfd23f6a16c5ca9b8a619a315158b0215a917a3 COPYING
diff --git a/package/libheif/libheif.mk b/package/libheif/libheif.mk
index 419a864ef3..bd307deb7b 100644
--- a/package/libheif/libheif.mk
+++ b/package/libheif/libheif.mk
@@ -4,7 +4,7 @@
#
################################################################################
-LIBHEIF_VERSION = 1.17.5
+LIBHEIF_VERSION = 1.17.6
LIBHEIF_SITE = https://github.com/strukturag/libheif/releases/download/v$(LIBHEIF_VERSION)
LIBHEIF_LICENSE = LGPL-3.0+
LIBHEIF_LICENSE_FILES = COPYING
--
2.43.0
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/libheif: security bump to version 1.17.6
2023-12-26 15:07 [Buildroot] [PATCH 1/1] package/libheif: security bump to version 1.17.6 Fabrice Fontaine
@ 2024-01-10 9:37 ` Peter Korsgaard
0 siblings, 0 replies; 2+ messages in thread
From: Peter Korsgaard @ 2024-01-10 9:37 UTC (permalink / raw)
To: Fabrice Fontaine; +Cc: Bernd Kuhls, buildroot
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:
> A couple of build fixes and bug fixes detected by fuzzing.
> Corrects these issues:
> - CVE-2023-49462
> - CVE-2023-49463
> https://github.com/strukturag/libheif/releases/tag/v1.17.6
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Committed to 2023.11.x, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2024-01-10 9:37 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-12-26 15:07 [Buildroot] [PATCH 1/1] package/libheif: security bump to version 1.17.6 Fabrice Fontaine
2024-01-10 9:37 ` Peter Korsgaard
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox