summaryrefslogtreecommitdiffstats
path: root/package/openjpeg/openjpeg.hash
diff options
context:
space:
mode:
authorPeter Korsgaard <peter@korsgaard.com>2019-03-12 21:20:00 +0100
committerPeter Korsgaard <peter@korsgaard.com>2019-03-25 18:55:53 +0100
commite3404b10ba4ec07638436d50c9a3d3e6a87a8e58 (patch)
tree30d6468b1abd9a70a33ea2dc9ed397ca9c6a3217 /package/openjpeg/openjpeg.hash
parenta22fc3a0ebf1f0f9424b4507e0572cecf102199c (diff)
downloadbuildroot-e3404b10ba4ec07638436d50c9a3d3e6a87a8e58.tar.gz
buildroot-e3404b10ba4ec07638436d50c9a3d3e6a87a8e58.zip
package/openjpeg: security bump to latest git version
Current git contains fixes for a number of post-2.3.0 security issues: git shortlog --no-merges -i --grep cve --grep overflow --grep zero v2.3.0.. Even Rouault (2): Avoid out-of-bounds write overflow due to uint32 overflow computation on images with huge dimensions. color_apply_icc_profile: avoid potential heap buffer overflow Hugo Lefeuvre (4): convertbmp: fix issues with zero bitmasks jp3d/jpwl convert: fix write stack buffer overflow jp2: convert: fix null pointer dereference convertbmp: detect invalid file dimensions early Karol Babioch (2): jp3d: Replace sprintf() by snprintf() in volumetobin() opj_mj2_extract: Check provided output prefix for length Stefan Weil (1): Fix some potential overflow issues (#1161) Young_X (5): [MJ2] To avoid divisions by zero / undefined behaviour on shift [JPWL] fix CVE-2018-16375 [JPWL] imagetotga(): fix read heap buffer overflow if numcomps < 3 (#987) [JPWL] opj_compress: reorder checks related to code block dimensions to avoid potential int overflow [JP3D] To avoid divisions by zero / undefined behaviour on shift (CVE-2018-14423 ichlubna (1): openjp3d: Int overflow fixed (#1159) setharnold (1): fix unchecked integer multiplication overflow Drop now upstreamed 0004-install-static-lib.patch. Add a hash for the LICENSE file. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit a5e8c81875a26551e780e409a0647916e626c969) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'package/openjpeg/openjpeg.hash')
-rw-r--r--package/openjpeg/openjpeg.hash3
1 files changed, 2 insertions, 1 deletions
diff --git a/package/openjpeg/openjpeg.hash b/package/openjpeg/openjpeg.hash
index dd3cf26cf0..8a6fda48c4 100644
--- a/package/openjpeg/openjpeg.hash
+++ b/package/openjpeg/openjpeg.hash
@@ -1,2 +1,3 @@
# Locally computed:
-sha256 3dc787c1bb6023ba846c2a0d9b1f6e179f1cd255172bde9eb75b01f1e6c7d71a openjpeg-2.3.0.tar.gz
+sha256 3389a1aa908c2b577863da213db3a170df3edbb1432e99ae5fd3f2ac721d69d3 openjpeg-51f097e6d5754ddae93e716276fe8176b44ec548.tar.gz
+sha256 a6af136f3e15038a666b61f376612a07d9a4e48cb7c01adbf3e33b3f14ab49b6 LICENSE
OpenPOWER on IntegriCloud