summaryrefslogtreecommitdiffstats
path: root/package/imlib2/imlib2.hash
Commit message (Collapse)AuthorAgeFilesLines
* imlib2: security bump to version 1.4.9Gustavo Zacarias2016-05-011-3/+3
| | | | | | | | | | It already includes the fixes for CVE-2016-3994 and CVE-2011-5326 so drop the patches, and additionally fixes: CVE-2016-4024 - integer overflow in imlib2, which result in insufficient heap allocation. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* imlib2: security bump to version 1.4.8Gustavo Zacarias2016-04-141-2/+3
| | | | | | | | | | | | Fixes: CVE-2016-3994 - out of bound read in GIF loader CVE-2011-5326 - divide by zero on 2x1 ellipse Switch to sourceforge hashes. And drop all previous patches, they're upstream, yay. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* imlib2: bump to version 1.4.6Fabio Porcedda2015-03-071-1/+1
| | | | | | | | | | | Also add two upstream patch to fix a warning and a build failure of the version 1.4.6. Also add AUTORECONF because one patch change the file "src/lib/Makefile.am". Signed-off-by: Fabio Porcedda <fabio.porcedda@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* package: add hashes for SourceForge-hosted packagesYann E. MORIN2014-12-281-0/+2
Since SourceForge sometimes serves us faulty tarballs, we can tons of autobuild failures: http://autobuild.buildroot.org/results/9fb/9fba5bf086a4e7a29e5f7156ec43847db7aacfc4/ http://autobuild.buildroot.org/results/6c8/6c837b244c45ac3b3a887734a371cd6d226cf216/ ... Fix that by adding hash files for all SourceForge-hosted packages (thos etht did not already have it). We normally prefer to use hashes published by upstream, but hunting them all one by one is a tedious task, so those hashes were all locally computed with a script that searched for SF-hosted packages, downloades the associated tarball, computed the hash, and stored it in the corresponding .hash file. Also, SF publishes sha1 hashes, while I used the stronger sha256, since sha1 is now considered to be relatively weak. Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Peter Korsgaard <jacmet@uclibc.org> Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com> Cc: Richard Braun <rbraun@sceen.net> Cc: Nathaniel Roach <nroach44@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
OpenPOWER on IntegriCloud