aboutsummaryrefslogtreecommitdiff
path: root/utils
diff options
context:
space:
mode:
authorGravatar Heiko Stuebner <heiko.stuebner@theobroma-systems.com>2020-11-13 13:28:35 +0100
committerGravatar Peter Korsgaard <peter@korsgaard.com>2020-11-17 21:39:13 +0100
commit105d61c85062b18bc9555011f909c8c8a5a33277 (patch)
tree673d49e9da37766684e240052d1469ac2c3532c8 /utils
parentd3343d3f7a6cea5c7261a79ece6cbf01ceaa41de (diff)
downloadbuildroot-105d61c85062b18bc9555011f909c8c8a5a33277.tar.gz
buildroot-105d61c85062b18bc9555011f909c8c8a5a33277.tar.bz2
package/jpeg-turbo: security bump to version 2.0.5
Fixes the following security issue: - CVE-2020-13790: ibjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file For more details, see the release notes: https://github.com/libjpeg-turbo/libjpeg-turbo/releases/tag/2.0.5 Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> [Peter: mark as security bump / extend commit message] Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'utils')
0 files changed, 0 insertions, 0 deletions