libpng16: CVE-2015-0973 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Sona Sarmadi <sona.sarmadi@enea.com>	2015-04-29 11:02:19 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2015-05-01 12:34:51 +0100
commit	cafdccb29c350a0f030ef55f9cc7d5c4c0b5a0bb (patch)
tree	bd881f97a3aba8d9946996fc7c951207dd46443e /meta/recipes-core/coreutils/coreutils_8.22.bb
parent	13eda671267c7b38be0b863319f187fc8b4eae05 (diff)
download	poky-cafdccb29c350a0f030ef55f9cc7d5c4c0b5a0bb.tar.gz

libpng16: CVE-2015-0973

Fixes CVE-2015-0973 (duplicate of CVE-2014-9495), a heap-based overflow vulnerability in the png_combine_row() function of the libpng library, when very large interlaced images were used. Upstream patch: http://sourceforge.net/p/libpng/code/ci/dc294204b641373bc6eb603075a8b98f51a75dd8/ External Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0973 http://seclists.org/oss-sec/2014/q4/1133 (From OE-Core rev: 10c8aeebca301ffd853e75df3f9c1d16d0352d76) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-core/coreutils/coreutils_8.22.bb')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: