diff options
author | Sona Sarmadi <sona.sarmadi@enea.com> | 2015-02-24 13:17:09 +0100 |
---|---|---|
committer | Tudor Florea <tudor.florea@enea.com> | 2015-07-06 20:19:37 +0200 |
commit | 7247ad93ebeeb15defb0b57f4c95c0a0464c2cb8 (patch) | |
tree | 3b3266bc337f2a8cf4858c2a20cf562f5a207b54 /meta/recipes-multimedia/libpng/libpng_1.6.8.bb | |
parent | 57e2046e575c85d5963b108792a28fc166329234 (diff) | |
download | poky-7247ad93ebeeb15defb0b57f4c95c0a0464c2cb8.tar.gz |
libpng16: CVE-2015-0973
Fixes CVE-2015-0973 (duplicate of CVE-2014-9495), a heap-based overflow
vulnerability in the png_combine_row() function of the libpng library,
when very large interlaced images were used.
Upstream patch:
http://sourceforge.net/p/libpng/code/ci/dc294204b641373bc6eb603075a8b98f51a75dd8/
External Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0973
http://seclists.org/oss-sec/2014/q4/1133
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Diffstat (limited to 'meta/recipes-multimedia/libpng/libpng_1.6.8.bb')
-rw-r--r-- | meta/recipes-multimedia/libpng/libpng_1.6.8.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/libpng/libpng_1.6.8.bb b/meta/recipes-multimedia/libpng/libpng_1.6.8.bb index d063495f05..bb7745b47c 100644 --- a/meta/recipes-multimedia/libpng/libpng_1.6.8.bb +++ b/meta/recipes-multimedia/libpng/libpng_1.6.8.bb | |||
@@ -10,6 +10,7 @@ LIBV = "16" | |||
10 | 10 | ||
11 | SRC_URI = "${SOURCEFORGE_MIRROR}/project/libpng/libpng${LIBV}/${PV}/libpng-${PV}.tar.xz \ | 11 | SRC_URI = "${SOURCEFORGE_MIRROR}/project/libpng/libpng${LIBV}/${PV}/libpng-${PV}.tar.xz \ |
12 | file://0001-configure-lower-automake-requirement.patch \ | 12 | file://0001-configure-lower-automake-requirement.patch \ |
13 | file://libpng16-CVE-2015-0973.patch \ | ||
13 | " | 14 | " |
14 | 15 | ||
15 | SRC_URI[md5sum] = "51ce71a1642cdde1f4485a7ff82193c0" | 16 | SRC_URI[md5sum] = "51ce71a1642cdde1f4485a7ff82193c0" |