jasper: upgrade 4.2.4 -> 4.2.8

The upgrade contains fixes for the following vulenrabilities: CVE-2025-8835, CVE-2025-8836, CVE-2025-8837 Changelog: 4.2.8: Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set sufficiently high. 4.2.7: Added some missing range checking on several coding parameters in the JPC encoder. 4.2.6: Added a check for a missing color component in the jas_image_chclrspc function. Fixed a minor build problem related to the use of -Wstrict-prototypes with Clang. 4.2.5: Made a change to a configuration header file in order to avoid undesirable compiler warnings when JasPer is used in C++ code Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
author: Gyorgy Sarvari <skandigraun@gmail.com> 2025-10-06 20:03:36 +0200
committer: Khem Raj <raj.khem@gmail.com> 2025-10-06 11:34:43 -0700
commit: 73a77e86275f347b8d6ce716e00d1271c6a562f7 (patch)
tree: b94efc405ee362bb8647540e97a2595a6f3511dd
parent: aedf74e08230f60c270032e8b937d1ab9bd2fc9c (diff)
download: meta-openembedded-73a77e86275f347b8d6ce716e00d1271c6a562f7.tar.gz
1 files changed, 1 insertions, 3 deletions
diff --git a/meta-oe/recipes-graphics/jasper/jasper_4.2.4.bb b/meta-oe/recipes-graphics/jasper/jasper_4.2.8.bb
index 4796a85190..dd3cf3fdb6 100644
--- a/meta-oe/recipes-graphics/jasper/jasper_4.2.4.bb
+++ b/meta-oe/recipes-graphics/jasper/jasper_4.2.8.bb
@@ -4,9 +4,7 @@ LICENSE = "MIT"
 LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=a80440d1d8f17d041c71c7271d6e06eb"
 SRC_URI = "https://github.com/jasper-software/${BPN}/releases/download/version-${PV}/${BP}.tar.gz"
-SRC_URI[sha256sum] = "6a597613d8d84c500b5b83bf0eec06cd3707c23d19957f70354ac2394c9914e7"
+SRC_URI[sha256sum] = "98058a94fbff57ec6e31dcaec37290589de0ba6f47c966f92654681a56c71fae"
-CVE_STATUS[CVE-2015-8751] = "fixed-version: The CPE in the NVD database doesn't reflect correctly the vulnerable versions."
 inherit cmake multilib_header
author	Gyorgy Sarvari <skandigraun@gmail.com>	2025-10-06 20:03:36 +0200
committer	Khem Raj <raj.khem@gmail.com>	2025-10-06 11:34:43 -0700
commit	73a77e86275f347b8d6ce716e00d1271c6a562f7 (patch)
tree	b94efc405ee362bb8647540e97a2595a6f3511dd
parent	aedf74e08230f60c270032e8b937d1ab9bd2fc9c (diff)
download	meta-openembedded-73a77e86275f347b8d6ce716e00d1271c6a562f7.tar.gz

diff --git a/meta-oe/recipes-graphics/jasper/jasper_4.2.4.bb b/meta-oe/recipes-graphics/jasper/jasper_4.2.8.bb index 4796a85190..dd3cf3fdb6 100644 --- a/meta-oe/recipes-graphics/jasper/jasper_4.2.4.bb +++ b/meta-oe/recipes-graphics/jasper/jasper_4.2.8.bb
@@ -4,9 +4,7 @@ LICENSE = "MIT"
4	LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=a80440d1d8f17d041c71c7271d6e06eb"	4	LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=a80440d1d8f17d041c71c7271d6e06eb"
5		5
6	SRC_URI = "https://github.com/jasper-software/${BPN}/releases/download/version-${PV}/${BP}.tar.gz"	6	SRC_URI = "https://github.com/jasper-software/${BPN}/releases/download/version-${PV}/${BP}.tar.gz"
7	SRC_URI[sha256sum] = "6a597613d8d84c500b5b83bf0eec06cd3707c23d19957f70354ac2394c9914e7"	7	SRC_URI[sha256sum] = "98058a94fbff57ec6e31dcaec37290589de0ba6f47c966f92654681a56c71fae"
8
9	CVE_STATUS[CVE-2015-8751] = "fixed-version: The CPE in the NVD database doesn't reflect correctly the vulnerable versions."
10		8
11	inherit cmake multilib_header	9	inherit cmake multilib_header
12		10