commit | ff36bc68cdba30f2a76da2b9f2047aa9a514e07e | [log] [tgz] |
---|---|---|
author | Angelo Compagnucci <angelo.compagnucci@gmail.com> | Thu Apr 25 17:55:42 2024 +0200 |
committer | Peter Korsgaard <peter@korsgaard.com> | Thu Apr 25 19:27:21 2024 +0200 |
tree | 50b59e7d1bfda1f5dfca53da1d6e641e3f754f12 | |
parent | 1126be70ffb5c2b3255ceb9219362a8a45dd68d7 [diff] |
package/openjpeg: security bump to version 2.5.2 Fixes the following security issues: CVE-2021-3575: A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg. Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>