Google Git
Sign in
android-kvm / buildroot / ff36bc68cdba30f2a76da2b9f2047aa9a514e07e
commitff36bc68cdba30f2a76da2b9f2047aa9a514e07e[log] [tgz]
authorAngelo Compagnucci <angelo.compagnucci@gmail.com>Thu Apr 25 17:55:42 2024 +0200
committerPeter Korsgaard <peter@korsgaard.com>Thu Apr 25 19:27:21 2024 +0200
tree50b59e7d1bfda1f5dfca53da1d6e641e3f754f12
parent1126be70ffb5c2b3255ceb9219362a8a45dd68d7 [diff]
package/openjpeg: security bump to version 2.5.2

Fixes the following security issues:

CVE-2021-3575: A heap-based buffer overflow was found in openjpeg in
color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file.  An
attacker could use this to execute arbitrary code with the permissions of
the application compiled against openjpeg.

Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2 files changed
tree: 50b59e7d1bfda1f5dfca53da1d6e641e3f754f12
  1. .github/
  2. arch/
  3. board/
  4. boot/
  5. configs/
  6. docs/
  7. fs/
  8. linux/
  9. package/
  10. support/
  11. system/
  12. toolchain/
  13. utils/
  14. .checkpackageignore
  15. .clang-format
  16. .defconfig
  17. .editorconfig
  18. .flake8
  19. .gitignore
  20. .gitlab-ci.yml
  21. .shellcheckrc
  22. CHANGES
  23. Config.in
  24. Config.in.legacy
  25. COPYING
  26. DEVELOPERS
  27. Makefile
  28. Makefile.legacy
  29. README