[Buildroot] [PATCH] libpng: security bump to version 1.6.20

Peter Korsgaard peter at korsgaard.com
Fri Dec 4 20:46:53 UTC 2015


>>>>> "Gustavo" == Gustavo Zacarias <gustavo at zacarias.com.ar> writes:

 > Fixes:
 > CVE-2015-8126 - incorrect implementation of png_set_PLTE() that uses
 > png_ptr not info_ptr, that left png_set_PLTE() open to this vuln.

 > (fix in previous release was incomplete)

 > Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>

Committed, thanks.

Should this also be applied to the 2015.11.x branch?

-- 
Bye, Peter Korsgaard



More information about the buildroot mailing list