[Buildroot] [PATCH] package/jpeg-turbo: add upstream security fixes
Peter Korsgaard
peter at korsgaard.com
Tue Feb 12 19:00:32 UTC 2019
>>>>> "Baruch" == Baruch Siach <baruch at tkos.co.il> writes:
> CVE-2018-20330: Integer overflow causing segfault occurred when
> attempting to load a BMP file with more than 1 billion pixels using the
> `tjLoadImage()` function.
That is a _BIG_ picture! ;)
> CVE-2018-19664: Buffer overrun occurred when attempting to decompress a
> specially-crafted malformed JPEG image to a 256-color BMP using djpeg.
> Cc: Murat Demirten <mdemirten at yh.com.tr>
> Signed-off-by: Baruch Siach <baruch at tkos.co.il>
Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list