[Buildroot] [git commit] package/libjpeg: security bump to version 9d

Peter Korsgaard peter at korsgaard.com
Wed Jan 22 19:51:01 UTC 2020


commit: https://git.buildroot.net/buildroot/commit/?id=75a14ec067ed244c239692ff3944cc9c71674c6f
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master

- Fix CVE-2018-11813: libjpeg 9c has a large loop because read_pixel in
  rdtarga.c mishandles EOF.
- Update hash of README (small updates such as authors, year ...)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
 package/libjpeg/libjpeg.hash | 4 ++--
 package/libjpeg/libjpeg.mk   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/libjpeg/libjpeg.hash b/package/libjpeg/libjpeg.hash
index 7d47f550cb..4f0a677d04 100644
--- a/package/libjpeg/libjpeg.hash
+++ b/package/libjpeg/libjpeg.hash
@@ -1,3 +1,3 @@
 # locally computed hash
-sha256	650250979303a649e21f87b5ccd02672af1ea6954b911342ea491f351ceb7122	jpegsrc.v9c.tar.gz
-sha256	31f366acfb6259456d9046eb7f16875e387f8bf029d37ac4c4397bf63f22fd6b	README
+sha256	99cb50e48a4556bc571dadd27931955ff458aae32f68c4d9c39d624693f69c32	jpegsrc.v9d.tar.gz
+sha256	3dc4e4a145c907a96bd6a0e40be3f722fecf061951909143cdff5365cba9c78c	README
diff --git a/package/libjpeg/libjpeg.mk b/package/libjpeg/libjpeg.mk
index ab09881fc1..b855344f3c 100644
--- a/package/libjpeg/libjpeg.mk
+++ b/package/libjpeg/libjpeg.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBJPEG_VERSION = 9c
+LIBJPEG_VERSION = 9d
 LIBJPEG_SITE = http://www.ijg.org/files
 LIBJPEG_SOURCE = jpegsrc.v$(LIBJPEG_VERSION).tar.gz
 LIBJPEG_LICENSE = IJG


More information about the buildroot mailing list