summaryrefslogtreecommitdiffstats
path: root/meta/recipes-multimedia/libpng
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-multimedia/libpng')
-rw-r--r--meta/recipes-multimedia/libpng/libpng/CVE-2019-7317.patch20
-rw-r--r--meta/recipes-multimedia/libpng/libpng_1.6.37.bb (renamed from meta/recipes-multimedia/libpng/libpng_1.6.36.bb)11
2 files changed, 5 insertions, 26 deletions
diff --git a/meta/recipes-multimedia/libpng/libpng/CVE-2019-7317.patch b/meta/recipes-multimedia/libpng/libpng/CVE-2019-7317.patch
deleted file mode 100644
index 6ee1f8da30..0000000000
--- a/meta/recipes-multimedia/libpng/libpng/CVE-2019-7317.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-Use-after-free detected with static analysis.
-
-CVE: CVE-2019-7317
-Upstream-Status: Submitted [https://github.com/glennrp/libpng/issues/275]
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-
-diff --git a/png.c b/png.c
-index 9d9926f638..efd1aecfbd 100644
---- a/png.c
-+++ b/png.c
-@@ -4588,8 +4588,7 @@ png_image_free(png_imagep image)
- if (image != NULL && image->opaque != NULL &&
- image->opaque->error_buf == NULL)
- {
-- /* Ignore errors here: */
-- (void)png_safe_execute(image, png_image_free_function, image);
-+ png_image_free_function(image);
- image->opaque = NULL;
- }
- }
diff --git a/meta/recipes-multimedia/libpng/libpng_1.6.36.bb b/meta/recipes-multimedia/libpng/libpng_1.6.37.bb
index a586237888..66af2f3d60 100644
--- a/meta/recipes-multimedia/libpng/libpng_1.6.36.bb
+++ b/meta/recipes-multimedia/libpng/libpng_1.6.37.bb
@@ -2,17 +2,16 @@ SUMMARY = "PNG image format decoding library"
HOMEPAGE = "http://www.libpng.org/"
SECTION = "libs"
LICENSE = "Libpng"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=12b4ec50384c800bc568f519671b120c \
- file://png.h;endline=144;md5=15ae15f53376306868259924a9db4e05 \
+LIC_FILES_CHKSUM = "file://LICENSE;md5=b0085051bf265bac2bfc38bc89f50000\
+ file://png.h;endline=144;md5=8acd23d544623816b097e07be0139509\
"
DEPENDS = "zlib"
LIBV = "16"
-SRC_URI = "${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}${LIBV}/${PV}/${BP}.tar.xz \
- file://CVE-2019-7317.patch"
-SRC_URI[md5sum] = "df2be2d29c40937fe1f5349b16bc2826"
-SRC_URI[sha256sum] = "eceb924c1fa6b79172fdfd008d335f0e59172a86a66481e09d4089df872aa319"
+SRC_URI = "${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}${LIBV}/${PV}/${BP}.tar.xz"
+SRC_URI[md5sum] = "015e8e15db1eecde5f2eb9eb5b6e59e9"
+SRC_URI[sha256sum] = "505e70834d35383537b6491e7ae8641f1a4bed1876dbfe361201fc80868d88ca"
MIRRORS += "${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}${LIBV}/${PV}/ ${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}${LIBV}/older-releases/${PV}/"
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-04-25 18:09:00 +0000