[oe-commits] [openembedded-core] 06/33: libpng: update to 1.6.37
git at git.openembedded.org
git at git.openembedded.org
Tue Apr 23 22:39:37 UTC 2019
This is an automated email from the git hooks/post-receive script.
rpurdie pushed a commit to branch master
in repository openembedded-core.
commit cfd21faa77fe81205ad0eb80c47fce37f5d1e2b1
Author: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
AuthorDate: Tue Apr 23 00:45:15 2019 +0200
libpng: update to 1.6.37
Removed patch was upsteamed.
License checksums were changed due to modified copyright year and fixed
typo in LICENSE file (see @fef895aa28 and @8da8257d0b).
Signed-off-by: Oleksandr Kravchuk <open.source at oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
---
.../libpng/libpng/CVE-2019-7317.patch | 20 --------------------
.../libpng/{libpng_1.6.36.bb => libpng_1.6.37.bb} | 11 +++++------
2 files changed, 5 insertions(+), 26 deletions(-)
diff --git a/meta/recipes-multimedia/libpng/libpng/CVE-2019-7317.patch b/meta/recipes-multimedia/libpng/libpng/CVE-2019-7317.patch
deleted file mode 100644
index 6ee1f8d..0000000
--- a/meta/recipes-multimedia/libpng/libpng/CVE-2019-7317.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-Use-after-free detected with static analysis.
-
-CVE: CVE-2019-7317
-Upstream-Status: Submitted [https://github.com/glennrp/libpng/issues/275]
-Signed-off-by: Ross Burton <ross.burton at intel.com>
-
-diff --git a/png.c b/png.c
-index 9d9926f638..efd1aecfbd 100644
---- a/png.c
-+++ b/png.c
-@@ -4588,8 +4588,7 @@ png_image_free(png_imagep image)
- if (image != NULL && image->opaque != NULL &&
- image->opaque->error_buf == NULL)
- {
-- /* Ignore errors here: */
-- (void)png_safe_execute(image, png_image_free_function, image);
-+ png_image_free_function(image);
- image->opaque = NULL;
- }
- }
diff --git a/meta/recipes-multimedia/libpng/libpng_1.6.36.bb b/meta/recipes-multimedia/libpng/libpng_1.6.37.bb
similarity index 70%
rename from meta/recipes-multimedia/libpng/libpng_1.6.36.bb
rename to meta/recipes-multimedia/libpng/libpng_1.6.37.bb
index a586237..66af2f3 100644
--- a/meta/recipes-multimedia/libpng/libpng_1.6.36.bb
+++ b/meta/recipes-multimedia/libpng/libpng_1.6.37.bb
@@ -2,17 +2,16 @@ SUMMARY = "PNG image format decoding library"
HOMEPAGE = "http://www.libpng.org/"
SECTION = "libs"
LICENSE = "Libpng"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=12b4ec50384c800bc568f519671b120c \
- file://png.h;endline=144;md5=15ae15f53376306868259924a9db4e05 \
+LIC_FILES_CHKSUM = "file://LICENSE;md5=b0085051bf265bac2bfc38bc89f50000\
+ file://png.h;endline=144;md5=8acd23d544623816b097e07be0139509\
"
DEPENDS = "zlib"
LIBV = "16"
-SRC_URI = "${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}${LIBV}/${PV}/${BP}.tar.xz \
- file://CVE-2019-7317.patch"
-SRC_URI[md5sum] = "df2be2d29c40937fe1f5349b16bc2826"
-SRC_URI[sha256sum] = "eceb924c1fa6b79172fdfd008d335f0e59172a86a66481e09d4089df872aa319"
+SRC_URI = "${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}${LIBV}/${PV}/${BP}.tar.xz"
+SRC_URI[md5sum] = "015e8e15db1eecde5f2eb9eb5b6e59e9"
+SRC_URI[sha256sum] = "505e70834d35383537b6491e7ae8641f1a4bed1876dbfe361201fc80868d88ca"
MIRRORS += "${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}${LIBV}/${PV}/ ${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}${LIBV}/older-releases/${PV}/"
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list