projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 78e7807) | patch
package/libexif: security bump to version 0.6.22
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Tue, 19 May 2020 18:02:16 +0000 (20:02 +0200)
committerYann E. MORIN <yann.morin.1998@free.fr>
Tue, 19 May 2020 19:59:51 +0000 (21:59 +0200)
commitca0547ffeaea77b1b59ddcf77a2f3713167f8a7e
tree1adbe442f766a922d80b8432a8bc573c80674f54tree
parent78e78071128ccf2dba8cf76b00b1beb0c5f3e538commit | diff
package/libexif: security bump to version 0.6.22

- Switch site to github
- Drop patches (already in version)
- Fix the following CVEs:
  - CVE-2020-13114: Time consumption DoS when parsing canon array
    markers
  - CVE-2020-13113: Potential use of uninitialized memory
  - CVE-2020-13112: Various buffer overread fixes due to integer
    overflows in maker notes
  - CVE-2020-0093: read overflow
  - CVE-2020-12767: fixed division by zero

https://github.com/libexif/libexif/releases/tag/libexif-0_6_22-release

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
package/libexif/0001-fixes-some-not-all-buffer-overreads-during-decoding-.patch [deleted file] blob | history
package/libexif/0002-On-saving-makernotes-make-sure-the-makernote-contain.patch [deleted file] blob | history
package/libexif/0003-Reduce-maximum-recursion-depth-in-exif_data_load_dat.patch [deleted file] blob | history
package/libexif/0004-Improve-deep-recursion-detection-in-exif_data_load_d.patch [deleted file] blob | history
package/libexif/0005-fix-CVE-2019-9278.patch [deleted file] blob | history
package/libexif/Config.in diff | blob | history
package/libexif/libexif.hash diff | blob | history
package/libexif/libexif.mk diff | blob | history