projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6b4acf9) | patch
lcms2: add upstream security fix for CVE-2016-10165
authorPeter Korsgaard <peter@korsgaard.com>
Mon, 30 Jan 2017 13:05:12 +0000 (14:05 +0100)
committerPeter Korsgaard <peter@korsgaard.com>
Mon, 30 Jan 2017 20:16:05 +0000 (21:16 +0100)
commitcd2e115a3feb501afc11d3c6ce29fd947a631cda
tree76aa7c34e10ede7e12256630473f39614c84c795tree
parent6b4acf923b0e4c46d058a28877df805785258496commit | diff
lcms2: add upstream security fix for CVE-2016-10165

An out-of-bounds read in cmstypes.c in Type_MLU_Read function was found,
leading to heap memory leak triggered by crafted ICC profile.

https://bugzilla.redhat.com/show_bug.cgi?id=1367357

Add upstream patch to fix it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/lcms2/0002-Added-an-extra-check-to-MLU-bounds.patch [new file with mode: 0644] blob