From patchwork Wed Dec 24 12:21:03 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gustavo Zacarias X-Patchwork-Id: 423922 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from silver.osuosl.org (silver.osuosl.org [140.211.166.136]) by ozlabs.org (Postfix) with ESMTP id 190DF140082 for ; Wed, 24 Dec 2014 23:21:20 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id 3252430374; Wed, 24 Dec 2014 12:21:19 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3bCCBMTmIFZs; Wed, 24 Dec 2014 12:21:18 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by silver.osuosl.org (Postfix) with ESMTP id D90C3302A7; Wed, 24 Dec 2014 12:21:17 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from whitealder.osuosl.org (whitealder.osuosl.org [140.211.166.138]) by ash.osuosl.org (Postfix) with ESMTP id CA7821C21EA for ; Wed, 24 Dec 2014 12:21:16 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id C64EE8A863 for ; Wed, 24 Dec 2014 12:21:16 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZPw-vibTlbb9 for ; Wed, 24 Dec 2014 12:21:15 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from www.zacarias.com.ar (www.zacarias.com.ar [62.210.192.172]) by whitealder.osuosl.org (Postfix) with ESMTPS id 45C798A7E0 for ; Wed, 24 Dec 2014 12:21:15 +0000 (UTC) Received: from asgard (cpe-181-46-99-160.telecentro-reversos.com.ar [181.46.99.160] (may be forged)) (authenticated bits=0) by www.zacarias.com.ar (8.14.9/8.14.9) with ESMTP id sBOCL8o4012156 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 24 Dec 2014 12:21:11 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=zacarias.com.ar; s=dkey; t=1419423673; bh=14xH/ya1Jw7vEcQJ/ZGdBkPOPK4aff0LsW6yQeNBOlU=; h=From:To:Cc:Subject:Date; b=tiqN8STz5Coa25wrfne0QE6peD0k6164rfzvUC9M+mdy1jtIX1AAOtaNZVaqeoZEH IRZcrvqJ4yMmiknTmAOXxiZMCtJ44Zq/KRAqc9HLERPjH5wVUDgi5wwE4CxCHZgRYG fKq9Z7zEuvwU2rJB0d1Dnd+SNh4zzE1vHlJIrWE8= Received: by asgard (sSMTP sendmail emulation); Wed, 24 Dec 2014 09:21:03 -0300 From: Gustavo Zacarias To: buildroot@busybox.net Date: Wed, 24 Dec 2014 09:21:03 -0300 Message-Id: <1419423663-11355-1-git-send-email-gustavo@zacarias.com.ar> X-Mailer: git-send-email 2.0.4 X-Virus-Scanned: clamav-milter 0.98.5 at www X-Virus-Status: Clean Subject: [Buildroot] [PATCH] libpng: security bump to version 1.6.16 X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" Fixes a buffer overflow which may allow an attacker to gain write access to memory. CVE requested but not yet assigned. Signed-off-by: Gustavo Zacarias --- package/libpng/libpng.hash | 6 +++--- package/libpng/libpng.mk | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package/libpng/libpng.hash b/package/libpng/libpng.hash index 37f6067..d0027c7 100644 --- a/package/libpng/libpng.hash +++ b/package/libpng/libpng.hash @@ -1,3 +1,3 @@ -# From http://sourceforge.net/projects/libpng/files/libpng16/1.6.15/ -md5 a95cb387c53215b034203b41ec57c7e5 libpng-1.6.15.tar.xz -sha1 bddeac8ca97fbcf54d6d32c6eefed5d94b49df88 libpng-1.6.15.tar.xz +# From http://sourceforge.net/projects/libpng/files/libpng16/1.6.16/ +md5 23b7286b5d4a86de950fd2ffc5cac742 libpng-1.6.16.tar.xz +sha1 31855a8438ae795d249574b0da15b34eb0922e13 libpng-1.6.16.tar.xz diff --git a/package/libpng/libpng.mk b/package/libpng/libpng.mk index 67bf141..2f53a95 100644 --- a/package/libpng/libpng.mk +++ b/package/libpng/libpng.mk @@ -4,7 +4,7 @@ # ################################################################################ -LIBPNG_VERSION = 1.6.15 +LIBPNG_VERSION = 1.6.16 LIBPNG_SERIES = 16 LIBPNG_SOURCE = libpng-$(LIBPNG_VERSION).tar.xz LIBPNG_SITE = http://downloads.sourceforge.net/project/libpng/libpng${LIBPNG_SERIES}/$(LIBPNG_VERSION)