From patchwork Sun Nov 24 21:23:09 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Peter Korsgaard <peter@korsgaard.com>
X-Patchwork-Id: 1200008
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming-buildroot@patchwork.ozlabs.org
Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized)
	smtp.mailfrom=busybox.net (client-ip=140.211.166.138;
	helo=whitealder.osuosl.org;
	envelope-from=buildroot-bounces@busybox.net;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none)
	header.from=korsgaard.com
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com
	header.b="imz6wswB"; dkim-atps=neutral
Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 47Ljnm0VPgz9sPK
	for <incoming-buildroot@patchwork.ozlabs.org>;
	Mon, 25 Nov 2019 08:23:21 +1100 (AEDT)
Received: from localhost (localhost [127.0.0.1])
	by whitealder.osuosl.org (Postfix) with ESMTP id E585B86055;
	Sun, 24 Nov 2019 21:23:19 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from whitealder.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 68-3SF4OXSC1; Sun, 24 Nov 2019 21:23:18 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by whitealder.osuosl.org (Postfix) with ESMTP id 37F6C85CB4;
	Sun, 24 Nov 2019 21:23:17 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133])
	by ash.osuosl.org (Postfix) with ESMTP id 716FE1BF420
	for <buildroot@lists.busybox.net>;
	Sun, 24 Nov 2019 21:23:15 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by hemlock.osuosl.org (Postfix) with ESMTP id 611A187AAE
	for <buildroot@lists.busybox.net>;
	Sun, 24 Nov 2019 21:23:15 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from hemlock.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id PPs7gYkLygSF for <buildroot@lists.busybox.net>;
	Sun, 24 Nov 2019 21:23:14 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from mail-wm1-f66.google.com (mail-wm1-f66.google.com
	[209.85.128.66])
	by hemlock.osuosl.org (Postfix) with ESMTPS id F3EDE878FE
	for <buildroot@buildroot.org>; Sun, 24 Nov 2019 21:23:13 +0000 (UTC)
Received: by mail-wm1-f66.google.com with SMTP id z19so13487416wmk.3
	for <buildroot@buildroot.org>; Sun, 24 Nov 2019 13:23:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=sender:from:to:cc:subject:date:message-id:mime-version
	:content-transfer-encoding;
	bh=tn9OAl6kurn1x+b7pNwSPjdUBmH5s/xNw+mX9CnlVxY=;
	b=imz6wswBN/hm+UgyW6m1TOQKjqGxDQlVvIt1kqdJPQwiLot+ns/4W+hYfbwj535meV
	w4W091gu++Wm6o5Dw1joczFblS/BDi6lkbLyftbDRVleK3D1AnFyfGrVypOg/LDcaZWv
	rltZ7uancYdfp5DOUaF8KfIOKnWQmrcqxv1lFWpmwWun7y2dCiTLo5v85PyiTLph1rvP
	VBjwP5pziGcfyt3r+KFNWvP2FPwqGwzKddcZyovPC6ldnSwvybAj9WSvyOCXo/7g1lYm
	P0qCSkikVZm+66NC/JjKTZIownSHFAifPr8UeXhcpyhlR87qwLHrvT2EtuouaVefGL6j
	YeIA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:sender:from:to:cc:subject:date:message-id
	:mime-version:content-transfer-encoding;
	bh=tn9OAl6kurn1x+b7pNwSPjdUBmH5s/xNw+mX9CnlVxY=;
	b=JExSpPGYS9AyCO8Tr3UosutrojFN+sL5aUpTYHhyEUt0DdTsqh0UZCbFCPtcjzJvaC
	byIwSjYqhMJYVPI5eFWIDbmBa+4mMx/8aPQPlaW/tE3LvV+b1NAMoZPSzipPX72kmunN
	93FLG7lqWiRF8LzjKM15d7b8uqLUWVMvMHmyZJxAyPPALGLH2k56yvtwsXEQmqBvT5hE
	jRRi7+WbAD4CjxgiWPLbfJicPifk8XczRAKCegWFJIYNW8w2RH0ojw39zOl4lU80sa/j
	l41bGedUqt3PZ3Qd9kk+xc8PJ+EJGWvHf+M+BEGamPCgEnpMeSPvXBm/3soEVTczOQn7
	TLzQ==
X-Gm-Message-State: APjAAAUvasY3Mz7Zmnj/NRHX+4241TV7RxKHPql4a0b91V1mwHRgWp8m
	+ISVR1cy8Vlstn9Zl/DyJZ+zQdLT
X-Google-Smtp-Source: 
 APXvYqyxRFi8fYzxYiYnSy4FpYxMhpWTxa8Wg9hQ0+n7zLH0AzJ5Ld82ef2/+Z1lUgrxHeWvO2GNbw==
X-Received: by 2002:a7b:c1d0:: with SMTP id
	a16mr27226897wmj.127.1574630591986;
	Sun, 24 Nov 2019 13:23:11 -0800 (PST)
Received: from dell.be.48ers.dk (d51a5bc31.access.telenet.be.
	[81.165.188.49]) by smtp.gmail.com with ESMTPSA id
	t14sm7475037wrw.87.2019.11.24.13.23.10
	(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
	Sun, 24 Nov 2019 13:23:10 -0800 (PST)
Received: from peko by dell.be.48ers.dk with local (Exim 4.92)
	(envelope-from <peko@dell.be.48ers.dk>)
	id 1iYzLa-0008Fj-8Z; Sun, 24 Nov 2019 22:23:10 +0100
From: Peter Korsgaard <peter@korsgaard.com>
To: buildroot@buildroot.org
Date: Sun, 24 Nov 2019 22:23:09 +0100
Message-Id: <20191124212309.31678-1-peter@korsgaard.com>
X-Mailer: git-send-email 2.20.1
MIME-Version: 1.0
Subject: [Buildroot] [PATCH] package/jpeg-turbo: security bump to version
	2.0.3
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=subscribe>
Cc: Murat Demirten <mdemirten@yh.com.tr>,
	Peter Korsgaard <peter@korsgaard.com>
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

Fixes the following security vulnerabilities:

- CVE-2019-2201: In generate_jsimd_ycc_rgb_convert_neon of
  jsimd_arm64_neon.S, there is a possible out of bounds write due to a
  missing bounds check.  This could lead to remote code execution in an
  unprivileged process with no additional execution privileges needed.

For more details, see the upstream bugtracker:
https://github.com/libjpeg-turbo/libjpeg-turbo/issues/361

Additionally, it fixes a number of other issues.  From the release notes:

- Fixed a regression in the SIMD feature detection code, introduced by the
  AVX2 SIMD extensions (2.0 beta1[1]), that was known to cause an illegal
  instruction exception, in rare cases, on CPUs that lack support for CPUID
  leaf 07H (or on which the maximum CPUID leaf has been limited by way of a
  BIOS setting.)

- The 4:4:0 (h1v2) fancy (smooth) chroma upsampling algorithm in the
  decompressor now uses a similar bias pattern to that of the 4:2:2 (h2v1)
  fancy chroma upsampling algorithm, rounding up or down the upsampled
  result for alternate pixels rather than always rounding down.  This
  ensures that, regardless of whether a 4:2:2 JPEG image is rotated or
  transposed prior to decompression (in the frequency domain) or after
  decompression (in the spatial domain), the final image will be similar.

- Fixed a regression introduced by 2.0 beta1[15] whereby attempting to
  generate a progressive JPEG image on an SSE2-capable CPU using a scan
  script containing one or more scans with lengths divisible by 16 would
  result in an error ("Missing Huffman code table entry") and an invalid
  JPEG image.

- Fixed an issue whereby tjDecodeYUV() and tjDecodeYUVPlanes() would throw
  an error ("Invalid progressive parameters") or a warning ("Inconsistent
  progression sequence") if passed a TurboJPEG instance that was previously
  used to decompress a progressive JPEG image.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/jpeg-turbo/jpeg-turbo.hash | 8 ++++----
 package/jpeg-turbo/jpeg-turbo.mk   | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/package/jpeg-turbo/jpeg-turbo.hash b/package/jpeg-turbo/jpeg-turbo.hash
index 56b3478ab6..ea6060f2b9 100644
--- a/package/jpeg-turbo/jpeg-turbo.hash
+++ b/package/jpeg-turbo/jpeg-turbo.hash
@@ -1,7 +1,7 @@
-# From https://sourceforge.net/projects/libjpeg-turbo/files/2.0.2/
-sha1 1cff52d50b81755d0bdcf9055eb22157f39a1695  libjpeg-turbo-2.0.2.tar.gz
-md5 79f76fbfb0c6109631332762d10e16d2  libjpeg-turbo-2.0.2.tar.gz
+# From https://sourceforge.net/projects/libjpeg-turbo/files/2.0.3/
+sha1 539363a444f92421c098a1a3e7cebfda48d4cfb3  libjpeg-turbo-2.0.3.tar.gz
+md5  bd07fddf26f9def7bab02739eb655116 libjpeg-turbo-2.0.3.tar.gz
 # Locally computed
-sha256 acb8599fe5399af114287ee5907aea4456f8f2c1cc96d26c28aebfdf5ee82fed  libjpeg-turbo-2.0.2.tar.gz
+sha256 4246de500544d4ee408ee57048aa4aadc6f165fc17f141da87669f20ed3241b7  libjpeg-turbo-2.0.3.tar.gz
 sha256 69e570a251515ced17d4492256d57c89db77ed949652f88a44c80c1ca9607920  LICENSE.md
 sha256 82fece2bff2669c476495f0fe70096b154e8bc5b40916a64e99836d9a01c3110  README.ijg
diff --git a/package/jpeg-turbo/jpeg-turbo.mk b/package/jpeg-turbo/jpeg-turbo.mk
index 3735132b2e..0c75cf1db5 100644
--- a/package/jpeg-turbo/jpeg-turbo.mk
+++ b/package/jpeg-turbo/jpeg-turbo.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-JPEG_TURBO_VERSION = 2.0.2
+JPEG_TURBO_VERSION = 2.0.3
 JPEG_TURBO_SOURCE = libjpeg-turbo-$(JPEG_TURBO_VERSION).tar.gz
 JPEG_TURBO_SITE = https://downloads.sourceforge.net/project/libjpeg-turbo/$(JPEG_TURBO_VERSION)
 JPEG_TURBO_LICENSE = IJG (libjpeg), BSD-3-Clause (TurboJPEG), Zlib (SIMD)