[Buildroot] [PATCH 1/1] package/libexif: security bump to version 0.6.22

Peter Korsgaard peter at korsgaard.com
Fri May 29 21:30:07 UTC 2020


>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:

 > - Switch site to github
 > - Drop patches (already in version)
 > - Fix the following CVEs:
 >   - CVE-2020-13114: Time consumption DoS when parsing canon array
 >     markers
 >   - CVE-2020-13113: Potential use of uninitialized memory
 >   - CVE-2020-13112: Various buffer overread fixes due to integer
 >     overflows in maker notes
 >   - CVE-2020-0093: read overflow
 >   - CVE-2020-12767: fixed division by zero

 > https://github.com/libexif/libexif/releases/tag/libexif-0_6_22-release

 > Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>

Committed to 2020.02.x, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list