diff options
| author |   Li Zhou <li.zhou@windriver.com> | 2015-08-18 11:45:41 +0800 |
|---|---|---|
| committer |   Richard Purdie <richard.purdie@linuxfoundation.org> | 2015-08-19 17:57:51 +0100 |
| commit | e27f367d08becce9486f2890cb7382f3c8448246 (patch) | |
| tree | 1c67bda591fa813ea189749c5a05a27acda4b36e /meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.30.8.bb | |
| parent | 60d31e69790691f097fe1d06c8e8b6ff4087cbe8 (diff) | |
| download | openembedded-core-contrib-e27f367d08becce9486f2890cb7382f3c8448246.tar.gz | |
gdk-pixbuf: Security Advisory - gdk-pixbuf - CVE-2015-4491
pixops: Be more careful about integer overflow
Integer overflow in the make_filter_table function in pixops/pixops.c
in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and
Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other
products, allows remote attackers to execute arbitrary code or cause a
denial of service (heap-based buffer overflow and application crash) via
crafted bitmap dimensions that are mishandled during scaling.
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Diffstat (limited to 'meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.30.8.bb')
| -rw-r--r-- | meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.30.8.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.30.8.bb b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.30.8.bb index a63d4546f6..07c2dcec16 100644 --- a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.30.8.bb +++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.30.8.bb @@ -18,6 +18,7 @@ SRC_URI = "${GNOME_MIRROR}/${BPN}/${MAJ_VER}/${BPN}-${PV}.tar.xz \ file://extending-libinstall-dependencies.patch \ file://run-ptest \ file://fatal-loader.patch \ + file://0001-pixops-Be-more-careful-about-integer-overflow.patch \ " SRC_URI[md5sum] = "4fed0d54432f1b69fc6e66e608bd5542" |