diff options
author | 2024-02-26 20:09:43 +0000 | |
---|---|---|
committer | 2024-02-27 13:30:41 +0100 | |
commit | 60089103715082a054843f65cd0b22f24361b165 (patch) | |
tree | 613a54754501ed251a2778e60fe213776d21fcd8 /patches/source/openjpeg/openjpeg2_remove-thirdparty.patch | |
parent | 76371c76c59cf58c1bcaaa33a272b1b839c18bc6 (diff) | |
download | current-60089103715082a054843f65cd0b22f24361b165.tar.gz current-60089103715082a054843f65cd0b22f24361b165.tar.xz |
Mon Feb 26 20:09:43 UTC 202420240226200943_15.0
patches/packages/openjpeg-2.5.1-x86_64-1_slack15.0.txz: Upgraded.
Fixed a heap-based buffer overflow in openjpeg in color.c:379:42 in
sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use
this to execute arbitrary code with the permissions of the application
compiled against openjpeg.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2021-3575
(* Security fix *)
Diffstat (limited to 'patches/source/openjpeg/openjpeg2_remove-thirdparty.patch')
-rw-r--r-- | patches/source/openjpeg/openjpeg2_remove-thirdparty.patch | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/patches/source/openjpeg/openjpeg2_remove-thirdparty.patch b/patches/source/openjpeg/openjpeg2_remove-thirdparty.patch new file mode 100644 index 000000000..6987fc240 --- /dev/null +++ b/patches/source/openjpeg/openjpeg2_remove-thirdparty.patch @@ -0,0 +1,11 @@ +diff -rupN openjpeg-2.1.1/CMakeLists.txt openjpeg-2.1.1-new/CMakeLists.txt +--- openjpeg-2.1.1/CMakeLists.txt 2016-07-05 16:54:17.000000000 +0200 ++++ openjpeg-2.1.1-new/CMakeLists.txt 2016-07-06 09:38:26.083029127 +0200 +@@ -270,7 +270,6 @@ if(BUILD_CODEC OR BUILD_MJ2) + # OFF: It will only build 3rd party libs if they are not found on the system + # ON: 3rd party libs will ALWAYS be build, and used + option(BUILD_THIRDPARTY "Build the thirdparty executables if it is needed" OFF) +- add_subdirectory(thirdparty) + add_subdirectory(src/bin) + endif () + add_subdirectory(wrapping) |