MIRRORS/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2025-12-15 06:45:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

jasper: upgrade 4.2.4 -> 4.2.8

Browse Source 
The upgrade contains fixes for the following vulenrabilities:
CVE-2025-8835, CVE-2025-8836, CVE-2025-8837

Changelog:
4.2.8:
Fixed a bug in the JPC decoder that could cause bad memory accesses
if the debug level is set sufficiently high.

4.2.7:
Added some missing range checking on several coding parameters in the
JPC encoder.

4.2.6:
Added a check for a missing color component in the jas_image_chclrspc
function.

Fixed a minor build problem related to the use of -Wstrict-prototypes
with Clang.

4.2.5:
Made a change to a configuration header file in order to avoid
undesirable compiler warnings when JasPer is used in C++ code

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Gyorgy Sarvari 2025-10-06 20:03:36 +02:00 committed by Khem Raj
parent aedf74e082
commit 73a77e8627
No known key found for this signature in database
GPG Key ID: BB053355919D3314
1 changed files with 1 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
meta-oe/recipes-graphics/jasper/jasper_4.2.4.bb → meta-oe/recipes-graphics/jasper/jasper_4.2.8.bb
View File

@ -4,9 +4,7 @@ LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=a80440d1d8f17d041c71c7271d6e06eb"
SRC_URI = "https://github.com/jasper-software/${BPN}/releases/download/version-${PV}/${BP}.tar.gz"
SRC_URI[sha256sum] = "6a597613d8d84c500b5b83bf0eec06cd3707c23d19957f70354ac2394c9914e7"
CVE_STATUS[CVE-2015-8751] = "fixed-version: The CPE in the NVD database doesn't reflect correctly the vulnerable versions."
SRC_URI[sha256sum] = "98058a94fbff57ec6e31dcaec37290589de0ba6f47c966f92654681a56c71fae"
inherit cmake multilib_header