Эхлэл Бүгдийг харах Тусламж
Бүртгүүлэх Нэвтрэх
PUBLIC_REPOS
/
buildroot
-ын хуулбар git://git.buildroot.net/buildroot
2
1
Салаа 0
Файлууд
Эх сурвалжийг харах

package/libavif: security bump to v1.3.0

Fixes the following security issues:

- CVE-2025-48174: makeRoom in stream.c has an integer overflow and
    resultant buffer overflow in stream->offset+size.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-48174
  - https://github.com/AOMediaCodec/libavif/pull/2768/commits

- CVE-2025-48175: avifImageRGBToYUV in reformat.c has integer overflows
    in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and
    vRowBytes.

For more information, see:
  - https://nvd.nist.gov/vuln/detail/CVE-2025-48175
  - https://github.com/AOMediaCodec/libavif/commit/64d956ed5a602f78cebf29da023280944ee92efd

For more details on the version bump, see:
  - https://github.com/AOMediaCodec/libavif/releases/tag/v1.3.0
  - https://github.com/AOMediaCodec/libavif/releases/tag/v1.2.1
  - https://github.com/AOMediaCodec/libavif/releases/tag/v1.2.0

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Thomas Perale 1 сар өмнө
parent
3d593a8144
commit
0c1fa0bce1
2 өөрчлөгдсөн 2 нэмэгдсэн , 2 устгасан
Өөрчлөлтийг ялгаж харах Өөрчлөлтийн статистик харах
  1. 1 1
      package/libavif/libavif.hash
  2. 1 1
      package/libavif/libavif.mk

+ 1 - 1
package/libavif/libavif.hash
Файл харах 

@@ -1,3 +1,3 @@
 
-sha256  914662e16245e062ed73f90112fbb4548241300843a7772d8d441bb6859de45b  libavif-1.1.1.tar.gz
 
+sha256  0a545e953cc049bf5bcf4ee467306a2f113a75110edf59e61248873101cd26c1  libavif-1.3.0.tar.gz
 
 
 sha256  165abf92cc04b39e80d29cadea7a6a7e8fddf59407d4ad2616507a7ebe8216f9  LICENSE

+ 1 - 1
package/libavif/libavif.mk
Файл харах 

@@ -4,7 +4,7 @@
 
 #
 
 ################################################################################
 
 
-LIBAVIF_VERSION = 1.1.1
 
+LIBAVIF_VERSION = 1.3.0
 
 LIBAVIF_SITE = $(call github,AOMediaCodec,libavif,v$(LIBAVIF_VERSION))
 
 LIBAVIF_LICENSE = BSD-2-Clause, IJG, Apache-2.0
 
 LIBAVIF_LICENSE_FILES = LICENSE