From 8fa523e028ecfa8acb33bac7d48f2fe9cb60a86e Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Thu, 29 Dec 2016 16:04:29 +0000 Subject: [PATCH] libpng: Update to version 1.2.57 These all fix a potential "NULL dereference" bug that has existed in libpng since version 0.71 of June 26, 1995. To be vulnerable, an application has to load a text chunk into the png structure, then delete all text, then add another text chunk to the same png structure, which seems to be an unlikely sequence, but it has happened. Signed-off-by: Michael Tremer --- config/rootfiles/common/libpng | 4 ++-- config/rootfiles/core/109/filelists/libpng | 1 + lfs/libpng | 4 ++-- 3 files changed, 5 insertions(+), 4 deletions(-) create mode 120000 config/rootfiles/core/109/filelists/libpng diff --git a/config/rootfiles/common/libpng b/config/rootfiles/common/libpng index c29eaa7db7..9a20880a1a 100644 --- a/config/rootfiles/common/libpng +++ b/config/rootfiles/common/libpng @@ -9,12 +9,12 @@ #usr/lib/libpng.la usr/lib/libpng.so usr/lib/libpng.so.3 -usr/lib/libpng.so.3.46.0 +usr/lib/libpng.so.3.57.0 #usr/lib/libpng12.a #usr/lib/libpng12.la usr/lib/libpng12.so usr/lib/libpng12.so.0 -usr/lib/libpng12.so.0.46.0 +usr/lib/libpng12.so.0.57.0 #usr/lib/pkgconfig/libpng.pc #usr/lib/pkgconfig/libpng12.pc #usr/share/man/man3/libpng.3 diff --git a/config/rootfiles/core/109/filelists/libpng b/config/rootfiles/core/109/filelists/libpng new file mode 120000 index 0000000000..8ef96e2c13 --- /dev/null +++ b/config/rootfiles/core/109/filelists/libpng @@ -0,0 +1 @@ +../../../common/libpng \ No newline at end of file diff --git a/lfs/libpng b/lfs/libpng index 707511867f..af2db684e6 100644 --- a/lfs/libpng +++ b/lfs/libpng @@ -24,7 +24,7 @@ include Config -VER = 1.2.46 +VER = 1.2.57 THISAPP = libpng-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 03ddfc17ad321db93f984581e9415d22 +$(DL_FILE)_MD5 = dfcda3603e29dcc11870c48f838ef75b install : $(TARGET) -- 2.39.5