pkgsrc.se | The NetBSD package collection

Subject: CVS commit: [pkgsrc-2020Q1] pkgsrc/graphics/openjpeg
From: Benny Siegert
Date: 2020-05-13 15:49:09
Message id: 20200513134909.186B1FB27@cvs.NetBSD.org

Log Message:
Pullup ticket #6193 - requested by nia
graphics/openjpeg: security fix

Revisions pulled up:
- graphics/openjpeg/Makefile                                    1.21
- graphics/openjpeg/distinfo                                    1.18
- graphics/openjpeg/patches/patch-src_lib_openjp2_j2k.c         1.1
- graphics/openjpeg/patches/patch-src_lib_openjp2_tcd.c         1.1

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Tue May 12 10:44:46 UTC 2020

   Modified Files:
   	pkgsrc/graphics/openjpeg: Makefile distinfo
   Added Files:
   	pkgsrc/graphics/openjpeg/patches: patch-src_lib_openjp2_j2k.c
   	    patch-src_lib_openjp2_tcd.c

   Log Message:
   openjpeg: Cherrypick fixes for the following CVEs from upstream:

   https://nvd.nist.gov/vuln/detail/CVE-2020-6851 - out-of-bounds-write
   https://nvd.nist.gov/vuln/detail/CVE-2020-8112 - heap-overflow

   Please make releases for your software. :/

   Bump PKGREVISION

Files:

Revision	Action	file
1.20.2.1	modify	pkgsrc/graphics/openjpeg/Makefile
1.17.2.1	modify	pkgsrc/graphics/openjpeg/distinfo
1.1.2.2	add	pkgsrc/graphics/openjpeg/patches/patch-src_lib_openjp2_j2k.c
1.1.2.2	add	pkgsrc/graphics/openjpeg/patches/patch-src_lib_openjp2_tcd.c