diff options
author | Michael Drake <michael.drake@codethink.co.uk> | 2015-01-14 11:27:06 +0000 |
---|---|---|
committer | Michael Drake <michael.drake@codethink.co.uk> | 2015-01-14 11:27:06 +0000 |
commit | a05c7b035f23a21f454dfa72bba358028c24595a (patch) | |
tree | 0c8fd1b28eb4c46c31506348b697dd397ce19f04 /sdk | |
parent | d29fbc3306f270a36f6dbfc11c3126e7fcda01b4 (diff) | |
download | toolchains-a05c7b035f23a21f454dfa72bba358028c24595a.tar.gz toolchains-a05c7b035f23a21f454dfa72bba358028c24595a.tar.bz2 |
Update libpng to version 1.6.16
Versions of libpng from 1.6.9 through to 1.6.15 have an integer-overflow
vulnerability in png_combine_row() when decoding very wide interlaced
images, which can allow an attacker to overwrite an arbitrary amount of
memory with attacker-controlled data.
This bug is fixed in version 1.6.16.
Diffstat (limited to 'sdk')
-rw-r--r-- | sdk/Makefile | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sdk/Makefile b/sdk/Makefile index 573aed1..80970ae 100644 --- a/sdk/Makefile +++ b/sdk/Makefile @@ -27,7 +27,7 @@ VERSION_ZLIB := 1.2.8 VERSION_LIBICONV := 1.14 VERSION_LIBTRE := 0.8.0 VERSION_OPENSSL := 1.0.1j -VERSION_LIBPNG := 1.6.15 +VERSION_LIBPNG := 1.6.16 VERSION_LIBJPEG := 8d VERSION_LIBCARES := 1.10.0 VERSION_LIBCURL := 7.38.0 |