From a05c7b035f23a21f454dfa72bba358028c24595a Mon Sep 17 00:00:00 2001
From: Michael Drake <michael.drake@codethink.co.uk>
Date: Wed, 14 Jan 2015 11:27:06 +0000
Subject: Update libpng to version 1.6.16

Versions of libpng from 1.6.9 through to 1.6.15 have an integer-overflow
vulnerability in png_combine_row() when decoding very wide interlaced
images, which can allow an attacker to overwrite an arbitrary amount of
memory with attacker-controlled data.

This bug is fixed in version 1.6.16.
---
 sdk/Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'sdk')

diff --git a/sdk/Makefile b/sdk/Makefile
index 573aed1..80970ae 100644
--- a/sdk/Makefile
+++ b/sdk/Makefile
@@ -27,7 +27,7 @@ VERSION_ZLIB := 1.2.8
 VERSION_LIBICONV := 1.14
 VERSION_LIBTRE := 0.8.0
 VERSION_OPENSSL := 1.0.1j
-VERSION_LIBPNG := 1.6.15
+VERSION_LIBPNG := 1.6.16
 VERSION_LIBJPEG := 8d
 VERSION_LIBCARES := 1.10.0
 VERSION_LIBCURL := 7.38.0
-- 
cgit v1.2.3