buildroot/package/jhead
Fabrice Fontaine faf755b491 package/jhead: security bump to version 3.04
- Fix CVE-2019-1010301: jhead 3.03 is affected by: Buffer Overflow. The
  impact is: Denial of service. The component is: gpsinfo.c Line 151
  ProcessGpsInfo(). The attack vector is: Open a specially crafted JPEG
  file.
- Fix CVE-2019-1010302: jhead 3.03 is affected by: Incorrect Access
  Control. The impact is: Denial of service. The component is: iptc.c
  Line 122 show_IPTC(). The attack vector is: the victim must open a
  specially crafted JPEG file.
- Fix CVE-2019-19035: jhead 3.03 is affected by: heap-based buffer
  over-read. The impact is: Denial of service. The component is:
  ReadJpegSections and process_SOFn in jpgfile.c. The attack vector is:
  Open a specially crafted JPEG file.
- Update indentation of hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-03-05 16:35:42 +01:00
..
Config.in
jhead.hash
jhead.mk