9f81f578eb
Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile. For more details, see: https://github.com/mm2/Little-CMS/issues/171 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16435 The upstream fix unfortunately includes a number of unrelated changes, but thse files are not used when building for Linux. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> |
||
|---|---|---|
| .. | ||
| 0001-Upgrade-Visual-studio-2017-15.8.patch | ||
| Config.in | ||
| lcms2.hash | ||
| lcms2.mk | ||