From: Richard Purdie <[email protected]> A vulnerability in the `xpmNextWord()` function could cause an internal pointer to read beyond the file's end due to improper validation of file boundaries. This issue was fixed in libXpm 3.5.19.
The changes between 3.5.18 and 3.5.19 contain only the fix to CVE-2026-4367. Signed-off-by: Richard Purdie <[email protected]> Signed-off-by: Enoch Ng <[email protected]> --- .../xorg-lib/{libxpm_3.5.18.bb => libxpm_3.5.19.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-graphics/xorg-lib/{libxpm_3.5.18.bb => libxpm_3.5.19.bb} (88%) diff --git a/meta/recipes-graphics/xorg-lib/libxpm_3.5.18.bb b/meta/recipes-graphics/xorg-lib/libxpm_3.5.19.bb similarity index 88% rename from meta/recipes-graphics/xorg-lib/libxpm_3.5.18.bb rename to meta/recipes-graphics/xorg-lib/libxpm_3.5.19.bb index 94bf28232e..32e052fd42 100644 --- a/meta/recipes-graphics/xorg-lib/libxpm_3.5.18.bb +++ b/meta/recipes-graphics/xorg-lib/libxpm_3.5.19.bb @@ -22,6 +22,6 @@ PACKAGES =+ "sxpm cxpm" FILES:cxpm = "${bindir}/cxpm" FILES:sxpm = "${bindir}/sxpm" -SRC_URI[sha256sum] = "b4ed79bfc718000edee837d551c35286f0b84576db0ce07bbbebe60a4affa1e4" +SRC_URI[sha256sum] = "ad3576d689221a39dc728f0e0dc02ca7bb6a0d724c9a77fd1bfa1e9af83be900" BBCLASSEXTEND = "native"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#239661): https://lists.openembedded.org/g/openembedded-core/message/239661 Mute This Topic: https://lists.openembedded.org/mt/119996272/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
