libwebp: fix CVE-2018-25011, CVE-2020-36328, CVE-2020-36329

CVE-2018-25011: libwebp: heap-based buffer overflow CVE-2020-36328: libwebp: heap-based buffer overflow CVE-2020-36329: libwebp: use-after-free Testing build-pkgs; build-iso (unused); create designer patch install patch run sanity test (PASS) remove patch run sanity test (PASS) ---sanity test --- #!/bin/python from PIL import Image im = Image.open("/usr/share/backgrounds/day.jpg") # create webp format file im.save("day.webp") --- Closes-Bug: 1954722 Signed-off-by: Joe Slater <joe.slater@windriver.com> Change-Id: I22ac6bd3b8399c6b16729201a0a4e05e631b5575
2021-12-22 13:02:54 -05:00 · 2021-12-22 13:02:54 -05:00 · ea942842dd
parent 6563846502
commit ea942842dd
2 changed files with 2 additions and 2 deletions
--- a/centos-mirror-tools/config/centos/distro/rpms_centos.lst
+++ b/centos-mirror-tools/config/centos/distro/rpms_centos.lst
@ -506,7 +506,7 @@ libwayland-client-1.15.0-1.el7.x86_64.rpm
 libwayland-cursor-1.15.0-1.el7.x86_64.rpm
 libwayland-egl-1.15.0-1.el7.x86_64.rpm
 libwayland-server-1.15.0-1.el7.x86_64.rpm
-libwebp-0.3.0-7.el7.x86_64.rpm
+libwebp-0.3.0-10.el7_9.x86_64.rpm
 libX11-1.6.7-4.el7_9.x86_64.rpm
 libX11-common-1.6.7-4.el7_9.noarch.rpm
 libX11-devel-1.6.7-4.el7_9.x86_64.rpm
--- a/centos-mirror-tools/config/centos/flock/rpms_centos.lst
+++ b/centos-mirror-tools/config/centos/flock/rpms_centos.lst
@ -515,7 +515,7 @@ libverto-libevent-0.2.5-4.el7.x86_64.rpm
 libverto-tevent-0.2.5-4.el7.x86_64.rpm
 libvisual-0.4.0-16.el7.x86_64.rpm
 libvorbis-1.3.3-8.el7.1.x86_64.rpm
-libwebp-0.3.0-7.el7.x86_64.rpm
+libwebp-0.3.0-10.el7_9.x86_64.rpm
 libX11-1.6.7-4.el7_9.x86_64.rpm
 libX11-common-1.6.7-4.el7_9.noarch.rpm
 libXau-1.0.8-2.1.el7.x86_64.rpm