similarity index 81%
rename from meta-oe/recipes-graphics/jasper/jasper_4.2.4.bb
rename to meta-oe/recipes-graphics/jasper/jasper_4.2.8.bb
@@ -4,9 +4,7 @@ LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=a80440d1d8f17d041c71c7271d6e06eb"
SRC_URI = "https://github.com/jasper-software/${BPN}/releases/download/version-${PV}/${BP}.tar.gz"
-SRC_URI[sha256sum] = "6a597613d8d84c500b5b83bf0eec06cd3707c23d19957f70354ac2394c9914e7"
-
-CVE_STATUS[CVE-2015-8751] = "fixed-version: The CPE in the NVD database doesn't reflect correctly the vulnerable versions."
+SRC_URI[sha256sum] = "98058a94fbff57ec6e31dcaec37290589de0ba6f47c966f92654681a56c71fae"
inherit cmake multilib_header
The upgrade contains fixes for the following vulenrabilities: CVE-2025-8835, CVE-2025-8836, CVE-2025-8837 Changelog: 4.2.8: Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set sufficiently high. 4.2.7: Added some missing range checking on several coding parameters in the JPC encoder. 4.2.6: Added a check for a missing color component in the jas_image_chclrspc function. Fixed a minor build problem related to the use of -Wstrict-prototypes with Clang. 4.2.5: Made a change to a configuration header file in order to avoid undesirable compiler warnings when JasPer is used in C++ code Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> --- .../jasper/{jasper_4.2.4.bb => jasper_4.2.8.bb} | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) rename meta-oe/recipes-graphics/jasper/{jasper_4.2.4.bb => jasper_4.2.8.bb} (81%)