2 files changed, 1 insertions, 46 deletions
diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2025-54874.patch b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2025-54874.patch
deleted file mode 100644
index 187557a35c..0000000000
--- a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2025-54874.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From f809b80c67717c152a5ad30bf06774f00da4fd2d Mon Sep 17 00:00:00 2001
-From: Sebastian Rasmussen <sebras@gmail.com>
-Date: Thu, 16 Jan 2025 02:13:43 +0100
-Subject: [PATCH] opj_jp2_read_header: Check for error after parsing header.
-Consider the case where the caller has not set the p_image
-pointer to NULL before calling opj_read_header().
-If opj_j2k_read_header_procedure() fails while obtaining the rest
-of the marker segment when calling opj_stream_read_data() because
-the data stream is too short, then opj_j2k_read_header() will
-never have the chance to initialize p_image, leaving it
-uninitialized.
-opj_jp2_read_header() will check the p_image value whether
-opj_j2k_read_header() suceeded or failed. This may be detected as
-an error in valgrind or ASAN.
-The fix is to check whether opj_j2k_read_header() suceeded before
-using the output argument p_image.
-CVE: CVE-2025-54874
-Upstream-Status: Backport [https://github.com/uclouvain/openjpeg/commit/f809b80c67717c152a5ad30bf06774f00da4fd2d]
-Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
---
- src/lib/openjp2/jp2.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/src/lib/openjp2/jp2.c b/src/lib/openjp2/jp2.c
-index 4df055a5..da506318 100644
--- a/src/lib/openjp2/jp2.c
-+++ b/src/lib/openjp2/jp2.c
-@@ -2873,7 +2873,7 @@ OPJ_BOOL opj_jp2_read_header(opj_stream_private_t *p_stream,
-                               p_image,
-                               p_manager);
- 
-    if (p_image && *p_image) {
-+    if (ret && p_image && *p_image) {
-         /* Set Image Color Space */
-         if (jp2->enumcs == 16) {
-             (*p_image)->color_space = OPJ_CLRSPC_SRGB;
-- 
-2.50.1
diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.5.3.bb b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.5.4.bb
index fff73ee46a..23f46c45cd 100644
--- a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.5.3.bb
+++ b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.5.4.bb
@@ -7,9 +7,8 @@ DEPENDS = "libpng tiff lcms zlib"
 SRC_URI = "git://github.com/uclouvain/openjpeg.git;branch=master;protocol=https \
           file://0001-Do-not-ask-cmake-to-export-binaries-they-don-t-make-.patch \
-           file://CVE-2025-54874.patch \
           "
-SRCREV = "210a8a5690d0da66f02d49420d7176a21ef409dc"
+SRCREV = "6c4a29b00211eb0430fa0e5e890f1ce5c80f409f"
 inherit cmake

diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2025-54874.patch b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2025-54874.patch deleted file mode 100644 index 187557a35c..0000000000 --- a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2025-54874.patch +++ /dev/null
@@ -1,44 +0,0 @@
1	From f809b80c67717c152a5ad30bf06774f00da4fd2d Mon Sep 17 00:00:00 2001
2	From: Sebastian Rasmussen <sebras@gmail.com>
3	Date: Thu, 16 Jan 2025 02:13:43 +0100
4	Subject: [PATCH] opj_jp2_read_header: Check for error after parsing header.
5
6	Consider the case where the caller has not set the p_image
7	pointer to NULL before calling opj_read_header().
8
9	If opj_j2k_read_header_procedure() fails while obtaining the rest
10	of the marker segment when calling opj_stream_read_data() because
11	the data stream is too short, then opj_j2k_read_header() will
12	never have the chance to initialize p_image, leaving it
13	uninitialized.
14
15	opj_jp2_read_header() will check the p_image value whether
16	opj_j2k_read_header() suceeded or failed. This may be detected as
17	an error in valgrind or ASAN.
18
19	The fix is to check whether opj_j2k_read_header() suceeded before
20	using the output argument p_image.
21
22	CVE: CVE-2025-54874
23	Upstream-Status: Backport [https://github.com/uclouvain/openjpeg/commit/f809b80c67717c152a5ad30bf06774f00da4fd2d]
24	Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
25	---
26	src/lib/openjp2/jp2.c \| 2 +-
27	1 file changed, 1 insertion(+), 1 deletion(-)
28
29	diff --git a/src/lib/openjp2/jp2.c b/src/lib/openjp2/jp2.c
30	index 4df055a5..da506318 100644
31	--- a/src/lib/openjp2/jp2.c
32	+++ b/src/lib/openjp2/jp2.c
33	@@ -2873,7 +2873,7 @@ OPJ_BOOL opj_jp2_read_header(opj_stream_private_t *p_stream,
34	p_image,
35	p_manager);
36
37	- if (p_image && *p_image) {
38	+ if (ret && p_image && *p_image) {
39	/* Set Image Color Space */
40	if (jp2->enumcs == 16) {
41	(*p_image)->color_space = OPJ_CLRSPC_SRGB;
42	--
43	2.50.1
44


diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.5.3.bb b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.5.4.bb index fff73ee46a..23f46c45cd 100644 --- a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.5.3.bb +++ b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.5.4.bb
@@ -7,9 +7,8 @@ DEPENDS = "libpng tiff lcms zlib"
7		7
8	SRC_URI = "git://github.com/uclouvain/openjpeg.git;branch=master;protocol=https \	8	SRC_URI = "git://github.com/uclouvain/openjpeg.git;branch=master;protocol=https \
9	file://0001-Do-not-ask-cmake-to-export-binaries-they-don-t-make-.patch \	9	file://0001-Do-not-ask-cmake-to-export-binaries-they-don-t-make-.patch \
10	file://CVE-2025-54874.patch \
11	"	10	"
12	SRCREV = "210a8a5690d0da66f02d49420d7176a21ef409dc"	11	SRCREV = "6c4a29b00211eb0430fa0e5e890f1ce5c80f409f"
13		12
14	inherit cmake	13	inherit cmake
15		14