2155769 – pgadmin4: Update bundled mozjpeg for security fixes, C99 compatibility

Bug 2155769 - pgadmin4: Update bundled mozjpeg for security fixes, C99 compatibility

Summary: pgadmin4: Update bundled mozjpeg for security fixes, C99 compatibility

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	pgadmin4
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Sandro Mani
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	PortingToModernCHelpNeeded
TreeView+	depends on / blocked

Reported:	2022-12-22 10:09 UTC by Florian Weimer
Modified:	2023-01-04 07:57 UTC (History)
CC List:	1 user (show)
Fixed In Version:	pgadmin4-6.18-1.fc38
Clone Of:
Environment:
Last Closed:	2023-01-03 22:55:40 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Florian Weimer 2022-12-22 10:09:34 UTC

There is a bundled copy of mozjpeg here:

package-cache/v6/npm-mozjpeg-8.0.0-cd990d96581626ca64b877146ce22ba00b3b308c-integrity/node_modules/mozjpeg/vendor/source/mozjpeg.tar.gz

It's from 2017, so it lacks quite a few security fixes.

Newer mozjpeg releases also fix a C99 compatibility issue in the right-shift-is-signed check (implicit declaration of the exit function).

Comment 1 Sandro Mani 2023-01-03 22:55:40 UTC

Done in pgadmin4-6.18-1.fc38.

Comment 2 Florian Weimer 2023-01-04 07:57:54 UTC

Thanks, fix verified.

Note You need to log in before you can comment on or make changes to this bug.