diff options
Diffstat (limited to 'meta/recipes-multimedia')
23 files changed, 136 insertions, 55 deletions
diff --git a/meta/recipes-multimedia/alsa/alsa-topology-conf_1.2.4.bb b/meta/recipes-multimedia/alsa/alsa-topology-conf_1.2.4.bb index 26542fbbbc..0d4a30a304 100644 --- a/meta/recipes-multimedia/alsa/alsa-topology-conf_1.2.4.bb +++ b/meta/recipes-multimedia/alsa/alsa-topology-conf_1.2.4.bb @@ -20,3 +20,7 @@ do_install() { PACKAGES = "${PN}" FILES_${PN} = "*" + +# remove at next version upgrade or when output changes +PR = "r1" +HASHEQUIV_HASH_VERSION .= ".1" diff --git a/meta/recipes-multimedia/alsa/alsa-ucm-conf_1.2.4.bb b/meta/recipes-multimedia/alsa/alsa-ucm-conf_1.2.4.bb index 32cf41c8fd..7787dad268 100644 --- a/meta/recipes-multimedia/alsa/alsa-ucm-conf_1.2.4.bb +++ b/meta/recipes-multimedia/alsa/alsa-ucm-conf_1.2.4.bb @@ -21,3 +21,7 @@ do_install() { PACKAGES = "${PN}" FILES_${PN} = "*" + +# remove at next version upgrade or when output changes +PR = "r1" +HASHEQUIV_HASH_VERSION .= ".1" diff --git a/meta/recipes-multimedia/flac/flac/CVE-2021-0561.patch b/meta/recipes-multimedia/flac/flac/CVE-2021-0561.patch new file mode 100644 index 0000000000..b48663ae42 --- /dev/null +++ b/meta/recipes-multimedia/flac/flac/CVE-2021-0561.patch @@ -0,0 +1,41 @@ +From e1575e4a7c5157cbf4e4a16dbd39b74f7174c7be Mon Sep 17 00:00:00 2001 +From: Neelkamal Semwal <neelkamal.semwal@ittiam.com> +Date: Fri, 18 Dec 2020 22:28:36 +0530 +Subject: [PATCH] libFlac: Exit at EOS in verify mode + +When verify mode is enabled, once decoder flags end of stream, +encode processing is considered complete. + +CVE-2021-0561 + +Signed-off-by: Ralph Giles <giles@thaumas.net> + +Upstream-Status: Backport +CVE: CVE-2021-0561 + +Reference to upstream patch: +https://github.com/xiph/flac/commit/e1575e4a7c5157cbf4e4a16dbd39b74f7174c7be + +Signed-off-by: Li Wang <li.wang@windriver.com> +--- + src/libFLAC/stream_encoder.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/libFLAC/stream_encoder.c b/src/libFLAC/stream_encoder.c +index 74387ec..8bb0ef3 100644 +--- a/src/libFLAC/stream_encoder.c ++++ b/src/libFLAC/stream_encoder.c +@@ -2610,7 +2610,9 @@ FLAC__bool write_bitbuffer_(FLAC__StreamEncoder *encoder, uint32_t samples, FLAC + encoder->private_->verify.needs_magic_hack = true; + } + else { +- if(!FLAC__stream_decoder_process_single(encoder->private_->verify.decoder)) { ++ if(!FLAC__stream_decoder_process_single(encoder->private_->verify.decoder) ++ || (!is_last_block ++ && (FLAC__stream_encoder_get_verify_decoder_state(encoder) == FLAC__STREAM_DECODER_END_OF_STREAM))) { + FLAC__bitwriter_release_buffer(encoder->private_->frame); + FLAC__bitwriter_clear(encoder->private_->frame); + if(encoder->protected_->state != FLAC__STREAM_ENCODER_VERIFY_MISMATCH_IN_AUDIO_DATA) +-- +2.23.0 + diff --git a/meta/recipes-multimedia/flac/flac_1.3.3.bb b/meta/recipes-multimedia/flac/flac_1.3.3.bb index cb6692aedf..d3c352cc44 100644 --- a/meta/recipes-multimedia/flac/flac_1.3.3.bb +++ b/meta/recipes-multimedia/flac/flac_1.3.3.bb @@ -15,6 +15,7 @@ LIC_FILES_CHKSUM = "file://COPYING.FDL;md5=ad1419ecc56e060eccf8184a87c4285f \ DEPENDS = "libogg" SRC_URI = "http://downloads.xiph.org/releases/flac/${BP}.tar.xz \ + file://CVE-2021-0561.patch \ " SRC_URI[md5sum] = "26703ed2858c1fc9ffc05136d13daa69" diff --git a/meta/recipes-multimedia/gstreamer/gst-devtools_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gst-devtools_1.18.6.bb index 2a56967f7b..258a0e899c 100644 --- a/meta/recipes-multimedia/gstreamer/gst-devtools_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gst-devtools_1.18.6.bb @@ -12,7 +12,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-devtools/gst-devtools-${PV} file://0001-connect-has-a-different-signature-on-musl.patch \ " -SRC_URI[sha256sum] = "ffbd194c40912cb5e7fca2863648bf9dd8257b7af97d3a60c4fcd4efd8526ccf" +SRC_URI[sha256sum] = "3725622c740a635452e54b79d065f963ab7706ca2403de6c43072ae7610a0de4" DEPENDS = "json-glib glib-2.0 glib-2.0-native gstreamer1.0 gstreamer1.0-plugins-base" RRECOMMENDS_${PN} = "git" diff --git a/meta/recipes-multimedia/gstreamer/gst-examples_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gst-examples_1.18.6.bb index 4670ab34db..5af43d1eda 100644 --- a/meta/recipes-multimedia/gstreamer/gst-examples_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gst-examples_1.18.6.bb @@ -12,7 +12,7 @@ SRC_URI = "git://gitlab.freedesktop.org/gstreamer/gst-examples.git;protocol=http file://gst-player.desktop \ " -SRCREV = "959bb246a5b1f5f9c78557da11c3f22b42ff89c0" +SRCREV = "70e4fcf4fc8ae19641aa990de5f37d758cdfcea4" S = "${WORKDIR}/git" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.18.6.bb index 6a84f92f31..6229bb4d62 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.18.6.bb @@ -12,7 +12,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=6762ed442b3822387a51c92d928ead0d \ " SRC_URI = "https://gstreamer.freedesktop.org/src/gst-libav/gst-libav-${PV}.tar.xz" -SRC_URI[sha256sum] = "344a463badca216c2cef6ee36f9510c190862bdee48dc4591c0a430df7e8c396" +SRC_URI[sha256sum] = "e4e50dcd5a29441ae34de60d2221057e8064ed824bb6ca4dc0fd9ee88fbe9b81" S = "${WORKDIR}/gst-libav-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.18.6.bb index d38be035f9..04b5dcc4f4 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.18.6.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c \ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-omx/gst-omx-${PV}.tar.xz" -SRC_URI[sha256sum] = "e35051cf891eb2f31d6fcf176ff37d985f97f33874ac31b0b3ad3b5b95035043" +SRC_URI[sha256sum] = "b5281c938e959fd2418e989cfb6065fdd9fe5f6f87ee86236c9427166e708163" S = "${WORKDIR}/gst-omx-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.18.6.bb index ce2082ee32..63e3488e9e 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.18.6.bb @@ -11,7 +11,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-bad/gst-plugins-bad file://0004-opencv-resolve-missing-opencv-data-dir-in-yocto-buil.patch \ file://0005-msdk-fix-includedir-path.patch \ " -SRC_URI[sha256sum] = "74e806bc5595b18c70e9ca93571e27e79dfb808e5d2e7967afa952b52e99c85f" +SRC_URI[sha256sum] = "0b1b50ac6311f0c510248b6cd64d6d3c94369344828baa602db85ded5bc70ec9" S = "${WORKDIR}/gst-plugins-bad-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.18.6.bb index 728a99e08b..4e7fc62ec7 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.18.6.bb @@ -12,7 +12,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-base/gst-plugins-ba file://0002-ssaparse-enhance-SSA-text-lines-parsing.patch \ file://0004-glimagesink-Downrank-to-marginal.patch \ " -SRC_URI[sha256sum] = "29e53229a84d01d722f6f6db13087231cdf6113dd85c25746b9b58c3d68e8323" +SRC_URI[sha256sum] = "56a9ff2fe9e6603b9e658cf6897d412a173d2180829fe01e92568549c6bd0f5b" S = "${WORKDIR}/gst-plugins-base-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0002-rtpjitterbuffer-Fix-parsing-of-the-mediaclk-direct-f.patch b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0002-rtpjitterbuffer-Fix-parsing-of-the-mediaclk-direct-f.patch deleted file mode 100644 index 14a9fe23aa..0000000000 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0002-rtpjitterbuffer-Fix-parsing-of-the-mediaclk-direct-f.patch +++ /dev/null @@ -1,33 +0,0 @@ -From ec1949dffd931d0ec7e4f67108a08ab1e2af0cfe Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com> -Date: Tue, 16 Mar 2021 19:25:36 +0200 -Subject: [PATCH] rtpjitterbuffer: Fix parsing of the mediaclk:direct= field - -Due to an off-by-one when parsing the string, the most significant digit -or the clock offset was skipped when parsing the offset. - -Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/-/merge_requests/910> - -Upstream-Status: Backport [b5bb4ede3a42273fafc1054f9cf106ca527e3c26] - -Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com> ---- - gst/rtpmanager/gstrtpjitterbuffer.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/gst/rtpmanager/gstrtpjitterbuffer.c b/gst/rtpmanager/gstrtpjitterbuffer.c -index 60d8ad875..02fe15adc 100644 ---- a/gst/rtpmanager/gstrtpjitterbuffer.c -+++ b/gst/rtpmanager/gstrtpjitterbuffer.c -@@ -1534,7 +1534,7 @@ gst_jitter_buffer_sink_parse_caps (GstRtpJitterBuffer * jitterbuffer, - GST_DEBUG_OBJECT (jitterbuffer, "Got media clock %s", mediaclk); - - if (!g_str_has_prefix (mediaclk, "direct=") || -- !g_ascii_string_to_unsigned (&mediaclk[8], 10, 0, G_MAXUINT64, -+ !g_ascii_string_to_unsigned (&mediaclk[7], 10, 0, G_MAXUINT64, - &clock_offset, NULL)) - GST_FIXME_OBJECT (jitterbuffer, "Unsupported media clock"); - if (strstr (mediaclk, "rate=") != NULL) { --- -2.31.0 - diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.18.6.bb index 07cacdc68a..72ad8eff08 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.18.6.bb @@ -6,10 +6,9 @@ BUGTRACKER = "https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/-/issues SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-good/gst-plugins-good-${PV}.tar.xz \ file://0001-qt-include-ext-qt-gstqtgl.h-instead-of-gst-gl-gstglf.patch \ - file://0002-rtpjitterbuffer-Fix-parsing-of-the-mediaclk-direct-f.patch \ " -SRC_URI[sha256sum] = "b6e50e3a9bbcd56ee6ec71c33aa8332cc9c926b0c1fae995aac8b3040ebe39b0" +SRC_URI[sha256sum] = "26723ac01fcb360ade1f41d168c7c322d8af4ceb7e55c8c12ed2690d06a76eed" S = "${WORKDIR}/gst-plugins-good-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.18.6.bb index 932fa7f6fb..4774a17c1e 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.18.6.bb @@ -13,7 +13,7 @@ LICENSE_FLAGS = "commercial" SRC_URI = " \ https://gstreamer.freedesktop.org/src/gst-plugins-ugly/gst-plugins-ugly-${PV}.tar.xz \ " -SRC_URI[sha256sum] = "218df0ce0d31e8ca9cdeb01a3b0c573172cc9c21bb3d41811c7820145623d13c" +SRC_URI[sha256sum] = "4969c409cb6a88317d2108b8577108e18623b2333d7b587ae3f39459c70e3a7f" S = "${WORKDIR}/gst-plugins-ugly-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.18.6.bb index 49de3dac84..1a3ae5dde6 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.18.6.bb @@ -8,7 +8,7 @@ LICENSE = "LGPLv2.1" LIC_FILES_CHKSUM = "file://COPYING;md5=c34deae4e395ca07e725ab0076a5f740" SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz" -SRC_URI[sha256sum] = "cb68e08a7e825e08b83a12a22dcd6e4f1b328a7b02a7ac84f42f68f4ddc7098e" +SRC_URI[sha256sum] = "bdc0ea22fbd7335ad9decc151561aacc53c51206a9735b81eac700ce5b0bbd4a" DEPENDS = "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject" RDEPENDS_${PN} += "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.18.6.bb index f7bfe98985..f105713f33 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.18.6.bb @@ -10,7 +10,7 @@ PNREAL = "gst-rtsp-server" SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz" -SRC_URI[sha256sum] = "a46bb8de40b971a048580279d2660e616796f871ad3ed00c8a95fe4d273a6c94" +SRC_URI[sha256sum] = "826f32afbcf94b823541efcac4a0dacdb62f6145ef58f363095749f440262be9" S = "${WORKDIR}/${PNREAL}-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.18.6.bb index a268d79541..a604b5ebce 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.18.6.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING.LIB;md5=4fbd65380cdd255951079008b364516c" SRC_URI = "https://gstreamer.freedesktop.org/src/${REALPN}/${REALPN}-${PV}.tar.xz" -SRC_URI[sha256sum] = "92db98af86f3150d429c9ab17e88d2364f9c07a140c8f445ed739e8f10252aea" +SRC_URI[sha256sum] = "ab6270f1e5e4546fbe6f5ea246d86ca3d196282eb863d46e6cdcc96f867449e0" S = "${WORKDIR}/${REALPN}-${PV}" DEPENDS = "libva gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-bad" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0/0002-Remove-unused-valgrind-detection.patch b/meta/recipes-multimedia/gstreamer/gstreamer1.0/0002-Remove-unused-valgrind-detection.patch index 96abef17b0..5121044734 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0/0002-Remove-unused-valgrind-detection.patch +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0/0002-Remove-unused-valgrind-detection.patch @@ -1,4 +1,4 @@ -From 598d108e2c438d8f2ecd3bf948fa3ebbd3681490 Mon Sep 17 00:00:00 2001 +From e275ba2bd854ac15a4b65a8f07d9f042021950da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim-Philipp=20M=C3=BCller?= <tim@centricular.com> Date: Fri, 14 Aug 2020 16:38:26 +0100 Subject: [PATCH 2/3] Remove unused valgrind detection @@ -19,7 +19,7 @@ Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com> 3 files changed, 42 deletions(-) diff --git a/gst/gst_private.h b/gst/gst_private.h -index eefd044d9..8252ede51 100644 +index eefd044..8252ede 100644 --- a/gst/gst_private.h +++ b/gst/gst_private.h @@ -116,8 +116,6 @@ G_GNUC_INTERNAL gboolean _priv_plugin_deps_env_vars_changed (GstPlugin * plugin @@ -32,12 +32,12 @@ index eefd044d9..8252ede51 100644 G_GNUC_INTERNAL void _priv_gst_quarks_initialize (void); G_GNUC_INTERNAL void _priv_gst_mini_object_initialize (void); diff --git a/gst/gstinfo.c b/gst/gstinfo.c -index 5d317877b..097f8b20d 100644 +index eea1a21..d3035d6 100644 --- a/gst/gstinfo.c +++ b/gst/gstinfo.c @@ -305,36 +305,6 @@ static gboolean pretty_tags = PRETTY_TAGS_DEFAULT; - static volatile gint G_GNUC_MAY_ALIAS __default_level = GST_LEVEL_DEFAULT; - static volatile gint G_GNUC_MAY_ALIAS __use_color = GST_DEBUG_COLOR_MODE_ON; + static gint G_GNUC_MAY_ALIAS __default_level = GST_LEVEL_DEFAULT; + static gint G_GNUC_MAY_ALIAS __use_color = GST_DEBUG_COLOR_MODE_ON; -/* FIXME: export this? */ -gboolean @@ -82,7 +82,7 @@ index 5d317877b..097f8b20d 100644 env = g_getenv ("GST_DEBUG_OPTIONS"); if (env != NULL) { if (strstr (env, "full_tags") || strstr (env, "full-tags")) -@@ -2503,12 +2470,6 @@ gst_debug_construct_win_color (guint colorinfo) +@@ -2505,12 +2472,6 @@ gst_debug_construct_win_color (guint colorinfo) return 0; } @@ -96,7 +96,7 @@ index 5d317877b..097f8b20d 100644 _gst_debug_dump_mem (GstDebugCategory * cat, const gchar * file, const gchar * func, gint line, GObject * obj, const gchar * msg, diff --git a/meson.build b/meson.build -index ce1921aa4..7a84d0981 100644 +index 82a1728..42ae617 100644 --- a/meson.build +++ b/meson.build @@ -200,7 +200,6 @@ check_headers = [ diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.18.6.bb index 8562070968..82fb476a47 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.18.6.bb @@ -21,7 +21,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gstreamer/gstreamer-${PV}.tar.x file://0003-meson-Add-option-for-installed-tests.patch \ file://0001-tests-seek-Don-t-use-too-strict-timeout-for-validati.patch \ " -SRC_URI[sha256sum] = "9aeec99b38e310817012aa2d1d76573b787af47f8a725a65b833880a094dfbc5" +SRC_URI[sha256sum] = "4ec816010dd4d3a93cf470ad0a6f25315f52b204eb1d71dfa70ab8a1c3bd06e6" PACKAGECONFIG ??= "${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)} \ check \ diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch new file mode 100644 index 0000000000..b0ff1a0885 --- /dev/null +++ b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch @@ -0,0 +1,32 @@ +From 5adbc377cd90aa40f0cd56ae325ca70065a8aa19 Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Thu, 13 Jan 2022 16:45:59 +0800 +Subject: [PATCH] flac: Fix improper buffer reusing + +CVE: CVE-2021-4156.patch +Upstream-Status: Backport [https://github.com/libsndfile/libsndfile/issues/731] + +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + src/flac.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/flac.c b/src/flac.c +index 0be82ac..6548bba 100644 +--- a/src/flac.c ++++ b/src/flac.c +@@ -952,7 +952,11 @@ flac_read_loop (SF_PRIVATE *psf, unsigned len) + /* Decode some more. */ + while (pflac->pos < pflac->len) + { if (FLAC__stream_decoder_process_single (pflac->fsd) == 0) ++ { psf_log_printf (psf, "FLAC__stream_decoder_process_single returned false\n") ; ++ /* Current frame is busted, so NULL the pointer. */ ++ pflac->frame = NULL ; + break ; ++ } + state = FLAC__stream_decoder_get_state (pflac->fsd) ; + if (state >= FLAC__STREAM_DECODER_END_OF_STREAM) + { psf_log_printf (psf, "FLAC__stream_decoder_get_state returned %s\n", FLAC__StreamDecoderStateString [state]) ; +-- +2.17.1 + diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb index 044881a859..8eb007884e 100644 --- a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb +++ b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb @@ -20,6 +20,7 @@ SRC_URI = "http://www.mega-nerd.com/libsndfile/files/libsndfile-${PV}.tar.gz \ file://CVE-2017-12562.patch \ file://CVE-2018-19758.patch \ file://CVE-2019-3832.patch \ + file://CVE-2021-4156.patch \ " SRC_URI[md5sum] = "646b5f98ce89ac60cdb060fcd398247c" diff --git a/meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch b/meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch new file mode 100644 index 0000000000..eb16e95ffc --- /dev/null +++ b/meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch @@ -0,0 +1,30 @@ +Backport patch to fix CVE-2020-23903. + +CVE: CVE-2020-23903 +Upstream-Status: Backport [https://github.com/xiph/speex/commit/870ff84] + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +From 870ff845b32f314aec0036641ffe18aba4916887 Mon Sep 17 00:00:00 2001 +From: Tristan Matthews <tmatth@videolan.org> +Date: Mon, 13 Jul 2020 23:25:03 -0400 +Subject: [PATCH] wav_io: guard against invalid channel numbers + +Fixes #13 +--- + src/wav_io.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/wav_io.c b/src/wav_io.c +index b5183015..09d62eb0 100644 +--- a/src/wav_io.c ++++ b/src/wav_io.c +@@ -111,7 +111,7 @@ int read_wav_header(FILE *file, int *rate, int *channels, int *format, spx_int32 + stmp = le_short(stmp); + *channels = stmp; + +- if (stmp>2) ++ if (stmp>2 || stmp<1) + { + fprintf (stderr, "Only mono and (intensity) stereo supported\n"); + return -1; diff --git a/meta/recipes-multimedia/speex/speex_1.2.0.bb b/meta/recipes-multimedia/speex/speex_1.2.0.bb index 3a0911d6f8..ea475f0f1b 100644 --- a/meta/recipes-multimedia/speex/speex_1.2.0.bb +++ b/meta/recipes-multimedia/speex/speex_1.2.0.bb @@ -7,7 +7,9 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=314649d8ba9dd7045dfb6683f298d0a8 \ file://include/speex/speex.h;beginline=1;endline=34;md5=ef8c8ea4f7198d71cf3509c6ed05ea50" DEPENDS = "libogg speexdsp" -SRC_URI = "http://downloads.xiph.org/releases/speex/speex-${PV}.tar.gz" +SRC_URI = "http://downloads.xiph.org/releases/speex/speex-${PV}.tar.gz \ + file://CVE-2020-23903.patch \ + " UPSTREAM_CHECK_REGEX = "speex-(?P<pver>\d+(\.\d+)+)\.tar" SRC_URI[md5sum] = "8ab7bb2589110dfaf0ed7fa7757dc49c" diff --git a/meta/recipes-multimedia/x264/x264_git.bb b/meta/recipes-multimedia/x264/x264_git.bb index f95fb0c41e..448d632145 100644 --- a/meta/recipes-multimedia/x264/x264_git.bb +++ b/meta/recipes-multimedia/x264/x264_git.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" DEPENDS = "nasm-native" -SRC_URI = "git://github.com/mirror/x264;branch=stable \ +SRC_URI = "git://github.com/mirror/x264;branch=stable;protocol=https \ file://don-t-default-to-cortex-a9-with-neon.patch \ file://Fix-X32-build-by-disabling-asm.patch \ " |