| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rebased 0001-configure-Check-for-clang.patch.
Removed the backported CVE patches.
License-Update: copyright years refreshed
(From OE-Core rev: d536c0a0e400c27fd7954402195698e2c639338a)
Signed-off-by: Tanu Kaskinen <tanuk@iki.fi>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prevent out-of-bounds write in codebook decoding. The bug could allow
code execution from a specially crafted Ogg Vorbis file.
References:
https://www.debian.org/security/2018/dsa-4140
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146
(From OE-Core rev: 1f01ce76c76d63f5ffe96baf518e670ae01c4d12)
Signed-off-by: Tanu Kaskinen <tanuk@iki.fi>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing
uninitialized memory in the function vorbis_analysis_headerout() in
info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14632
(From OE-Core rev: 5786e39e040f241f6bade29ba2ce61b7715e1b66)
Signed-off-by: Tanu Kaskinen <tanuk@iki.fi>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability
exists in the function mapping0_forward() in mapping0.c, which may lead
to DoS when operating on a crafted audio file with vorbis_analysis().
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14633
(From OE-Core rev: db6c0df30acdb9973f9bd4297a5fce4725c0720d)
Signed-off-by: Tanu Kaskinen <tanuk@iki.fi>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: b6cdbf50e5c26c406e4ddecd66202ff7324f5468)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Those code fragments date back to ancient times. EXTRA_OECONF is not
required anymore and we should give gcc another try to do it right.
Testing on cortex-a8 with thumb and -O2 reveals a performance boost of
82 percent during encoding in comparison to -O0. -O4 gives another 7
percent.
(From OE-Core rev: ea04f05710a9a2a1e9561fe87579d0ae9690bd21)
Signed-off-by: Stefan Müller-Klieser <s.mueller-klieser@phytec.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Licence years have changes causing checksum changes
-Copyright (c) 2002-2008 Xiph.org Foundation
+Copyright (c) 2002-2015 Xiph.org Foundation
(From OE-Core rev: cb034175054ae31f7065677ba36b6a45dc067be0)
(From OE-Core rev: 49e5f3fca65133a83f124324011d7bee18fd3aa1)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|