| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187
allowed a remote attacker to perform an out of bounds memory write via
a crafted HTML page.
Removed CVE-2023-5129.patch as CVE-2023-5129 is duplicate of CVE-2023-4863.
CVE: CVE-2023-4863
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-4863
https://security-tracker.debian.org/tracker/CVE-2023-4863
https://bugzilla.redhat.com/show_bug.cgi?id=2238431#c12
(From OE-Core rev: e2bd9494b59b486000320c6814371f37828d4c2d)
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libtiff: potential integer overflow in raw2tiff.c
References:
https://bugzilla.redhat.com/show_bug.cgi?id=2235264
https://security-tracker.debian.org/tracker/CVE-2023-41175
https://gitlab.com/libtiff/libtiff/-/issues/592
(From OE-Core rev: b2518923dff885778c550f0faa22e99bf76b6288)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4ee806cbc12fbc830b09ba6222e96b1e5f24539f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libtiff: integer overflow in tiffcp.c
References:
https://security-tracker.debian.org/tracker/CVE-2023-40745
https://gitlab.com/libtiff/libtiff/-/issues/591
https://bugzilla.redhat.com/show_bug.cgi?id=2235265
(From OE-Core rev: 3340e024ae8676081488f23a0678c28c23ab0b42)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c3d4fbeb51278a04a6800c894c681733ad2259ca)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This release only contains bugfixes and security fixes.
Highlighted bugfixes in 1.22.6:
Security fixes for the MXF demuxer and H.265 video parser
Fix latency regression in H.264 hardware decoder base class
androidmedia: fix HEVC codec profile registration and fix coded_data handling
decodebin3: fix switching from a raw stream to an encoded stream
gst-inspect: prettier and more correct signal and action signals printing
rtmp2: Allow NULL flash version, omitting the field, for better RTMP server compatibility
rtspsrc: better compatibility with buggy RTSP servers that don't set a clock-rate
rtpjitterbuffer: fix integer overflow that led to more packets being declared lost than have been lost
v4l2: fix video encoding regression on RPi and fix support for left and top padding
waylandsink: Crop surfaces to their display width height
cerbero: recognise Manjaro; add Rust support for MSVC ARM64; cmake detection fixes
various bug fixes, build fixes, memory leak fixes, and other stability and reliability improvements
https://nvd.nist.gov/vuln/detail/CVE-2023-40474
https://nvd.nist.gov/vuln/detail/CVE-2023-40475
https://nvd.nist.gov/vuln/detail/CVE-2023-40476
https://gstreamer.freedesktop.org/releases/1.22/#1.22.6
(From OE-Core rev: f481d973d7f942f8a9492cd71985bd1d428ac59a)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Disable neon if the machine does not support it.
(From OE-Core rev: 866d3ca22ca30bff9d7b85b87387f40b59d60113)
Signed-off-by: Benjamin Bara <benjamin.bara@skidata.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0c3a6a74531d3860a3849a1f53f6709d6a0e88a5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
=========
* Fixed invalid regex in src/create_symbols_file.py
* Fixed passing null pointer to printf %s in tests
(From OE-Core rev: 7d5a6d6c908ce7e7601c85a00a2331039f1e5fe4)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit ff22e9ae6a237d8c48aa9eaee65de3157f52307b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
| |
Add patch for Libwebp 1.3.1 to fix CVE-2023-5129.
(From OE-Core rev: 852068debb268669699ad9a8dbe44907a19aa482)
Signed-off-by: Colin McAllister <colinmca242@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
drop patch which is already part of 5.1.3.
0001-avcodec-rpzaenc-stop-accessing-out-of-bounds-frame.patch(CVE-2022-3964):
https://git.ffmpeg.org/gitweb/ffmpeg.git/patch/1eb002596e3761d88de4aeea3158692b82fb6307
0001-avcodec-smcenc-stop-accessing-out-of-bounds-frame.patch(CVE-2022-3965):
https://git.ffmpeg.org/gitweb/ffmpeg.git/patch/293dc39bcaa99f213c6b7a703e11f146abf5d3be
ffmpeg-fix-vulkan.patch : https://git.ffmpeg.org/gitweb/ffmpeg.git/patch/7268323193d55365f914de39fadd5dbdb1f68976
(From OE-Core rev: aeee19cda946b67f33c7b7c02c86513676bc89bd)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
| |
(From OE-Core rev: 2b41b6054936ee8d5237a981f8cbdcbea54d244c)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a894c9499863f127380c38f0b17d51b356391821)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2023-39018 belongs to ffmpeg-cli-wrapper (Java wrapper around the FFmpeg CLI)
and not ffmpeg itself. As per CVE description, it is mentioned as FFmpeg 0.7.0 which
is the version for ffmpeg-cli-wrapper and ffmpeg don't have 0.7.0 version at all.
Debian & Bugzilla trackers have already marked as NOT-FOR-US/RESOLVED-INVALID.
As it won't be affecting the ffmpeg package so, we can ignore the CVE-2023-39018
in ffmpeg recipe.
References:
https://github.com/bramp/ffmpeg-cli-wrapper
https://github.com/FFmpeg/FFmpeg
https://security-tracker.debian.org/tracker/CVE-2023-39018
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-39018
Upstream master patch:
https://git.openembedded.org/openembedded-core/commit/?id=c21ed498b423c13463a4ae0bb475883cc7901847
(From OE-Core rev: d1c087713add2d780b4978b9d7ec33d514d68cd4)
Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2023-1999.patch
removed since it's included in 1.3.1
Changelog:
==========
This is a binary compatible release.
* security fixes for lossless encoder (#603, chromium: #1420107, #1455619,
CVE-2023-1999)
* improve error reporting through WebPPicture error codes
* fix upsampling for RGB565 and RGBA4444 in NEON builds
* img2webp: add -sharp_yuv & -near_lossless
* Windows builds:
- fix compatibility with clang-cl (#607)
- improve Arm64 performance with cl.exe
- add Arm64EC support
* fix webp_js with emcc >= 3.1.27 (stack size change, #614)
* CMake fixes (#592, #610, #612)
* further updates to the container and lossless bitstream docs (#581, #611)
(From OE-Core rev: 6d6d103cfba013f54d567f96095a64034e568890)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 15411fb32b5a3c0ac9c06ff89db5664799f55d77)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Also remove old CVE_CHECK_IGNOREs which are no longer needed due to CPE
updates.
This is a backport from master. Mickledore had one extra CVE patch that
was not on master at the time of upgrade, so it had to be manually
removed here.
(From OE-Core rev: 309b58071d14406ccdf90342f0a33285dc83c87c)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Natasha Bailey <nat.bailey@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bugfixes:
==========
- Security fixes for flacparse, dvdspu, and subparse
- d3d11videosink: Fix error on pause and play
- decklink: Correctly handle SDK strings on macOS and free strings
after usage on Linux
- filesink: Fix buffered mode writing of buffer lists and buffers with
multiple memories
- gldownload: handle passthrough without a critical
- h265parse: Fix framerate handling regression
- oggdemux: vp8 fixes
- mp4mux, qtmux, qtdemux: Opus audio mapping fixes
- pngdec: Fix wrong colours output from 16bit RGB images
- ptp clock: Work around ptpd bug in default configuration
- srtpdec: fix critical warnings on shutdown
- v4l2src: fix support for bayer format
- v4l2videoenc: support force-keyframe event in v4l2 encoder
- vtenc: apply DTS offset to ensure DTS <= PTS
- gst-python: allow more functions to be called before gst_init()
- cerbero: fix vaapi variant; add qt6 build on windows; ensure errors
on unguarded use of new APIs, require macOS 10.13
- packages: ship codecalpha, rtponvif, dvbsubenc, switchbin,
videosignal plugins; fix pango crash on 32-bit windows
- various bug fixes, memory leak fixes, and other stability and
reliability improvements
(From OE-Core rev: a071696747ece93409d533a2e966cd59195a056d)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d7bf88db7f2f55540bf7891474a3a28f5681ddbb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
| |
Upstream-Status: Backport from [https://gitlab.com/libtiff/libtiff/-/commit/69818e2f2d246e6631ac2a2da692c3706b849c38, https://gitlab.com/libtiff/libtiff/-/commit/ec8ef90c1f573c9eb1f17d6a056aa0015f184acf]
(From OE-Core rev: 7db6039b809a11dc9b0b51a31a763bec87016568)
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The third 1.22 bug-fix release (1.22.3) was released on 19 May 2023.
This release only contains bugfixes and it should be safe to update from 1.22.x.
Highlighted bugfixes in 1.22.3
avdec: fix occasional video decoder deadlock on seeking with FFmpeg 6.0
decodebin3: fix regression handling input streams without CAPS or TIME segment such as e.g. udpsrc or `pushfilesrc
bluez: a2dpsink: fix Bluetooth SIG Certification test failures
osxvideosink: fix deadlock upon closing output window
qtdemux: fix edit list handling regression and AV1 codec box parsing
qtmux: fix extraction of CEA608 closed caption data from S334-1A packets
rtspsrc: Fix handling of * control path
splitmux: timestamp handling improvements
v4l2videodec: Rework dynamic resolution change handling (needed for IMX6 mainline codec)
videoflip: fix regression with automatically rotating video based on tags
d3d11: many d3d11videosink and d3d11compositor fixes
webrtc, rtp: numerous data race fixes and stability fixes
various bug fixes, memory leak fixes, and other stability and reliability improvements
(From OE-Core rev: 2bc75dea621f1d206ee43a5000d05cf959cd44e9)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8ff5c4bfe46bb325535041a9127356ae425dbe5f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Add patch to fix CVE-2023-1999
Link: https://github.com/webmproject/libwebp/commit/a486d800b60d0af4cc0836bf7ed8f21e12974129
(From OE-Core rev: ff726a731d06aa8c6490176e9a539fd59ec2159e)
Signed-off-by: Nikhil R <nikhil.r@kpit.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 8f6fcbe2d64e998be934b5b2e0ab65c159bfb807)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This patch fixes an issue in libtiff's LZWDecode function which could cause a null pointer dereference.
(From OE-Core rev: 1430f2f7aa774c3deb54dca8b8252d31ab5a513c)
Signed-off-by: Natasha Bailey <nat.bailey@windriver.com>
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7da5abf23232f61bf8009b4b8e97632768867e07)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Remove 0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch
file from tiff as it was removed while upgrading tiff from
4.4.0 -> 4.5.0
(From OE-Core rev: b61e75037ed92e6bf4d9d506ffedfc5d50085522)
Signed-off-by: Nikhil R <nikhilar2410@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c53abdb5ce9cdbfb0f9e48b64b800c45549d18a6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
===========
From 1.22.1:
audio channel-mix: allow up to 64 channels (instead of up to 63 channels)
avfvideosrc: Don't wait on main thread for permissions request
avvidenc: avoid generating inaccurate output timestamps, especially with variable framerate streams
AV1 video codec caps signalling improvements in various elements
codectimestamper: Fix timestamping on sequence update
d3d11overlaycompositor: fix texture width and height
d3d11videosink: Fix rendering on external handle
dashdemux2: fix seek operation taking a log time to finish for some streams
nvencoder: Fix B-frame encoding on Linux and min buffers in auto GPU mode
playbin3: fixing buffering for live pipelines
playbin: fix potential deadlock when stopping stream with subtitles visible
redenc: fix setting of extension ID for twcc
rtspsrc: improved compatibility with more broken RTSP servers
v4l2h264dec: Fix Raspberry Pi4 will not play video in application
vtdec: fix jittery playback of H.264 Level 4.1 movies in macOS
vtdec: Fix non-deterministic frame output after flushing seeks
vtenc: fix handling of interlaced ProRes on Apple M1 hardware
vtenc: don't advertise ARGB/RGBA64 input caps on M1 Pro/Max with macOS <13
wasapi2src: Fix loopback capture on Windows 10 Anniversary Update
tools: better handling of non-ASCII command line arguments on Windows
gst-libav: fix build against newer ffmpeg versions
gst-python: Use arch-specific install dir for gi overrides
cerbero: Fix setuptools site.py breakage in Python 3.11
macOS packages: Fix broken binaries on macos < 11.0
various bug fixes, memory leak fixes, and other stability and reliability improvements
From 1.22.2:
avdec_h264: fix decoder deadlocks with FFmpeg 6.0
rtspsrc: fix regression with URI protocols in OPTIONS requests for RTSP over TLS
rtspsrc: improved control url handling compatibility for broken servers
decklink: fix 10 bit RGB (r210) format auto detection for capture and fix playout if video caps are configured before audio caps
d3d11videosink: Fix tearing in case of fullscreen mode
playbin: fix deadlock when stopping stream with subtitles visible (even more)
typefinding: fix regression not detecting application/dash+xml in some corner cases
osxvideosink: fix broken aspect ratio and frame drawing region
decodebin3, parsebin: Improve elementary stream handling when decoders are not present and fix hang when removing a failing stream
urisourcebin: Propagate sticky events from parsebin, so that the STREAM_START event with the GstStream info is always available when pads get exposed
v4l2: Add support for YVU420M format; mark JPEG content as parsed
h264decoder, h265decoder: DPB bumping process and latency reporting fixes
Opus: Fix reading of extended channel config in MPEG-TS and fix missing sample rate when remuxing from RTP to Matroska
zxing: add support for building against zxing-c++ 2.0
cerbero: Fix packaging of Rust plugins on Android; fix modern Gentoo distro detection
various bug fixes, memory leak fixes, and other stability and reliability improvements
(From OE-Core rev: aed2b6833370b60c263afdd8beb0b1c20b9c2ec1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
=========
- build:
-- Fix --disable-8bit.
-- Fall back to generic decoder if no yasm for MSVC (bug 346).
-- Fix some pedantic compiler warnings, avoid breaking libtool wrappers.
- mpg123:
-- Fix verbose position printout for new resampling outside libmpg123 (where
output rate differs from decoding rate).
- libsyn123:
-- Fix reconfiguration of resampler to avoid double free when reducing
decimator stages to zero (bug 350).
(From OE-Core rev: 653530d19306f26e40586786032f8a2375dc6b48)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 01ccf7c55d3d9c32ffd509abebd928ccb402b9f8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Below patch fixes the CVE-2022-4645 as well.
0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch
Link: https://nvd.nist.gov/vuln/detail/CVE-2022-4645
(From OE-Core rev: 2fb604272f6b0c94c5616323ed973918c22b8389)
Signed-off-by: Pawan Badganchi <Pawan.Badganchi@kpit.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 312393edf0aa5b2c515c08245d1c289ba79bad55)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
| |
|
|
|
|
|
|
|
|
| |
An upcoming change will simplify the setuptools3-base FILES assignments,
which means this recipe needs to package a library explicitly.
(From OE-Core rev: bab2e8c76453cf9982af936f20c6b22cc2237ba7)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
Add dependencies on missing gconv module to fix execution in minimal images.
(From OE-Core rev: 859f36e40b380262804e96bbfd29d8846911bfa3)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The patch fixes the following errors observed when building ffmpeg in
vulkan-enabled distros:
| src/libavutil/hwcontext_vulkan.c:363:7: error: 'VK_EXT_VIDEO_DECODE_H264_EXTENSION_NAME' undeclared here (not in a function); did you mean 'VK_EXT_VIDEO_ENCODE_H264_EXTENSION_NAME'?
| 363 | { VK_EXT_VIDEO_DECODE_H264_EXTENSION_NAME, FF_VK_EXT_NO_FLAG },
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | VK_EXT_VIDEO_ENCODE_H264_EXTENSION_NAME
| src/libavutil/hwcontext_vulkan.c:364:7: error: 'VK_EXT_VIDEO_DECODE_H265_EXTENSION_NAME' undeclared here (not in a function); did you mean 'VK_EXT_VIDEO_ENCODE_H265_EXTENSION_NAME'?
| 364 | { VK_EXT_VIDEO_DECODE_H265_EXTENSION_NAME, FF_VK_EXT_NO_FLAG },
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | VK_EXT_VIDEO_ENCODE_H265_EXTENSION_NAME
(From OE-Core rev: b16c8696be9d56edb5ff77210abfff9a784fad89)
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: bf0cf66c10c95ddada595dd5a84b45235c09ebab)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Somewhere along the way this ceased to be a build requirement;
I have verified that the recipe installs the same set
of identical files with and without introspection enabled and
present in sysroot.
(From OE-Core rev: 32283136eaad7631c5253b8da538b747666d2705)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
musl's definition of ioctl() API is different from glibc's and gst has
built upon definition from glibc which was being warned about but now
compilers can check signatures of funciton pointers, means it becomes an
error with clang16+
(From OE-Core rev: 840d55a4bf8e908e2b2841496232ffa7c00799e4)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Drop xingmux license snippet from plugins-ugly as it moved to plugins-good;
the license was LGPL in any case:
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/blob/d132592423be64ec18a223b67810ac89f391277e/subprojects/gst-plugins-good/tests/check/elements/xingmux.c
videoconvert/videoscale plgins were merged into one.
(From OE-Core rev: fb2d28e0315ece6180c87c7047587673024a09f7)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The configure scripts uses /tmp to execute some generated files.
If /tmp is noexec, then we meet the following error.
| Unable to create and execute files in /tmp. Set the TMPDIR environment
| variable to another directory and make sure that it is not mounted noexec.
| Sanity test failed.
(From OE-Core rev: 6099b88c4decb285fd3519d5565909c15d935030)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 2e365f600a8b4ee161bdfabd39ac323ec7205cce)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The main reason for this is an issue with latest libtiff update that causes
gtk4-native configure to fail in finding libtiff (while it just builds
fine for target).
By comparing libtiff-4.pc for native and target it turned out, that
it links for native with zstd and libdeflate. Probably because those libs
were found on my host system.
Adding PACKAGECONFIGS for the libs prevents us from taking them from the host.
(From OE-Core rev: ca2e2035b9d81a230a1a63f51b1300418e9b9ca6)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The runtime dependency on libsoup set via PACKAGECONFIG does not work.
The problem is the dependency is placed on the main package, but the
soup package has no dependency on the main package.
I considered modifying the call to do_split_packages from
gstreamer1.0-plugins-packaging.inc, changing extra_depends from '' to
None:
```
extra_depends -- extra runtime dependencies (RDEPENDS) to be set for
all packages. The default value of None causes a
dependency on the main package (${PN}) - if you do
not want this, pass '' for this parameter.
```
However, the problem with this solution is that it does add the runtime
dependency to _all_ such split packages.
So, fix the problem with an explicit runtime dependency.
(From OE-Core rev: 56c4559788d3d87ceed965aedd03d461df5999aa)
Signed-off-by: Tom Hochstein <tom.hochstein@nxp.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
* add libsharpyuv, which exposes -sharp_yuv/config.use_sharp_yuv
functionality to other libraries; libwebp now depends on this library
* major updates to the container and lossless bitstream docs (#448, #546,
#551)
* miscellaneous warning, bug & build fixes (#576, #583, #584)
(From OE-Core rev: e6d50bba6e9e629e292984d54baf62c81407c976)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
NEON is enabled for aarch64 by default, so, to ensure consistency with
arm32, reference to libpng-1.6.38/configure, added
enable_hardware_optimizations option for aarch64.
(From OE-Core rev: 12e68d5824849fa20f0e3fe8fc1921da111bb6fb)
Signed-off-by: Lei Maohui <leimaohui@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This is a follow-up to commit 846ff49465 to remove the extra whitespace
that is no longer needed after converting :append and :prepend to += and
=+.
(From OE-Core rev: 5a38be49e451c9f9d973b10a33c3972507f7b18a)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
tiff-native otherwise falsely detects webp if its installed on build
host. This ensures deterministic behavior regardless of host.
(From OE-Core rev: 718c44f282310b2ca85877fed706460ccc1eebea)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
Disable lfs aliases since they are not needed when LFS is enabled
(From OE-Core rev: a999fe86f2ea34d1b7ba3958d5b54b89ab7a884f)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Drop all CVE backports.
License-Update: formatting
(From OE-Core rev: 9a255a3b114686b04bf54560c7485552ec3b438c)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 120a53fc7b38868af9179412b3ce39ea407c9b04)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Latest nasm requires this as it otherwise writes full paths into its output.
(From OE-Core rev: e94e714b890734bcc74977c7c9de40eda8463b60)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
As far as I can tell, none of these uses of PACKAGESPLITFUNCS need append/prepend
operators, the standard += and =+ can work just fine. Since OE-Core is copied a lot,
use the preferred syntax which is also simpler to parse and change.
(From OE-Core rev: 846ff49465337dddd75a83161f41f48117f6571c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: b57df3fe9c1623ba2f5a9a0e11a85dcdc77e76a5)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 220a527d269f146bdabd66040b5bee7de9e3fd3f.
- Drop this patch and use the upstream solution
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/2643
(From OE-Core rev: 9660045d07a2b492ac48a1f1b08aa4288b45d64a)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: a5b9e6fa9242ea910b6d0128f51ac5d115f11991)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
===========
systemclock waiting fixes for certain 32-bit platforms/libcs
alphacombine: robustness improvements for corner case scenarios
avfvideosrc: Report latency when doing screen capture
d3d11videosink: various thread-safety and stability fixes
decklink: fix performance issue when HDMI signal has been lost for a long time
flacparse: Fix handling of headers advertising 32 bits per sample
mpegts: Handle when iconv doesn't support ISO 6937 (e.g. musl libc)
opengl: fix automatic dispmanx detection for rpi4 and fix usage of eglCreate/DestroyImage
opusdec: Various channel-related fixes
textrender: event handling fixes, esp. for GAP event
subparse: Fix non-closed tag handling
videoscale: fix handling of unknown buffer metas
videosink: reverse playback handling fixes
qtmux: Prefill mode fixes, especially for raw audio
multiudpsink: allow binding to IPv6 address
rtspsrc: Fix usage of IPv6 connections in SETUP
rtspsrc: Only EOS on timeout if all streams are timed out/EOS
splitmuxsrc: fix playback stall if there are unlinked pads
v4l2: Fix SIGSEGV on state change during format changes
wavparse robustness fixes
Fix static linking on macOS (opengl, vulkan)
gstreamer-vaapi: fix headless build against mesa >= 22.3.0
GStreamer Editing Services library: Fix build with tools disabled
webrtc example/demo fixes
unit test fixes for aesdec and rtpjitterbuffer
Cerbero: Fix ios cross-compile with cmake on M1; some recipe updates and other build fixes
Binary packages: pkg-config file fixes for various recipes (ffmpeg, taglib, gstreamer)
Binary packages: Enable high bitdepth support for libvpx (VP8/VP9 encoding/decoding)
Binary packages: ship aes plugin
Miscellaneous bug fixes, memory leak fixes, and other stability and reliability improvements
Performance improvements
(From OE-Core rev: fd8ab6052d88120c58cf84ad7d77d60c12ef3b8a)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
* Changed the error handler of oversized chunks (i.e. larger than
PNG_USER_CHUNK_MALLOC_MAX) from png_chunk_error to png_benign_error.
* Fixed a buffer overflow error in contrib/tools/pngfix.
* Fixed a memory leak (CVE-2019-6129) in contrib/tools/pngcp.
* Disabled the ARM Neon optimizations by default in the CMake file,
following the default behavior of the configure script.
* Allowed configure.ac to work with the trunk version of autoconf.
* Removed the support for "install" targets from the legacy makefiles;
removed the obsolete makefile.cegcc.
* Cleaned up the code and updated the internal documentation.
(From OE-Core rev: 19799cb50a00561b318cba1c8c20737f20e4a47f)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch contains a fix for CVE-2022-3970
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-3970
https://security-tracker.debian.org/tracker/CVE-2022-3970
Patch generated from :
https://gitlab.com/libtiff/libtiff/-/commit/227500897dfb07fb7d27f7aa570050e62617e3be
(From OE-Core rev: 668ff495ac44e5b6d9e1af15d3861b5c2b4dfcd1)
Signed-off-by: Zheng Qiu <zheng.qiu@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function
smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The
manipulation of the argument y_size leads to out-of-bounds read. The attack can be initiated remotely.
The name of the patch is 13c13109759090b7f7182480d075e13b36ed8edd. It is recommended to apply a patch to
fix this issue. The identifier of this vulnerability is VDB-213544.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-3965
Upstream Fix:
https://github.com/FFmpeg/FFmpeg/commit/13c13109759090b7f7182480d075e13b36ed8edd
(From OE-Core rev: b88c96fe8964614978aa25a65dd34fc3c05c664c)
Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file
libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size
leads to out-of-bounds read. It is possible to initiate the attack remotely. The name of the patch is
92f9b28ed84a77138105475beba16c146bdaf984. It is recommended to apply a patch to fix this issue. The associated
identifier of this vulnerability is VDB-213543.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-3964
Upstream Fix:
https://github.com/FFmpeg/FFmpeg/commit/92f9b28ed84a77138105475beba16c146bdaf984
(From OE-Core rev: 4595f85e7ce867d68ca9d6a6e3ad2544565be3cc)
Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
License-Update: removed file, URL fix
Remove options no longer supported upstream.
(From OE-Core rev: 1d458456a37451f553006e60d248bc330c79a0c8)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
