linux/poky.git/meta/recipes-multimedia, branch mickledore-4.2.2

tiff: Security fix for CVE-2023-25434 and CVE-2023-26965

2023-07-04T15:32:29+00:00

Upstream-Status: Backport from [https://gitlab.com/libtiff/libtiff/-/commit/69818e2f2d246e6631ac2a2da692c3706b849c38, https://gitlab.com/libtiff/libtiff/-/commit/ec8ef90c1f573c9eb1f17d6a056aa0015f184acf] (From OE-Core rev: 7db6039b809a11dc9b0b51a31a763bec87016568) Signed-off-by: Siddharth Doshi Signed-off-by: Steve Sakoman

gstreamer1.0: upgrade 1.22.2 -> 1.22.3

2023-06-30T14:07:59+00:00

The third 1.22 bug-fix release (1.22.3) was released on 19 May 2023. This release only contains bugfixes and it should be safe to update from 1.22.x. Highlighted bugfixes in 1.22.3 avdec: fix occasional video decoder deadlock on seeking with FFmpeg 6.0 decodebin3: fix regression handling input streams without CAPS or TIME segment such as e.g. udpsrc or `pushfilesrc bluez: a2dpsink: fix Bluetooth SIG Certification test failures osxvideosink: fix deadlock upon closing output window qtdemux: fix edit list handling regression and AV1 codec box parsing qtmux: fix extraction of CEA608 closed caption data from S334-1A packets rtspsrc: Fix handling of * control path splitmux: timestamp handling improvements v4l2videodec: Rework dynamic resolution change handling (needed for IMX6 mainline codec) videoflip: fix regression with automatically rotating video based on tags d3d11: many d3d11videosink and d3d11compositor fixes webrtc, rtp: numerous data race fixes and stability fixes various bug fixes, memory leak fixes, and other stability and reliability improvements (From OE-Core rev: 2bc75dea621f1d206ee43a5000d05cf959cd44e9) Signed-off-by: Anuj Mittal Signed-off-by: Richard Purdie (cherry picked from commit 8ff5c4bfe46bb325535041a9127356ae425dbe5f) Signed-off-by: Steve Sakoman

libwebp: Fix CVE-2023-1999

2023-06-30T14:07:59+00:00

Add patch to fix CVE-2023-1999 Link: https://github.com/webmproject/libwebp/commit/a486d800b60d0af4cc0836bf7ed8f21e12974129 (From OE-Core rev: ff726a731d06aa8c6490176e9a539fd59ec2159e) Signed-off-by: Nikhil R Signed-off-by: Alexandre Belloni (cherry picked from commit 8f6fcbe2d64e998be934b5b2e0ab65c159bfb807) Signed-off-by: Steve Sakoman

tiff: backport a fix for CVE-2023-2731

2023-06-21T16:50:50+00:00

This patch fixes an issue in libtiff's LZWDecode function which could cause a null pointer dereference. (From OE-Core rev: 1430f2f7aa774c3deb54dca8b8252d31ab5a513c) Signed-off-by: Natasha Bailey Signed-off-by: Randy MacLeod Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie (cherry picked from commit 7da5abf23232f61bf8009b4b8e97632768867e07) Signed-off-by: Steve Sakoman

tiff: Remove unused patch from tiff

2023-06-06T14:05:58+00:00

Remove 0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch file from tiff as it was removed while upgrading tiff from 4.4.0 -> 4.5.0 (From OE-Core rev: b61e75037ed92e6bf4d9d506ffedfc5d50085522) Signed-off-by: Nikhil R Signed-off-by: Richard Purdie (cherry picked from commit c53abdb5ce9cdbfb0f9e48b64b800c45549d18a6) Signed-off-by: Steve Sakoman

gstreamer1.0: upgrade 1.22.0 -> 1.22.2

2023-05-31T14:08:10+00:00

Changelog: =========== From 1.22.1: audio channel-mix: allow up to 64 channels (instead of up to 63 channels) avfvideosrc: Don't wait on main thread for permissions request avvidenc: avoid generating inaccurate output timestamps, especially with variable framerate streams AV1 video codec caps signalling improvements in various elements codectimestamper: Fix timestamping on sequence update d3d11overlaycompositor: fix texture width and height d3d11videosink: Fix rendering on external handle dashdemux2: fix seek operation taking a log time to finish for some streams nvencoder: Fix B-frame encoding on Linux and min buffers in auto GPU mode playbin3: fixing buffering for live pipelines playbin: fix potential deadlock when stopping stream with subtitles visible redenc: fix setting of extension ID for twcc rtspsrc: improved compatibility with more broken RTSP servers v4l2h264dec: Fix Raspberry Pi4 will not play video in application vtdec: fix jittery playback of H.264 Level 4.1 movies in macOS vtdec: Fix non-deterministic frame output after flushing seeks vtenc: fix handling of interlaced ProRes on Apple M1 hardware vtenc: don't advertise ARGB/RGBA64 input caps on M1 Pro/Max with macOS <13 wasapi2src: Fix loopback capture on Windows 10 Anniversary Update tools: better handling of non-ASCII command line arguments on Windows gst-libav: fix build against newer ffmpeg versions gst-python: Use arch-specific install dir for gi overrides cerbero: Fix setuptools site.py breakage in Python 3.11 macOS packages: Fix broken binaries on macos < 11.0 various bug fixes, memory leak fixes, and other stability and reliability improvements From 1.22.2: avdec_h264: fix decoder deadlocks with FFmpeg 6.0 rtspsrc: fix regression with URI protocols in OPTIONS requests for RTSP over TLS rtspsrc: improved control url handling compatibility for broken servers decklink: fix 10 bit RGB (r210) format auto detection for capture and fix playout if video caps are configured before audio caps d3d11videosink: Fix tearing in case of fullscreen mode playbin: fix deadlock when stopping stream with subtitles visible (even more) typefinding: fix regression not detecting application/dash+xml in some corner cases osxvideosink: fix broken aspect ratio and frame drawing region decodebin3, parsebin: Improve elementary stream handling when decoders are not present and fix hang when removing a failing stream urisourcebin: Propagate sticky events from parsebin, so that the STREAM_START event with the GstStream info is always available when pads get exposed v4l2: Add support for YVU420M format; mark JPEG content as parsed h264decoder, h265decoder: DPB bumping process and latency reporting fixes Opus: Fix reading of extended channel config in MPEG-TS and fix missing sample rate when remuxing from RTP to Matroska zxing: add support for building against zxing-c++ 2.0 cerbero: Fix packaging of Rust plugins on Android; fix modern Gentoo distro detection various bug fixes, memory leak fixes, and other stability and reliability improvements (From OE-Core rev: aed2b6833370b60c263afdd8beb0b1c20b9c2ec1) Signed-off-by: Steve Sakoman

mpg123: upgrade 1.31.2 -> 1.31.3

2023-05-10T14:16:50+00:00

Changelog: ========= - build: -- Fix --disable-8bit. -- Fall back to generic decoder if no yasm for MSVC (bug 346). -- Fix some pedantic compiler warnings, avoid breaking libtool wrappers. - mpg123: -- Fix verbose position printout for new resampling outside libmpg123 (where output rate differs from decoding rate). - libsyn123: -- Fix reconfiguration of resampler to avoid double free when reducing decimator stages to zero (bug 350). (From OE-Core rev: 653530d19306f26e40586786032f8a2375dc6b48) Signed-off-by: Wang Mingyu Signed-off-by: Alexandre Belloni (cherry picked from commit 01ccf7c55d3d9c32ffd509abebd928ccb402b9f8) Signed-off-by: Steve Sakoman

tiff: Add fix for CVE-2022-4645

2023-05-10T14:16:50+00:00

Below patch fixes the CVE-2022-4645 as well. 0001-Revised-handling-of-TIFFTAG_INKNAMES-and-related-TIF.patch Link: https://nvd.nist.gov/vuln/detail/CVE-2022-4645 (From OE-Core rev: 2fb604272f6b0c94c5616323ed973918c22b8389) Signed-off-by: Pawan Badganchi Signed-off-by: Luca Ceresoli (cherry picked from commit 312393edf0aa5b2c515c08245d1c289ba79bad55) Signed-off-by: Steve Sakoman

gstreamer1.0-plugins: package the internal libraries explicitly

2023-04-04T12:11:50+00:00

An upcoming change will simplify the setuptools3-base FILES assignments, which means this recipe needs to package a library explicitly. (From OE-Core rev: bab2e8c76453cf9982af936f20c6b22cc2237ba7) Signed-off-by: Ross Burton Signed-off-by: Richard Purdie

gstreamer1.0: Add missing gconv ptest dependency

2023-03-12T23:39:13+00:00

Add dependencies on missing gconv module to fix execution in minimal images. (From OE-Core rev: 859f36e40b380262804e96bbfd29d8846911bfa3) Signed-off-by: Richard Purdie