diff options
| author | Andrew Geissler <geissonator@yahoo.com> | 2020-07-25 00:15:54 +0300 |
|---|---|---|
| committer | Andrew Geissler <geissonator@yahoo.com> | 2020-07-25 00:20:14 +0300 |
| commit | b7d2861976669d4f6decc55762ba83fe0371d6d5 (patch) | |
| tree | 895805a16305cf31bccbf50b9baa866b232afa49 /poky/meta/recipes-multimedia/libvorbis | |
| parent | 5bea8d8239056487ed7ec39d7b1c319c664dcf68 (diff) | |
| download | openbmc-b7d2861976669d4f6decc55762ba83fe0371d6d5.tar.xz | |
poky: subtree update:968fcf4989..23deb29c1b
Arthur She (1):
igt-gpu-tools: Add PACKAGECONFIG for Chamelium support
Bruce Ashfield (4):
linux-yocto/5.4: update to v5.4.51
linux-yocto-rt/5.4: fix mmdrop stress test issues
kernel-yocto: account for extracted defconfig in elements check
kernel-devsrc: fix on-target module build for v5.8+
Changqing Li (2):
dpkg: change SRC_URI to take dpkg from git
gtk-immodules-cache.bbclass: fix post install scriptlet error
Charlie Davies (1):
u-boot: fix condition to allow use of *.cfg
Chen Qi (1):
rpm: fix nativesdk's default var location
Christian Eggers (2):
avahi: Fix typo in recipe
util-linux: Set license for library sub packages
Daniel Ammann (1):
image.bbclass: improve wording when image size exceeds the specified limit
Dmitry Baryshkov (1):
gcc-10.1: add fix for PR 96130
Douglas (2):
nativesdk: clear MACHINE_FEATURES
nativesdk: Set the CXXFLAGS to the BUILDSDK_CXXFLAGS
He Zhe (1):
cryptodev-module: Backport a patch to fix build failure with kernel v5.8
Hongxu Jia (1):
e2fsprogs: fix up check for hardlinks always false if inode > 0xFFFFFFFF
Jens Rehsack (3):
subversion: extend for nativesdk
serf: extend for nativesdk
kmod: add packageconfig for xz and ssl
Joshua Watt (8):
virtual/libgbm is the provider of gbm.pc
diffoscope: upgrade 150 -> 151
python3-pycryptodomex: upgrade 3.9.7 -> 3.9.8
python3-pycryptodome: upgrade 3.9.7 -> 3.9.8
classes/reproducible: Move to library code
lib/oe/reproducible: Fix error when no git HEAD
classes/cmake: Fix host detection
classes/package: Use HOST_OS for runtime dependencies
Kamil Dziezyk (1):
qemu: fix for virtfs configuration error in qemu 5.0.0
Kevin Hao (3):
wic/filemap: Drop the unused block_is_unmapped()
wic/filemap: Drop the unused get_unmapped_ranges()
wic/filemap: Fall back to standard copy when no way to get the block map
Khem Raj (4):
go: Disbale CGO for riscv64
go-dep: Fix build on riscv64
musl: Update to latest tip
site: Make sys_siglist default to no
Konrad Weihmann (2):
bitbake: pyshyacc: allow double COMMA statements
ptest: append to FILES
Kurt Kiefer (1):
linux-firmware: add ibt-20 package
Lee Chee Yang (1):
bison: fix Argument list too long error
Mingli Yu (1):
python3: define a profile directory path
Naveen Saini (3):
libva: upgrade 2.7.1 -> 2.8.0
libva-initial: upgrade 2.7.1 -> 2.8.0
libva-utils: upgrade 2.7.1 -> 2.8.0
Oleksandr (1):
expat: Added ptest
Pierre-Jean Texier (1):
u-boot: upgrade 2020.04 -> 2020.07
Rasmus Villemoes (1):
cml1: Move find_cfgs() helper to cml1.bbclass
Ricardo Salveti (1):
sudo: set with-rundir to /run/sudo
Richard Purdie (34):
bitbake: fetch2: Change git fetcher not to destroy old references
oeqa/selftest/sstatetests: Avoid polluting DL_DIR
bitbake: server/process: Fix a rare lockfile race
qemurunner: Ensure pid location is deterministic
qemurunner: Add extra debug info when qemu fails to start
bitbake: server/process: Ensure UI-less servers don't sit in infinite loops
oeqa/utils/qemurunner: Fix missing pid file tracebacks
mpfr: upgrade 4.0.2 -> 4.1.0
libuv: upgrade 1.38.0 -> 1.38.1
btrfs-tools: upgrade 5.6.1 -> 5.7
init-system-helpers: upgrade 1.57 -> 1.58
createrepo-c: upgrade 0.15.11 -> 0.16.0
mtd-utils: upgrade 2.1.1 -> 2.1.2
dpkg: upgrade 1.20.0 -> 1.20.5
python3-cython: upgrade 0.29.20 -> 0.29.21
python3-git: upgrade 3.1.3 -> 3.1.7
asciidoc: upgrade 9.0.0 -> 9.0.1
libnsl2: upgrade 1.2.0 -> 1.3.0
rpcsvc-proto: upgrade 1.4.1 -> 1.4.2
stress-ng: upgrade 0.11.14 -> 0.11.15
epiphany: upgrade 3.36.2 -> 3.36.3
ffmpeg: upgrade 4.3 -> 4.3.1
gnupg: upgrade 2.2.20 -> 2.2.21
mpg123: upgrade 1.26.1 -> 1.26.2
libevent: upgrade 2.1.11 -> 2.1.12
webkitgtk: upgrade 2.28.2 -> 2.28.3
libgcrypt: upgrade 1.8.5 -> 1.8.6
bitbake: server/process: Fix note reference -> info
bitbake: cooker: Fix unmatched files handling leading to misleading warnings
bitbake: build: Allow deltask to take multiple tasknames
pseudo: Update to add OFC fcntl lock updates
oeqa/qemurunner: Add priority/nice information for running processes
bitbake: cooker: Improve multiconfig configuration error reporting
bitbake: cooker: Handle multiconfig name mappings correctly
Robert Yang (1):
openssl: openssl-bin requires openssl-conf to run
Ross Burton (9):
insane: consolidate skipping of temporary do_package files
perf: add PACKAGECONFIG for CoreSight support
autotools: don't special-case help2man-native for dependencies
flex: fix build with autoconf 2.70
nasm: fix build with autoconf 2.70
init-ifupdown: always make machine-specific
insane: improve arch test messages
startup-notification: add time_t type mismatch patch from upstream
gcc: mitigate the Straight-line Speculation attack
Sakib Sajal (5):
qemu: fix CVE-2020-13362
qemu: fix CVE-2020-13659
qemu: fix CVE-2020-13800
qemu: fix CVE-2020-13791
busybox: make hwclock compatible with glibc 2.31
Tanu Kaskinen (2):
alsa-lib: upgrade 1.2.3.1 -> 1.2.3.2
pulseaudio: improve the Thumb frame pointer fix
Taras Kondratiuk (1):
nfs-utils: use rpcgen tool from HOSTTOOLS_DIR
Tim Orling (2):
lib/oe/recipeutils.py: add AUTHOR; BBCLASSEXTEND
scripts/lib/recipetool/create.py: fix regex strings
Wang Mingyu (4):
dbus: upgrade 1.12.18 -> 1.12.20
fribidi: upgrade 1.0.9 -> 1.0.10
glib-2.0: upgrade 2.64.3 -> 2.64.4
libvorbis: upgrade 1.3.6 -> 1.3.7
Yi Zhao (1):
bind: upgrade 9.11.19 -> 9.11.21
Yongxin Liu (2):
linux-firmware: fix the wrong file path for ibt-misc
linux-firmware: move ibt-misc to the end of ibt packages
akuster (3):
cve-check.bbclass: always save cve report
ref-system-requirements: update supported hosts lists
glibc: whitelist CVE-2010-10029
zhengruoqin (1):
gnutls: Fix krb5 code license to GPLv2.1+ to match the LICENSE file.
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: Iae9b13b7fe09bb3c0ab953a063793c95e8b17468
Diffstat (limited to 'poky/meta/recipes-multimedia/libvorbis')
| -rw-r--r-- | poky/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14160.patch | 34 | ||||
| -rw-r--r-- | poky/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2018-10392.patch | 34 | ||||
| -rw-r--r-- | poky/meta/recipes-multimedia/libvorbis/libvorbis_1.3.7.bb (renamed from poky/meta/recipes-multimedia/libvorbis/libvorbis_1.3.6.bb) | 10 |
3 files changed, 4 insertions, 74 deletions
diff --git a/poky/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14160.patch b/poky/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14160.patch deleted file mode 100644 index b7603c3b1..000000000 --- a/poky/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14160.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 018ca26dece618457dd13585cad52941193c4a25 Mon Sep 17 00:00:00 2001 -From: Thomas Daede <daede003@umn.edu> -Date: Wed, 9 May 2018 14:56:59 -0700 -Subject: [PATCH] CVE-2017-14160: fix bounds check on very low sample rates. - ---- -CVE: CVE-2017-14160 CVE-2018-10393 - -Upstream-Status: Backport [gitlab.com/Xiph.Org/Vorbis/Commits/018ca26d...] - -Signed-off-by: Joe Slater <joe.slater@windriver.com> ---- ---- - lib/psy.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/lib/psy.c b/lib/psy.c -index 422c6f1..1310123 100644 ---- a/lib/psy.c -+++ b/lib/psy.c -@@ -602,8 +602,9 @@ static void bark_noise_hybridmp(int n,const long *b, - for (i = 0, x = 0.f;; i++, x += 1.f) { - - lo = b[i] >> 16; -- if( lo>=0 ) break; - hi = b[i] & 0xffff; -+ if( lo>=0 ) break; -+ if( hi>=n ) break; - - tN = N[hi] + N[-lo]; - tX = X[hi] - X[-lo]; --- -1.7.9.5 - diff --git a/poky/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2018-10392.patch b/poky/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2018-10392.patch deleted file mode 100644 index b7936b4b4..000000000 --- a/poky/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2018-10392.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 112d3bd0aaacad51305e1464d4b381dabad0e88b Mon Sep 17 00:00:00 2001 -From: Thomas Daede <daede003@umn.edu> -Date: Thu, 17 May 2018 16:19:19 -0700 -Subject: [PATCH] Sanity check number of channels in setup. - -Fixes #2335. - ---- -CVE: CVE-2018-10392 - -Upstream-Status: Backport [gitlab.com/Xiph.Org/Vorbis/Commits/112d3bd...] - -Signed-off-by: Joe Slater <joe.slater@windriver.com> ---- - - lib/vorbisenc.c | 1 + - 1 file changed, 1 insertion(+) - - -diff --git a/lib/vorbisenc.c b/lib/vorbisenc.c -index 4fc7b62..64a51b5 100644 ---- a/lib/vorbisenc.c -+++ b/lib/vorbisenc.c -@@ -684,6 +684,7 @@ int vorbis_encode_setup_init(vorbis_info *vi){ - highlevel_encode_setup *hi=&ci->hi; - - if(ci==NULL)return(OV_EINVAL); -+ if(vi->channels<1||vi->channels>255)return(OV_EINVAL); - if(!hi->impulse_block_p)i0=1; - - /* too low/high an ATH floater is nonsensical, but doesn't break anything */ --- -1.7.9.5 - diff --git a/poky/meta/recipes-multimedia/libvorbis/libvorbis_1.3.6.bb b/poky/meta/recipes-multimedia/libvorbis/libvorbis_1.3.7.bb index 1a3cdc226..c5c10348c 100644 --- a/poky/meta/recipes-multimedia/libvorbis/libvorbis_1.3.6.bb +++ b/poky/meta/recipes-multimedia/libvorbis/libvorbis_1.3.7.bb @@ -6,16 +6,14 @@ HOMEPAGE = "http://www.vorbis.com/" BUGTRACKER = "https://trac.xiph.org" SECTION = "libs" LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://COPYING;md5=70c7063491d2d9f76a098d62ed5134f1 \ - file://include/vorbis/vorbisenc.h;beginline=1;endline=11;md5=d1c1d138863d6315131193d4046d81cb" +LIC_FILES_CHKSUM = "file://COPYING;md5=73d9c8942c60b846c3bad13cc6c2e520 \ + file://include/vorbis/vorbisenc.h;beginline=1;endline=11;md5=c95a4ac2b4125f00a9acf61449ebb843" DEPENDS = "libogg" SRC_URI = "http://downloads.xiph.org/releases/vorbis/${BP}.tar.xz \ file://0001-configure-Check-for-clang.patch \ - file://CVE-2018-10392.patch \ - file://CVE-2017-14160.patch \ " -SRC_URI[md5sum] = "b7d1692f275c73e7833ed1cc2697cd65" -SRC_URI[sha256sum] = "af00bb5a784e7c9e69f56823de4637c350643deedaf333d0fa86ecdba6fcb415" +SRC_URI[md5sum] = "50902641d358135f06a8392e61c9ac77" +SRC_URI[sha256sum] = "b33cc4934322bcbf6efcbacf49e3ca01aadbea4114ec9589d1b1e9d20f72954b" inherit autotools pkgconfig |