diff options
author | Patrick Williams <patrick@stwcx.xyz> | 2021-08-08 03:21:33 +0300 |
---|---|---|
committer | Patrick Williams <patrick@stwcx.xyz> | 2021-08-11 23:39:32 +0300 |
commit | 213cb2696d00a85cd48d356cb5131824a302d828 (patch) | |
tree | bfdf8fcdfef3a88e392ca3acfca6dec4dc836c9f /poky/meta/recipes-multimedia/ffmpeg | |
parent | 40d8f44b51f83548f7ca8df062dd7435b784c0a8 (diff) | |
download | openbmc-213cb2696d00a85cd48d356cb5131824a302d828.tar.xz |
subtree updates
meta-raspberrypi: 8dc3a31088..c7f4c739a3:
Khem Raj (5):
linux-raspberrypi: Upgrade to 5.10.52
userland: Update to latest master branch
raspberrypi-firmware: Update to latest
raspberrypi-tools: Update to latest
sdcard_image-rpi.bbclass: Fix IMAGE_TYPEDEP override to use new syntax
Martin Jansa (4):
Convert to new override syntax
Manually fix conversion
layer.conf: Update to honister
userland: package man pages in PN-doc
Pierre-Jean Texier (2):
kas: local.conf: bump CONF_VERSION variable
kas: local.conf: disable prelink
poky: 17aabc0127..492205ea83:
Alexander Kanavin (17):
llvm: update 12.0.0 -> 12.0.1
systemd: update 248.3 -> 249.1
python3-testools: update 2.4.0 -> 2.5.0
libuv: update 1.41.0 -> 1.42.0
gnu-config: update to latest revision
vulkan-samples: update to latest revision
cmake: update 3.20.5 -> 3.21.0
cmake: update 3.21.0 -> 3.21.1
mtools: update 4.0.32 -> 4.0.34
util-linux: update 2.37 -> 2.37.1
iputils: update 20210202 -> 20210722
freetype: update 2.10.4 -> 2.11.0
devtool: print a warning on upgrades if PREFERRED_VERSION is set
rpm: do not RRECOMMEND rpm-build
selftest: add core-image-weston to no-gpl3-no-meta-gpl2 image test
shadow: update 4.8.1 -> 4.9
local.conf.sample: disable prelink
Bernhard Rosenkränzer (1):
gcc: update 11.1 -> 11.2
Bruce Ashfield (6):
linux-yocto/5.10: update to v5.10.53
linux-yocto/5.13: update to v5.13.5
linux-yocto/5.4: update to v5.4.135
linux-yocto-rt/5.10: update to -rt47
linux-yocto/5.13: enable TYPEC_TCPCI in usbc fragment
linux-yocto/5.10: enable TYPEC_TCPCI in usbc fragment
Changqing Li (1):
archiver.bbclass: fix do_ar_configured failure for kernel
Chen Qi (3):
zstd: fix CVE_PRODUCT
insane.bbclass: fix the file-rdeps QA message for the new override syntax
iputils: fix do_configure failure of missing ip command
Damian Wrobel (1):
rootfs: remove ldconfig auxiliary cache where appropriate
Denys Dmytriyenko (4):
meta: convert nested overrides leftovers to new syntax
convert-overrides.py: handle few more cases of overrides
libwpe: remove rpi-specific custom code
poky-tiny: drop uclibc override
Jon Mason (1):
parselogs.py: qemuarm should be qemuarmv5
Joshua Watt (4):
mesa: Fix v3d & vc4 dmabuf import
bitbake: bitbake: asyncrpc: Catch early SIGTERM
libxft: Fix bad PKG value
bitbake: contrib: vim: Update for new override syntax
Kai Kang (2):
u-boot_2021.07: set UBOOT_MACHINE for qemumips and qemumips64
python3-pytest: display correct version info
Kevin Hao (2):
meta-yocto-bsp: Introduce the v5.13 bbappend
meta-yocto-bsp: Bump to the v5.10.55
Khem Raj (10):
binutils: Upgrade to 2.37 branch
texinfo: Update gnulib to fix build with glibc 2.34
systemd: Fix build on musl
stress-ng: Drop defining daddr_t
stress-ng: Detemine minimal stack size via sysconf
mesa: Define a fallback for DRIDRIVERS
libssh2: Fix syntax for using ptest override
toaster-managed-mode.json: Correctly specify term with new override syntax
distrooverrides.bbclass: Correct override syntax
devtool.py: Correct override syntax
Lee Chee Yang (1):
aspell: fix CVE-2019-25051
Marek Vasut (2):
image_types: Restore pre-btrfs-tools 4.14.1 mkfs.btrfs shrink behavior
kernel-uboot: Handle gzip and lzo compression options
Martin Jansa (6):
convert-overrides.py: show processed file and version of this script
convert-overrides.py: remove base_dep_prepend and autotools_dep_prepend exception
convert-overrides.py: 0.9.1 include '(' as delimiter for shortvars
convert-overrides.py: allow specifying multiple target dirs
convert-overrides.py: allow dots before override in vars_re and shortvars_re
systemd-boot: use ld.bfd as efi-ld even when gold or lld is used in ${LD}
Matthias Klein (2):
runqemu: Fix typo in error message
runqemu: decouple bios and kernel options
Matthias Schiffer (3):
initscripts: populate-volatile.sh: do not log to tty0
initscripts: populate-volatile.sh: run create_file synchronously
initscripts: fix creation order for /var/log with VOLATILE_LOG_DIR=true
Michael Halstead (1):
releases: update to include 3.3.1
Michael Opdenacker (18):
oe-setup-builddir: update YP docs and OE URLs
conf-notes.txt: now suggesting to run 'runqemu qemux86-64'
test-manual: document LTO related reproducibility bug
quick start manual: update "source oe-init-build-env" output
dev-manual: fix wrong reference to class
documentation/README: improve BitBake manual referencing guidelines
manuals: simplify references to BitBake manual
manuals: remove explicit BitBake variable references
meta-skeleton: add recipe examples from documentation sources
bitbake: doc: bitbake-user-manual: fix syntax in example and improve description
bitbake: doc: bitbake-user-manual: update bitbake option help
bitbake: doc: bitbake-user-manual: grammar fix for the number of "metadata"
manuals: initial documentation for CVE management
ref-manual: remove example recipe source files
profile-manual: document how to build perf manpages on target
cve-check: fix comments
cve-check: update link to NVD website for CVE details
cve-check: improve comment about CVE patch file names
Mingli Yu (2):
perlcross: not break build if already patched
curl: Upgrade to 7.78.0
Nicolas Dechesne (4):
yocto-check-layer: improve missed dependencies
checklayer: new function get_layer_dependencies()
checklayer: rename _find_layer_depends
yocto-check-layer: ensure that all layer dependencies are tested too
Oleksandr Kravchuk (1):
bitbake.conf: change GNOME_MIRROR to new one
Patrick Williams (1):
pixman: re-disable iwmmxt
Paul Barker (4):
bitbake: asyncrpc: Fix bad message error in client
bitbake: asyncrpc: Set timeout when waiting for reply from server
bitbake: parse/ast: Substitute '~' when naming anonymous functions
kernel-yocto: Simplify no git repo case in do_kernel_checkout
Quentin Schulz (4):
bitbake: doc: Makefile: turn warnings into errors by default
bitbake: doc: bitbake-user-manual: ref-variables: order alphabetically the glossary sources
bitbake: doc: bitbake-user-manual: ref-variables: force glossary output to be alphabetically sorted
bitbake: doc: bitbake-user-manual: replace ``FOO`` by :term:`FOO` where possible
Richard Purdie (49):
Add MAINTAINERS.md file
yocto-check-layer: Remove duplicated code
libubootenv: Drop default-env RRECOMMENDS
bitbake: data_smart: Allow colon in variable expansion regex
meta-poky/meta-yocto-bsp: Convert to new override syntax
layer.conf: Update to honister
autotools/base/icecc: Remove prepend from function names
scripts/contrib: Add override conversion script
systemtap: Fix headers issue with x86 and 5.13 headers
migration-guides: Add start of 3.4 guide with override migration notes
common-tasks: Fix conversion error in npm example
bitbake: bitbake: Switch to using new override syntax
bitbake: doc/lib: Update to use new override syntax containing colons
bitbake: doc/lib: Add fixes for issues missed by the automated conversion
bitbake: bitbake: Update to version 1.51.1
layer.conf: Override changes mean we're only compatible with honister
Convert to new override syntax
meta: Manual override fixes
local.conf.sample: Bump version so users update their config
sanity.conf: Require bitbake 1.51.1
dropbear: Fix incorrect package override for postrm
convert-overrides: Allow script to handle patch/diffs
sdk: Decouple default install path from built in path
sstate: Fix rebuilds when changing layer config
populate_sdk_ext: Fix handling of TOOLCHAIN_HOST_TASK in the eSDK case
local.conf.sample: Bump version so users update their config
poky: Use SDKPATHINSTALL instead of SDKPATH
vim: Clarify where RDEPENDS/RRECOMMENDS apply
bitbake: data_smart: Fix inactive overide accidental variable value corruption
local.conf.sample: Fix missed override conversion
license: Exclude COPYING.MIT from pseudo
meta: Convert IMAGE_TYPEDEP to use override syntax
uboot-extlinux-config: Fix missing override conversion
image/image_types: Convert CONVERSION_CMD/COMPRESS_CMD to new override syntax
image: Drop COMPRESS_CMD
devupstream: Allow support of native class extensions
diffoscope: Upgrade 178 -> 179
strace: Upgrade 5.12 -> 5.13
valgrind: Add patches for glibc 2.34 support
bitbake: runqueue: Improve multiconfig deferred task issues
elfutils: Add patch from upstream for glibc 2.34 ptest fixes
bitbake: doc: Fix append/prepend/remove references
bitbake: fetch/tests/toaster: Override conversion fixups
bitbake: process: Improve traceback error reporting from main loop
bitbake: command: Ensure we catch/handle exceptions
bitbake: ui/taskexp: Improve startup exception handling
bitbake: ui/taskexp: Fix to work with empty build directories
oeqa/runtime/cases/ptest: Increase test timeout from 300s to 450s
packagedata: Fix after override syntax change
Ross Burton (2):
glew: fix Makefile race
libx11: fix xkb compilation with _EVDEVK symbols
Saul Wold (1):
MAINTAINERS: Saul will cover devtool and eSDK
Stefan Wiehler (1):
dev-manual: fix source release example script
Stefano Babic (1):
mtd-utils: upgrade 2.1.2 -> 2.1.3
Tim Orling (2):
python3-hypothesis: upgrade 6.14.3 -> 6.14.5
python3-importlib-metadata: upgrade 4.6.1 -> 4.6.3
Tony Battersby (2):
lto.inc: disable LTO for grub
gcc: Backport patch to make LTO builds more reproducible
Tony Tascioglu (6):
ffmpeg: fix-CVE-2020-20446
ffmpeg: fix CVE-2020-20453
ffmpeg: fix CVE-2020-22015
ffmpeg: fix CVE-2020-22021
ffmpeg: fix CVE-2020-22033 and CVE-2020-22019
ffmpeg: fix CVE-2021-33815
Trevor Woerner (1):
ffmpeg: add libatomic for armv5
Ulrich Ölmann (2):
initramfs-framework: fix whitespace issue
initramfs-framework/setup-live: fix shebang
Vinay Kumar (1):
glibc: Fix CVE-2021-33574
Vivien Didelot (1):
init-manager-systemd: define weak dev manager
Zqiang (1):
python3: use monotonic clock for condvar if possible
hongxu (1):
createrepo-c: fix createrepo-c failed in nativesdk
leimaohui (1):
archiver.bbclass: Fix patch error for recipes that inherit dos2unix.
wangmy (3):
bind: upgrade 9.16.18 -> 9.16.19
i2c-tools: upgrade 4.2 -> 4.3
diffoscope: upgrade 177 -> 178
zangrc (2):
python3-dbus: upgrade 1.2.16 -> 1.2.18
python3-pip: upgrade 21.1.3 -> 21.2.1
meta-openembedded: 8fbcfb9f02..3cf2475ea0:
Anastasios Kavoukis (1):
pm-qa: fix paths for shell scripts
Andreas Müller (3):
mozjs/0001-Port-build-to-python3.patch: Fix typos in description
jack: upgrade 1.19.18 -> 1.19.19
fluidsynth: upgrade 2.2.1 -> 2.2.2
Andrej Valek (1):
thrift: upgrade to 0.14.2
Andrew Jeffery (2):
python3-gmpy: Add native support
python3-ecdsa: Add native support
Armin Kuster (2):
hiawatha: fix url.
wireshark: update to 3.4.7
Ben Brown (1):
android-tools: fix install of adb client when TOOLS is overridden
Changqing Li (1):
apache2: upgrade 2.4.46 -> 2.4.48
Devendra Tewari (1):
Suppress eol in functionfs setup scripts (#147)
Gianfranco (1):
vboxguestdrivers: upgrade 6.1.22 -> 6.1.24
Joe Slater (2):
php: move to version 7.4.21
gtksourceview4: work around dependency deficiency
Johannes Obermüller (1):
evtest: fix timestamps in output
Kai Kang (2):
python3-blivet: 3.1.4 -> 3.4.0
python3-blivetgui: 2.1.10 -> 2.2.1
Khem Raj (23):
netperf: Update to latest
netperf: Add systemd unit file
packagegroup-meta-oe: Add lmdb
packagegroup-meta-oe: Add mbw
addcli: check for ns_get16 and ns_get32
fuse: Define closefrom if not available
autofs: Fix build with glibc 2.34+
ntp: Do not use PTHREAD_STACK_MIN on glibc
ntp: Fix make check
mongodb: Upgrade to 4.4.7
vboxguestdrivers: Remove __divmoddi4 patch
packagegroup-meta-oe: Add jemalloc
apitrace: Exclude from builds with glibc 2.34+
libhugetlbfs: Disable build with glibc 2.34+
fvwm: Package extra files and man pages
luajit: Fix override syntax
lua: Drop uclibc patch
packagegroup-meta-oe: Correct override name and fix syntax
recipes: Fix override syntax
emacs,libgpiod,cockpit: Fix override syntax in using FILES_${PN}
fvwm: Fix build time paths in target perl/python scripts
nis: Drop uclibc check in anon python function
jemalloc: Fix build on musl
Leon Anavi (3):
python3-networkx: Upgrade 2.6.1 -> 2.6.2
python3-pysonos: Upgrade 0.0.53 -> 0.0.54
python3-zeroconf: Upgrade 0.33.1 -> 0.33.2
Li Wang (1):
openlldp: fix segfault
Maksym Sloyko (1):
libusbgx: Configure the Devices Used
Martin Jansa (5):
Convert to new override syntax
layer.conf: Update to honister
mariadb: manually fix the conversion
packagegroup-meta-oe: manually finish override syntax conversion
klibc.bbclass, image_types_sparse.bbclass, packagegroup-meta-oe.bb: update the overrides syntax conversion
Mingli Yu (4):
mariadb: redefine log-error item
jemalloc: add new recipe
hdf5: improve reproducibility
mariadb: Update SRC_URI
Nicolas Dechesne (1):
mbw: add new recipe
Paulo Neves (1):
htop: Add ncurses-terminfo-base to RDEPENDS
Sakib Sajal (1):
lmdb: add recipe
Salman Ahmed (2):
nginx: upgrade 1.18.0 -> 1.20.1
nginx: upgrade 1.19.6 -> 1.21.1
Tony Battersby (1):
net-snmp: fix QA Issue after LDFLAGS change
Yi Zhao (3):
postfix: upgrade 3.6.1 -> 3.6.2
audit: upgrade 3.0.2 -> 3.0.3
audit: fix compile error for 2.8.5
Zang Ruochen (1):
python3-robotframework: upgrade 4.0.3 -> 4.1
wangmy (17):
evince: upgrade 40.2 -> 40.4
gnome-backgrounds: upgrade 3.36.0 -> 3.38.0
gnome-desktop3: upgrade 3.36.6 -> 3.38.8
cmark: upgrade 0.30.0 -> 0.30.1
ctags: upgrade 5.9.20210711.0 -> 5.9.20210718.0
libnet-dns-perl: upgrade 1.31 -> 1.32
libtalloc: upgrade 2.3.2 -> 2.3.3
nghttp2: upgrade 1.43.0 -> 1.44.0
bats: upgrade 1.3.0 -> 1.4.1
networkmanager: upgrade 1.32.2 -> 1.32.4
gensio: upgrade 2.2.7 -> 2.2.8
libmbim: upgrade 1.24.8 -> 1.26.0
fetchmail: upgrade 6.4.19 -> 6.4.20
ctags: upgrade 5.9.20210718.0 -> 5.9.20210801.0
libblockdev: upgrade 2.25 -> 2.26
libqmi: upgrade 1.28.6 -> 1.28.8
monit: upgrade 5.28.0 -> 5.28.1
zangrc (15):
python3-qrcode: upgrade 7.1 -> 7.2
python3-rdflib: upgrade 5.0.0 -> 6.0.0
python3-simplejson: upgrade 3.17.2 -> 3.17.3
python3-bitstring: upgrade 3.1.7 -> 3.1.9
python3-iso8601: upgrade 0.1.14 -> 0.1.16
python3-gmqtt: upgrade 0.6.9 -> 0.6.10
python3-graphviz: upgrade 0.16 -> 0.17
python3-smbus: upgrade 4.2 -> 4.3
python3-pandas: upgrade 1.3.0 -> 1.3.1
python3-progress: upgrade 1.5 -> 1.6
python3-sentry-sdk: upgrade 1.3.0 -> 1.3.1
python3-socketio: upgrade 5.3.0 -> 5.4.0
python3-tqdm: upgrade 4.61.2 -> 4.62.0
python3-twisted: upgrade 21.2.0 -> 21.7.0
python3-xlsxwriter: upgrade 1.4.4 -> 1.4.5
zhengruoqin (15):
live555: upgrade 20210710 -> 20210720
libtest-warnings-perl: upgrade 0.030 -> 0.031
python3-pybind11: upgrade 2.6.2 -> 2.7.0
python3-pymongo: upgrade 3.11.4 -> 3.12.0
python3-sqlalchemy: upgrade 1.4.20 -> 1.4.22
python3-sentry-sdk: upgrade 1.2.0 -> 1.3.0
libcurses-perl: upgrade 1.37 -> 1.38
libdbd-sqlite-perl: upgrade 1.66 -> 1.68
libencode-perl: upgrade 3.10 -> 3.11
python3-bitarray: upgrade 2.2.2 -> 2.2.3
python3-cbor2: upgrade 5.4.0 -> 5.4.1
python3-gast: upgrade 0.5.0 -> 0.5.1
poppler: upgrade 21.07.0 -> 21.08.0
valijson: upgrade 0.4 -> 0.5
xwd: upgrade 1.0.7 -> 1.0.8
meta-security: 152cdb506b..c885d399cd:
Armin Kuster (18):
suricata.inc: exclude ppc in rust version
suricata: Drop 4.1.x its EOL
add meta-rust
crowdsec: add pkg
packagegroup-core-security.bb: fix suricat-ptest inclusion
gitlab-ci.yml: streamline builds matrix
krill: Add new pkg
clamav: fix branch name and update
meta-security: Convert to new override syntax
meta-tpm: Convert to new override syntax
meta-integrity: Convert to new override syntax
meta-hardening: Convert to new override syntax
meta-security-isafw: Convert to new override syntax
meta-parsec: Convert to new override syntax
meta-security-compliance: Convert to new override syntax
dynamix-layers: Convert to new override syntax
kas: Convert to new override syntax
packagegroup-core-security.bb: only include suricat-ptest if rust is included
Martin Jansa (1):
layer.conf: Update to honister
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: Iec7301cf1c43b7cec462dcf88292a8b1b12a5045
Diffstat (limited to 'poky/meta/recipes-multimedia/ffmpeg')
7 files changed, 335 insertions, 36 deletions
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch new file mode 100644 index 0000000000..f048c2e715 --- /dev/null +++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch @@ -0,0 +1,35 @@ +From 223b5e8ac9f6461bb13ed365419ec485c5b2b002 Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer <michael@niedermayer.cc> +Date: Fri, 28 May 2021 20:18:25 +0200 +Subject: [PATCH] avcodec/aacpsy: Avoid floating point division by 0 of + norm_fac + +Fixes: Ticket7995 +Fixes: CVE-2020-20446 + +Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> + +CVE: CVE-2020-20446 +Upstream-Status: Backport [223b5e8ac9f6461bb13ed365419ec485c5b2b002] + +Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com> +--- + libavcodec/aacpsy.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libavcodec/aacpsy.c b/libavcodec/aacpsy.c +index 482113d427..e51d29750b 100644 +--- a/libavcodec/aacpsy.c ++++ b/libavcodec/aacpsy.c +@@ -794,7 +794,7 @@ static void psy_3gpp_analyze_channel(FFPsyContext *ctx, int channel, + + if (pe < 1.15f * desired_pe) { + /* 6.6.1.3.6 "Final threshold modification by linearization" */ +- norm_fac = 1.0f / norm_fac; ++ norm_fac = norm_fac ? 1.0f / norm_fac : 0; + for (w = 0; w < wi->num_windows*16; w += 16) { + for (g = 0; g < num_bands; g++) { + AacPsyBand *band = &pch->band[w+g]; +-- +2.32.0 + diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20453.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20453.patch new file mode 100644 index 0000000000..b1c94057a3 --- /dev/null +++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20453.patch @@ -0,0 +1,42 @@ +From a7a7f32c8ad0179a1a85d0a8cff35924e6d90be8 Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer <michael@niedermayer.cc> +Date: Fri, 28 May 2021 21:37:26 +0200 +Subject: [PATCH] avcodec/aacenc: Avoid 0 lambda + +Fixes: Ticket8003 +Fixes: CVE-2020-20453 + +Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> + +CVE: CVE-2020-20453 +Upstream-Status: Backport [a7a7f32c8ad0179a1a85d0a8cff35924e6d90be8] + +Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com> +--- + libavcodec/aacenc.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/libavcodec/aacenc.c b/libavcodec/aacenc.c +index aa223cf25f..e80591ba86 100644 +--- a/libavcodec/aacenc.c ++++ b/libavcodec/aacenc.c +@@ -28,6 +28,7 @@ + * TODOs: + * add sane pulse detection + ***********************************/ ++#include <float.h> + + #include "libavutil/libm.h" + #include "libavutil/float_dsp.h" +@@ -852,7 +853,7 @@ static int aac_encode_frame(AVCodecContext *avctx, AVPacket *avpkt, + /* Not so fast though */ + ratio = sqrtf(ratio); + } +- s->lambda = FFMIN(s->lambda * ratio, 65536.f); ++ s->lambda = av_clipf(s->lambda * ratio, FLT_MIN, 65536.f); + + /* Keep iterating if we must reduce and lambda is in the sky */ + if (ratio > 0.9f && ratio < 1.1f) { +-- +2.32.0 + diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22015.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22015.patch new file mode 100644 index 0000000000..5c911299cb --- /dev/null +++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22015.patch @@ -0,0 +1,44 @@ +From 4c1afa292520329eecd1cc7631bc59a8cca95c46 Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer <michael@niedermayer.cc> +Date: Sat, 29 May 2021 09:22:27 +0200 +Subject: [PATCH] avformat/movenc: Check pal_size before use + +Fixes: assertion failure +Fixes: out of array read +Fixes: Ticket8190 +Fixes: CVE-2020-22015 + +Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> + + +CVE: CVE-2020-22015 +Upstream-Status: Backport [4c1afa292520329eecd1cc7631bc59a8cca95c46] + +Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com> +--- + libavformat/movenc.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/libavformat/movenc.c b/libavformat/movenc.c +index 2ab507df15..7d839f447b 100644 +--- a/libavformat/movenc.c ++++ b/libavformat/movenc.c +@@ -2160,11 +2160,13 @@ static int mov_write_video_tag(AVFormatContext *s, AVIOContext *pb, MOVMuxContex + avio_wb16(pb, 0x18); /* Reserved */ + + if (track->mode == MODE_MOV && track->par->format == AV_PIX_FMT_PAL8) { +- int pal_size = 1 << track->par->bits_per_coded_sample; +- int i; ++ int pal_size, i; + avio_wb16(pb, 0); /* Color table ID */ + avio_wb32(pb, 0); /* Color table seed */ + avio_wb16(pb, 0x8000); /* Color table flags */ ++ if (track->par->bits_per_coded_sample < 0 || track->par->bits_per_coded_sample > 8) ++ return AVERROR(EINVAL); ++ pal_size = 1 << track->par->bits_per_coded_sample; + avio_wb16(pb, pal_size - 1); /* Color table size (zero-relative) */ + for (i = 0; i < pal_size; i++) { + uint32_t rgb = track->palette[i]; +-- +2.32.0 + diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22021.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22021.patch new file mode 100644 index 0000000000..6f7fce0e4c --- /dev/null +++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22021.patch @@ -0,0 +1,87 @@ +From 7971f62120a55c141ec437aa3f0bacc1c1a3526b Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer <michael@niedermayer.cc> +Date: Sat, 29 May 2021 11:17:35 +0200 +Subject: [PATCH] avfilter/vf_yadif: Fix handing of tiny images + +Fixes: out of array access +Fixes: Ticket8240 +Fixes: CVE-2020-22021 + +Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> + +CVE: CVE-2020-22021 +Upstream-Status: Backport [7971f62120a55c141ec437aa3f0bacc1c1a3526b] + +Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com> +--- + libavfilter/vf_yadif.c | 32 ++++++++++++++++++-------------- + 1 file changed, 18 insertions(+), 14 deletions(-) + +diff --git a/libavfilter/vf_yadif.c b/libavfilter/vf_yadif.c +index 91cc79ecc3..b0d9fbaf1f 100644 +--- a/libavfilter/vf_yadif.c ++++ b/libavfilter/vf_yadif.c +@@ -123,20 +123,22 @@ static void filter_edges(void *dst1, void *prev1, void *cur1, void *next1, + uint8_t *next2 = parity ? cur : next; + + const int edge = MAX_ALIGN - 1; ++ int offset = FFMAX(w - edge, 3); + + /* Only edge pixels need to be processed here. A constant value of false + * for is_not_edge should let the compiler ignore the whole branch. */ +- FILTER(0, 3, 0) ++ FILTER(0, FFMIN(3, w), 0) + +- dst = (uint8_t*)dst1 + w - edge; +- prev = (uint8_t*)prev1 + w - edge; +- cur = (uint8_t*)cur1 + w - edge; +- next = (uint8_t*)next1 + w - edge; ++ dst = (uint8_t*)dst1 + offset; ++ prev = (uint8_t*)prev1 + offset; ++ cur = (uint8_t*)cur1 + offset; ++ next = (uint8_t*)next1 + offset; + prev2 = (uint8_t*)(parity ? prev : cur); + next2 = (uint8_t*)(parity ? cur : next); + +- FILTER(w - edge, w - 3, 1) +- FILTER(w - 3, w, 0) ++ FILTER(offset, w - 3, 1) ++ offset = FFMAX(offset, w - 3); ++ FILTER(offset, w, 0) + } + + +@@ -170,21 +172,23 @@ static void filter_edges_16bit(void *dst1, void *prev1, void *cur1, void *next1, + uint16_t *next2 = parity ? cur : next; + + const int edge = MAX_ALIGN / 2 - 1; ++ int offset = FFMAX(w - edge, 3); + + mrefs /= 2; + prefs /= 2; + +- FILTER(0, 3, 0) ++ FILTER(0, FFMIN(3, w), 0) + +- dst = (uint16_t*)dst1 + w - edge; +- prev = (uint16_t*)prev1 + w - edge; +- cur = (uint16_t*)cur1 + w - edge; +- next = (uint16_t*)next1 + w - edge; ++ dst = (uint16_t*)dst1 + offset; ++ prev = (uint16_t*)prev1 + offset; ++ cur = (uint16_t*)cur1 + offset; ++ next = (uint16_t*)next1 + offset; + prev2 = (uint16_t*)(parity ? prev : cur); + next2 = (uint16_t*)(parity ? cur : next); + +- FILTER(w - edge, w - 3, 1) +- FILTER(w - 3, w, 0) ++ FILTER(offset, w - 3, 1) ++ offset = FFMAX(offset, w - 3); ++ FILTER(offset, w, 0) + } + + static int filter_slice(AVFilterContext *ctx, void *arg, int jobnr, int nb_jobs) +-- +2.32.0 + diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22033-CVE-2020-22019.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22033-CVE-2020-22019.patch new file mode 100644 index 0000000000..5d979ca3f2 --- /dev/null +++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22033-CVE-2020-22019.patch @@ -0,0 +1,40 @@ +From 82ad1b76751bcfad5005440db48c46a4de5d6f02 Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer <michael@niedermayer.cc> +Date: Sat, 29 May 2021 09:58:31 +0200 +Subject: [PATCH] avfilter/vf_vmafmotion: Check dimensions + +Fixes: out of array access +Fixes: Ticket8241 +Fixes: Ticket8246 +Fixes: CVE-2020-22019 +Fixes: CVE-2020-22033 + +Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> + + +CVE: CVE-2020-22033 +CVE: CVE-2020-22019 +Upstream-Status: Backport [82ad1b76751bcfad5005440db48c46a4de5d6f02] + +Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com> +--- + libavfilter/vf_vmafmotion.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/libavfilter/vf_vmafmotion.c b/libavfilter/vf_vmafmotion.c +index 2db4783d8d..454ebb8afa 100644 +--- a/libavfilter/vf_vmafmotion.c ++++ b/libavfilter/vf_vmafmotion.c +@@ -238,6 +238,9 @@ int ff_vmafmotion_init(VMAFMotionData *s, + int i; + const AVPixFmtDescriptor *desc = av_pix_fmt_desc_get(fmt); + ++ if (w < 3 || h < 3) ++ return AVERROR(EINVAL); ++ + s->width = w; + s->height = h; + s->stride = FFALIGN(w * sizeof(uint16_t), 32); +-- +2.32.0 + diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2021-33815.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2021-33815.patch new file mode 100644 index 0000000000..51edb76389 --- /dev/null +++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2021-33815.patch @@ -0,0 +1,44 @@ +From 26d3c81bc5ef2f8c3f09d45eaeacfb4b1139a777 Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer <michael@niedermayer.cc> +Date: Tue, 25 May 2021 19:29:18 +0200 +Subject: [PATCH] avcodec/exr: More strictly check dc_count +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Fixes: out of array access +Fixes: exr/deneme + +Found-by: Burak Çarıkçı <burakcarikci@crypttech.com> +Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> + + +CVE: CVE-2021-33815 +Upstream-Status: Backport [26d3c81bc5ef2f8c3f09d45eaeacfb4b1139a777] + +Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com> +--- + libavcodec/exr.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/libavcodec/exr.c b/libavcodec/exr.c +index 9377a89169..4648ed7d62 100644 +--- a/libavcodec/exr.c ++++ b/libavcodec/exr.c +@@ -1059,11 +1059,11 @@ static int dwa_uncompress(EXRContext *s, const uint8_t *src, int compressed_size + bytestream2_skip(&gb, ac_size); + } + +- if (dc_size > 0) { ++ { + unsigned long dest_len = dc_count * 2LL; + GetByteContext agb = gb; + +- if (dc_count > (6LL * td->xsize * td->ysize + 63) / 64) ++ if (dc_count != dc_w * dc_h * 3) + return AVERROR_INVALIDDATA; + + av_fast_padded_malloc(&td->dc_data, &td->dc_size, FFALIGN(dest_len, 64) * 2); +-- +2.32.0 + diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb index 3ed009bbb7..e19077541e 100644 --- a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb +++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb @@ -6,16 +6,16 @@ HOMEPAGE = "https://www.ffmpeg.org/" SECTION = "libs" LICENSE = "BSD & GPLv2+ & LGPLv2.1+ & MIT" -LICENSE_${PN} = "GPLv2+" -LICENSE_libavcodec = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}" -LICENSE_libavdevice = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}" -LICENSE_libavfilter = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}" -LICENSE_libavformat = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}" -LICENSE_libavresample = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}" -LICENSE_libavutil = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}" -LICENSE_libpostproc = "GPLv2+" -LICENSE_libswresample = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}" -LICENSE_libswscale = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}" +LICENSE:${PN} = "GPLv2+" +LICENSE:libavcodec = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}" +LICENSE:libavdevice = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}" +LICENSE:libavfilter = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}" +LICENSE:libavformat = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}" +LICENSE:libavresample = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}" +LICENSE:libavutil = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}" +LICENSE:libpostproc = "GPLv2+" +LICENSE:libswresample = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}" +LICENSE:libswscale = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}" LICENSE_FLAGS = "commercial" LIC_FILES_CHKSUM = "file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ @@ -25,13 +25,19 @@ LIC_FILES_CHKSUM = "file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \ file://0001-libavutil-include-assembly-with-full-path-from-sourc.patch \ + file://fix-CVE-2020-20446.patch \ + file://fix-CVE-2020-20453.patch \ + file://fix-CVE-2020-22015.patch \ + file://fix-CVE-2020-22021.patch \ + file://fix-CVE-2020-22033-CVE-2020-22019.patch \ + file://fix-CVE-2021-33815.patch \ " SRC_URI[sha256sum] = "06b10a183ce5371f915c6bb15b7b1fffbe046e8275099c96affc29e17645d909" # Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717 -ARM_INSTRUCTION_SET_armv4 = "arm" -ARM_INSTRUCTION_SET_armv5 = "arm" -ARM_INSTRUCTION_SET_armv6 = "arm" +ARM_INSTRUCTION_SET:armv4 = "arm" +ARM_INSTRUCTION_SET:armv5 = "arm" +ARM_INSTRUCTION_SET:armv6 = "arm" # Should be API compatible with libav (which was a fork of ffmpeg) # libpostproc was previously packaged from a separate recipe @@ -121,20 +127,21 @@ EXTRA_OECONF = " \ --pkg-config=pkg-config \ " -EXTRA_OECONF_append_linux-gnux32 = " --disable-asm" +EXTRA_OECONF:append:linux-gnux32 = " --disable-asm" EXTRA_OECONF += "${@bb.utils.contains('TUNE_FEATURES', 'mipsisa64r6', '--disable-mips64r2 --disable-mips32r2', '', d)}" EXTRA_OECONF += "${@bb.utils.contains('TUNE_FEATURES', 'mipsisa64r2', '--disable-mips64r6 --disable-mips32r6', '', d)}" EXTRA_OECONF += "${@bb.utils.contains('TUNE_FEATURES', 'mips32r2', '--disable-mips64r6 --disable-mips32r6', '', d)}" EXTRA_OECONF += "${@bb.utils.contains('TUNE_FEATURES', 'mips32r6', '--disable-mips64r2 --disable-mips32r2', '', d)}" -EXTRA_OECONF_append_mips = " --extra-libs=-latomic --disable-mips32r5 --disable-mipsdsp --disable-mipsdspr2 \ +EXTRA_OECONF:append:mips = " --extra-libs=-latomic --disable-mips32r5 --disable-mipsdsp --disable-mipsdspr2 \ --disable-loongson2 --disable-loongson3 --disable-mmi --disable-msa --disable-msa2" -EXTRA_OECONF_append_riscv32 = " --extra-libs=-latomic" +EXTRA_OECONF:append:riscv32 = " --extra-libs=-latomic" +EXTRA_OECONF:append:armv5 = " --extra-libs=-latomic" # gold crashes on x86, another solution is to --disable-asm but thats more hacky # ld.gold: internal error in relocate_section, at ../../gold/i386.cc:3684 -LDFLAGS_append_x86 = "${@bb.utils.contains('DISTRO_FEATURES', 'ld-is-gold', ' -fuse-ld=bfd ', '', d)}" +LDFLAGS:append:x86 = "${@bb.utils.contains('DISTRO_FEATURES', 'ld-is-gold', ' -fuse-ld=bfd ', '', d)}" EXTRA_OEMAKE = "V=1" @@ -143,7 +150,7 @@ do_configure() { } # patch out build host paths for reproducibility -do_compile_prepend_class-target() { +do_compile:prepend:class-target() { sed -i -e "s,${WORKDIR},,g" ${B}/config.h } @@ -157,23 +164,23 @@ PACKAGES =+ "libavcodec \ libswresample \ libswscale" -FILES_libavcodec = "${libdir}/libavcodec${SOLIBS}" -FILES_libavdevice = "${libdir}/libavdevice${SOLIBS}" -FILES_libavfilter = "${libdir}/libavfilter${SOLIBS}" -FILES_libavformat = "${libdir}/libavformat${SOLIBS}" -FILES_libavresample = "${libdir}/libavresample${SOLIBS}" -FILES_libavutil = "${libdir}/libavutil${SOLIBS}" -FILES_libpostproc = "${libdir}/libpostproc${SOLIBS}" -FILES_libswresample = "${libdir}/libswresample${SOLIBS}" -FILES_libswscale = "${libdir}/libswscale${SOLIBS}" +FILES:libavcodec = "${libdir}/libavcodec${SOLIBS}" +FILES:libavdevice = "${libdir}/libavdevice${SOLIBS}" +FILES:libavfilter = "${libdir}/libavfilter${SOLIBS}" +FILES:libavformat = "${libdir}/libavformat${SOLIBS}" +FILES:libavresample = "${libdir}/libavresample${SOLIBS}" +FILES:libavutil = "${libdir}/libavutil${SOLIBS}" +FILES:libpostproc = "${libdir}/libpostproc${SOLIBS}" +FILES:libswresample = "${libdir}/libswresample${SOLIBS}" +FILES:libswscale = "${libdir}/libswscale${SOLIBS}" # ffmpeg disables PIC on some platforms (e.g. x86-32) -INSANE_SKIP_${MLPREFIX}libavcodec = "textrel" -INSANE_SKIP_${MLPREFIX}libavdevice = "textrel" -INSANE_SKIP_${MLPREFIX}libavfilter = "textrel" -INSANE_SKIP_${MLPREFIX}libavformat = "textrel" -INSANE_SKIP_${MLPREFIX}libavutil = "textrel" -INSANE_SKIP_${MLPREFIX}libavresample = "textrel" -INSANE_SKIP_${MLPREFIX}libswscale = "textrel" -INSANE_SKIP_${MLPREFIX}libswresample = "textrel" -INSANE_SKIP_${MLPREFIX}libpostproc = "textrel" +INSANE_SKIP:${MLPREFIX}libavcodec = "textrel" +INSANE_SKIP:${MLPREFIX}libavdevice = "textrel" +INSANE_SKIP:${MLPREFIX}libavfilter = "textrel" +INSANE_SKIP:${MLPREFIX}libavformat = "textrel" +INSANE_SKIP:${MLPREFIX}libavutil = "textrel" +INSANE_SKIP:${MLPREFIX}libavresample = "textrel" +INSANE_SKIP:${MLPREFIX}libswscale = "textrel" +INSANE_SKIP:${MLPREFIX}libswresample = "textrel" +INSANE_SKIP:${MLPREFIX}libpostproc = "textrel" |