summaryrefslogtreecommitdiff
path: root/poky/meta/recipes-multimedia
diff options
context:
space:
mode:
authorPatrick Williams <patrick@stwcx.xyz>2023-11-25 01:10:21 +0300
committerPatrick Williams <patrick@stwcx.xyz>2023-11-25 01:17:50 +0300
commit10926d29aed78e18949591afc166babfa9a4da6f (patch)
tree763df398a152dbee928b509e8aa675778757e491 /poky/meta/recipes-multimedia
parent398afb76d72b06c33a92fb9e1fa7eec829fb7ff8 (diff)
downloadopenbmc-10926d29aed78e18949591afc166babfa9a4da6f.tar.xz
subtree updates
poky: 8d0ba08aa6..bf9f2f6f60: Alassane Yattara (4): bitbake: Update toaster-requirements to add django-log-viewer==1.1.7 bitbake: toaster: bug-fix on tests.browser.test_most_recent_builds_states bitbake: Toaster: Bug-fix failure on tests.browser.test_layerdetails_page bitbake: Toaster: Fixed javascript issue on tests.browser.test_js_unit_tests Alberto Pianon (1): bitbake: fetch2: Add API for upstream source tracing Alejandro Hernandez Samaniego (2): qemuarmv5: Drop QB_DTB conditional for older kernels baremetal-helloworld: Pull in fix for race condition on x86-64 Alex Stewart (1): libsndfile1: fix CVE-2022-33065 Alexandre Belloni (1): strace: further clean up of ptest folders Archana Polampalli (1): vim: Upgrade 9.0.2048 -> 9.0.2068 Arne Schwerdt (1): ref-manual: Warn about COMPATIBLE_MACHINE skipping native recipes BELHADJ SALEM Talel (6): ref-manual: Fix PACKAGECONFIG term and add an example dev-manual: layers: Add notes about layer.conf ref-manual: variables: add RECIPE_SYSROOT and RECIPE_SYSROOT_NATIVE ref-manual: variables: add TOOLCHAIN_OPTIONS variable ref-manual: variables: add example for SYSROOT_DIRS variable overview-manual: concepts: Add Bitbake Tasks Map Bruce Ashfield (10): linux-yocto/6.1: update to v6.1.56 linux-yocto/6.5: update to v6.5.6 linux-yocto/6.1: tiny: fix arm 32 boot linux-yocto/6.5: tiny: fix arm 32 boot linux-yocto/6.5: update to v6.5.7 linux-yocto/6.1: update to v6.1.57 linux-yocto/6.4: drop recipes linux-yocto/6.5: avoid serial port suspend issues linux-yocto/6.5: config: remove VIDEO_STK1160_COMMON linux-yocto/6.5: serial: core: integrate upstream fixes Chris Laplante (1): bitbake: codeparser: replace deprecated ast.Str and 's' Dmitry Baryshkov (1): kernel-arch: drop CCACHE from KERNEL_STRIP definition Eero Aaltonen (1): ref-manual: add systemd-resolved to distro features Jon Mason (2): qemu: drop unreferenced patch linux-yocto: Update dtb path for qemuarmv5 Joshua Watt (1): goarch: Move Go architecture mapping to a library Julien Stephan (1): oeqa/selftest/devtool: abort if a local workspace already exist Jérémy Rosen (5): insane: Add unimplemented-ptest infrastructure insane: Detect python and perl based tests insane: Detect build-system test harnesses insane: Add a naive heuristic to detect test subdirectories ref-manual: Add documentation for the unimplemented-ptest QA warning Khem Raj (5): gcompat: Add fcntl64 wrapper gcompat: Upgrade to 1.1.0 release python3-urllib3: Update to 2.0.6 llvm: Upgrade to 17.0.3 kernel.bbclass: Use strip utility used for kernel build in do_package Lee Chee Yang (4): qemu: ignore RHEL specific CVE-2023-2680 machine: drop obsolete SERIAL_CONSOLES_CHECK documentation.conf: drop SERIAL_CONSOLES_CHECK release-notes-4.3: add Repositories / Downloads section Marlon Rodriguez Garcia (4): bitbake: toaster: updated bootstrap version 3.3.6 -> 3.3.7 bitbake: toaster: Update bootstrap version to 3.4.1 bitbake: toaster: update jquery version 2.0.3 -> 3.7.1 bitbake: toaster: fixed functional test Marta Rybczynska (4): SECURITY.md: add file bitbake: SECURITY.md: add file dev-manual: add security team processes dev-manual: extend the description of CVE patch preparation Max Krummenacher (1): Revert "bin_package.bbclass: Inhibit the default dependencies" Michael Halstead (1): docs: add support for nanbield (4.3) release Michael Opdenacker (25): manuals: update linux-yocto append examples dev-manual: wic: update "wic list images" output sdk-manual: appendix-obtain: improve and update descriptions manuals: update list of supported machines bsp-guide: bsp: skip Intel machines no longer supported in Poky brief-yoctoprojectqs: use new CDN mirror for sstate dev-manual: start.rst: remove obsolete reference manuals: correct "yocto-linux" by "linux-yocto" test-manual: reproducible-builds: stop mentioning LTO bug ref-manual: document KERNEL_LOCALVERSION ref-manual: variables: document OEQA_REPRODUCIBLE_TEST_PACKAGE migration-guides: updates for 4.3 migration-guides: mention runqemu change in serial port management ref-manual: document KERNEL_STRIP migration-guides: further updates for 4.3 manuals: improve description of CVE_STATUS and CVE_STATUS_GROUPS ref-manual: document MESON_TARGET ref-manual: document cargo_c class ref-manual: variables: mention new CDN for SSTATE_MIRRORS ref-manual: variables: add RECIPE_MAINTAINER ref-manual: variables: remove SERIAL_CONSOLES_CHECK migration-guides: further updates for release 4.3 bsp-guide: bsp.rst: update beaglebone example ref-manual: classes: explain cml1 class name migration-guides: fix empty sections Mickael RAMILISON (1): scripts/patchreview: Add a custom pattern for finding recipe patches Paul Eggleton (12): Remove references to apm in MACHINE_FEATURES ref-manual: update SDK_NAME variable documentation ref-manual: remove semicolons from *PROCESS_COMMAND variables release-notes-4.3: fix some typos release-notes-4.3: tweaks to existing text release-notes-4.3: add CVEs, recipe upgrades, license changes, contributors release-notes-4.3: remove the Distribution section release-notes-4.3: move new classes to Rust section release-notes-4.3: feature additions migration-4.3: remove some unnecessary items migration-4.3: adjustments to existing text migration-4.3: additional migration items Peter Kjellerstedt (1): bb-matrix-plot.sh: Show underscores correctly in labels Peter Marko (1): openssl: Upgrade 3.1.3 -> 3.1.4 Quentin Schulz (2): recipes-rt: update README to match newer override syntax ref-manual: variables: provide no-match example for COMPATIBLE_MACHINE Richard Purdie (12): reproducible: Exclude rust for now again linux/cve-exclusion6.1/6.5: Update to latest kernel point releases oeqa/qemurunner: Drop newlines serial workaround local.conf.sample: Document new CDN mirror for sstate poky.conf: Bump version for 4.3 nanbield release build-appliance-image: Update to master head revision build-appliance-image: Update to nanbield head revision build-appliance-image: Update to nanbield head revision build-appliance-image: Update to nanbield head revision layer.conf: Switch layer to nanbield series only base: Ensure recipes using mercurial-native have certificates vim: Improve locale handling Robert P. J. Day (2): dev-manual: new-recipe.rst: add missing parenthesis to "Patching Code" section profile-manual: aesthetic cleanups Ross Burton (24): patchtest: sort when reading patches from a directory linux-yocto: update CVE exclusions libxml2: ignore disputed CVE-2023-45322 zlib: ignore CVE-2023-45853 pixman: ignore CVE-2023-37769 cve-check: sort the package list in the JSON report cve-check: slightly more verbose warning when adding the same package twice cve-check: don't warn if a patch is remote migration-guides: add debian 12 to newly supported distros migration-guides: edgerouter machine removed migration-guides: QEMU_USE_SLIRP variable removed migration-guides: remove non-notable change migration-guides: mention LLVM 17 migration-guides: mention CDN migration-guides: add kernel notes migration-guides: remove SERIAL_CONSOLES_CHECK migration-guides: enabling SPDX only for Poky, not a global default migration-guides: add testing notes migration-guides: add utility notes migration-guides: add BitBake changes migration-guides: packaging changes migration-guides: git recipes reword patchtest: remove unused imports oeqa/selftest/debuginfod: improve selftest Rouven Czerwinski (1): glib-2.0: Remove unnecessary assignement Siddharth Doshi (2): vim: Upgrade 9.0.1894 -> 9.0.2009 vim: Upgrade 9.0.2009 -> 9.0.2048 Steve Sakoman (3): vim: use upstream generated .po files poky.conf: bump version for 4.3.1 release build-appliance-image: Update to nanbield head revision Trevor Gamblin (27): patchtest: improve test issue messages patchtest: clean up test suite patchtest/requirements.txt: update patchtest: add supporting modules patchtest: add scripts to oe-core patchtest: set default repo and testdir targets patchtest: update SPDX identifiers patchtest/selftest: fix command arguments patchtest: check for untracked changes contributor-guide: add patchtest section contributor-guide: clarify patchtest usage patchtest: test regardless of mergeability patchtest: skip merge test if not targeting master patchtest: fix lic_files_chksum test regex patchtest-send-results: improve subject line patchtest: disable merge test patchtest-send-results: check max line length, simplify responses patchtest/selftest: add XSKIP, update test files patchtest: simplify test directory structure patchtest: reduce checksum test output length patchtest: shorten test result outputs patchtest-send-results: send results to submitter patchtest-send-results: add In-Reply-To patchtest: make pylint tests compatible with 3.x patchtest: remove test for CVE tag in mbox patchtest-send-results: fix sender parsing patchtest: rework license checksum tests Wang Mingyu (3): openssh: upgrade 9.4p1 -> 9.5p1 ell: upgrade 0.58 -> 0.59 libsdl2: upgrade 2.28.3 -> 2.28.4 William Lyu (1): perl: fix intermittent test failure Xiangyu Chen (1): linux-yocto: make sure the pahole-native available before do_kernel_configme Yoann Congal (2): insane: skip unimplemented-ptest on S=WORKDIR recipes insane: unimplemented-ptest: ignore source file errors luca fancellu (1): oeqa/ssh: Handle SSHCall timeout error code meta-raspberrypi: 482d864b8f..8231f97534: Andrei Gherzan (1): docs: Fix ReadTheDocs builds.os requirement Carlos Alberto Lopez Perez (1): linux-raspberrypi: stop setting powersave as the default CPU governor Jose Quaresma (2): linux-raspberrypi/linux-raspberrypi-v7: drop 5.10 version rpi-base: Adds EXTRA_IMAGEDEPENDS to fix the image task do_populate_lic_deploy Khem Raj (1): linux-raspberrypi_6.1.bb: Update to 6.1.61 release Leon Anavi (2): rpi-config: Upgrade to tip of tree rpi-config: reintroduce start_x Matthew Draws (1): rpi-eeprom: Update to 2023.10.18-2712 Vincent Davis Jr (1): rpidistro-vlc: add new patch po-Fix-typos-in-oc meta-arm: e914891eee..0bd7fece41: Abdellatif El Khlifi (6): arm-bsp/linux-yocto: corstone1000: bump to v6.5% arm-bsp/documentation: corstone1000: enable debug-tweaks arm-bsp/documentation: corstone1000: update the release note arm-bsp/documentation: corstone1000: update the change log arm-bsp/documentation: corstone1000: update the user guide kas: corstone1000: pin the SHAs Ali Can Ozaslan (1): arm-bsp/documentation: corstone1000: Update the user guide Debbie Martin (10): arm-bsp/u-boot: Divide the U-boot configuration by machine arm-bsp/fvp-base: Merge fvp-common.inc into fvp-base.conf arm-bsp/trusted-firmware-a/fvp-base: Add stdout path and virtio net and rng arm-bsp/u-boot/fvp-base: Configure FVP base U-boot machine and enable U-boot sysreset, CRC-32 and virtio RNG arm-bsp/fvp-base: Configure grub as the EFI provider arm/fvp-base: Update the default testsuites arm-systemready: Introduce the Arm SystemReady layer arm-bsp/systemready: Bring up the Arm SystemReady IR ACS 2.0 suite on FVP base kas: Add kas configuration for Arm SystemReady and fvp-base ci: Add fvpboot to IMAGE_CLASSES Delane Brandy (1): arm-bsp/documentation: corstone1000: Update the user guide Drew Reed (2): arm-bsp: Enable TF-A test building for the N1SDP CI: Enable TF-A TFTF test builds Emekcan Aras (17): arm-bsp/u-boot: corstone1000: enable on-disk capsule update arm-bsp/u-boot: corstone1000: fix runtime capsule update flag checks arm-bsp/trusted-firmware-m: fix capsule update alignment arm-bsp/trusted-firmware-m: update the upstream status of the out-of-tree patches arm-bsp/u-boot: corstone1000: scatter gather list workaround for ondisk capsule update arm-bsp/trusted-services: enable signaled handling interrupts for SPs arm-bsp/corstone1000: fix synchronization issue on openamp notification arm/fvp-corstone1000: upgrade to 11.23_25 arm-bsp/corstone1000-fvp: Add virtio-net configuration arm-bsp/corstone1000-fvp: add unpadded image support for MMC card config arm-bsp/corstone1000-fvp: Disable Time Annotation arm-bsp/u-boot: corstone1000: enable virtio-net support for FVP arm-bsp/documentation: corstone1000: update the architecture document arm-bsp/documentation: corstone1000: Add EFI system partition section arm-bsp/documentation: corstone1000: add a note and fix instructions arm-bsp/documentation: corstone1000: add readthedocs.yaml file arm-bsp/documentation: corstone1000: fix the requirements.txt and conf.py path Harsimran Singh Tungal (4): arm-bsp/u-boot: corstone1000: Remove External system patches arm-bsp/linux: corstone1000: update the defconfig arm-bsp/linux: corstone1000: Remove External system patches arm-bsp/images: corstone1000: Remove the external system test package Javier Tia (1): trusted-firmware-a: fix build error when using ccache Jon Mason (9): arm-bsp/linux-yocto: add recipe for v6.4 kernel arm/linux-yocto: remove defconfig patch CI: add sbsa-acs to recipe report arm/linux-yocto: remove PHYS_VIRT config frag arm-bsp/optee: remove 3.18 recipes and patches arm-bsp/edk2: remove 202211 arm/hafnium: update to v2.9 arm/optee: update to 4.0.0 arm/optee: cleanups from code review Mariam Elshakfy (3): arm-bsp/n1sdp: Move OP-TEE to DDR4 arm-bsp/n1sdp: Enable OP-TEE cache in N1SDP arm-bsp/corstone1000: Remove inappropriate kernel delay patch Ross Burton (21): arm/oeqa/selftest: tag all tests with "meta-arm" CI: don't hardcode the selftest tests to run CI: also run the _qemutiny testcase for poky-tiny CI: track nanbield branches arm/fvp-corstone1000: upgrade to 11.22.35, add aarch64 binaries kas/corstone1000: don't limit the FVP use to x86-64 CI: don't pin corstone1000-fvp to x86-64 CI: build both aarch64 and x86-64 packages for as many FVPs as possible arm-bsp/u-boot: remove 2023.01 arm/trusted-firmware-a: update mbedtls to recommended release CI: Add meta-secure-core to pending-upgrades for corstone1000 arm-bsp: corstone1000 depends on meta-efi-secure-boot arm/generic-arm64: remove obsolete SERIAL_CONSOLES_CHECK arm/lib/fvp/runner: don't pass '' as cwd scripts/runfvp: exit code should be the FVP exit code arm/selftest: add test that DISPLAY is forwarded into the runfvp child CI: use nanbield branch for meta-virtualization CI: use nanbield branch of meta-clang arm/optee: handle CVE-2021-36133 as disputed arm-bsp/optee-os: backport fix for CVE-2023-41325 arm-bsp/optee-os: update Upstream-Status tags Vikas Katariya (1): arm-bsp/corstone1000: Fix RSA key generation issue Xueliang Zhong (2): Update Corstone-1000 doc with security issue reporting guideline arm-bsp/n1sdp: update to linux yocto kernel 6.5 meta-security: 3f7d40b0fc..5938fa5839: Gowtham Suresh Kumar (1): Update parsec recipes Mingli Yu (1): samhain: remove the buildpath Stefan Berger (1): ima,evm: Add two variables to write filenames and signatures into meta-openembedded: c40aebd422..1750c66ae8: Ahmad Fatoum (1): signing.bbclass: don't export OPENSSL environment variables globally Akash Hadke (1): libeigen: Update GPL-3.0-only to GPL-2.0-only Alex Kiernan (2): mdns: Upgrade 1790.80.10 -> 2200.0.8 jq: Upgrade 1.6+git -> 1.7 Andrew Jeffery (1): mdio-tools: Add virtual/kernel dependency to avoid stale SPDX reference Archana Polampalli (1): nodejs: upgrade 18.17.1 -> 20.5.1 Armin Kuster (1): meta-openemnedded: Add myself as nanbield maintainer Beniamin Sandu (2): libnet: upgrade version v1.2 -> v1.3 mbedtls: upgrade 3.4.1 -> 3.5.0 Benjamin Bara (1): libvpx: upgrade 1.13.0 -> 1.13.1 Bruce Ashfield (2): zfs: update to v2.2.0-rc4 vboxguestdrivers: fix kernel v6.5 build Carlos Alberto Lopez Perez (1): libbacktrace: Update version and enable shared library. Charles Perry (2): libosip2: add recipe libexosip2: add recipe Chen Qi (1): libblockdev: fix QA error in case of multilib Chi Xu (1): re2: Add ptest support Christophe Vu-Brugier (4): libnvme: upgrade 1.5 -> 1.6 nvme-cli: upgrade 2.5 -> 2.6 libnvme: apply patch already upstream to fix build with musl exfatprogs: upgrade 1.2.1 -> 1.2.2 Clément Péron (9): etcd-cpp-apiv3: upgrade 0.14.3 -> 0.15.3 devtools: grpc: bump to 1.56.2 protobuf: upgrade 4.22.2 -> 4.23.4 protobuf-c: bump to next release to support protobuf 4.23.x mariadb: add missing <cstdint> in rocksdb string_util.h etcd-cpp-apiv3: fix build when gRPC is cross compiled Revert "protobuf: stage protoc binary to sysroot" proj: Upgrade to 9.3.0 release pcapplusplus: Add recipe for 23.09 release Daniel Klauer (1): graphviz: Fix build to not use $prefix as search dir Daniel McGregor (1): python3-pylint: allow native build David Pierret (3): libtext: add ptest cjson: Add ptest python3-rapidjson: add missing ptest dependency Denys Zagorui (1): libbpf: add arm, powerpc and mips64 to COMPATIBLE_HOST Derek Straka (32): python3-apiflask: Update version 2.0.1 -> 2.0.2 python3-argh: Update version 0.29.3 -> 0.29.4 python3-async-timeout: remove old version of the library python3-pydantic: Update version 1.10.7 -> 2.4.1 python3-pyhamcrest: Fix upstream check by specifying the UPSTREAM_CHECK_URI and UPSTREAM_CHECK_REGEX python3-pyasn1-modules: Update version 0.2.8 -> 0.3.0 python-pyiface: Update version from git -> 0.0.11 python3-pymysql: Fix upstream check by specifying the UPSTREAM_CHECK_URI and UPSTREAM_CHECK_REGEX python3-pymysql: update verion 1.0.2 -> 1.1.0 python3-pyproj: update version 3.6.0 -> 3.6.1 python3-pyproject-api: update version 1.5.1 -> 1.6.1 python3-redis: update version 5.0.0 -> 5.0.1 python3-traitlets: update version 5.9.0 -> 5.10.1 python3-xxhash: update version 3.2.0 -> 3.3.0 python3-pyzmq: update version 25.0.0 -> 25.1.1 python3-cachecontrol: Fix upstream check by specifying the UPSTREAM_CHECK_URI and UPSTREAM_CHECK_REGEX python3-flask-babel: update version 2.0.0 -> 3.1.0 python3-idna-ssl: Fix upstream check by specifying the UPSTREAM_CHECK_URI and UPSTREAM_CHECK_REGEX python3-ninja-syntax: Fix upstream check by specifying the UPSTREAM_CHECK_URI and UPSTREAM_CHECK_REGEX python3-prettytable: update version 3.6.0 -> 3.9.0 python3-pytz-deprecation-shim: Remove outdated recipe meant to be a short lived shim python3-tzlocal: Remove dependency on pytz_deprecation_shim removed in release 5.0 python3-astroid: update version 2.16.6 -> 3.0.0 python3-flask: update version 2.3.2 -> 2.3.3 python3-google-api-core: update version 2.12.0 python3-google-api-python-client: update version 2.100.0 -> 2.101.0 python3-google-auth: update version 2.23.0 -> 2.23.1 python3-parse-type: update version 0.5.2 -> 0.6.2 python3-nacl: Add recipe for the latest release of PyNaCl python3-botocore: add recipe for latest version of botocore python3-boto3: add recipe for latest version of boto3 python3-flask-cors: add initial version of the recipe for 4.0.0 Etienne Cordonnier (1): uutils-coreutils: upgrade 0.0.21 -> 0.0.22 Fabien Thomas (10): meta-filesystems/layer.conf : Add meta-networking dependency Add static-passwd and static-group files Add static-passwd and static-group files Add static-passwd and static-group files Add static-passwd and static-group files Add static-passwd and static-group files Add static-passwd and static-group files Add static-passwd and static-group files klibc/klibc.inc : Add DEBUG_PREFIX_MAP flag. samba.bb : Disable ad-dc by default Fabio Estevam (1): edid-decode: Upgrade to latest master Gianfranco Costamagna (9): mosquitto: upgrade 2.0.17 -> 2.0.18 dlt-daemon: Make it work without systemd dlt-daemon: Enable experimental coredumphandler feature dlt-daemon: update patch 544.patch dlt-daemon: do not disable dlt-system build when systemd is set to off dlt-daemon: Add an additional fix for non-systemd builds cpprestsdk: fix typo in comment, tag is actually 2.0.18 vbxguestdrivers: upgrade 7.0.10 -> 7.0.12 cpulimit: add DESCRIPTION field Jeffrey Pautler (2): bolt: disable CVE checking for this recipe bolt: change product name used for CVE checking Joe Slater (2): nginx: add configure option python3-pynacl: add RCONFLICTS with python3-nacl Johannes Kauffmann (1): open62541: add Backport status and link to patch Jose Quaresma (4): ostree: Upgrade 2023.5 -> 2023.6 ostree: drop trivial-httpd-cmdline ostree: add ed25519-openssl ostree: Upgrade 2023.6 -> 2023.7 Jörg Sommer (1): collectd: Use https in SRC_URI, add HOMEPAGE Khem Raj (40): mozjs-115: Apply autoconf tuple mismatch fix cpp-netlib: Fix build with boost 1.80+ cpp-netlib: Fix buildpaths in generated cmake files python3-pybluez: Fix patch upstream-status python3-pynetlinux: Fix patch upstream-status libnet-idn-encode: Add recipe libio-socket-ssl-perl: Change libnet-libidn-perl->libnet-idn-encode rdep for ptests libnfs: Drop -Wno-implicit-function-declaration webkitgtk3: Do not use musttail with clang on arm fftw: Fix ptest result reporting nodejs: Fix ptest result reporting relayd: Update to latest tip of trunk relayd: Fix build with clang kernel-selftest: Build headers before compiling tests python3-pyroute2: Add missing dependency on sqlite3 for ptests python3-pylint: Upgrade to 3.0.0 python3-lz4: use python3-unittest-automake-output minicoredumber: Fix ptest reporting images: Inherit from core-image-base images: Delete layer specific base images images: Rename <layer>-image to <layer>-image-all images: Rename ptest images to rhyme with oe-core ptest images ptest-image: Switch to using core-image-minimal stressapptest: Upgrade to 1.0.11 release klibc: Upgrade to 2.0.13 release libnvme: Fix test builds on musl kernel-selftest: Build bpf tests again ptest-packagelists-meta-oe: Add kernel-selftest to x86/x86-64 images kernel-selftest: Copy the .config from kernel build kernel-selftest: Use clang options when clang is available libnet-idn-encode: Fix build with perl 2.38 and gcc13 poco: Fix data race when create POSIX thread static-group: Match nogroup id to base-passwd from core. gutenprint: Upgrade to 5.3.4 meta-perl: Add libtext-diff-perl to fast ptest list leveldb: Upgrade to 1.23 plus latest git meta-python: Add python3-rapidjson to PTESTS_FAST_META_PYTHON leveldb: Print uint64_t with PRI64 network-manager-applet,networkmanager-openvpn, networkmanager: Apply linker versioning patch when using lld only emlog: Add PV Lei Maohui (1): gexiv2: Fix do_package QA issue when usrmerge enabled. Leon Anavi (1): sip: upgrade 6.7.11 -> 6.7.12 Luca Fancellu (5): linuxptp: update linuxptp recipe to 4.1 linuxptp: install default configuration file in sysconfdir linuxptp: add systemd services linuxptp: Drop unneeded downstream patches linuxptp: Use templates for the systemd services Marek Vasut (2): lvgl: lv-drivers: Allow empty package lvgl: Allow empty package Markus Volk (22): gedit: Upgrade 44.2 -> 46.1 tepl: Upgrade 6.4.0 -> 6.8.0 libblockdev: Upgrade 2.28 -> 3.03 udisks2: Upgrade 2.9.4 -> 2.10.1 mozjs: Upgrade 102.15.0 -> 102.15.1 libnfs: dont install libnfs-config.cmake gnome-remote-desktop: Upgrade 44.2 -> 45.0 pugixml: Update 1.13 -> 1.14 pipewire: Upgrade 0.3.80 -> 0.3.81 gnome-control-center: Fix polkit gettext issue libdecor: Upgrade 0.1.99 -> 0.2.0 wireplumber: Upgrade 0.4.14 -> 0.4.15 pipewire: Update 0.3.81 -> 0.3.83 gnome-software: Update 45.0 -> 45.1 gnome-calendar: Update 45.0 -> 45.1 gnome-disk-utility: Update 44.0 -> 45.0 gnome-control-center: Update 45.0 -> 45.1 eog: Update 45.0 -> 45.1 gnome-remote-desktop: Update 45.0 -> 45.1 gnome-shell: Add missing dependency on pipewire gnome-shell: Remove deprecated libcroco dependency openbox: Drop deprecated libcroco dependency Martin Jansa (14): gupnp: fix build with meson-1.2.0 minifi-cpp, mozjs-115, redis-7.2.1, pv: add missing Upstream-Status mozjs: fix filename in MULTILIB_SCRIPTS gupnp-tools: fix build with meson-1.2.0 gnome-tweaks, networkmanager-fortisslvpn, libesmtp, json-schema-validator, python3-pybluez, python3-pynetlinux, apache2: Fix Malformed Upstream-Status mozjs: use PV in MULTILIB_SCRIPTS mosquitto, etcd-cpp-apiv3: add missing Upstream-Status meta-oe/dynamic-layers: add Upstream-Status where missing meta-oe/dynamic-layers: add one more missing Upstream-Status and fix one malformed opencv: Fix build with protobuf v22 and dnn enabled nodejs: update to latest v20 version 20.8.1 nodejs: Revert io_uring support from bundled libuv-1.46.0 opencv: refresh protobuf-v22 compatibility patch with backported version leveldb: prevent installing gtest Martin Maurer (1): libqmi: Upgrade 1.32.4 -> 1.34.0 Matthias Klein (1): paho-mqtt-c: upgrade 1.3.12 -> 1.3.13 Michał Iwanicki (1): python3-pyu2f: add recipe Mickael RAMILISON (1): python3-rapidjson: add ptest Mingli Yu (1): mozjs-102: Remove the buildpath Pawel Langowski (1): recipes-connectivity: Add tayga recipe Peter Kjellerstedt (2): libwebsockets: Support building for native mosquitto: Support building for native again Petr Gotthard (2): libmbim: upgrade 1.28.4 -> 1.30.0 modemmanager: upgrade 1.20.6 -> 1.22.0 Philip-Dylan Gleonec (1): cukinia: Fix license field Richard Purdie (4): meta-python: Drop broken BBCLASSEXTEND variants meta-oe: Drop broken BBCLASSEXTEND variants meta-networking: Drop broken BBCLASSEXTEND variants meta-perl: Drop broken BBCLASSEXTEND variants Ross Burton (1): webkitgtk3: reduce size of -dbg package Sam Van Den Berge (1): netdata: Upgrade 1.36.1 -> 1.43.0 Samantha Jalabert (6): Remove python3-rdflib Remove python3-license-expression Remove python3-xmltodict Remove python3-booleanpy Remove python3-click Remove python3-isodate Samuli Piippo (1): protobuf: stage protoc binary to sysroot Thomas Roos (1): python3-boto3, python3-botocore: remove recipes Tim Orling (2): po4a: remove old recipe debsums: remove old recipe Tom Hochstein (1): libcamera: Avoid build break in signature recalculation Trevor Gamblin (5): python-git-pw: add from meta-patchtest python3-py-cpuinfo: disable broken ptests python3-arrow: add from meta-patchtest python3-pytest-mock: disable broken ptests meta-python: update ptests status for py-cpuinfo, pytest-mock Vyacheslav Yurkov (3): overlayfs-tools: Drop unneeded dependency overlayfs-tools: Bump up the version overlayfs-tools: Install fsck binary Wang Mingyu (84): dnf-plugin-tui: create symlinks from /usr/ to /. c-ares: upgrade 1.19.1 -> 1.20.1 adw-gtk3: upgrade 4.9 -> 5.1 ctags: upgrade 6.0.20230917.0 -> 6.0.20231001.0 dialog: upgrade 1.3-20230209 -> 1.3-20231002 freerdp: upgrade 2.11.1 -> 2.11.2 gnome-backgrounds: upgrade 44.0 -> 45.0 gnome-calculator: upgrade 45.0 -> 45.0.2 gnome-font-viewer: upgrade 44.0 -> 45.0 ipc-run: upgrade 20220807.0 -> 20231003.0 libbytesize: upgrade 2.9 -> 2.10 libcoap: upgrade 4.3.3 -> 4.3.4 libyang: upgrade 2.1.111 -> 2.1.128 lvgl: upgrade 8.3.9 -> 8.3.10 metacity: upgrade 3.46.1 -> 3.50.0 nautilus: upgrade 45.0 -> 45.1 ceres-solver: upgrade 2.1.0 -> 2.2.0 python3-eth-abi: upgrade 3.0.1 -> 4.2.1 python3-mypy: upgrade 1.5.1 -> 1.6.1 python3-pylint: upgrade 3.0.0 -> 3.0.1 python3-aiodns: upgrade 3.0.0 -> 3.1.1 python3-aiohttp: upgrade 3.8.5 -> 3.8.6 python3-astroid: upgrade 3.0.0 -> 3.0.1 python3-bitarray: upgrade 2.8.1 -> 2.8.2 python3-bitstruct: upgrade 8.17.0 -> 8.18.0 python3-blinker: upgrade 1.6.2 -> 1.6.3 python3-charset-normalizer: upgrade 3.2.0 -> 3.3.0 python3-cmake: upgrade 3.27.5 -> 3.27.7 python3-coverage: upgrade 7.3.1 -> 7.3.2 python3-croniter: upgrade 1.4.1 -> 2.0.1 python3-dbus-fast: upgrade 1.85.0 -> 2.12.0 python3-email-validator: upgrade 1.3.1 -> 2.0.0 python3-engineio: upgrade 4.7.1 -> 4.8.0 python3-eth-typing: upgrade 3.4.0 -> 3.5.0 python3-eth-utils: upgrade 2.2.1 -> 2.2.2 python3-executing: upgrade 1.2.0 -> 2.0.0 python3-flask-babel: upgrade 3.1.0 -> 4.0.0 python3-flask-jwt-extended: upgrade 4.5.2 -> 4.5.3 python3-google-api-python-client: upgrade 2.101.0 -> 2.104.0 python3-googleapis-common-protos: upgrade 1.60.0 -> 1.61.0 python3-google-auth: upgrade 2.23.1 -> 2.23.3 python3-h5py: upgrade 3.9.0 -> 3.10.0 python3-huey: upgrade 2.4.5 -> 2.5.0 python3-imageio: upgrade 2.31.3 -> 2.31.5 python3-ipython: upgrade 8.15.0 -> 8.16.1 python3-jedi: upgrade 0.19.0 -> 0.19.1 python3-meson-python: upgrade 0.13.1 -> 0.14.0 python3-msgpack: upgrade 1.0.6 -> 1.0.7 python3-platformdirs: upgrade 3.10.0 -> 3.11.0 python3-prompt-toolkit: upgrade 3.0.36 -> 3.0.39 python3-protobuf: upgrade 4.24.3 -> 4.24.4 python3-pycares: upgrade 4.3.0 -> 4.4.0 python3-pycodestyle: upgrade 2.11.0 -> 2.11.1 python3-pydantic: upgrade 2.4.1 -> 2.4.2 python3-pyephem: upgrade 4.1.4 -> 4.1.5 python3-pytest-timeout: upgrade 2.1.0 -> 2.2.0 python3-rapidjson: upgrade 1.11 -> 1.12 python3-regex: upgrade 2023.8.8 -> 2023.10.3 python3-rich: upgrade 13.5.3 -> 13.6.0 python3-schedule: upgrade 1.2.0 -> 1.2.1 python3-semver: upgrade 3.0.1 -> 3.0.2 python3-simplejson: upgrade 3.19.1 -> 3.19.2 python3-socketio: upgrade 5.9.0 -> 5.10.0 python3-sqlalchemy: upgrade 2.0.21 -> 2.0.22 python3-stack-data: upgrade 0.6.2 -> 0.6.3 python3-texttable: upgrade 1.6.7 -> 1.7.0 python3-traitlets: upgrade 5.10.1 -> 5.11.2 python3-types-psutil: upgrade 5.9.5.16 -> 5.9.5.17 python3-tzlocal: upgrade 5.0.1 -> 5.1 python3-web3: upgrade 6.10.0 -> 6.11.1 python3-websocket-client: upgrade 1.6.3 -> 1.6.4 python3-xlsxwriter: upgrade 3.1.3 -> 3.1.8 python3-xxhash: upgrade 3.3.0 -> 3.4.1 python3-zeroconf: upgrade 0.112.0 -> 0.119.0 python3-zopeinterface: upgrade 6.0 -> 6.1 rdma-core: upgrade 47.0 -> 48.0 redis: upgrade 7.2.1 -> 7.2.2 remmina: upgrade 1.4.32 -> 1.4.33 tesseract: upgrade 5.3.2 -> 5.3.3 thingsboard-gateway: upgrade 3.3 -> 3.4.1 tio: upgrade 2.6 -> 2.7 wireshark: upgrade 4.0.8 -> 4.0.10 xterm: upgrade 384 -> 387 zchunk: upgrade 1.3.1 -> 1.3.2 Xiangyu Chen (3): mosh: add support of protobuf 4.22.x protobuf: upgrade 3.21.12 -> 4.22.2 protobuf-c: add support of protobuf 4.22.x Yi Zhao (6): samba: upgrade 4.18.6 -> 4.18.8 samba: use external cmocka instead of bundled cmocka libtevent: fix ptest libldb: add ptest conntrack-tools: upgrade 1.4.7 -> 1.4.8 nftables: upgrade 1.0.8 -> 1.0.9 Signed-off-by: Patrick Williams <patrick@stwcx.xyz> Change-Id: Icadb12eae4fd40dd775a4eff9259684fbcd12e74
Diffstat (limited to 'poky/meta/recipes-multimedia')
-rw-r--r--poky/meta/recipes-multimedia/libsndfile/libsndfile1/cve-2022-33065.patch739
-rw-r--r--poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.2.2.bb1
2 files changed, 740 insertions, 0 deletions
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/cve-2022-33065.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/cve-2022-33065.patch
new file mode 100644
index 0000000000..fa4b2fc08b
--- /dev/null
+++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/cve-2022-33065.patch
@@ -0,0 +1,739 @@
+From c7ce5b0ebeeb58934825077d1324960aa0747718 Mon Sep 17 00:00:00 2001
+From: Alex Stewart <alex.stewart@ni.com>
+Date: Tue, 10 Oct 2023 16:10:34 -0400
+Subject: [PATCH] mat4/mat5: fix int overflow in dataend calculation
+
+The clang sanitizer warns of a possible signed integer overflow when
+calculating the `dataend` value in `mat4_read_header()`.
+
+```
+src/mat4.c:323:41: runtime error: signed integer overflow: 205 * -100663296 cannot be represented in type 'int'
+SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior src/mat4.c:323:41 in
+src/mat4.c:323:48: runtime error: signed integer overflow: 838860800 * 4 cannot be represented in type 'int'
+SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior src/mat4.c:323:48 in
+```
+
+Cast the offending `rows` and `cols` ints to `sf_count_t` (the type of
+`dataend` before performing the calculation, to avoid the issue.
+
+CVE: CVE-2022-33065
+Fixes: https://github.com/libsndfile/libsndfile/issues/789
+Fixes: https://github.com/libsndfile/libsndfile/issues/833
+
+Upstream-Status: Backport [9a829113c88a51e57c1e46473e90609e4b7df151]
+
+Signed-off-by: Alex Stewart <alex.stewart@ni.com>
+---
+ src/mat4.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/mat4.c b/src/mat4.c
+index 0b1b414b..575683ba 100644
+--- a/src/mat4.c
++++ b/src/mat4.c
+@@ -320,7 +320,7 @@ mat4_read_header (SF_PRIVATE *psf)
+ psf->filelength - psf->dataoffset, psf->sf.channels * psf->sf.frames * psf->bytewidth) ;
+ }
+ else if ((psf->filelength - psf->dataoffset) > psf->sf.channels * psf->sf.frames * psf->bytewidth)
+- psf->dataend = psf->dataoffset + rows * cols * psf->bytewidth ;
++ psf->dataend = psf->dataoffset + (sf_count_t) rows * (sf_count_t) cols * psf->bytewidth ;
+
+ psf->datalength = psf->filelength - psf->dataoffset - psf->dataend ;
+
+From 842303f984b2081481e74cb84a9a24ecbe3dec1a Mon Sep 17 00:00:00 2001
+From: Alex Stewart <alex.stewart@ni.com>
+Date: Wed, 11 Oct 2023 16:36:02 -0400
+Subject: [PATCH] au: avoid int overflow while calculating data_end
+
+At several points in au_read_header(), we calculate the functional end
+of the data segment by adding the (int)au_fmt.dataoffset and the
+(int)au_fmt.datasize. This can overflow the implicit int_32 return value
+and cause undefined behavior.
+
+Instead, precalculate the value and assign it to a 64-bit
+(sf_count_t)data_end variable.
+
+CVE: CVE-2022-33065
+Fixes: https://github.com/libsndfile/libsndfile/issues/833
+
+Signed-off-by: Alex Stewart <alex.stewart@ni.com>
+---
+ src/au.c | 10 ++++++----
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/src/au.c b/src/au.c
+index 62bd691d..f68f2587 100644
+--- a/src/au.c
++++ b/src/au.c
+@@ -291,6 +291,7 @@ static int
+ au_read_header (SF_PRIVATE *psf)
+ { AU_FMT au_fmt ;
+ int marker, dword ;
++ sf_count_t data_end ;
+
+ memset (&au_fmt, 0, sizeof (au_fmt)) ;
+ psf_binheader_readf (psf, "pm", 0, &marker) ;
+@@ -317,14 +318,15 @@ au_read_header (SF_PRIVATE *psf)
+ return SFE_AU_EMBED_BAD_LEN ;
+ } ;
+
++ data_end = (sf_count_t) au_fmt.dataoffset + (sf_count_t) au_fmt.datasize ;
+ if (psf->fileoffset > 0)
+- { psf->filelength = au_fmt.dataoffset + au_fmt.datasize ;
++ { psf->filelength = data_end ;
+ psf_log_printf (psf, " Data Size : %d\n", au_fmt.datasize) ;
+ }
+- else if (au_fmt.datasize == -1 || au_fmt.dataoffset + au_fmt.datasize == psf->filelength)
++ else if (au_fmt.datasize == -1 || data_end == psf->filelength)
+ psf_log_printf (psf, " Data Size : %d\n", au_fmt.datasize) ;
+- else if (au_fmt.dataoffset + au_fmt.datasize < psf->filelength)
+- { psf->filelength = au_fmt.dataoffset + au_fmt.datasize ;
++ else if (data_end < psf->filelength)
++ { psf->filelength = data_end ;
+ psf_log_printf (psf, " Data Size : %d\n", au_fmt.datasize) ;
+ }
+ else
+From 0754d3380a54e3fbdde0f684b88955c80c79f58f Mon Sep 17 00:00:00 2001
+From: Alex Stewart <alex.stewart@ni.com>
+Date: Wed, 11 Oct 2023 16:46:29 -0400
+Subject: [PATCH] avr: fix int overflow in avr_read_header()
+
+Pre-cast hdr.frames to sf_count_t, to provide the calculation with
+enough numeric space to avoid an int-overflow.
+
+CVE: CVE-2022-33065
+Fixes: https://github.com/libsndfile/libsndfile/issues/833
+
+Signed-off-by: Alex Stewart <alex.stewart@ni.com>
+---
+ src/avr.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/avr.c b/src/avr.c
+index 6c78ff69..1bc1ffc9 100644
+--- a/src/avr.c
++++ b/src/avr.c
+@@ -162,7 +162,7 @@ avr_read_header (SF_PRIVATE *psf)
+ psf->endian = SF_ENDIAN_BIG ;
+
+ psf->dataoffset = AVR_HDR_SIZE ;
+- psf->datalength = hdr.frames * (hdr.rez / 8) ;
++ psf->datalength = (sf_count_t) hdr.frames * (hdr.rez / 8) ;
+
+ if (psf->fileoffset > 0)
+ psf->filelength = AVR_HDR_SIZE + psf->datalength ;
+From 6ac31a68a614e2bba4a05b54e5558d6270c98376 Mon Sep 17 00:00:00 2001
+From: Alex Stewart <alex.stewart@ni.com>
+Date: Wed, 11 Oct 2023 16:54:21 -0400
+Subject: [PATCH] sds: fix int overflow warning in sample calculations
+
+The sds_*byte_read() functions compose their uint_32 sample buffers by
+shifting 7bit samples into a 32bit wide buffer, and adding them
+together. Because the 7bit samples are stored in 32bit ints, code
+fuzzers become concerned that the addition operation can overflow and
+cause undefined behavior.
+
+Instead, bitwise-OR the bytes together - which should accomplish the
+same arithmetic operation, without risking an int-overflow.
+
+CVE: CVE-2022-33065
+Fixes: https://github.com/libsndfile/libsndfile/issues/833
+
+Signed-off-by: Alex Stewart <alex.stewart@ni.com>
+
+Do the same for the 3byte and 4byte read functions.
+---
+ src/sds.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/sds.c b/src/sds.c
+index 6bc76171..2a0f164c 100644
+--- a/src/sds.c
++++ b/src/sds.c
+@@ -454,7 +454,7 @@ sds_2byte_read (SF_PRIVATE *psf, SDS_PRIVATE *psds)
+
+ ucptr = psds->read_data + 5 ;
+ for (k = 0 ; k < 120 ; k += 2)
+- { sample = arith_shift_left (ucptr [k], 25) + arith_shift_left (ucptr [k + 1], 18) ;
++ { sample = arith_shift_left (ucptr [k], 25) | arith_shift_left (ucptr [k + 1], 18) ;
+ psds->read_samples [k / 2] = (int) (sample - 0x80000000) ;
+ } ;
+
+@@ -498,7 +498,7 @@ sds_3byte_read (SF_PRIVATE *psf, SDS_PRIVATE *psds)
+
+ ucptr = psds->read_data + 5 ;
+ for (k = 0 ; k < 120 ; k += 3)
+- { sample = (((uint32_t) ucptr [k]) << 25) + (ucptr [k + 1] << 18) + (ucptr [k + 2] << 11) ;
++ { sample = (((uint32_t) ucptr [k]) << 25) | (ucptr [k + 1] << 18) | (ucptr [k + 2] << 11) ;
+ psds->read_samples [k / 3] = (int) (sample - 0x80000000) ;
+ } ;
+
+@@ -542,7 +542,7 @@ sds_4byte_read (SF_PRIVATE *psf, SDS_PRIVATE *psds)
+
+ ucptr = psds->read_data + 5 ;
+ for (k = 0 ; k < 120 ; k += 4)
+- { sample = (((uint32_t) ucptr [k]) << 25) + (ucptr [k + 1] << 18) + (ucptr [k + 2] << 11) + (ucptr [k + 3] << 4) ;
++ { sample = (((uint32_t) ucptr [k]) << 25) | (ucptr [k + 1] << 18) | (ucptr [k + 2] << 11) | (ucptr [k + 3] << 4) ;
+ psds->read_samples [k / 4] = (int) (sample - 0x80000000) ;
+ } ;
+
+From 96428e1dd4998f1cd47df24f8fe9b0da35d7b947 Mon Sep 17 00:00:00 2001
+From: Alex Stewart <alex.stewart@ni.com>
+Date: Wed, 11 Oct 2023 17:26:51 -0400
+Subject: [PATCH] aiff: fix int overflow when counting header elements
+
+aiff_read_basc_chunk() tries to count the AIFF header size by keeping
+track of the bytes returned by psf_binheader_readf(). Though improbable,
+it is technically possible for these added bytes to exceed the int-sized
+`count` accumulator.
+
+Use a 64-bit sf_count_t type for `count`, to ensure that it always has
+enough numeric space.
+
+CVE: CVE-2022-33065
+Fixes: https://github.com/libsndfile/libsndfile/issues/833
+
+Signed-off-by: Alex Stewart <alex.stewart@ni.com>
+---
+ src/aiff.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/aiff.c b/src/aiff.c
+index a2bda8f4..6b244302 100644
+--- a/src/aiff.c
++++ b/src/aiff.c
+@@ -1702,7 +1702,7 @@ static int
+ aiff_read_basc_chunk (SF_PRIVATE * psf, int datasize)
+ { const char * type_str ;
+ basc_CHUNK bc ;
+- int count ;
++ sf_count_t count ;
+
+ count = psf_binheader_readf (psf, "E442", &bc.version, &bc.numBeats, &bc.rootNote) ;
+ count += psf_binheader_readf (psf, "E222", &bc.scaleType, &bc.sigNumerator, &bc.sigDenominator) ;
+From b352c350d35bf978e4d3a32e5d9df1f2284445f4 Mon Sep 17 00:00:00 2001
+From: Alex Stewart <alex.stewart@ni.com>
+Date: Wed, 11 Oct 2023 17:43:02 -0400
+Subject: [PATCH] ircam: fix int overflow in ircam_read_header()
+
+When reading the IRCAM header, it is possible for the calculated
+blockwidth to exceed the bounds of a signed int32.
+
+Use a 64bit sf_count_t to store the blockwidth.
+
+CVE: CVE-2022-33065
+Fixes: https://github.com/libsndfile/libsndfile/issues/833
+
+Signed-off-by: Alex Stewart <alex.stewart@ni.com>
+---
+ src/common.h | 2 +-
+ src/ircam.c | 10 +++++-----
+ 2 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/src/common.h b/src/common.h
+index d92eabde..5369cb67 100644
+--- a/src/common.h
++++ b/src/common.h
+@@ -439,7 +439,7 @@ typedef struct sf_private_tag
+ sf_count_t datalength ; /* Length in bytes of the audio data. */
+ sf_count_t dataend ; /* Offset to file tailer. */
+
+- int blockwidth ; /* Size in bytes of one set of interleaved samples. */
++ sf_count_t blockwidth ; /* Size in bytes of one set of interleaved samples. */
+ int bytewidth ; /* Size in bytes of one sample (one channel). */
+
+ void *dither ;
+diff --git a/src/ircam.c b/src/ircam.c
+index 8e7cdba8..3d73ba44 100644
+--- a/src/ircam.c
++++ b/src/ircam.c
+@@ -171,35 +171,35 @@ ircam_read_header (SF_PRIVATE *psf)
+ switch (encoding)
+ { case IRCAM_PCM_16 :
+ psf->bytewidth = 2 ;
+- psf->blockwidth = psf->sf.channels * psf->bytewidth ;
++ psf->blockwidth = (sf_count_t) psf->sf.channels * psf->bytewidth ;
+
+ psf->sf.format = SF_FORMAT_IRCAM | SF_FORMAT_PCM_16 ;
+ break ;
+
+ case IRCAM_PCM_32 :
+ psf->bytewidth = 4 ;
+- psf->blockwidth = psf->sf.channels * psf->bytewidth ;
++ psf->blockwidth = (sf_count_t) psf->sf.channels * psf->bytewidth ;
+
+ psf->sf.format = SF_FORMAT_IRCAM | SF_FORMAT_PCM_32 ;
+ break ;
+
+ case IRCAM_FLOAT :
+ psf->bytewidth = 4 ;
+- psf->blockwidth = psf->sf.channels * psf->bytewidth ;
++ psf->blockwidth = (sf_count_t) psf->sf.channels * psf->bytewidth ;
+
+ psf->sf.format = SF_FORMAT_IRCAM | SF_FORMAT_FLOAT ;
+ break ;
+
+ case IRCAM_ALAW :
+ psf->bytewidth = 1 ;
+- psf->blockwidth = psf->sf.channels * psf->bytewidth ;
++ psf->blockwidth = (sf_count_t) psf->sf.channels * psf->bytewidth ;
+
+ psf->sf.format = SF_FORMAT_IRCAM | SF_FORMAT_ALAW ;
+ break ;
+
+ case IRCAM_ULAW :
+ psf->bytewidth = 1 ;
+- psf->blockwidth = psf->sf.channels * psf->bytewidth ;
++ psf->blockwidth = (sf_count_t) psf->sf.channels * psf->bytewidth ;
+
+ psf->sf.format = SF_FORMAT_IRCAM | SF_FORMAT_ULAW ;
+ break ;
+From 3bcd291e57867f88f558fa6f80990e84311df78c Mon Sep 17 00:00:00 2001
+From: Alex Stewart <alex.stewart@ni.com>
+Date: Wed, 11 Oct 2023 16:12:22 -0400
+Subject: [PATCH] mat4/mat5: fix int overflow when calculating blockwidth
+
+Pre-cast the components of the blockwidth calculation to sf_count_t to
+avoid overflowing integers during calculation.
+
+CVE: CVE-2022-33065
+Fixes: https://github.com/libsndfile/libsndfile/issues/833
+
+Signed-off-by: Alex Stewart <alex.stewart@ni.com>
+---
+ src/mat4.c | 2 +-
+ src/mat5.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/mat4.c b/src/mat4.c
+index 575683ba..9f046f0c 100644
+--- a/src/mat4.c
++++ b/src/mat4.c
+@@ -104,7 +104,7 @@ mat4_open (SF_PRIVATE *psf)
+
+ psf->container_close = mat4_close ;
+
+- psf->blockwidth = psf->bytewidth * psf->sf.channels ;
++ psf->blockwidth = (sf_count_t) psf->bytewidth * psf->sf.channels ;
+
+ switch (subformat)
+ { case SF_FORMAT_PCM_16 :
+diff --git a/src/mat5.c b/src/mat5.c
+index da5a6eca..20f0ea64 100644
+--- a/src/mat5.c
++++ b/src/mat5.c
+@@ -114,7 +114,7 @@ mat5_open (SF_PRIVATE *psf)
+
+ psf->container_close = mat5_close ;
+
+- psf->blockwidth = psf->bytewidth * psf->sf.channels ;
++ psf->blockwidth = (sf_count_t) psf->bytewidth * psf->sf.channels ;
+
+ switch (subformat)
+ { case SF_FORMAT_PCM_U8 :
+From c177e292d47ef73b1d3c1bb391320299a0ed2ff9 Mon Sep 17 00:00:00 2001
+From: Alex Stewart <alex.stewart@ni.com>
+Date: Mon, 16 Oct 2023 12:37:47 -0400
+Subject: [PATCH] common: fix int overflow in psf_binheader_readf()
+
+The psf_binheader_readf() function attempts to count and return the
+number of bytes traversed in the header. During this accumulation, it is
+possible to overflow the int-sized byte_count variable.
+
+Avoid this overflow by checking that the accumulated bytes do not exceed
+INT_MAX and throwing an error if they do. This implies that files with
+multi-gigabyte headers threaten to produce this error, but I imagine
+those files don't really exist - and this error is better than the
+undefined behavior which would have resulted previously.
+
+CVE: CVE-2022-33065
+Fixes: https://github.com/libsndfile/libsndfile/issues/833
+
+Signed-off-by: Alex Stewart <alex.stewart@ni.com>
+---
+ src/common.c | 36 ++++++++++++++++++++++++------------
+ 1 file changed, 24 insertions(+), 12 deletions(-)
+
+diff --git a/src/common.c b/src/common.c
+index 1c3d951d..7f6cceca 100644
+--- a/src/common.c
++++ b/src/common.c
+@@ -18,6 +18,7 @@
+
+ #include <config.h>
+
++#include <limits.h>
+ #include <stdarg.h>
+ #include <string.h>
+ #if HAVE_UNISTD_H
+@@ -990,6 +991,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ double *doubleptr ;
+ char c ;
+ int byte_count = 0, count = 0 ;
++ int read_bytes = 0 ;
+
+ if (! format)
+ return psf_ftell (psf) ;
+@@ -998,6 +1000,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+
+ while ((c = *format++))
+ {
++ read_bytes = 0 ;
+ if (psf->header.indx + 16 >= psf->header.len && psf_bump_header_allocation (psf, 16))
+ break ;
+
+@@ -1014,7 +1017,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ intptr = va_arg (argptr, unsigned int*) ;
+ *intptr = 0 ;
+ ucptr = (unsigned char*) intptr ;
+- byte_count += header_read (psf, ucptr, sizeof (int)) ;
++ read_bytes = header_read (psf, ucptr, sizeof (int)) ;
+ *intptr = GET_MARKER (ucptr) ;
+ break ;
+
+@@ -1022,7 +1025,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ intptr = va_arg (argptr, unsigned int*) ;
+ *intptr = 0 ;
+ ucptr = (unsigned char*) intptr ;
+- byte_count += header_read (psf, sixteen_bytes, sizeof (sixteen_bytes)) ;
++ read_bytes = header_read (psf, sixteen_bytes, sizeof (sixteen_bytes)) ;
+ { int k ;
+ intdata = 0 ;
+ for (k = 0 ; k < 16 ; k++)
+@@ -1034,14 +1037,14 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ case '1' :
+ charptr = va_arg (argptr, char*) ;
+ *charptr = 0 ;
+- byte_count += header_read (psf, charptr, sizeof (char)) ;
++ read_bytes = header_read (psf, charptr, sizeof (char)) ;
+ break ;
+
+ case '2' : /* 2 byte value with the current endian-ness */
+ shortptr = va_arg (argptr, unsigned short*) ;
+ *shortptr = 0 ;
+ ucptr = (unsigned char*) shortptr ;
+- byte_count += header_read (psf, ucptr, sizeof (short)) ;
++ read_bytes = header_read (psf, ucptr, sizeof (short)) ;
+ if (psf->rwf_endian == SF_ENDIAN_BIG)
+ *shortptr = GET_BE_SHORT (ucptr) ;
+ else
+@@ -1051,7 +1054,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ case '3' : /* 3 byte value with the current endian-ness */
+ intptr = va_arg (argptr, unsigned int*) ;
+ *intptr = 0 ;
+- byte_count += header_read (psf, sixteen_bytes, 3) ;
++ read_bytes = header_read (psf, sixteen_bytes, 3) ;
+ if (psf->rwf_endian == SF_ENDIAN_BIG)
+ *intptr = GET_BE_3BYTE (sixteen_bytes) ;
+ else
+@@ -1062,7 +1065,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ intptr = va_arg (argptr, unsigned int*) ;
+ *intptr = 0 ;
+ ucptr = (unsigned char*) intptr ;
+- byte_count += header_read (psf, ucptr, sizeof (int)) ;
++ read_bytes = header_read (psf, ucptr, sizeof (int)) ;
+ if (psf->rwf_endian == SF_ENDIAN_BIG)
+ *intptr = psf_get_be32 (ucptr, 0) ;
+ else
+@@ -1072,7 +1075,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ case '8' : /* 8 byte value with the current endian-ness */
+ countptr = va_arg (argptr, sf_count_t *) ;
+ *countptr = 0 ;
+- byte_count += header_read (psf, sixteen_bytes, 8) ;
++ read_bytes = header_read (psf, sixteen_bytes, 8) ;
+ if (psf->rwf_endian == SF_ENDIAN_BIG)
+ countdata = psf_get_be64 (sixteen_bytes, 0) ;
+ else
+@@ -1083,7 +1086,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ case 'f' : /* Float conversion */
+ floatptr = va_arg (argptr, float *) ;
+ *floatptr = 0.0 ;
+- byte_count += header_read (psf, floatptr, sizeof (float)) ;
++ read_bytes = header_read (psf, floatptr, sizeof (float)) ;
+ if (psf->rwf_endian == SF_ENDIAN_BIG)
+ *floatptr = float32_be_read ((unsigned char*) floatptr) ;
+ else
+@@ -1093,7 +1096,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ case 'd' : /* double conversion */
+ doubleptr = va_arg (argptr, double *) ;
+ *doubleptr = 0.0 ;
+- byte_count += header_read (psf, doubleptr, sizeof (double)) ;
++ read_bytes = header_read (psf, doubleptr, sizeof (double)) ;
+ if (psf->rwf_endian == SF_ENDIAN_BIG)
+ *doubleptr = double64_be_read ((unsigned char*) doubleptr) ;
+ else
+@@ -1117,7 +1120,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ charptr = va_arg (argptr, char*) ;
+ count = va_arg (argptr, size_t) ;
+ memset (charptr, 0, count) ;
+- byte_count += header_read (psf, charptr, count) ;
++ read_bytes = header_read (psf, charptr, count) ;
+ break ;
+
+ case 'G' :
+@@ -1128,7 +1131,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ if (psf->header.indx + count >= psf->header.len && psf_bump_header_allocation (psf, count))
+ break ;
+
+- byte_count += header_gets (psf, charptr, count) ;
++ read_bytes = header_gets (psf, charptr, count) ;
+ break ;
+
+ case 'z' :
+@@ -1152,7 +1155,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ case 'j' : /* Seek to position from current position. */
+ count = va_arg (argptr, size_t) ;
+ header_seek (psf, count, SEEK_CUR) ;
+- byte_count += count ;
++ read_bytes = count ;
+ break ;
+
+ case '!' : /* Clear buffer, forcing re-read. */
+@@ -1164,8 +1167,17 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ psf->error = SFE_INTERNAL ;
+ break ;
+ } ;
++
++ if (read_bytes > 0 && byte_count > (INT_MAX - read_bytes))
++ { psf_log_printf (psf, "Header size exceeds INT_MAX. Aborting.", c) ;
++ psf->error = SFE_INTERNAL ;
++ break ;
++ } else
++ { byte_count += read_bytes ;
+ } ;
+
++ } ; /*end while*/
++
+ va_end (argptr) ;
+
+ return byte_count ;
+From a23d563386e7c8d93dcdbe7d5b1d63cad6009116 Mon Sep 17 00:00:00 2001
+From: Alex Stewart <alex.stewart@ni.com>
+Date: Thu, 19 Oct 2023 14:07:19 -0400
+Subject: [PATCH] nms_adpcm: fix int overflow in signal estimate
+
+It is possible (though functionally incorrect) for the signal estimate
+calculation in nms_adpcm_update() to overflow the int value of s_e,
+resulting in undefined behavior.
+
+Since adpcm state signal values are never practically larger than
+16 bits, use smaller numeric sizes throughout the file to avoid the
+overflow.
+
+CVE: CVE-2022-33065
+Fixes: https://github.com/libsndfile/libsndfile/issues/833
+
+Authored-by: Arthur Taylor <art@ified.ca>
+Signed-off-by: Alex Stewart <alex.stewart@ni.com>
+Rebased-by: Alex Stewart <alex.stewart@ni.com>
+---
+ src/nms_adpcm.c | 85 ++++++++++++++++++++++++-------------------------
+ 1 file changed, 42 insertions(+), 43 deletions(-)
+
+diff --git a/src/nms_adpcm.c b/src/nms_adpcm.c
+index 96d6ad26..460ea077 100644
+--- a/src/nms_adpcm.c
++++ b/src/nms_adpcm.c
+@@ -48,36 +48,36 @@
+ /* Variable names from ITU G.726 spec */
+ struct nms_adpcm_state
+ { /* Log of the step size multiplier. Operated on by codewords. */
+- int yl ;
++ short yl ;
+
+ /* Quantizer step size multiplier. Generated from yl. */
+- int y ;
++ short y ;
+
+- /* Coefficents of the pole predictor */
+- int a [2] ;
++ /* Coefficients of the pole predictor */
++ short a [2] ;
+
+- /* Coefficents of the zero predictor */
+- int b [6] ;
++ /* Coefficients of the zero predictor */
++ short b [6] ;
+
+ /* Previous quantized deltas (multiplied by 2^14) */
+- int d_q [7] ;
++ short d_q [7] ;
+
+ /* d_q [x] + s_ez [x], used by the pole-predictor for signs only. */
+- int p [3] ;
++ short p [3] ;
+
+ /* Previous reconstructed signal values. */
+- int s_r [2] ;
++ short s_r [2] ;
+
+ /* Zero predictor components of the signal estimate. */
+- int s_ez ;
++ short s_ez ;
+
+ /* Signal estimate, (including s_ez). */
+- int s_e ;
++ short s_e ;
+
+ /* The most recent codeword (enc:generated, dec:inputted) */
+- int Ik ;
++ char Ik ;
+
+- int parity ;
++ char parity ;
+
+ /*
+ ** Offset into code tables for the bitrate.
+@@ -109,7 +109,7 @@ typedef struct
+ } NMS_ADPCM_PRIVATE ;
+
+ /* Pre-computed exponential interval used in the antilog approximation. */
+-static unsigned int table_expn [] =
++static unsigned short table_expn [] =
+ { 0x4000, 0x4167, 0x42d5, 0x444c, 0x45cb, 0x4752, 0x48e2, 0x4a7a,
+ 0x4c1b, 0x4dc7, 0x4f7a, 0x5138, 0x52ff, 0x54d1, 0x56ac, 0x5892,
+ 0x5a82, 0x5c7e, 0x5e84, 0x6096, 0x62b4, 0x64dd, 0x6712, 0x6954,
+@@ -117,21 +117,21 @@ static unsigned int table_expn [] =
+ } ;
+
+ /* Table mapping codewords to scale factor deltas. */
+-static int table_scale_factor_step [] =
++static short table_scale_factor_step [] =
+ { 0x0, 0x0, 0x0, 0x0, 0x4b0, 0x0, 0x0, 0x0, /* 2-bit */
+ -0x3c, 0x0, 0x90, 0x0, 0x2ee, 0x0, 0x898, 0x0, /* 3-bit */
+ -0x30, 0x12, 0x6b, 0xc8, 0x188, 0x2e0, 0x551, 0x1150, /* 4-bit */
+ } ;
+
+ /* Table mapping codewords to quantized delta interval steps. */
+-static unsigned int table_step [] =
++static unsigned short table_step [] =
+ { 0x73F, 0, 0, 0, 0x1829, 0, 0, 0, /* 2-bit */
+ 0x3EB, 0, 0xC18, 0, 0x1581, 0, 0x226E, 0, /* 3-bit */
+ 0x20C, 0x635, 0xA83, 0xF12, 0x1418, 0x19E3, 0x211A, 0x2BBA, /* 4-bit */
+ } ;
+
+ /* Binary search lookup table for quantizing using table_step. */
+-static int table_step_search [] =
++static short table_step_search [] =
+ { 0, 0x1F6D, 0, -0x1F6D, 0, 0, 0, 0, /* 2-bit */
+ 0x1008, 0x1192, 0, -0x219A, 0x1656, -0x1656, 0, 0, /* 3-bit */
+ 0x872, 0x1277, -0x8E6, -0x232B, 0xD06, -0x17D7, -0x11D3, 0, /* 4-bit */
+@@ -179,23 +179,23 @@ static sf_count_t nms_adpcm_seek (SF_PRIVATE *psf, int mode, sf_count_t offset)
+ ** Maps [1,20480] to [1,1024] in an exponential relationship. This is
+ ** approximately ret = b^exp where b = e^(ln(1024)/ln(20480)) ~= 1.0003385
+ */
+-static inline int
+-nms_adpcm_antilog (int exp)
+-{ int ret ;
++static inline short
++nms_adpcm_antilog (short exp)
++{ int_fast32_t r ;
+
+- ret = 0x1000 ;
+- ret += (((exp & 0x3f) * 0x166b) >> 12) ;
+- ret *= table_expn [(exp & 0x7c0) >> 6] ;
+- ret >>= (26 - (exp >> 11)) ;
++ r = 0x1000 ;
++ r += (((int_fast32_t) (exp & 0x3f) * 0x166b) >> 12) ;
++ r *= table_expn [(exp & 0x7c0) >> 6] ;
++ r >>= (26 - (exp >> 11)) ;
+
+- return ret ;
++ return (short) r ;
+ } /* nms_adpcm_antilog */
+
+ static void
+ nms_adpcm_update (struct nms_adpcm_state *s)
+ { /* Variable names from ITU G.726 spec */
+- int a1ul ;
+- int fa1 ;
++ short a1ul, fa1 ;
++ int_fast32_t se ;
+ int i ;
+
+ /* Decay and Modify the scale factor in the log domain based on the codeword. */
+@@ -222,7 +222,7 @@ nms_adpcm_update (struct nms_adpcm_state *s)
+ else if (fa1 > 256)
+ fa1 = 256 ;
+
+- s->a [0] = (0xff * s->a [0]) >> 8 ;
++ s->a [0] = (s->a [0] * 0xff) >> 8 ;
+ if (s->p [0] != 0 && s->p [1] != 0 && ((s->p [0] ^ s->p [1]) < 0))
+ s->a [0] -= 192 ;
+ else
+@@ -230,7 +230,7 @@ nms_adpcm_update (struct nms_adpcm_state *s)
+ fa1 = -fa1 ;
+ }
+
+- s->a [1] = fa1 + ((0xfe * s->a [1]) >> 8) ;
++ s->a [1] = fa1 + ((s->a [1] * 0xfe) >> 8) ;
+ if (s->p [0] != 0 && s->p [2] != 0 && ((s->p [0] ^ s->p [2]) < 0))
+ s->a [1] -= 128 ;
+ else
+@@ -250,19 +250,18 @@ nms_adpcm_update (struct nms_adpcm_state *s)
+ s->a [0] = a1ul ;
+ } ;
+
+- /* Compute the zero predictor estimate. Rotate past deltas too. */
+- s->s_ez = 0 ;
++ /* Compute the zero predictor estimate and rotate past deltas. */
++ se = 0 ;
+ for (i = 5 ; i >= 0 ; i--)
+- { s->s_ez += s->d_q [i] * s->b [i] ;
++ { se += (int_fast32_t) s->d_q [i] * s->b [i] ;
+ s->d_q [i + 1] = s->d_q [i] ;
+ } ;
++ s->s_ez = se >> 14 ;
+
+- /* Compute the signal estimate. */
+- s->s_e = s->a [0] * s->s_r [0] + s->a [1] * s->s_r [1] + s->s_ez ;
+-
+- /* Return to scale */
+- s->s_ez >>= 14 ;
+- s->s_e >>= 14 ;
++ /* Complete the signal estimate. */
++ se += (int_fast32_t) s->a [0] * s->s_r [0] ;
++ se += (int_fast32_t) s->a [1] * s->s_r [1] ;
++ s->s_e = se >> 14 ;
+
+ /* Rotate members to prepare for next iteration. */
+ s->s_r [1] = s->s_r [0] ;
+@@ -274,7 +273,7 @@ nms_adpcm_update (struct nms_adpcm_state *s)
+ static int16_t
+ nms_adpcm_reconstruct_sample (struct nms_adpcm_state *s, uint8_t I)
+ { /* Variable names from ITU G.726 spec */
+- int dqx ;
++ int_fast32_t dqx ;
+
+ /*
+ ** The ordering of the 12-bit right-shift is a precision loss. It agrees
+@@ -308,17 +307,17 @@ nms_adpcm_codec_init (struct nms_adpcm_state *s, enum nms_enc_type type)
+ /*
+ ** nms_adpcm_encode_sample()
+ **
+-** Encode a linear 16-bit pcm sample into a 2,3, or 4 bit NMS-ADPCM codeword
++** Encode a linear 16-bit pcm sample into a 2, 3, or 4 bit NMS-ADPCM codeword
+ ** using and updating the predictor state.
+ */
+ static uint8_t
+ nms_adpcm_encode_sample (struct nms_adpcm_state *s, int16_t sl)
+ { /* Variable names from ITU G.726 spec */
+- int d ;
++ int_fast32_t d ;
+ uint8_t I ;
+
+ /* Down scale the sample from 16 => ~14 bits. */
+- sl = (sl * 0x1fdf) / 0x7fff ;
++ sl = ((int_fast32_t) sl * 0x1fdf) / 0x7fff ;
+
+ /* Compute estimate, and delta from actual value */
+ nms_adpcm_update (s) ;
+@@ -407,7 +406,7 @@ nms_adpcm_encode_sample (struct nms_adpcm_state *s, int16_t sl)
+ */
+ static int16_t
+ nms_adpcm_decode_sample (struct nms_adpcm_state *s, uint8_t I)
+-{ int sl ;
++{ int_fast32_t sl ;
+
+ nms_adpcm_update (s) ;
+ sl = nms_adpcm_reconstruct_sample (s, I) ;
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.2.2.bb b/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.2.2.bb
index 9c1f601aab..a9ee7c3575 100644
--- a/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.2.2.bb
+++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.2.2.bb
@@ -9,6 +9,7 @@ LICENSE = "LGPL-2.1-only"
SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/libsndfile-${PV}.tar.xz \
file://noopus.patch \
+ file://cve-2022-33065.patch \
"
GITHUB_BASE_URI = "https://github.com/libsndfile/libsndfile/releases/"
generated by cgit v1.2.3 (git 2.39.0) at 2024-10-05 19:47:25 +0300