Pick commit per NVD report.
Add two patches to apply it cleanly.
(From OE-Core rev: 4e03bed20bceb455cb46dcf9564ad5a8525b207d)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick commit per NVD report.
(From OE-Core rev: e8fbb7521e0113c467e07ba473a46612709c5311)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick commit per NVD report.
(From OE-Core rev: f3bdbd782eed2b597927df489a7d38a22fbba5ed)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick commit per NVD report.
Add two patches to apply it cleanly.
(From OE-Core rev: 285a495b8b0e8fa93a0a0884f466f1adca76a28a)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This CVE is for the tool which is removed in v4.6.0 via [1] and
re-introduced again in v4.7.0 via [2].
[1] eab89a627f
[2] 9ab54a8580
(From OE-Core rev: 1ff4b39374a5b328069a928e7234c3397769dc6f)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
There is a bug in GStreamer 1.22 that prevents video playback when
some of the v4l2codecs are paired with sinks that do not support
GstVideoMeta. This is the case of the Qt 6.9 sink used by some
of the Qt components.
For example, when the v4l2codecs-vp8dec decoder is paired with
QMediaPlayer, video playback fails to start with the following error:
WARN videodecoder gstvideodecoder.c:4409:gst_video_decoder_negotiate_pool: Subclass failed to decide allocation
ERROR videodecoder gstvideodecoder.c:4635:gst_video_decoder_allocate_output_buffer: Failed to allocate the buffer..
WARN videodecoder gstvideodecoder.c:4409:gst_video_decoder_negotiate_pool: Subclass failed to decide allocation
WARN matroskademux matroska-demux.c:6131:gst_matroska_demux_loop: error: Internal data stream error.
WARN matroskademux matroska-demux.c:6131:gst_matroska_demux_loop: error: streaming stopped, reason not-negotiated (-4)
This problem is already fixed in GStreamer 1.24, so backport the fix.
This fixes the buffer allocation failure for H.264, H.265, and VP8.
CC: Steve Sakoman <steve@sakoman.com>
CC: Anuj Mittal <anuj.mittal@intel.com>
(From OE-Core rev: 1be0de000bb852f1acc9644c1cb702336d7fdd61)
Signed-off-by: Daniel Semkowicz <dse@thaumatec.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Following are mentioned in commit upgrading the recipe to 6.1.3:
* CVE-2023-49502 CVE-2023-50007 CVE-2023-50008 CVE-2024-31578 CVE-2024-31582
Following are fixed via mentioned commits already in 6.1.1:
* CVE-2023-50009: 162b4c60c8
* CVE-2023-50010: e809c23786
* CVE-2024-31585: 3061bf668f
(From OE-Core rev: 8286570b3baf275ff48c45ca0864348a8d3faa01)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
These CVEs are for tools which were removed in v4.6.0 via [1] and
re-introduced again in v4.7.0 via [2].
[1] eab89a627f
[2] 9ab54a8580
(From OE-Core rev: faf1e12ae0f9de56402830460315e5be0d13f4a5)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
As per the linked ticket, this issue is related to an Ubuntu-specific
patch that we don't have.
(From OE-Core rev: dc81fdc6bdf8ab39b7f2fd994d50256430c36558)
(From OE-Core rev: 72e63e44a0c6ad5a408c4dc59a24288c36463439)
(From OE-Core rev: 4cdcb27238be40e815ce5a0b67ce419331079801)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
All these CVEs were fixed in recent commits.
(From OE-Core rev: c5a68886247d4417de4ecaa8460e25e84ab93b0d)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A flaw was found in Libtiff. This vulnerability is a "write-what-where"
condition, triggered when the library processes a specially crafted TIFF
image file.[EOL][EOL]By providing an abnormally large image height value
in the file's metadata, an attacker can trick the library into writing
attacker-controlled color data to an arbitrary memory location. This
memory corruption can be exploited to cause a denial of service (application
crash) or to achieve arbitrary code execution with the permissions of the user.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-9900
Upstream patch:
3e0dcf0ec6
(From OE-Core rev: c1303b8eb4e85a031a175867361876a256bfb763)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Since pulseaudio-server requires the audio group, we explicitly add it.
When use useradd-staticids or do not use the default group in
base-passwd, an error will occur because the audio group is not defined.
NOTE: pulseaudio: Performing useradd with [--root
TOPDIR/tmp/work/cortexa72-poky-linux/pulseaudio/17.0/recipe-sysroot
--home-dir /var/run/pulse --gid 998 --groups audio,pulse
--no-create-home --system --shell /bin/false --uid 998 pulse]
useradd: group 'audio' does not exist
ERROR: pulseaudio: useradd command did not succeed.
(From OE-Core rev: baa5e7ea5f37f54c2a00080798ad7fb4c0664f69)
Signed-off-by: Kyungjik Min <dpmin7@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1.
This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c
of the component AAC Encoder. The manipulation leads to stack-based buffer overflow.
It is possible to initiate the attack remotely. The exploit has been disclosed to the
public and may be used.
(From OE-Core rev: c9a15206bae7f1e85dc3b8812eabb936a7e6d383)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Install libpng test-suite to run it as a ptest.
As the test-suite takes more than 30 seconds to run,
add libpng-ptest to PTESTS_SLOW in ptest-packagelists.inc
(From OE-Core rev: 1b52b7ebe5f8fb490088622181cdb95e6b7f5a29)
Signed-off-by: Poonam Jadhav <poonam.jadhav@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
CVE-2025-1373 does not appear to affect ffmpeg 5.0.3. The CVE has been
marked as "fixed-version".
(From OE-Core rev: 0ffe159d9a4ee434b4c995e1ca9a85b01e0a5d05)
Signed-off-by: Colin Pinnell McAllister <colin.mcallister@garmin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
ffmpeg_6.1.2 is the newest available stable release for 6.1.
It introduces quite a few bug and CVE fixes, which should help all.
CVEs that are fixed in the upgrade:
CVE-2024-32230
CVE-2024-35366
CVE-2024-36613
CVE-2024-36616
CVE-2024-36617
CVE-2024-36619
CVE-2024-7055
During upgrade it was noticed that the CVE scan doesn't pick up the CVEs as unpatched
(CVE-2025-0518, CVE-2025-22919, CVE-2025-22921, CVE-2025-25473,
CVE-2024-36618, CVE-2024-35369, CVE-2024-35368, CVE-2024-35367,
CVE-2024-35365, CVE-2024-28661, CVE-2023-50007, CVE-2023-49528,
CVE-2023-49501), due to improper versioning in NVD,
they are affecting 6.1.2 and hence we are leaving the patches in.
check the changelog mention below for information about fixes.
changelog: https://git.ffmpeg.org/gitweb/ffmpeg.git/shortlog/n6.1.2
This upgrade fixes CVE's hence remove those patches.
Refresh vulkan_av1_stable_API.patch as per new codebase.
(From OE-Core rev: 57e25585abf34677451c68d581374245e5b4b418)
Signed-off-by: Divyanshu Rathore <divyanshurathore2022@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Changelog:
==========
1.32.10
- scripts/tag_lyrics.py: fix for python3
- libout123: Use strtok_r() to avoid conflicts multithreaded contexts
- libmpg123: Un-break DLL builds that need I/O functions defined in libmpg123.c
- ports/cmake: More fixup to also produce .pc files with Libs.private.
1.32.9
- libmpg123:
-- enable 64 bit offset path for MSVCRT and avoid warnings about
MS's game about POSIX API with and without underscores
-- Increase the library patchlevel, as was forgotten on previous
release.
1.32.8
Update: The buffer overflow got assigned the CVE ID CVE-2024-10573.
- libmpg123:
-- Add sections to assembly to support PAC/BTI code
for aarch64 (-mbranch-protection variants)
-- Prevent premature application of header info into decoding structure,
at worst having triggered out-of-bounds writes of decoded PCM data
- out123: Show --quiet in --longhelp.
1.32.7
- ports/cmake: Work around bug in CMake that does not detect FPU on Apple ARM CPUs.
- Fix some laziness (func() to func(void)) for standards conformance.
(From OE-Core rev: a3db638932e76ac0972d7905072cc7ab3f2abb75)
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows
attackers to cause a Denial of Service (DoS) via opening a crafted AAC file.
(From OE-Core rev: bf0ad79c46d8a01aafc91620ddf415749aa8849a)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation
violation via the component /libavcodec/jpeg2000dec.c.
(From OE-Core rev: bc9cdf3701b937d40964903a3489898a69525d17)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
FFmpeg git master before commit fd1772 was discovered to contain a NULL pointer
dereference via the component libavformat/mov.c.
(From OE-Core rev: a8331b11d5d7aa8f1997eaa189b74aaab7cc44da)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
FFmpeg git master before commit c08d30 was discovered to contain a NULL pointer
dereference via the component libavformat/mov.c.
(From OE-Core rev: abc6b3180b87c665ff04204b7163d1f074d99747)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Incorrect Access Control in GStreamer RTSP server 1.25.0 in gst-rtsp-server/rtsp-media.c
allows remote attackers to cause a denial of service via a series of specially crafted
hexstream requests.
(From OE-Core rev: 3e7b7697ec32b0fa2808efcff4a6bd544261b3fe)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module,
a potential security vulnerability exists due to insufficient validation
of certain parameters when parsing Speex codec extradata. This vulnerability
could lead to integer overflow conditions, potentially resulting in undefined
behavior or crashes during the decoding process.
(From OE-Core rev: c46bb37a76582ee7352f2bc027920e8ba76e5c15)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
FFmpeg n6.1.1 has a vulnerability in the WAVARC decoder of the libavcodec
library which allows for an integer overflow when handling certain block types,
leading to a denial-of-service (DoS) condition.
(From OE-Core rev: 161711ba2ef14fa77fba4740b1933c68043c57c7)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
FFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library
which allows for an integer overflow, potentially resulting in a denial-of-service
(DoS) condition.
(From OE-Core rev: 21230d5dfe908533958712e06316a253e16b9d2e)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder.
(From OE-Core rev: 8057ba630477a7aeedf057b7e1ce25ab0c445665)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
An integer overflow in the component /libavformat/westwood_vqa.c of FFmpeg n6.1.1
allows attackers to cause a denial of service in the application via a crafted VQA file.
(From OE-Core rev: fe7df1727d8ea4868091236ddfff7ea862c1ada8)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library
allowing for an integer overflow, potentially resulting in a denial-of-service
(DoS) condition or other undefined behavior.
(From OE-Core rev: 5661bac10db7e20064c10660c47c361b7d2418ee)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
FFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpeg_mux_init.c
component of FFmpeg, specifically within the new_stream_audio function.
(From OE-Core rev: 051bc7afc01e72d5ef0fc14683689ab45e4eaab8)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Since pulseaudio v16.99.1, the library needed is webrtc-audio-processing-1.
This fixes
Run-time dependency webrtc-audio-processing-1 found: NO (tried pkgconfig and cmake)
Looking for a fallback subproject for the dependency webrtc-audio-processing-1
../pulseaudio-17.0/meson.build:730:15: ERROR: Automatic wrap-based subproject downloading is disabled
The library is available in meta-openembedded/meta-multimedia.
(cherry picked from commit 4661c49eb4f0ed89a3d027d9a003c40744baaf38)
(From OE-Core rev: e80c3ca36f08a259e13fd94f1c87a7f5bf485a8b)
Signed-off-by: Esben Haabendal <esben@geanix.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Esben Haabendal <esben@geanix.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
These were fixed in previous commits.
(From OE-Core rev: 5c582778954a05f102e292a0516b73b010d289a0)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
