While this does not happen with the tiff 4.3.0 release, it does happen with
the series of patches we have, so backport the two simple changes that
restrict the tiffcrop options to avoid the vulnerability.
CVE-2022-2953.patch was taken from upstream, and a small typo was fixed
for the CVE number. The other patch is included in tiff 4.4.0 but not
4.3.0, so add it as well.
(From OE-Core rev: cd94ed01214251027d1076b67cf65c3058f51dad)
Signed-off-by: Randy MacLeod <randy.macleod@windriver.com>
Signed-off-by: Zheng Qiu <zheng.qiu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changes since the previous public release (version 1.6.37)
----------------------------------------------------------
* Added configurations and scripts for continuous integration.
* Fixed various errors in the handling of tRNS, hIST and eXIf.
* Implemented many stability improvements across all platforms.
* Updated the internal documentation.
License checksum changed to to copyright year changes.
(From OE-Core rev: 5aeaace87675789a51f3ebb8814c390069dfd3be)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 47719f3195156aadc23dd4abdba38acfa3f77a1f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- 8/4/2022: version 1.2.4
This is a binary compatible release.
* restore CMake libwebpmux target name for compatibility with 1.2.2 (#575)
* fix lossless crunch mode encoding with WEBP_REDUCE_SIZE
(chromium: #1345547, #1345595, #1345772, #1345804)
(From OE-Core rev: f6c1c16b7e85b804d5ee22462dda9171431e1556)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit efabd3d0d72220f17249abc13d2ca758bdd0141a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- 6/30/2022: version 1.2.3
This is a binary compatible release.
* security fix for lossless encoder (#565, chromium:1313709)
* improved progress granularity in WebPReportProgress() when using lossless
* improved precision in Sharp YUV (-sharp_yuv) conversion
* many corrections to webp-lossless-bitstream-spec.txt (#551)
* crash/leak fixes on error/OOM and other bug fixes (#558, #563, #569, #573)
(From OE-Core rev: 8dc75fd36bb523a2d10305fd1fec91081d4ce274)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1ab7d3bd94f8aeffc1e126a1ef80d5ca6bd3d6c1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Source: https://gitlab.com/libtiff/libtiff
MR: 120544
Type: Security Fix
Disposition: Backport from 275735d035
ChangeID: 2f9df449974f5436c1690f3ace5d74b1ab4670c9
Description:
CVE-2022-34526 libtiff: A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit.
(From OE-Core rev: 4ad7470bc772e33e579947c894ed74a513fbcb39)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Normally m4-native ends up in the sysroot via the toolchain, but if a
non-standard toolchain is used them m4-native may not be installed.
However Pulseaudio explicitly checks for m4 in the meson.build, so add
it to DEPENDS.
(From OE-Core rev: f1c2e21a28f8ad5dc6ff7b0db877aa22e01a9e00)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ddf846635783923d43520c9dd6f63ca59ed6e3b8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changes from version 1.20.2
vaapi: Do not disable the whole vpp when some va operations not available
vaapidecode, vaapipostproc: Disable DMAbuf from caps negotiation
scrambled video with some Intel graphics cards
(From OE-Core rev: e0086979006dafbbc21f062e5fcb10c4908b1309)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c363ae6f797460654a7884402f7f98181a7d688f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changes from version 1.20.2
aacparse: Avoid mismatch between src_caps and output_header_type
avidemux: Fix integer overflow resulting in heap corruption in DIB buffer inversion code (Security fix)
deinterlace: Clean up error handling code
flvdemux: Actually make use of the debug category
gtkglsink: Fix double-free when OpenGL can't be initialised
jack: Add support for detecting libjack on Windows
matroskademux: Avoid integer-overflow resulting in heap corruption in WavPack header handling code (Security fix)
matroskademux, qtdemux: Fix integer overflows in zlib/bz2/etc decompression code (Security fix)
qtdemux: Don't use tfdt for parsing subsequent trun boxes
rtpbin: Avoid holding GST_RTP_BIN_LOCK when emitting pad-added signal (to avoid deadlocks)
rtpptdemux: Don't GST_FLOW_ERROR when ignoring invalid packets
smpte: Fix integer overflow with possible heap corruption in GstMask creation. (Security fix)
smpte: integer overflow with possible heap corruption in GstMask creation (Security fix)
soup: fix soup debug category initialisation
soup: Fix plugin/element init
v4l2: Reset transfer in gst_v4l2_object_acquire_format()
vpxenc: fix crash if encoder produces unmatching timestamp
wavparse: ensure that any pending segment is sent before an EOS event is sent
(From OE-Core rev: 4aee173335f8d0d0723d629a0dd16a0d1c4ce463)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 66ba273c10b7d738f18620b5a2883d735fff3162)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changes from version 1.20.2
audioconvert: If no channel-mask can be fixated then use a NONE channel layout
playbin3: Configure combiner on pad-added if needed
parsebin: Fix assertions/regression when dealing with un-handled streams (fixes regression in 1.20.2)
appsink: Fix race condition on caps handling
oggdemux: Protect against invalid framerates
rtcpbuffer: Allow padding on first reduced size packets
gl: check for xlib-xcb.h header to fix build of tests on macOS with homebrew
videoaggregator: unref temporary caps
v4l2videoenc: Setup crop rectangle if needed
(From OE-Core rev: c827ede3d6b9859b46e487ef60aa3259a45bd45e)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e9d5f5f88947efb8fbdfaa90676db82526e22093)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changes from version 1.20.2:
androidmedia: Add H.265 encoder mapping
avfvideosrc: fix wrong framerate selected for caps
d3d11decoder: Fix for alternate interlacing signalling
d3d11decoder: Do not preallocate texture using downstream d3d11 buffer pool
d3d11decoder: Copy HDR10 related caps field manually
d3d11decoder: Work around Intel DXVA driver crash
d3d11screencapture: Set viewport when drawing mouse cursor
d3d11screencapture: Fix missing/outdated cursor shape
d3d11screencapturesrc: Fix crash when d3d11 device is different from owned one
h264decoder: Fix for unhandled low-delay decoding case
matroskademux, qtdemux: Fix integer overflows in zlib/bz2/etc decompression code (Security fix)
mpegtsmux: Make sure to set srcpad caps under all conditions before outputting the first buffer
mpegtsmux: sends segment before caps
mxfdemux: Handle files produced by legacy FFmpeg
nvh264dec,nvh265dec: Don't realloc bitstream buffer per slice
nvcodec: cuda-converter: fix nvrtc compilation on non-English locale systems
opencv: Allow building against 4.6.x
pcapparse: Set timestamp in DTS, not PTS
rtmp2: fix allocation of GstRtmpMeta which caused crashes on 32-bit platforms
rtmp2sink crash on Android arm 32 - cerbero 1.20.2.0
sdpdemux: Release request pads from rtpbin when freeing a stream
va: Add O_CLOEXEC flag at opening drm device (so subprocesses won't have access to it)
webrtcbin: Reject answers that don't contain the same number of m-line as offer
webrtc: datachannel: Notify low buffered amount according to spec
(From OE-Core rev: 0ead6c03c2594158200ee2c490ec683570310036)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 200c8b77e86e6bd23954c3b4e48d4d069cb16f37)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The third 1.20 bug-fix release (1.20.3) was released on 15 June 2022.
This release only contains bugfixes and it should be safe to upgrade from 1.20.x.
(From OE-Core rev: 84b2d193fa4d22c012a8032b4de6f581406a2720)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 74bc037120fa9f00def7e8df6b3a77bba9c9031e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The third 1.20 bug-fix release (1.20.3) was released on 15 June 2022.
This release only contains bugfixes and it should be safe to upgrade from 1.20.x.
gstreamer
clock: Avoid creating a weakref with every entry (performance improvement)
plugin: add Apache 2 license to list of known licenses to avoid warning
gst_plugin_load_file: force plugin reload if filename differs
Add support for LoongArch
Base Libraries
aggregator: Only send events up to CAPS event from gst_aggregator_set_src_caps(), don't send multiple caps events with the same caps and fix negotiation in muxers
basetransform: handle gst_base_transform_query_caps() returning NULL
basetransform: fix critical if transform_caps() returned NULL
queuearray: Fix potential heap overflow when expanding GstQueueArray
Core Elements
multiqueue: fix potential crash on shutdown
multiqueue: fix warning: ‘is_query’ may be used uninitialized in this function
multiqueue: SegFault during flushing with gcc11
(From OE-Core rev: 2c177d00e1e839593757da5985b411f2770da009)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1b1e4ad9b31f9f6e34dae1d0b73d36adca58eb59)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix PACKAGECONFIG to refer to libavtp instead of avtp as this is what
the project and everything is really called everywhere.
(From OE-Core rev: daa6eb4deeb1650b63b712f4c25010819fe5d3f7)
Signed-off-by: Marcel Ziswiler <marcel.ziswiler@toradex.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8824d91fe2063195014c38c134b97946d3b429c2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We never depended upon libjbig so this was never present. Add the
PACKAGECONFIG to make this explict.
CVE-2022-1210 is an issue in libjbig so we don't have a problem there,
mark as such.
(From OE-Core rev: 95f1c5d0bb7bc7cae2715d0c9b569fa369a64575)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 34e6a19f2430ee2fd0fec4bec1891e898a0d9766)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These issues only affect libtiff post-4.3.0 but before 4.4.0, caused by
3079627e and fixed by b4e79bfa.
(From OE-Core rev: 4eb0b7468383a1d0314b3bfd43ea37c95de464d9)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bug fix release:
devicemonitor: clean up signal handlers and hidden providers list
Leaks tracer: fix pthread_atfork return value check leading to bogus warning in log
Rust plugins: Not picked up by the plugin loader on macOS
Failed to use plugins of latest GStreamer version 1.20.x installed by brew on macOS
ptpclock: Allow at least 100ms delay between Sync/Follow_Up and Delay_Req/Delay_Resp messages. Fixes problems acquiring initial sync with certain devices
meson: Add -Wl,-rpath,${libdir} on macOS
registry: skip Rust dep builddirs when searching for plugins recursively
(From OE-Core rev: e779fb1773b2b6e63739e668cd892e196be224e8)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bb113caee72db30124f6cf8aa12fbaa14277fab5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bug fix release:
deinterlace: silence unused-but-set werror from imported code
qtdemux: fix leak of channel_mapping
rtpopusdepay: missing sprop-stereo should not assume mono
rtpjitterbuffer: Fix invalid memory access in rtp_jitter_buffer_pop()
rtpptdemux: fix leak of caps when ignoring a pt
rtpredenc: quieten warning about ignoring header extensions
soup: Fix pre-processor macros in souploader for libsoup-3.0
twcc: Note that twcc-stats packet loss counts reordering as loss + add some logging
video4linux2: Manual backports for RPi users
wavparse: handle URI query in any parse state, fixing audio track selection issue in GES
wavparse: Unset DISCONT buffer flag for divided into multiple buffers in push mode
(From OE-Core rev: 9472f0fe643c34a70139fd3967564a7e6cc0ded0)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3594cbc054d0f0eb3342282f8100a0285fc9d1fd)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bug fix release:
appsrc: Clarify buffer ref semantics in signals documentation
appsrc: fix annotations for bindings
typefind: Skip extension parsing for data:// URIs, fixing regression with mp4 files serialised to data uris
playbin3: various fixes
playbin3: fix missing lock when unknown stream type in pad-removed cb
decodebin3: fix collection leaks
decodebin3: Don't duplicate stream selections
discoverer: chain up to parent finalize methods in all our types to fix memory leaks
glmixerbin: slightly better pad/element creation
gltransformation: let graphene alloc its structures memory aligned
ogg: fix possible buffer overrun
rtpbasepayload: Don't write header extensions if there's no corresponding...
rtpbasepayload: always store input buffer meta before negotiation
rtpbasepayload: fix transfer annotation for push and push_list
subparse: don't try to index string with -1
riff-media: fix memory leak after usage for g_strjoin()
playbin/playbin3: Allow setting a NULL URI
playsink: Complete reconfiguration on pad release.
parsebin: Expose streams of unknown type
pbutils: Fix wmv screen description detection
subparse: don't deref a potentially NULL variable
rawvideoparse: set format from caps in gst_raw_video_parse_set_config_from_caps
videodecoder: release stream lock after handling gap events
videorate: fix assertion when pushing last and only buffer without duration
videorate: Revert "don't reset on segment update" to fix segment handling regressions
gst-play-1.0, gst-launch-1.0: Enable win32 high-resolution timer also for MinGW build
(From OE-Core rev: 19e9c0b2ac92f9ffc3bcea8ce4761c81326ea4a7)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 905766e63a6159535b9da86c4f0af62956285199)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bug fix release:
av1parse: Fix several issues about the colorimetry.
av1parse: fix up various possible logic errors
dashsink: fix missing mutex unlock in error code path when failing to get content
d3d11videosink: Fix for unhandled mouse double click events
interlace: Also handle a missing "interlace-mode" field as progressive
msdk: fix build with MSVC
mxfdemux: Fix issues at EOS
mxfdemux: Handle empty VANC packets
nvh264dec, nvh265dec: Fix broken key-unit trick and reverse playback
nvvp9sldec: Increase DPB size to cover render delay
rvsg: fix cairo include
tsdemux: Fix AC-4 detection in MPEG-TS
tsdemux: Handle "empty" PMT gracefully
va: pool: don't advertise the GST_BUFFER_POOL_OPTION_VIDEO_ALIGNMENT option any more
v4l2codecs: Fix memory leak
v4l2videodec: set frame duration according to framerate
webrtcbin: Update documentation of 'get-stats' action signal
webrtcbin: Check data channel transport for notifying 'ice-gathering-state'
webrtcbin: Avoid access of freed memory
wpe: Reintroduce persistent WebContext
Build: use CMake to find some openssl and exr deps
Fix multiple "unused-but-set variable" compiler warnings
(From OE-Core rev: 8dca7bae0b16c7db820f0d7d60592a7d1d868a8d)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 70ff1c8f54bfb47307cce4d2cb731cc775cd7e21)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bug fix only release:
video decoders: fix frame leak on negotiation error
Fix build on systems without C++ compiler
avviddec: Remove vc1/wmv3 override (fixing crash with FFmpeg 5
Segfaults on ASF/WMV files with FFMPEG 5.0+
(From OE-Core rev: b796e337ac4ce189525b5af942226c0b4ab42ca3)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 208ddca121bb213a9e79d21b448547df58b9a511)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The second 1.20 bug-fix release (1.20.2) was released on 2 May 2022.
This release only contains bugfixes and it should be safe to update from 1.20.x.
(From OE-Core rev: a16fd1683d5518096c5b0aa651fcb4b2afe0f2ff)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b4c976ea07ff276ae705110769c8e9741827615b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
version 5.0.1:
- avcodec/exr: Avoid signed overflow in displayWindow
- avcodec/diracdec: avoid signed integer overflow in global mv
- avcodec/takdsp: Fix integer overflow in decorrelate_sf()
- avcodec/apedec: fix a integer overflow in long_filter_high_3800()
- avdevice/dshow: fix regression
- avfilter/vf_subtitles: pass storage size to libass
- avcodec/vp9_superframe_split_bsf: Don't read inexistent data
- avcodec/vp9_superframe_split_bsf: Discard invalid zero-sized frames
- avcodec/vp9_superframe_bsf: Check for existence of data before reading it
- avcodec/vp9_raw_reorder_bsf: Check for existence of data before reading it
- avformat/imf: fix packet pts, dts and muxing
- avformat/imf: open resources only when first needed
- avformat/imf: cosmetics
- avformat/imf_cpl: do not use filesize when reading XML file
- avformat/imfdec: Use proper logcontext
- avformat/imfdec: do not use filesize when reading XML file
- doc/utils: add missing 22.2 layout entry
- avcodec/av1: only set the private context pix_fmt field if get_pixel_format() succeeds
- avformat/aqtitledec: Skip unrepresentable durations
- avformat/cafdec: Do not store empty keys in read_info_chunk()
- avformat/mxfdec: Do not clear array in mxf_read_strong_ref_array() before writing
- avformat/mxfdec: Check for avio_read() failure in mxf_read_strong_ref_array()
- avformat/mxfdec: Check count in mxf_read_strong_ref_array()
- avformat/hls: Check target_duration
- avcodec/pixlet: Avoid signed integer overflow in scaling in filterfn()
- avformat/matroskadec: Check pre_ns
- avcodec/sonic: Use unsigned for predictor_k to avoid undefined behavior
- avcodec/libuavs3d: Check ff_set_dimensions() for failure
- avcodec/speexdec: Align some comments
- avcodec/speexdec: Use correct doxygen comments
- avcodec/mjpegbdec: Set buf_size
- avformat/matroskadec: Use rounded down duration in get_cue_desc() check
- avcodec/argo: Check packet size
- avcodec/g729_parser: Check channels
- avformat/avidec: Check height
- avformat/rmdec: Better duplicate tags check
- avformat/mov: Disallow empty sidx
- avformat/argo_cvg:: Fix order of operations in error check in argo_cvg_write_trailer()
- avformat/argo_asf: Fix order of operations in error check in argo_asf_write_trailer()
- avcodec/movtextdec: add () to CMP() macro to avoid unexpected behavior
- avformat/matroskadec: Check duration
- avformat/mov: Corner case encryption error cleanup in mov_read_senc()
- avcodec/jpeglsdec: Fix if( code style
- avcodec/jpeglsdec: Check get_ur_golomb_jpegls() for error
- avcodec/motion_est: fix indention of ff_get_best_fcode()
- avcodec/motion_est: Fix xy indexing on range violation in ff_get_best_fcode()
- avformat/hls: Use unsigned for iv computation
- avcodec/jpeglsdec: Increase range for N in ls_get_code_runterm() by using unsigned
- avformat/matroskadec: Check desc_bytes
- avformat/utils: Fix invalid NULL pointer operation in ff_parse_key_value()
- avformat/matroskadec: Fix infinite loop with bz decompression
- avformat/utils: keep chapter monotonicity on chapter updates
- avformat/mov: Check size before subtraction
- avcodec/cfhd: Avoid signed integer overflow in coeff
- avcodec/libdav1d: free the Dav1dData packet on dav1d_send_data() failure
- avcodec/h264_parser: don't alter decoder private data
- configure: link to libatomic when it's present
- fate/ffmpeg: add missing samples dependency to fate-shortest
(From OE-Core rev: ccb87ec2f13b72c1f43a2ad96cd446533da4a666)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 90f35ceb209a51dfe0cd29e1d8646fcc501b7269)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
With latest gstreamer version pkg-config able to find header
path with msdk enabled.
Drop this patch as its not require anymore.
(From OE-Core rev: aaea86534127b1c78d78ffe3a98bacec63d2d8a2)
Signed-off-by: Naveen Saini <naveen.kumar.saini@intel.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit eaa3b31247b4d3cc47428f4d80ae31f232e344d4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
With the fix for #8621, cleandirs is now applied to autotools_do_install
and this results in a lot of the install targets to be removed. Ensure
cleandirs isn't set for autotools_do_install.
(From OE-Core rev: 72299395b06fc3fdaca5f7b8b87a6ea32a6267ad)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
As far as I can tell, the patches being applied also fix CVE-2022-1056 so
mark as such.
(From OE-Core rev: 256d212fd1eb9b6d4b87c2c84b1ea2a3afdeb843)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
