A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function
smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The
manipulation of the argument y_size leads to out-of-bounds read. The attack can be initiated remotely.
The name of the patch is 13c13109759090b7f7182480d075e13b36ed8edd. It is recommended to apply a patch to
fix this issue. The identifier of this vulnerability is VDB-213544.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-3965
Upstream Fix:
13c1310975
(From OE-Core rev: b88c96fe8964614978aa25a65dd34fc3c05c664c)
Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file
libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size
leads to out-of-bounds read. It is possible to initiate the attack remotely. The name of the patch is
92f9b28ed84a77138105475beba16c146bdaf984. It is recommended to apply a patch to fix this issue. The associated
identifier of this vulnerability is VDB-213543.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-3964
Upstream Fix:
92f9b28ed8
(From OE-Core rev: 4595f85e7ce867d68ca9d6a6e3ad2544565be3cc)
Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
An automated conversion using scripts/contrib/convert-spdx-licenses.py to
convert to use the standard SPDX license identifiers. Two recipes in meta-selftest
were not converted as they're that way specifically for testing. A change in
linux-firmware was also skipped and may need a more manual tweak.
(From OE-Core rev: ceda3238cdbf1beb216ae9ddb242470d5dfc25e0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libavresample has been removed; libswresample is the replacement.
(From OE-Core rev: 5555bca01750024a786a1f78d573d02f12b45686)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Expat isn't a license name we have, use MIT instead.
(From OE-Core rev: b1821691c2d7eafb29cf182fc1f2ec7b0cc8340f)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
"BSD" is ambiguous, ffmpeg comprises of several licenses which are
BSD-like.
(From OE-Core rev: 50ba15c0a6867fcb0498a2c2c5449aa96e5f4bde)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is the result of automated script conversion:
scripts/contrib/convert-overrides.py <oe-core directory>
converting the metadata to use ":" as the override character instead of "_".
(From OE-Core rev: 42344347be29f0997cc2f7636d9603b1fe1875ae)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It needs some functions from libatomic e.g.
libavformat/libavformat.so: undefined reference to `__atomic_fetch_sub_8'
(From OE-Core rev: d5e4a55f3d8ed79afca11cbeac6f9f478537a83b)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
configure is not able to decode, right options to compiler, it needs to
be set according to default tune manually. Fixes build issue on mips
e.g.
{standard input}: Assembler messages:
| {standard input}:2162: Error: opcode not supported on this processor: mips32r2 (mips32r2) `dmult $22,$22'
| {standard input}:2164: Error: opcode not supported on this processor: mips32r2 (mips32r2) `dsrl $5,$5,32'
| make: *** [/mnt/b/yoe/master/build/tmp/work/mips32r2-yoe-linux/ffmpeg/4.4-r0/ffmpeg-4.4/ffbuild/common.mak:67: libavcodec/aptxenc.o] Error 1
(From OE-Core rev: b254db634fc888ae75e843c8a9108e71ffff3f77)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop mips64_cpu_detection.patch as upstream
has changed the code in a way that's difficult
to rebase. I have confirmed that builds on qemumip64 still
work, and the patch does not say clearly what was the
way to reproduce the failure it's aiming to address.
(From OE-Core rev: 7db3aed539044bed1c7d3cf7b91f55caed974fe2)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
--disable-gpl is the upstream default, and using GPL features violates
the license when linking into non-GPL programs.
Enabling it by default breaks user expectations, may cause people to
violate the GPL by mistake.
(From OE-Core rev: ae9273f7e3b6bbf6cbdbdfbd32634cebe5c1b0ce)
Signed-off-by: Yann Dirson <yann@blade-group.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Remove 2 patches that are included in the n4.3.2 tag.
The commits were cherry-picked back to the 4.3 branch so they
have different commit ids than in the patches:
6d886b6586 lavf/srt: fix build fail when used the libsrt 1.4.1
a53ffb15d8 avcodec/exr: Check ymin vs. h
4f0bdff292 avformat/vividas: improve extradata packing checks in track_header()
(From OE-Core rev: ffdce193f3ab5b8cb16979ee9ae29322b7294c38)
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Since 4.3 ffmpeg uses vsx-specific instructions, which aren't
available on older ppc machines (including qemuppc):
3a557c5d88
This disables using the instructions with an option to re-enable them
for vsx-capable targets.
(From OE-Core rev: 2e9d7d31622c5bc45511f82df40d592ef165d7d9)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There isn't anything specific about the target in these cases an in
general recipes should touch CFLAGS. This ensures people don't
copy/paste bad example usages. In reality, behaviour is mostly
unchanged.
(From OE-Core rev: ae6e7dd19b6da81090a38792dfdf31b459290466)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This update corresponds to 68 commits to the ffmpeg git repo.
52 of these commits are oss-fuzz bug fixes. The remainder include
improved codex handling and some rpi performance tweaks.
(From OE-Core rev: 642b3e79c66779ab2851d978d44cf2e5aab47c68)
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Also move the libogg dependency to the theora PACKAGECONFIG, since
according to the configure script, theora is the specific component
which requires it.
(From OE-Core rev: 7ddfb9374f493bb1cc42a204c80e783baa288152)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a PACKAGECONFIG for the use of XCB and enable by default if X11 is in
DISTRO_FEATURES.
(From OE-Core rev: 69b0f94c117b3ab922e0061255a1814e69b16435)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
ffmpeg can generate lookup tables at build time instead of runtime, but this is
no longer a recommended option. The size impact is significant (12% of the
total libavcodec size, nearly 2MB), the runtime impact of dynamic tables isn't
too costly, and only a few codecs actually use the pre-generated tables (MP3,
notably).
(From OE-Core rev: 51f13afe669638dbf72f464f243adccb22be3d21)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
