mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-08 01:36:38 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
00a6b3fc5fb02a6bbf1d3d8bb0735dd9db862865
poky/meta
History
Narpat Mali 00a6b3fc5f ffmpeg: fix for CVE-2022-3964 
A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file
libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size
leads to out-of-bounds read. It is possible to initiate the attack remotely. The name of the patch is
92f9b28ed84a77138105475beba16c146bdaf984. It is recommended to apply a patch to fix this issue. The associated
identifier of this vulnerability is VDB-213543.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-3964

Upstream Fix:
92f9b28ed8

(From OE-Core rev: 4d2eec66fb3979b9676466258a1af5321a68b237)

Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 4595f85e7ce867d68ca9d6a6e3ad2544565be3cc)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-12-07 15:02:50 +00:00
..
classes
create-spdx: default share_src for shared sources
2022-12-01 19:35:11 +00:00
classes-global
sanity: Drop data finalize call
2022-12-01 19:35:11 +00:00
classes-recipe
gnomebase.bbclass: return the whole version for tarball directory if it is a number
2022-12-01 19:35:11 +00:00
conf
bitbake.conf: Drop export of SOURCE_DATE_EPOCH_FALLBACK
2022-11-24 15:30:06 +00:00
files
classes: files: Extend overlayfs-etc class
2022-09-09 12:24:43 +01:00
lib
sstatesig: skip the rm_work task signature
2022-12-01 19:35:11 +00:00
recipes-bsp
grub: disable build on armv7ve/a with hardfp
2022-11-09 17:42:14 +00:00
recipes-connectivity
mobile-broadband-provider-info: upgrade 20220725 -> 20221107
2022-12-01 19:35:11 +00:00
recipes-core
systemd: add group render to udev package
2022-12-01 19:35:11 +00:00
recipes-devtools
vala: install vapigen-wrapper into /usr/bin/crosscripts and stage only that
2022-12-01 19:35:11 +00:00
recipes-extended
libpam: fix CVE-2022-28321
2022-12-07 15:02:50 +00:00
recipes-gnome
gdk-pixbuf: upgrade 2.42.9 -> 2.42.10
2022-12-01 19:35:10 +00:00
recipes-graphics
mesa: do not rely on native llvm-config in target sysroot
2022-12-01 19:35:11 +00:00
recipes-kernel
linux-firmware: don't put the firmware into the sysroot
2022-12-01 19:35:11 +00:00
recipes-multimedia
ffmpeg: fix for CVE-2022-3964
2022-12-07 15:02:50 +00:00
recipes-rt
rt-tests: update 2.3 -> 2.4
2022-07-23 13:55:25 +01:00
recipes-sato
wpebackend-fdo: upgrade 1.12.1 -> 1.14.0
2022-11-09 17:42:13 +00:00
recipes-support
iso-codes: upgrade 4.11.0 -> 4.12.0
2022-12-01 19:35:11 +00:00
site
bash: build with bash_cv_getcwd_malloc=yes on musl too
2022-05-15 08:57:16 +01:00
COPYING.MIT
recipes.txt