Install libpng test-suite to run it as a ptest.
As the test-suite takes more than 30 seconds to run,
add libpng-ptest to PTESTS_SLOW in ptest-packagelists.inc
(From OE-Core rev: 1b52b7ebe5f8fb490088622181cdb95e6b7f5a29)
Signed-off-by: Poonam Jadhav <poonam.jadhav@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
CVE-2025-1373 does not appear to affect ffmpeg 5.0.3. The CVE has been
marked as "fixed-version".
(From OE-Core rev: 0ffe159d9a4ee434b4c995e1ca9a85b01e0a5d05)
Signed-off-by: Colin Pinnell McAllister <colin.mcallister@garmin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
ffmpeg_6.1.2 is the newest available stable release for 6.1.
It introduces quite a few bug and CVE fixes, which should help all.
CVEs that are fixed in the upgrade:
CVE-2024-32230
CVE-2024-35366
CVE-2024-36613
CVE-2024-36616
CVE-2024-36617
CVE-2024-36619
CVE-2024-7055
During upgrade it was noticed that the CVE scan doesn't pick up the CVEs as unpatched
(CVE-2025-0518, CVE-2025-22919, CVE-2025-22921, CVE-2025-25473,
CVE-2024-36618, CVE-2024-35369, CVE-2024-35368, CVE-2024-35367,
CVE-2024-35365, CVE-2024-28661, CVE-2023-50007, CVE-2023-49528,
CVE-2023-49501), due to improper versioning in NVD,
they are affecting 6.1.2 and hence we are leaving the patches in.
check the changelog mention below for information about fixes.
changelog: https://git.ffmpeg.org/gitweb/ffmpeg.git/shortlog/n6.1.2
This upgrade fixes CVE's hence remove those patches.
Refresh vulkan_av1_stable_API.patch as per new codebase.
(From OE-Core rev: 57e25585abf34677451c68d581374245e5b4b418)
Signed-off-by: Divyanshu Rathore <divyanshurathore2022@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Changelog:
==========
1.32.10
- scripts/tag_lyrics.py: fix for python3
- libout123: Use strtok_r() to avoid conflicts multithreaded contexts
- libmpg123: Un-break DLL builds that need I/O functions defined in libmpg123.c
- ports/cmake: More fixup to also produce .pc files with Libs.private.
1.32.9
- libmpg123:
-- enable 64 bit offset path for MSVCRT and avoid warnings about
MS's game about POSIX API with and without underscores
-- Increase the library patchlevel, as was forgotten on previous
release.
1.32.8
Update: The buffer overflow got assigned the CVE ID CVE-2024-10573.
- libmpg123:
-- Add sections to assembly to support PAC/BTI code
for aarch64 (-mbranch-protection variants)
-- Prevent premature application of header info into decoding structure,
at worst having triggered out-of-bounds writes of decoded PCM data
- out123: Show --quiet in --longhelp.
1.32.7
- ports/cmake: Work around bug in CMake that does not detect FPU on Apple ARM CPUs.
- Fix some laziness (func() to func(void)) for standards conformance.
(From OE-Core rev: a3db638932e76ac0972d7905072cc7ab3f2abb75)
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows
attackers to cause a Denial of Service (DoS) via opening a crafted AAC file.
(From OE-Core rev: bf0ad79c46d8a01aafc91620ddf415749aa8849a)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows
Read Sensitive Constants Within an Executable. This vulnerability is associated
with program files https://github.Com/FFmpeg/FFmpeg/blob/master/libavfilter/af_pan.C
This issue affects FFmpeg: 7.1.
Issue was fixed: b5b6391d64b5b6391d64
This issue was discovered by: Simcha Kosma
(From OE-Core rev: 75ad6e004de95ff6208820ccf2c0af01d9363749)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation
violation via the component /libavcodec/jpeg2000dec.c.
(From OE-Core rev: bc9cdf3701b937d40964903a3489898a69525d17)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
FFmpeg git master before commit fd1772 was discovered to contain a NULL pointer
dereference via the component libavformat/mov.c.
(From OE-Core rev: a8331b11d5d7aa8f1997eaa189b74aaab7cc44da)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
FFmpeg git master before commit c08d30 was discovered to contain a NULL pointer
dereference via the component libavformat/mov.c.
(From OE-Core rev: abc6b3180b87c665ff04204b7163d1f074d99747)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Incorrect Access Control in GStreamer RTSP server 1.25.0 in gst-rtsp-server/rtsp-media.c
allows remote attackers to cause a denial of service via a series of specially crafted
hexstream requests.
(From OE-Core rev: 3e7b7697ec32b0fa2808efcff4a6bd544261b3fe)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module,
a potential security vulnerability exists due to insufficient validation
of certain parameters when parsing Speex codec extradata. This vulnerability
could lead to integer overflow conditions, potentially resulting in undefined
behavior or crashes during the decoding process.
(From OE-Core rev: c46bb37a76582ee7352f2bc027920e8ba76e5c15)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
FFmpeg n6.1.1 has a vulnerability in the WAVARC decoder of the libavcodec
library which allows for an integer overflow when handling certain block types,
leading to a denial-of-service (DoS) condition.
(From OE-Core rev: 161711ba2ef14fa77fba4740b1933c68043c57c7)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
FFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library
which allows for an integer overflow, potentially resulting in a denial-of-service
(DoS) condition.
(From OE-Core rev: 21230d5dfe908533958712e06316a253e16b9d2e)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder.
(From OE-Core rev: 8057ba630477a7aeedf057b7e1ce25ab0c445665)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
An integer overflow in the component /libavformat/westwood_vqa.c of FFmpeg n6.1.1
allows attackers to cause a denial of service in the application via a crafted VQA file.
(From OE-Core rev: fe7df1727d8ea4868091236ddfff7ea862c1ada8)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library
allowing for an integer overflow, potentially resulting in a denial-of-service
(DoS) condition or other undefined behavior.
(From OE-Core rev: 5661bac10db7e20064c10660c47c361b7d2418ee)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
FFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpeg_mux_init.c
component of FFmpeg, specifically within the new_stream_audio function.
(From OE-Core rev: 051bc7afc01e72d5ef0fc14683689ab45e4eaab8)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Since pulseaudio v16.99.1, the library needed is webrtc-audio-processing-1.
This fixes
Run-time dependency webrtc-audio-processing-1 found: NO (tried pkgconfig and cmake)
Looking for a fallback subproject for the dependency webrtc-audio-processing-1
../pulseaudio-17.0/meson.build:730:15: ERROR: Automatic wrap-based subproject downloading is disabled
The library is available in meta-openembedded/meta-multimedia.
(cherry picked from commit 4661c49eb4f0ed89a3d027d9a003c40744baaf38)
(From OE-Core rev: e80c3ca36f08a259e13fd94f1c87a7f5bf485a8b)
Signed-off-by: Esben Haabendal <esben@geanix.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Esben Haabendal <esben@geanix.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
These were fixed in previous commits.
(From OE-Core rev: 5c582778954a05f102e292a0516b73b010d289a0)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Cherry-pick commits from branch 1.22 per [1].
Also cherry-pick [2] so these apply cleanly.
[1] https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059
[2] 62de06c7a4
(From OE-Core rev: 33c2611c3998f25bf606b5a940c09b70ce04674c)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame
function within libavcodec/rkmppdec.c.
(From OE-Core rev: 53528caafa576a2f6417436cc0dba8be06e75048)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options
function of sbgdec.c within the libavformat module. When parsing certain options,
the software does not adequately validate the input. This allows for negative
duration values to be accepted without proper bounds checking.
(From OE-Core rev: a07bc254011736c0f0445607c56609be677ea8a7)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical.
This affects the function pnm_decode_frame in the library /libavcodec/pnmdec.c.
The manipulation leads to heap-based buffer overflow. It is possible to initiate
the attack remotely. The exploit has been disclosed to the public and may be used.
Upgrading to version 7.0.2 is able to address this issue. It is recommended to
upgrade the affected component. The associated identifier of this vulnerability is VDB-273651.
(From OE-Core rev: 71a9c2d01ad8ed83f9da6e6b9541fcf1d9baed48)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a
local attacker to execute arbitrary code and cause a denial of service (DoS)
via the af_dialoguenhance.c:261:5 in the de_stereo component.
(From OE-Core rev: a5e0e1f8be3c6611c09158c80e26848ae3d4f4e7)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local
attacker to execute arbitrary code via theav_samples_set_silence function
in the libavutil/samplefmt.c:260:9 component.
(From OE-Core rev: b63ba0bff9e5b5e73d50b2b3ff805418fa98d7e5)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Some of the changes are already present in recipe version
Ref:
148ada5577https://ffmpeg.org/security.html
(From OE-Core rev: 4ca1544e95e327c7060efa845aa69c2a1eb1d782)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a
local attacker to execute arbitrary code via the config_eq_output function
in the libavfilter/asrc_afirsrc.c:495:30 component.
(From OE-Core rev: 873025145d42ffe75d421884160ec299d85d21ef)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This is patched in gstreamer1.0-plugins-bad in 1.22 branch since 1.22.9
via [1].
cpe product is set to gstreamer, they share source git repository.
[1] 394d5066f8
(From OE-Core rev: 5ea630617daf0897e5a1edd7482f705e1e7997fe)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Change the SRC_URI to the correct value due to the following error:
WARNING: liba52-0.7.4-r0.vr2401 do_fetch: Failed to fetch URL http://liba52.sourceforge.net/files/a52dec-0.7.4.tar.gz, attempting MIRRORS if available
(From OE-Core rev: 2a95bb8acf3f212ceb5347bade00a7bdbc525022)
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Currently, CVE_PRODUCT only detects vulnerabilities where the product is "ffmpeg".
However, there are also vulnerabilities where the product is "libswresample",
and "libavcodec" as shown below.
https://app.opencve.io/vendors/?vendor=ffmpeg
Therefore, add "libswresample libavcodec" to CVE_PRODUCT to detect vulnerabilities
where the product is "libswresample libavcodec" as well.
(From OE-Core rev: cebbbf76c029c5bf5563aca515b1c025c3644bf8)
Signed-off-by: aszh07 <mail2szahir@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The contents of the LICENSE.md file included in the current source
code package match those of libtiff license, which seems to have been
the case since 1999 commit
0ef31e1f62
where it was added with filename COPYRIGHT and was then changed to
LICENSE.md in 2022 commit
fa1d6d787f
(From OE-Core rev: 71d8e8b03349ab18dca558055c2b3a3687785ddf)
(From OE-Core rev: 5495cf45ce74e79be3b8d9b1195f65e253c62828)
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at
libavcodec/mpegvideo_enc.c:1216:21 in load_input_picture in FFmpeg7.0
(From OE-Core rev: b78fd9322b80734ec54440a01a36323a9b1b83f1)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
There are three baseparser tests which are causing trouble on the AB,
so disable them as we've filed an upstream bug.
Also fix a typo when we were attempting to disable parser_pull_short_read
where a colon was used instead of a comma.
(From OE-Core rev: 90a510acd11fe342d01c62e3b247425836711c50)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 91dbe8d6c57805f38bd287f1b392759df066589b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
