MIRRORS/poky
1
0
Fork 0
mirror of git://git.yoctoproject.org/poky.git synced 2025-08-22 00:42:05 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
78,069 Commits 39 Branches 599 Tags 257 MiB
yocto-5.2.2
Commit Graph

1944 Commits

Author SHA1 Message Date
Archana Polampalli
26e79341ed ffmpeg: fix CVE-2025-22921 
FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation
violation via the component /libavcodec/jpeg2000dec.c.

(From OE-Core rev: 0c6561cc7a5ca9e82ce3f17a9d0e68a7c1c88c84)

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-05-19 08:57:20 -07:00
Khem Raj
7d8c805f8f alsa-tools: Fix build with gcc 15 
Fix reset_changes_boot() signature

(From OE-Core rev: f30f314d03148fc4c0ebeb0e189ac42a0d31722c)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-03-27 11:19:03 +00:00
Khem Raj
05a300261e libsndfile1: Include <stdbool.h> instead of redefining bool true and false 
(From OE-Core rev: 198323f4381cc40d219185e86800872df5f9d789)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-03-19 12:09:06 +00:00
Archana Polampalli
f88aa1c772 ffmpeg: upgrade 7.1 -> 7.1.1 
Remove 0001-lavc-h264dsp-move-RISC-V-fn-pointers-to-.data.rel.ro.patch as it merged to 7.1.1
4ea558152f

Changelog:
https://github.com/FFmpeg/FFmpeg/blob/n7.1.1/Changelog

(From OE-Core rev: df6f3ac24d5ca7aedd45bbc424300916845b1f64)

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-03-06 11:16:47 +00:00
Wang Mingyu
06d3fb1ed2 libpng: upgrade 1.6.45 -> 1.6.47 
(From OE-Core rev: 10e42f09c40bf91365bfa36a039816254c0b2d73)

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-03-06 11:16:47 +00:00
Richard Purdie
89ce67d8e4 recipes: Drop ld-is-gold support 
Gold hasn't seen development in some time and is being dropped from binutils
releases. Drop the small number of special cases for it we were carrying.

This patch also turns off gold in the binutils recipe.

(From OE-Core rev: a4addb9ab63011e7c604fc5daff95559e7d214e7)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-02-10 13:03:57 +00:00
Richard Purdie
60611f996e libpng: upgrade 1.6.44 -> 1.6.45 
License-Update: copyright years updated.

(From OE-Core rev: 847b2d90a1be94ee85b5b606139d702dad014317)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-02-05 12:49:56 +00:00
Richard Purdie
1648db00b9 gstreamer1.0-vaapi: upgrade 1.24.10 -> 1.24.12 
(From OE-Core rev: c6c06bde51727d083015eaa0b60658b299d6f96e)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-02-05 12:49:55 +00:00
Richard Purdie
925d5f1c72 gstreamer1.0: upgrade 1.24.10 -> 1.24.12 
(From OE-Core rev: 81bad3fceca6bab66f1a0ea02db66c660d1c2095)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-02-05 12:49:55 +00:00
Richard Purdie
c231417610 gstreamer1.0-python: upgrade 1.24.10 -> 1.24.12 
(From OE-Core rev: 4b8e0543c30f0693d4c8b1a5109178f77d932aed)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-02-05 12:49:55 +00:00
Richard Purdie
e009e332d2 gstreamer1.0-plugins-{bad,ugly,base,good,rtsp-server}: upgrade 1.24.10 -> 1.24.12 
(From OE-Core rev: 66d040f1d9bd586b6caa24259ef6dcb198a37578)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-02-05 12:49:55 +00:00
Richard Purdie
0a84589db9 gstreamer1.0-libav: upgrade 1.24.10 -> 1.24.12 
(From OE-Core rev: c6bde1adce6e61cad0d20c6fa292d973ad5445b6)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-02-05 12:49:55 +00:00
Richard Purdie
6a1655d270 gst-devtools: upgrade 1.24.10 -> 1.24.12 
(From OE-Core rev: 548251232247f1cf8c22ede1652806ca231e5652)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-02-05 12:49:55 +00:00
Alex Kiernan
d06ed53435 alsa-utils: Backport fix for alsa_restore_go/std 
Fix the label mismatch which was introduced in the transition from the
temporary test rules:

  udevd[120]: GOTO 'alsa_restore_std' has no matching label in: '/lib/udev/rules.d/90-alsa-restore.rules'

(From OE-Core rev: d676569a617fdfbf41baed9068b102d9eb151b9b)

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-02-05 12:49:55 +00:00
Richard Purdie
c2da016918 meta/meta-selftest: Fix variable assignment whitespace 
Recipes are much more readable with whitespace around the assignment operators.
Fix various assignments in OE-Core to show this is definitely the preferred
formatting.

(From OE-Core rev: 30ea609d3357fb3de911f2f6a5e6856c151b976a)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-02-01 13:42:34 +00:00
Jermain Horsman
f78cd863d9 webp: update SRC_URI to use https 
As the certificate is for *.storage.googleapis.com, update the
URL to reflect this.

(From OE-Core rev: ff30c1232d296cb144bf8320bf36ee02d489b011)

Signed-off-by: Jermain Horsman <jermain.horsman@nedap.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-02-01 13:20:45 +00:00
Esben Haabendal
63ff4ebafd pulseaudio: fix webrtc audio depdency 
Since pulseaudio v16.99.1, the library needed is webrtc-audio-processing-1.
This fixes

Run-time dependency webrtc-audio-processing-1 found: NO (tried pkgconfig and cmake)
Looking for a fallback subproject for the dependency webrtc-audio-processing-1

../pulseaudio-17.0/meson.build:730:15: ERROR: Automatic wrap-based subproject downloading is disabled

The library is available in meta-openembedded/meta-multimedia.

(From OE-Core rev: 4661c49eb4f0ed89a3d027d9a003c40744baaf38)

Signed-off-by: Esben Haabendal <esben@geanix.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-01-14 11:57:52 +00:00
Ross Burton
5d55587344 libtheora: backport a patch to fix autoreconf 
This is needed so that autoreconf works without any macro path fiddling,
which autotools may no longer be doing implicitly.

(From OE-Core rev: 967fc0403355cebdae306d3a210ba177390b541a)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-01-10 11:23:45 +00:00
Wang Mingyu
58c19b5e2b libwebp: upgrade 1.4.0 -> 1.5.0 
Changelog:
============
  API changes:
  - 'cross_color_transform_bits' added to WebPAuxStats
  * minor lossless encoder speed and compression improvements
  * lossless encoding does not use floats anymore
  * additional Arm optimizations for lossy & lossless + general code generation
    improvements
  * improvements to WASM performance
  * improvements and corrections in webp-container-spec.txt and
    webp-lossless-bitstream-spec.txt
  * further security related hardening and increased fuzzing coverage w/fuzztest
  * miscellaneous warning, bug & build fixes
  Tool updates:
    * gif2webp: add -sharp_yuv & -near_lossless
    * img2webp: add -exact & -noexact
    * exit codes normalized; running an example program with no
      arguments will output its help and exit with an error

(From OE-Core rev: 4f2b1779894e209b8fddab6aa3f50ea493e7fe36)

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-12-24 13:49:27 +00:00
Wang Mingyu
1e195aa86b mpg123: upgrade 1.32.9 -> 1.32.10 
Changelog:
==========
- scripts/tag_lyrics.py: fix for python3
- libout123: Use strtok_r() to avoid conflicts multithreaded contexts
- libmpg123: Un-break DLL builds that need I/O functions defined in libmpg123.c
- ports/cmake: More fixup to also produce .pc files with Libs.private.

(From OE-Core rev: 62ec28a27d78ee4bd6949f2ca3cdd0e111a6eb56)

Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-12-18 11:11:55 +00:00
Wang Mingyu
d84bc502cc gstreamer1.0: upgrade 1.24.9 -> 1.24.10 
(From OE-Core rev: 42104c010fc6f9bdee84625604777974ad2b70a5)

Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-12-12 12:52:39 +00:00
Khem Raj
c742295dff ffmpeg: Fix RISCV build 
Issue found with LLD linker

| riscv64-yoe-linux-ld.lld: error: relocation R_RISCV_64 cannot be used against symbol '
   ↪ ff_h264_weight_pixels16_8_rvv'; recompile with -fPIC
   | >>> defined in libavcodec/riscv/h264dsp_rvv.o
   | >>> referenced by libavcodec/riscv/h264dsp_rvv.o:(ff_h264_weight_funcs_8_rvv)

(From OE-Core rev: 09b6536fcc5dcd5e8e419c7a2e8c4f3da0cfa38f)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-12-09 15:23:28 +00:00
Peter Marko
975861e6a1 tiff: set status for CVEs firx in 4.7.0 
NDV DB tracks these CVEs as version-less.
So these re-appered in CVE reports after patch files were removed during
last upgrade although the CVEs are fixed.
This seems to be a current trend with RedHat CVEs since due due to
current NVD CVE annotation situation, version-less CVEs are no longer
getting fixed-in added version when available.

(From OE-Core rev: 56cbd53cffc39ff5067f6ed1412af36005a82fcc)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-12-09 15:23:28 +00:00
Peter Marko
60df424e2f tiff: remove status for CVE-2023-3164 
We have reached higher version than what NVD marks for fix.
So this explicit status setting is no longer needed.

(From OE-Core rev: 53584c5f37f551d8fcee83496627ea0b0e7c883d)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-12-09 15:23:28 +00:00
Alexander Kanavin
bb88ab05f2 tiff: update 4.6.0 -> 4.7.0 
Drop all CVE backports.

(From OE-Core rev: 1c227185c7a89df04f81c08881fd5e28aa185a21)

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-12-05 17:07:10 +00:00
Alexander Kanavin
0770b0ecea gstreamer1.0: upgrade 1.24.6 -> 1.24.9 
(From OE-Core rev: e01f9c79725388437d52096701416b61d9a0aa7d)

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-11-27 14:58:48 +00:00
Alexander Kanavin
e140ddc97c ffmpeg: upgrade 7.0.2 -> 7.1 
(From OE-Core rev: 692ecec9c65ff324ceaa3fe3462b314394390df0)

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-11-27 14:58:48 +00:00
Alexander Kanavin
0bfb90fa4b alsa: upgrade 1.2.12 -> 1.2.13 
(From OE-Core rev: fe7395c6f8c406cfcc0b090fd162dc84e5ec97b0)

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-11-27 14:58:48 +00:00
Ross Burton
00fec4f0e9 gstreamer1.0: run ptests in parallel 
Run the ptests in four parallel jobs (reduces runtime from ~80s to ~20s
on my machine), and also pass any arguments in the scripts to make it
easier to run individual tests.

(From OE-Core rev: 87a9fadc71c8d3c1eb841c84c96146d5c56f1241)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-11-23 14:44:54 +00:00
Ross Burton
293b879bd4 libsndfile1: backport the fix for CVE-2024-50612 
Backport the fix from upstream.

(From OE-Core rev: 2fc6b711a6a7252ddf13587927c06333f5a38d71)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-11-19 12:54:32 +00:00
Wang Mingyu
d1522c4f3a mpg123: upgrade 1.32.7 -> 1.32.9 
Changelog:
===========
-- enable 64 bit offset path for MSVCRT and avoid warnings about
   MS's game about POSIX API with and without underscores
-- Increase the library patchlevel, as was forgotten on previous
   release.
-- Add sections to assembly to support PAC/BTI code
   for aarch64 (-mbranch-protection variants)
-- Prevent premature application of header info into decoding structure,
   at worst having triggered out-of-bounds writes of decoded PCM data
- out123: Show --quiet in --longhelp.

(From OE-Core rev: 490b0cfc17164e589d42038bbc9122afa641c78a)

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-11-18 22:09:02 +00:00
Ross Burton
dfa1cd13d4 gstreamer1.0-libav: explicitly disable documentation 
We can't build documentation when doing a cross build, so disable it
explicitly to be clear.

(From OE-Core rev: 2706062d3a711ff0b2c03bee40b908ad329ebd6d)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-11-12 11:31:48 +00:00
Martin Jansa
e402454a61 ffmpeg: fix packaging examples 
* I've noticed that ffmpeg package isn't created in my builds, due
  to --disable-programs in EXTRA_OECONF added by our .bbappend, but
  was surprised that lib32-ffmpeg is created.

* lib32-ffmpeg was created only because it contained the examples
  which are installed in /usr/share/ffmpeg even when PN is lib32-ffmpeg
  as we pass --datadir=${datadir}/ffmpeg in EXTRA_OECONF here

* --disable-programs controls ${bindir}/ffprobe ${bindir}/ffmpeg and
  ${datadir}/ffmpeg/ffprobe.xsd ${datadir}/ffmpeg/libvpx-*.ffpreset

(From OE-Core rev: d7bf828b6431a254201675e41047f53da47912f5)

Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-10-29 11:19:57 +00:00
aszh07
22c08cab4d ffmpeg: Add "libswresample libavcodec" to CVE_PRODUCT 
Currently, CVE_PRODUCT only detects vulnerabilities where the product is "ffmpeg".

However, there are also vulnerabilities where the product is "libswresample",
and "libavcodec" as shown below.
https://app.opencve.io/vendors/?vendor=ffmpeg

Therefore, add "libswresample libavcodec" to CVE_PRODUCT to detect vulnerabilities
where the product is "libswresample libavcodec" as well.

(From OE-Core rev: 9684eba5c543de229108008e29afd1dd021a9799)

Signed-off-by: aszh07 <mail2szahir@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-10-22 12:28:18 +01:00
Alexander Kanavin
9c1efb65c9 meta: use explicit uri for all sourceforge upstream version checks 
Previously the check for some recipes relied on sourceforge redirecting from
downloads.sourceforge.net (SRC_URI is set to that) into the actual project page.

Sourceforge does this for interactive browsers, but not for wget.

With the check no longer mimicking a browser, and being truthful
about coming from wget we need to explicitly fetch
the project page in all cases, which is what this commit does.
(many recipes already set this explicitly and don't need to be tweaked)

(From OE-Core rev: 4c21ce6e34f6ce8fbf4db7bc2fd017c8f7a811b4)

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-10-15 11:47:24 +01:00
Khem Raj
8644929ce0 ffmpeg: Disable asm optimizations on x86 
disable asm code if PIC is required, as the provided asm
decidedly is not PIC for x86.

(From OE-Core rev: 941fc40ca971f87e61c19e5a0703caa304ec7547)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-10-15 11:47:24 +01:00
Ross Burton
d3f607c70f ffmpeg: no need for textrel INSANE_SKIP 
It appears in testing that modern ffmpeg no longer needs to disable PIC,
so there's no need to ignore textrel warnings.

(From OE-Core rev: 98d577fef75d54a59eeacaabb4a45e44b2f6832e)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-10-11 12:17:03 +01:00
Ross Burton
0b16982b3e ffmpeg: nasm is x86 only, so only DEPEND if x86 
No need to depend on nasm if we're not going to use it.

(From OE-Core rev: b99ea7f130c3f945af9a09a6ecf85b6ff8f4b710)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-10-11 12:17:03 +01:00
Wang Mingyu
b07627f252 libpng: upgrade 1.6.43 -> 1.6.44 
Changelog:
===========
- Hardened calculations in chroma handling to prevent overflows, and
  relaxed a constraint in cHRM validation to accomodate the standard
  ACES AP1 set of color primaries.
- Removed the ASM implementation of ARM Neon optimizations and updated
  the build accordingly. Only the remaining C implementation shall be
  used from now on, thus ensuring the support of the PAC/BTI security
  features on ARM64.
- Fixed the pickup of the PNG_HARDWARE_OPTIMIZATIONS option in the
  CMake build on FreeBSD/amd64. This is an important performance fix
  on this platform.
- Applied various fixes and improvements to the CMake build.
- Added fuzzing targets for the simplified read API.
- Fixed a build error involving pngtest.c under a custom config.
- Fixed and improved the config files for AppVeyor CI and Travis CI.

(From OE-Core rev: c41984d59a0408b2991c195494e0246f49a05cc8)

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-09-30 17:00:51 +01:00
Niko Mauno
47ed595ca1 tiff: Fix LICENSE 
The contents of the LICENSE.md file included in the current source
code package match those of libtiff license, which seems to have been
the case since 1999 commit
0ef31e1f62
where it was added with filename COPYRIGHT and was then changed to
LICENSE.md in 2022 commit
fa1d6d787f

(From OE-Core rev: 71d8e8b03349ab18dca558055c2b3a3687785ddf)

Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-09-05 21:48:47 +01:00
Khem Raj
d4f765cb16 ffmpeg: Fix build on musl linux systems 
Improved detection of ioctl API makes it easier to use the right
implementation rather than bunch of ifdef condition checks.

(From OE-Core rev: a81fa08cada35a1b1163a56b80fa72110dcf1e7f)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-09-04 12:38:44 +01:00
Ola x Nilsson
bbc4b56186 ffmpeg: Package example files in ffmpeg-examples 
The most future proof way to not always ship the example files is to
package them separately.

(From OE-Core rev: ee405b4d75ed7361e8fd6220532c4a79b0b6bba6)

Signed-off-by: Ola x Nilsson <olani@axis.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-09-01 12:28:10 +01:00
Alexander Kanavin
1344185255 alsa-utils: upgrade 1.2.11 -> 1.2.12 
(From OE-Core rev: 306a798a1564118dad198747851af54e73e779bd)

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-08-28 09:14:27 +01:00
Alexander Kanavin
aa463a8da1 ffmpeg: update 6.1.1 -> 7.0.2 
(From OE-Core rev: d913e9cf997a2b2455bc336565fc69e76eac9b70)

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-08-28 09:14:27 +01:00
Alexander Kanavin
1a52a90863 mpg123: upgrade 1.32.6 -> 1.32.7 
(From OE-Core rev: 5f4c5e86a990bf2b757aa4958eab9bc92285d9ab)

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-08-23 09:12:37 +01:00
Alexander Kanavin
3ac5612fd5 gstreamer1.0: upgrade 1.24.5 -> 1.24.6 
(From OE-Core rev: ae1789c37042a86c73cb5a14cb174e4453749383)

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-08-23 09:12:37 +01:00
Siddharth Doshi
c048a86145 Tiff: Security fix for CVE-2024-7006 
Upstream-Status: Backport from [818fb8ce88]

CVE's Fixed:
CVE-2024-7006 libtiff: NULL pointer dereference in tif_dirinfo.c

(From OE-Core rev: 5313b4b233a486e8a1483757ad9c9aed3a213aae)

Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-08-15 14:51:55 +01:00
Ross Burton
b997e4dc9c ffmpeg: fix build with binutils 2.43 on arm with commerical codecs 
binutils 2.43 is stricter with label names, so rename a label to stop
assembler errors.

[ YOCTO #15570 ]

(From OE-Core rev: 06d29af58521b94518c924468db34d0eed1cb056)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-08-09 22:33:38 +01:00
Intaek Hwang
4dfb5d5057 gstreamer1.0-plugins-bad: set CVE_PRODUCT 
Set CVE_PRODUCT of gstreamer1.0-plugins-bad to match NVD entries.

(From OE-Core rev: 9fe05a2c80c53393a21621ba6a4111baed48a077)

Signed-off-by: Intaek Hwang <intaek.hwang@gehealthcare.com>
Signed-off-by: Maxin John <maxin.john@gehealthcare.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-08-05 14:31:57 +01:00
Intaek Hwang
d7b4254fe5 alsa-plugins: set CVE_PRODUCT 
Set CVE_PRODUCT of alsa-plugins to match NVD entries.

(From OE-Core rev: 58a98bf780805efc99d0322717758b358d1e52b4)

Signed-off-by: Intaek Hwang <intaek.hwang@gehealthcare.com>
Signed-off-by: Maxin John <maxin.john@gehealthcare.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2024-08-05 14:31:57 +01:00