* Backported patch removed, since it is already included in this release
(From OE-Core rev: e9bc4272c7415db278046d2dd9ac2df33f9b7122)
Signed-off-by: Carlos Rafael Giani <dv@pseudoterminal.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* eglglessink was replaced by glimagesink
* sndfile plugin has been ported to 1.0
* webp support added since libwep recipe has been added to meta-multimedia
* mfc was replaced by v4l2videodec, which does not need special flags
* cdaudio was removed
* directshow plugin was replaced by winks
(From OE-Core rev: e2fb717c0a081534252c5026401e3fee8328c502)
Signed-off-by: Carlos Rafael Giani <dv@pseudoterminal.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* xvideo options removed, since the V4L2 XV support never became upstream
and is pretty much dead now
(From OE-Core rev: 2ac6e260f94c7ecfc5ed00798e8431632ae6245c)
Signed-off-by: Carlos Rafael Giani <dv@pseudoterminal.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Backported patch removed, since it is already included in this release
(From OE-Core rev: 3cd159ab21a0d56c9c16c8fbd534fd5db63c6819)
Signed-off-by: Carlos Rafael Giani <dv@pseudoterminal.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module
in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of
service (assertion failure and abort) via an empty UDP packet.
Fix it by picking a patch from pulseaudio upstream code.
(From OE-Core rev: f9d7407e54f1fa3d3a316a5bbb8b80665e6f03fd)
Signed-off-by: Shan Hai <shan.hai@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Switches must not be in EXTRA_OECONF anymore.
(From OE-Core rev: 251a5cc8c940f54f058588977734fd0ede664c3c)
Signed-off-by: Matthieu Crapet <Matthieu.Crapet@ingenico.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
All dev related items should be packaged in the core
PN-dev package not in seperate packages.
(From OE-Core rev: 9aa75f06e9e78602ad8e9a5ffa312f71057a90d7)
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The so files installed under ${libdir}/bellagio are not versioned and should
be installed without version-based symlinks so that omxregister-bellagio
can properly find and register them.
(From OE-Core rev: 3846b1ec782ba0cc64d389d03116743208e2383f)
Signed-off-by: Drew Moseley <drew_moseley@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The previous version of this fix was too aggressive and removed
versioning from too many of the .so files in the libomxil package.
This reverts commit 0ef3734c2f.
(From OE-Core rev: b76d254db92d9c08e8d5d41becb2e60178cebb33)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Security Advisory - ffmpeg - CVE-2013-0866
The aac_decode_init function in libavcodec/aacdec.c in FFmpeg before
1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an
unspecified impact via a large number of channels in an AAC file, which
triggers an out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0866
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0875
The ff_add_png_paeth_prediction function in libavcodec/pngdec.c in
FFmpeg before 1.1.3 allows remote attackers to have an unspecified
impact via a crafted PNG image, related to an out-of-bounds array
access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0875
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0860
The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg
before 1.0.4 and 1.1.x before 1.1.1 does not properly verify that a
frame is fully initialized, which allows remote attackers to trigger a
NULL pointer dereference via crafted picture data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0860
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3934
Double free vulnerability in the vp3_update_thread_context function in
libavcodec/vp3.c in FFmpeg before 0.10 allows remote attackers to have
an unspecified impact via crafted vp3 data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3934
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3946
The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg
before 0.10 allows remote attackers to have an unspecified impact via
crafted Supplemental enhancement information (SEI) data, which triggers
an infinite loop.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3946
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7023
The ff_combine_frame function in libavcodec/parser.c in FFmpeg before
2.1 does not properly handle certain memory-allocation errors, which
allows remote attackers to cause a denial of service (out-of-bounds
array access) or possibly have unspecified other impact via crafted
data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7023
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7009
The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before
2.1 does not properly maintain a pointer to pixel data, which allows
remote attackers to cause a denial of service (out-of-bounds array
access) or possibly have unspecified other impact via crafted Apple RPZA
data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7009
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0855
Integer overflow in the alac_decode_close function in libavcodec/alac.c
in FFmpeg before 1.1 allows remote attackers to have an unspecified
impact via a large number of samples per frame in Apple Lossless Audio
Codec (ALAC) data, which triggers an out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0855
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-4351
Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x before
0.7.8, and 0.8.x before 0.8.8 allows remote attackers to execute
arbitrary code via unspecified vectors.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4351
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0848
The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1
allows remote attackers to have an unspecified impact via a crafted
width in huffyuv data with the predictor set to median and the
colorspace set to YUV422P, which triggers an out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0848
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3944
The smacker_decode_header_tree function in libavcodec/smacker.c in
FFmpeg before 0.10 allows remote attackers to have an unspecified impact
via crafted Smacker data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3944
file://0001-huffyuvdec-check-width-more-completely-avoid-out-of-.patch \
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7010
Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg
before 2.1 allow remote attackers to cause a denial of service
(out-of-bounds array access) or possibly have unspecified other impact
via crafted data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7010
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3941
The decode_mb function in libavcodec/error_resilience.c in FFmpeg before
0.10 allows remote attackers to have an unspecified impact via vectors
related to an uninitialized block index, which triggers an out-of-bound
write.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3941
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0846
Array index error in the qdm2_decode_super_block function in
libavcodec/qdm2.c in FFmpeg before 1.1 allows remote attackers to have
an unspecified impact via crafted QDM2 data, which triggers an
out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0846
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2012-6618
The av_probe_input_buffer function in libavformat/utils.c in FFmpeg
before 1.0.2, when running with certain -probesize values, allows remote
attackers to cause a denial of service (crash) via a crafted MP3 file,
possibly related to frame size or lack of sufficient frames to estimate
rate.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6618
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2012-6617
The prepare_sdp_description function in ffserver.c in FFmpeg before
1.0.2 allows remote attackers to cause a denial of service (crash) via
vectors related to the rtp format.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6617
(From OE-Core rev: 58f08a96764094189b5aaf3cc8b4cc0c95e23409)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: b9a2aacfc0343d522cce9183dae15f1ae042b36d)
Signed-off-by: Wang Zidan <b50113@freescale.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: 8b85075e592e867e7ffba919b10fca150f6a62b0)
Signed-off-by: Wang Zidan <b50113@freescale.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: e25c5b228178f13b2f9e25b5bd423d5ef7b40765)
Signed-off-by: Wang Zidan <b50113@freescale.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Using growable pool with at least 32 buffers for decoders.
(From OE-Core rev: 81ae7794ddbc7e2d97118092e0613249793214ef)
Signed-off-by: Wang Zidan <b50113@freescale.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
self-comparison will always evaluates to true.
(From OE-Core rev: ecd6764843f1bb3a8eeb8580db9e22231ec3c94d)
Signed-off-by: Wang Zidan <b50113@freescale.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There might be more than 65535 samples in a chunk of data, so use
32 bit integer instead of 16 bit.
(From OE-Core rev: 60de6e5d9d3dec482256ea4db8837204ca3ba628)
Signed-off-by: Wang Zidan <b50113@freescale.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The GTK+3 does not provide support for DirectFB backend so we cannot
enable GTK+ features of alsa-tools in this case; GTK+2 does not provide
support for Wayland.
This patch changes GTK+ support to be enabled only when X11 support is
enabled.
(From OE-Core rev: 3af5ed10f93de6def9342f710f3c6b94219a4c7e)
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The so files installed by libomxil are not versioned and should
be installed without version-based symlinks so that omxregister-bellagio
can properly find and register them.
(From OE-Core rev: aa99817ad02c153361b2707d6fc81c09e72f4b8f)
Signed-off-by: Drew Moseley <drew_moseley@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Automatical checking for nasm program will lead flac to a implicit build
result depending on nasm is built before or after it.
(From OE-Core rev: 3db77bfb5f02dae841f24eba66ac5747bbe10b9f)
Signed-off-by: Ming Liu <ming.liu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libmad doesn't want GNU-levels of automake strictness so tell it to be
"foreign".
(From OE-Core rev: 60da074fea280d8190e7439361712dcc86177f12)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libid3tag doesn't want GNU-levels of automake strictness so tell it to be
"foreign".
(From OE-Core rev: e1e2069f93885d09c920b1a2453fd822578d83e1)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Use the "libdir" and "sysconfdir" variables rather than
hard-coding "/usr/lib" and "/etc".
(From OE-Core rev: 1ae73bb41436bf7e97d83052fbe1541074b4a4ac)
Signed-off-by: Drew Moseley <drew_moseley@mentor.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Support xmlto for documentation generation and disable it by default.
[YOCTO #2416]
(From OE-Core rev: 14f4a3e9458b967e74a4a39f6ce9a4672a6302cf)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Dropped libvorvis dependency because there is already a (better) builtin vorbis codec.
Don't confuse codec names: "vorbis" (builtin) and "libvorbis" (using external library).
Changes:
- add --enable-nonfree when faac or openssl are used
- add DESCRIPTION
- sort PACKAGECONFIG entries
Tested with libav-0.8.11 & libav-9.13.
Note: Be sure to have a recent version of bitbake (2014-06-11 or better) including this:
http://cgit.openembedded.org/bitbake/commit/?id=2e742c03e8dfdfa67899e7f5d579ed14bd87e139
It affects behavior of bb.utils.contains_any
(From OE-Core rev: 62eede9de6fa1c76fa97ca5c6ba2d31309759b10)
Signed-off-by: Matthieu Crapet <Matthieu.Crapet@ingenico.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
v2 changes:
* update format for commit log
* add Upstream-Status for patch
ppm2tiff does not check the return value of the TIFFScanlineSize
function, which allows remote attackers to cause a denial of service
(crash) and possibly execute arbitrary code via a crafted PPM image that
triggers an integer overflow, a zero-memory allocation, and a heap-based
buffer overflow.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4564
(From OE-Core rev: 9f02922d44de483ef4d02ce95b55efe79a8b09a2)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This adds a binconfig-disabled class which can be used by recipes where
a -config file is installed but we wish to disable it and just rely on
the .pc files instead.
Rather than simply deleting it, we make the script "exit 1" so that it
can be found in PATH and raise a build error rather than something
silently falling back to the build system for example.
Rather than randomly finding -config files, this adds in the
specification of a list of binconfig scripts which is more deterministic
and maintainable moving forward.
This patch converts various users in OE-Core to use this, a world build
of OE-Core tests out ok with this change. There will likely be issues in
other layers however, hence this being a RFT.
(From OE-Core rev: 5870bd272b0b077d0826fb900b251884c1c05061)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Otherwise may do_compile error:
test-cgroups.c:43:23:: fatal error: libcgroup.h: No such file or directory
and:
configure: No package 'gstreamer-plugins-base-1.0' found
(From OE-Core rev: bef49e8e8bf0a7f900f4ad44c2cbb6dec1d5d180)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
A Gstreamer library which provides an API to create an RTSP server (e.g. to stream RTP to VLC clients and similar).
Tested, works with GStreamer 1.2.3 + videotestsrc based pipeline on RPi.
(From OE-Core rev: 228736f2ffba6c2e06e72042a1fdf3fc0807f9b7)
Signed-off-by: Alex J Lennon <ajlennon@dynamicdevices.co.uk>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It seems that 585324fee380109acd9986388f857f413a60b896 is no
longer there in git and it has been rewritten to
ffc3ad4945da69f3caa2b40e4eed715a9a8d9526
Change-Id: I9ffe8bd9bcef0d2dc5e6f6d3a6e4317bada8f4be
(From OE-Core rev: b193c7f251542aa76cb5a4d6dcb71d15b27005eb)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Without this, configure will fail due to a missing AM_ICONV macro.
(From OE-Core rev: 36ace50aea4e47a0ddf9365a6dec1e0db0b31107)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These recipes all use pkg-config in some way but were missing
dependencies on the tool, this patch adds them.
(From OE-Core rev: 2543b14dd0ca13005be0df027543431fc8e882ae)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The roq_decode_init function in libavcodec/roqvideodec.c in FFmpeg
before 1.1 allows remote attackers to have an unspecified impact via a
crafted (1) width or (2) height dimension that is not a multiple of
sixteen in id RoQ video data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0849
(From OE-Core rev: 1a43a8054f51fbd542f3f037dc35f8b501e455bf)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The decode_slice_header function in libavcodec/h264.c in FFmpeg before
1.1 allows remote attackers to have an unspecified impact via crafted
H.264 data, which triggers an out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0850
(From OE-Core rev: 69f3f0f94f4fd224e5a6b275207adf0539d085c3)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1
allows remote attackers to have an unspecified impact via crafted Apple
Lossless Audio Codec (ALAC) data, related to a large nb_samples value.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0856
(From OE-Core rev: 571ccce77859435ff8010785e11627b20d8b31f4)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The mjpeg_decode_scan_progressive_ac function in libavcodec/mjpegdec.c
in FFmpeg before 1.1 allows remote attackers to have an unspecified
impact via crafted MJPEG data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0854
(From OE-Core rev: b3d9c8f603ebdbc21cb2ba7e62f8b5ebb57c40c1)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1
allows remote attackers to have an unspecified impact via crafted
Electronic Arts Madcow video data, which triggers an out-of-bounds array
access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0851
(From OE-Core rev: 8c9868d074f5d09022efc9419ee09eb805f68394)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg before
1.0.4 allows remote attackers to have an unspecified impact via ATRAC3
data with the joint stereo coding mode set and fewer than two channels.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0858
(From OE-Core rev: 0ee8754c973f5eff3ba4d00319a5308888c12b17)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Carlos Rafael Giani
Jackie Huang
Shan Hai
Matthieu Crapet
Drew Moseley
Yue Tao
Wang Zidan
Otavio Salvador
Richard Purdie
Ming Liu
Ross Burton
Hongxu Jia
Robert Yang
Alex J Lennon
Khem Raj
Cristian Iorga