generic-poky

sysmo-bts

generic-poky

Fork 0

Commit Graph

Author SHA1 Message Date

Author	SHA1	Message	Date
Yi Zhao	a602b9f748	taglib: Security fix CVE-2017-12678 CVE-2017-12678: In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file. Reference: https://nvd.nist.gov/vuln/detail/CVE-2017-12678 Patch from: `eb9ded1206` (From OE-Core rev: 24ac12ecb19efc7c131c9711ba32e298ba860eb7) (From OE-Core rev: bb90e08fbcbc7c60731aacdc4b82163507d9afdc) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-09-11 22:15:58 +01:00
Joshua Lock	c4e2c59088	meta: remove True option to getVar calls getVar() now defaults to expanding by default, thus remove the True option from getVar() calls with a regex search and replace. Search made with the following regex: getVar ?\(( ?[^,()]*), True\) (From OE-Core rev: 7c552996597faaee2fbee185b250c0ee30ea3b5f) Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2016-12-16 10:23:23 +00:00
Ross Burton	bef4e00bda	taglib: Update to 1.11.1 Forcibly disable Boost as the macros it looks for are also present in our C++ standard library. Enable c++11 in cmake as well as in CXXFLAGS [Khem Raj] CXXFLAGS is required due to a cmake bug where it does not honor CMAKE_CXX_FLAGS during configure time checks [Khem Raj] (From OE-Core rev: 6a56ff7885f43abdb3b9bfeb733be6fee1de237c) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2016-11-30 15:48:04 +00:00

Yi Zhao

a602b9f748

taglib: Security fix CVE-2017-12678

CVE-2017-12678: In TagLib 1.11.1, the rebuildAggregateFrames function in
id3v2framefactory.cpp has a pointer to cast vulnerability, which allows
remote attackers to cause a denial of service or possibly have
unspecified other impact via a crafted audio file.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-12678

Patch from:
eb9ded1206

(From OE-Core rev: 24ac12ecb19efc7c131c9711ba32e298ba860eb7)

(From OE-Core rev: bb90e08fbcbc7c60731aacdc4b82163507d9afdc)

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2017-09-11 22:15:58 +01:00

Joshua Lock

c4e2c59088

meta: remove True option to getVar calls

getVar() now defaults to expanding by default, thus remove the True
option from getVar() calls with a regex search and replace.

Search made with the following regex: getVar ?\(( ?[^,()]*), True\)

(From OE-Core rev: 7c552996597faaee2fbee185b250c0ee30ea3b5f)

Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2016-12-16 10:23:23 +00:00

Ross Burton

bef4e00bda

taglib: Update to 1.11.1

Forcibly disable Boost as the macros it looks for are also present in our C++
standard library.

Enable c++11 in cmake as well as in CXXFLAGS [Khem Raj]

CXXFLAGS is required due to a cmake bug where it does not honor CMAKE_CXX_FLAGS
during configure time checks [Khem Raj]

(From OE-Core rev: 6a56ff7885f43abdb3b9bfeb733be6fee1de237c)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2016-11-30 15:48:04 +00:00

3 Commits