91c845c452
Security Advisory - ffmpeg - CVE-2013-0866 The aac_decode_init function in libavcodec/aacdec.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via a large number of channels in an AAC file, which triggers an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0866 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0875 The ff_add_png_paeth_prediction function in libavcodec/pngdec.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via a crafted PNG image, related to an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0875 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0860 The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 does not properly verify that a frame is fully initialized, which allows remote attackers to trigger a NULL pointer dereference via crafted picture data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0860 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3934 Double free vulnerability in the vp3_update_thread_context function in libavcodec/vp3.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted vp3 data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3934 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3946 The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Supplemental enhancement information (SEI) data, which triggers an infinite loop. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3946 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7023 The ff_combine_frame function in libavcodec/parser.c in FFmpeg before 2.1 does not properly handle certain memory-allocation errors, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7023 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7009 The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Apple RPZA data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7009 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0855 Integer overflow in the alac_decode_close function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a large number of samples per frame in Apple Lossless Audio Codec (ALAC) data, which triggers an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0855 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-4351 Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x before 0.7.8, and 0.8.x before 0.8.8 allows remote attackers to execute arbitrary code via unspecified vectors. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4351 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0848 The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted width in huffyuv data with the predictor set to median and the colorspace set to YUV422P, which triggers an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0848 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3944 The smacker_decode_header_tree function in libavcodec/smacker.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Smacker data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3944 file://0001-huffyuvdec-check-width-more-completely-avoid-out-of-.patch \ gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7010 Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg before 2.1 allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7010 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3941 The decode_mb function in libavcodec/error_resilience.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via vectors related to an uninitialized block index, which triggers an out-of-bound write. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3941 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0846 Array index error in the qdm2_decode_super_block function in libavcodec/qdm2.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted QDM2 data, which triggers an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0846 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2012-6618 The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service (crash) via a crafted MP3 file, possibly related to frame size or lack of sufficient frames to estimate rate. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6618 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2012-6617 The prepare_sdp_description function in ffserver.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (crash) via vectors related to the rtp format. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6617 (From OE-Core rev: 58f08a96764094189b5aaf3cc8b4cc0c95e23409) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
87 lines
4.7 KiB
BlitzBasic
87 lines
4.7 KiB
BlitzBasic
SUMMARY = "FFmpeg-based GStreamer plug-in"
|
|
SECTION = "multimedia"
|
|
LICENSE = "GPLv2+ & LGPLv2+ & ( (GPLv2+ & LGPLv2.1+) | (GPLv3+ & LGPLv3+) )"
|
|
LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
|
|
file://ext/libpostproc/gstpostproc.c;beginline=1;endline=18;md5=5896e445e41681324381f5869ee33d38 \
|
|
file://COPYING.LIB;md5=55ca817ccb7d5b5b66355690e9abc605 \
|
|
file://ext/ffmpeg/gstffmpeg.h;beginline=1;endline=18;md5=ff65467b0c53cdfa98d0684c1bc240a9 \
|
|
file://gst-libs/ext/libav/LICENSE;md5=abc3b8cb02856aa7823bbbd162d16232 \
|
|
file://gst-libs/ext/libav/COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
|
|
file://gst-libs/ext/libav/COPYING.GPLv3;md5=d32239bcb673463ab874e80d47fae504 \
|
|
file://gst-libs/ext/libav/COPYING.LGPLv2.1;md5=e344c8fa836c3a41c4cbd79d7bd3a379 \
|
|
file://gst-libs/ext/libav/COPYING.LGPLv3;md5=e6a600fd5e1d9cbde2d983680233ad02"
|
|
LICENSE_FLAGS = "commercial"
|
|
HOMEPAGE = "http://www.gstreamer.net/"
|
|
DEPENDS = "gstreamer gst-plugins-base zlib bzip2 yasm-native"
|
|
|
|
inherit autotools pkgconfig
|
|
|
|
SRC_URI = "http://gstreamer.freedesktop.org/src/${BPN}/${BPN}-${PV}.tar.bz2 \
|
|
file://lower-rank.diff \
|
|
file://configure-fix.patch \
|
|
file://h264_qpel_mmx.patch \
|
|
file://libav_e500mc.patch \
|
|
file://libav_e5500.patch \
|
|
file://gst-ffmpeg-CVE-2013-3674.patch \
|
|
file://0001-avformat-mpegtsenc-Check-data-array-size-in-mpegts_w.patch \
|
|
file://0001-vqavideo-check-chunk-sizes-before-reading-chunks.patch \
|
|
file://0001-avcodec-msrle-use-av_image_get_linesize-to-calculate.patch \
|
|
file://0001-huffyuvdec-Skip-len-0-cases.patch \
|
|
file://0001-huffyuvdec-Check-init_vlc-return-codes.patch \
|
|
file://0001-alsdec-check-block-length.patch \
|
|
file://0001-pgssubdec-check-RLE-size-before-copying.-Fix-out-of-.patch \
|
|
file://0001-atrac3dec-Check-coding-mode-against-channels.patch \
|
|
file://0001-eamad-fix-out-of-array-accesses.patch \
|
|
file://0001-mjpegdec-check-SE.patch \
|
|
file://0001-alac-fix-nb_samples-order-case.patch \
|
|
file://0001-h264-correct-ref-count-check-and-limit-fix-out-of-ar.patch \
|
|
file://0001-roqvideodec-check-dimensions-validity.patch \
|
|
file://0001-aacdec-check-channel-count.patch \
|
|
file://0001-pngdec-filter-dont-access-out-of-array-elements-at-t.patch \
|
|
file://0001-error_concealment-Check-that-the-picture-is-not-in-a.patch \
|
|
file://0001-vp3-fix-oob-read-for-negative-tokens-and-memleaks-on.patch \
|
|
file://0001-vp3-Copy-all-3-frames-for-thread-updates.patch \
|
|
file://0001-h264_sei-Fix-infinite-loop.patch \
|
|
file://0001-avcodec-parser-reset-indexes-on-realloc-failure.patch \
|
|
file://0001-avcodec-rpza-Perform-pointer-advance-and-checks-befo.patch \
|
|
file://gst-ffmpeg-CVE-2013-0855.patch \
|
|
file://0001-qdm2dec-fix-buffer-overflow.patch \
|
|
file://0001-huffyuvdec-check-width-more-completely-avoid-out-of-.patch \
|
|
file://0001-smackerdec-Check-that-the-last-indexes-are-within-th.patch \
|
|
file://0001-avcodec-dsputil-fix-signedness-in-sizeof-comparissio.patch \
|
|
file://0001-error-concealment-initialize-block-index.patch \
|
|
file://0001-qdm2-check-array-index-before-use-fix-out-of-array-a.patch \
|
|
file://0001-lavf-compute-probe-buffer-size-more-reliably.patch \
|
|
file://0001-ffserver-set-oformat.patch \
|
|
"
|
|
|
|
SRC_URI[md5sum] = "7f5beacaf1312db2db30a026b36888c4"
|
|
SRC_URI[sha256sum] = "76fca05b08e00134e3cb92fa347507f42cbd48ddb08ed3343a912def187fbb62"
|
|
|
|
PR = "r8"
|
|
|
|
GSTREAMER_DEBUG ?= "--disable-debug"
|
|
|
|
FFMPEG_EXTRA_CONFIGURE = "--with-ffmpeg-extra-configure"
|
|
# pass --cpu for powerpc. get cpu name by stripping "ppc" or "ppc64"
|
|
# from DEFAULTTUNE
|
|
FFMPEG_CPU_powerpc = "--cpu=${@d.getVar('DEFAULTTUNE')[3:]}"
|
|
FFMPEG_CPU_powerpc64 = "--cpu=${@d.getVar('DEFAULTTUNE')[5:]}"
|
|
FFMPEG_EXTRA_CONFIGURE_COMMON_ARG = "--target-os=linux ${FFMPEG_CPU} \
|
|
--cc='${CC}' --as='${CC}' --ld='${CC}' --nm='${NM}' --ar='${AR}' \
|
|
--ranlib='${RANLIB}' \
|
|
${GSTREAMER_DEBUG}"
|
|
FFMPEG_EXTRA_CONFIGURE_COMMON = \
|
|
'${FFMPEG_EXTRA_CONFIGURE}="${FFMPEG_EXTRA_CONFIGURE_COMMON_ARG}"'
|
|
|
|
EXTRA_OECONF = "${FFMPEG_EXTRA_CONFIGURE_COMMON}"
|
|
|
|
PACKAGECONFIG ??= "external-libav"
|
|
PACKAGECONFIG[external-libav] = "--with-system-ffmpeg,,libav"
|
|
PACKAGECONFIG[orc] = "--enable-orc,--disable-orc,orc"
|
|
|
|
FILES_${PN} += "${libdir}/gstreamer-0.10/*.so"
|
|
FILES_${PN}-dbg += "${libdir}/gstreamer-0.10/.debug"
|
|
FILES_${PN}-dev += "${libdir}/gstreamer-0.10/*.la"
|
|
FILES_${PN}-staticdev += "${libdir}/gstreamer-0.10/*.a"
|