reset upstream subtrees to HEAD

Reset the following subtrees on HEAD:
  poky: 8217b477a1(master)
  meta-xilinx: 64aa3d35ae(master)
  meta-openembedded: 0435c9e193(master)
  meta-raspberrypi: 490a4441ac(master)
  meta-security: cb6d1c85ee(master)

Squashed patches:
  meta-phosphor: drop systemd 239 patches
  meta-phosphor: mrw-api: use correct install path

Change-Id: I268e2646d9174ad305630c6bbd3fbc1a6105f43d
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
diff --git a/poky/meta/recipes-multimedia/alsa/alsa-lib_1.1.6.bb b/poky/meta/recipes-multimedia/alsa/alsa-lib_1.1.8.bb
similarity index 83%
rename from poky/meta/recipes-multimedia/alsa/alsa-lib_1.1.6.bb
rename to poky/meta/recipes-multimedia/alsa/alsa-lib_1.1.8.bb
index 25e7a3c..76cc962 100644
--- a/poky/meta/recipes-multimedia/alsa/alsa-lib_1.1.6.bb
+++ b/poky/meta/recipes-multimedia/alsa/alsa-lib_1.1.8.bb
@@ -7,9 +7,9 @@
                     file://src/socket.c;md5=dd1bc7f44872690224d89c1a9806e495;beginline=1;endline=26 \
                     "
 
-SRC_URI = "ftp://ftp.alsa-project.org/pub/lib/${BP}.tar.bz2"
-SRC_URI[md5sum] = "2f981a8f7897c59ec2ddc44916d33788"
-SRC_URI[sha256sum] = "5f2cd274b272cae0d0d111e8a9e363f08783329157e8dd68b3de0c096de6d724"
+SRC_URI = "https://www.alsa-project.org/files/pub/lib/${BP}.tar.bz2"
+SRC_URI[md5sum] = "0eec0d657a07927795809c8f87fb76ca"
+SRC_URI[sha256sum] = "3cdc3a93a6427a26d8efab4ada2152e64dd89140d981f6ffa003e85be707aedf"
 
 inherit autotools pkgconfig
 
diff --git a/poky/meta/recipes-multimedia/alsa/alsa-plugins_1.1.6.bb b/poky/meta/recipes-multimedia/alsa/alsa-plugins_1.1.6.bb
deleted file mode 100644
index 17c1879..0000000
--- a/poky/meta/recipes-multimedia/alsa/alsa-plugins_1.1.6.bb
+++ /dev/null
@@ -1,103 +0,0 @@
-SUMMARY = "ALSA Plugins"
-HOMEPAGE = "http://alsa-project.org"
-BUGTRACKER = "http://alsa-project.org/main/index.php/Bug_Tracking"
-SECTION = "multimedia"
-
-# The primary license of alsa-plugins is LGPLv2.1.
-#
-# m4/attributes.m4 is licensed under GPLv2+. m4/attributes.m4 is part of the
-# build system, and doesn't affect the licensing of the build result.
-#
-# The samplerate plugin source code is licensed under GPLv2+ to be consistent
-# with the libsamplerate license. However, if the licensee has a commercial
-# license for libsamplerate, the samplerate plugin may be used under the terms
-# of LGPLv2.1 like the rest of the plugins.
-LICENSE = "LGPLv2.1 & GPLv2+"
-LIC_FILES_CHKSUM = "\
-        file://COPYING;md5=a916467b91076e631dd8edb7424769c7 \
-        file://COPYING.GPL;md5=59530bdf33659b29e73d4adb9f9f6552 \
-        file://m4/attributes.m4;endline=33;md5=b25958da44c02231e3641f1bccef53eb \
-        file://rate/rate_samplerate.c;endline=35;md5=fd77bce85f4a338c0e8ab18430b69fae \
-"
-
-SRC_URI = "ftp://ftp.alsa-project.org/pub/plugins/${BP}.tar.bz2"
-SRC_URI[md5sum] = "8387279e99feeb2ecffaac5f293223d7"
-SRC_URI[sha256sum] = "6f1d31ebe3b1fa1cc8dade60b7bed1cb2583ac998167002d350dc0a5e3e40c13"
-
-DEPENDS += "alsa-lib"
-
-inherit autotools pkgconfig
-
-PACKAGECONFIG ??= "\
-        samplerate \
-        speexdsp \
-        ${@bb.utils.filter('DISTRO_FEATURES', 'pulseaudio', d)} \
-"
-PACKAGECONFIG[avcodec] = "--enable-avcodec,--disable-avcodec,libav"
-PACKAGECONFIG[jack] = "--enable-jack,--disable-jack,jack"
-PACKAGECONFIG[maemo-plugin] = "--enable-maemo-plugin,--disable-maemo-plugin"
-PACKAGECONFIG[maemo-resource-manager] = "--enable-maemo-resource-manager,--disable-maemo-resource-manager,dbus"
-PACKAGECONFIG[pulseaudio] = "--enable-pulseaudio,--disable-pulseaudio,pulseaudio"
-PACKAGECONFIG[samplerate] = "--enable-samplerate,--disable-samplerate,libsamplerate0"
-PACKAGECONFIG[speexdsp] = "--with-speex=lib,--with-speex=no,speexdsp"
-
-PACKAGES += "${@bb.utils.contains('PACKAGECONFIG', 'pulseaudio', 'alsa-plugins-pulseaudio-conf', '', d)}"
-
-PACKAGES_DYNAMIC = "^libasound-module-.*"
-
-# The alsa-plugins package doesn't itself contain anything, it just depends on
-# all built plugins.
-ALLOW_EMPTY_${PN} = "1"
-
-do_install_append() {
-	rm ${D}${libdir}/alsa-lib/*.la
-
-	# We use the example as is, so just drop the .example suffix.
-	if [ "${@bb.utils.contains('PACKAGECONFIG', 'pulseaudio', 'yes', 'no', d)}" = "yes" ]; then
-		mv ${D}${datadir}/alsa/alsa.conf.d/99-pulseaudio-default.conf.example ${D}${datadir}/alsa/alsa.conf.d/99-pulseaudio-default.conf
-	fi
-}
-
-python populate_packages_prepend() {
-    plugindir = d.expand('${libdir}/alsa-lib/')
-    packages = " ".join(do_split_packages(d, plugindir, '^libasound_module_(.*)\.so$', 'libasound-module-%s', 'Alsa plugin for %s', extra_depends=''))
-    d.setVar("RDEPENDS_alsa-plugins", packages)
-}
-
-# The rate plugins create some symlinks. For example, the samplerate plugin
-# creates these links to the main plugin file:
-#
-#   libasound_module_rate_samplerate_best.so
-#   libasound_module_rate_samplerate_linear.so
-#   libasound_module_rate_samplerate_medium.so
-#   libasound_module_rate_samplerate_order.so
-#
-# The other rate plugins create similar links. We have to add the links to
-# FILES manually, because do_split_packages() skips the links (which is good,
-# because we wouldn't want do_split_packages() to create separate packages for
-# the symlinks).
-#
-# The symlinks cause QA errors, because usually it's a bug if a non
-# -dev/-dbg/-nativesdk package contains links to .so files, but in this case
-# the errors are false positives, so we disable the QA checks.
-FILES_${MLPREFIX}libasound-module-rate-lavcrate += "${libdir}/alsa-lib/*rate_lavcrate_*.so"
-FILES_${MLPREFIX}libasound-module-rate-samplerate += "${libdir}/alsa-lib/*rate_samplerate_*.so"
-FILES_${MLPREFIX}libasound-module-rate-speexrate += "${libdir}/alsa-lib/*rate_speexrate_*.so"
-INSANE_SKIP_${MLPREFIX}libasound-module-rate-lavcrate = "dev-so"
-INSANE_SKIP_${MLPREFIX}libasound-module-rate-samplerate = "dev-so"
-INSANE_SKIP_${MLPREFIX}libasound-module-rate-speexrate = "dev-so"
-
-# 50-pulseaudio.conf defines a device named "pulse" that applications can use
-# if they explicitly want to use the PulseAudio plugin.
-# 99-pulseaudio-default.conf configures the "default" device to use the
-# PulseAudio plugin.
-FILES_${PN}-pulseaudio-conf += "\
-        ${datadir}/alsa/alsa.conf.d/50-pulseaudio.conf \
-        ${datadir}/alsa/alsa.conf.d/99-pulseaudio-default.conf \
-"
-
-RDEPENDS_${PN}-pulseaudio-conf += "\
-        libasound-module-conf-pulse \
-        libasound-module-ctl-pulse \
-        libasound-module-pcm-pulse \
-"
diff --git a/poky/meta/recipes-multimedia/alsa/alsa-plugins_1.1.8.bb b/poky/meta/recipes-multimedia/alsa/alsa-plugins_1.1.8.bb
new file mode 100644
index 0000000..2d9cc06
--- /dev/null
+++ b/poky/meta/recipes-multimedia/alsa/alsa-plugins_1.1.8.bb
@@ -0,0 +1,173 @@
+SUMMARY = "ALSA Plugins"
+HOMEPAGE = "http://alsa-project.org"
+BUGTRACKER = "http://alsa-project.org/main/index.php/Bug_Tracking"
+SECTION = "multimedia"
+
+# The primary license of alsa-plugins is LGPLv2.1.
+#
+# m4/attributes.m4 is licensed under GPLv2+. m4/attributes.m4 is part of the
+# build system, and doesn't affect the licensing of the build result.
+#
+# The samplerate plugin source code is licensed under GPLv2+ to be consistent
+# with the libsamplerate license. However, if the licensee has a commercial
+# license for libsamplerate, the samplerate plugin may be used under the terms
+# of LGPLv2.1 like the rest of the plugins.
+LICENSE = "LGPLv2.1 & GPLv2+"
+LIC_FILES_CHKSUM = "\
+        file://COPYING;md5=a916467b91076e631dd8edb7424769c7 \
+        file://COPYING.GPL;md5=59530bdf33659b29e73d4adb9f9f6552 \
+        file://m4/attributes.m4;endline=33;md5=b25958da44c02231e3641f1bccef53eb \
+        file://rate/rate_samplerate.c;endline=35;md5=fd77bce85f4a338c0e8ab18430b69fae \
+"
+
+SRC_URI = "https://www.alsa-project.org/files/pub/plugins/${BP}.tar.bz2"
+SRC_URI[md5sum] = "d0f87211d1560f2c07c8eae4297bc4f6"
+SRC_URI[sha256sum] = "7f77df171685ccec918268477623a39db4d9f32d5dc5e76874ef2467a2405994"
+
+DEPENDS += "alsa-lib"
+
+inherit autotools pkgconfig
+
+PACKAGECONFIG ??= "\
+        samplerate \
+        speexdsp \
+        ${@bb.utils.filter('DISTRO_FEATURES', 'pulseaudio', d)} \
+"
+PACKAGECONFIG[aaf] = "--enable-aaf,--disable-aaf,avtp"
+PACKAGECONFIG[jack] = "--enable-jack,--disable-jack,jack"
+PACKAGECONFIG[libav] = "--enable-libav,--disable-libav,libav"
+PACKAGECONFIG[maemo-plugin] = "--enable-maemo-plugin,--disable-maemo-plugin"
+PACKAGECONFIG[maemo-resource-manager] = "--enable-maemo-resource-manager,--disable-maemo-resource-manager,dbus"
+PACKAGECONFIG[pulseaudio] = "--enable-pulseaudio,--disable-pulseaudio,pulseaudio"
+PACKAGECONFIG[samplerate] = "--enable-samplerate,--disable-samplerate,libsamplerate0"
+PACKAGECONFIG[speexdsp] = "--with-speex=lib,--with-speex=no,speexdsp"
+
+PACKAGES += "${@bb.utils.contains('PACKAGECONFIG', 'pulseaudio', 'alsa-plugins-pulseaudio-conf', '', d)}"
+
+PACKAGES_DYNAMIC = "^libasound-module-.*"
+
+# The alsa-plugins package doesn't itself contain anything, it just depends on
+# all built plugins.
+FILES_${PN} = ""
+ALLOW_EMPTY_${PN} = "1"
+
+do_install_append() {
+	rm ${D}${libdir}/alsa-lib/*.la
+
+	if [ "${@bb.utils.contains('PACKAGECONFIG', 'pulseaudio', 'yes', 'no', d)}" = "yes" ]; then
+		# We use the example as is. Upstream installs the file under
+		# /etc, but we move it under /usr/share and add a symlink under
+		# /etc to be consistent with other installed configuration
+		# files.
+		mv ${D}${sysconfdir}/alsa/conf.d/99-pulseaudio-default.conf.example ${D}${datadir}/alsa/alsa.conf.d/99-pulseaudio-default.conf
+		ln -s ${datadir}/alsa/alsa.conf.d/99-pulseaudio-default.conf ${D}${sysconfdir}/alsa/conf.d/99-pulseaudio-default.conf
+	fi
+}
+
+python populate_packages_prepend() {
+    plugindir = d.expand('${libdir}/alsa-lib/')
+    packages = " ".join(do_split_packages(d, plugindir, r'^libasound_module_(.*)\.so$', 'libasound-module-%s', 'Alsa plugin for %s', extra_depends=''))
+    d.setVar("RDEPENDS_alsa-plugins", packages)
+}
+
+# Many plugins have a configuration file (plus a symlink in /etc) associated
+# with them. We put the plugin and it's configuration usually in the same
+# package, but that's problematic when the configuration file is related to
+# multiple plugins, as is the case with the pulse, oss and maemo plugins. In
+# case of the pulse plugins, we have a separate alsa-plugins-pulseaudio-conf
+# package that depends on all the pulse plugins, which ensures that all plugins
+# that the configuration references are installed. The oss and maemo
+# configuration files, on the other hand, are in the respective pcm plugin
+# packages. Therefore it's possible to install the configuration file without
+# the ctl plugin that the configuration file references. This is unlikely to
+# cause big problems, but some kind of improvement to the packaging could
+# probably be done here (at least it would be good to handle the different
+# plugins in a consistent way).
+FILES_${MLPREFIX}libasound-module-ctl-arcam-av += "\
+        ${datadir}/alsa/alsa.conf.d/50-arcam-av-ctl.conf \
+        ${sysconfdir}/alsa/conf.d/50-arcam-av-ctl.conf \
+"
+FILES_${MLPREFIX}libasound-module-pcm-a52 += "\
+        ${datadir}/alsa/alsa.conf.d/60-a52-encoder.conf \
+        ${sysconfdir}/alsa/conf.d/60-a52-encoder.conf \
+"
+FILES_${MLPREFIX}libasound-module-pcm-alsa-dsp += "\
+        ${datadir}/alsa/alsa.conf.d/98-maemo.conf \
+        ${sysconfdir}/alsa/conf.d/98-maemo.conf \
+"
+FILES_${MLPREFIX}libasound-module-pcm-jack += "\
+        ${datadir}/alsa/alsa.conf.d/50-jack.conf \
+        ${sysconfdir}/alsa/conf.d/50-jack.conf \
+"
+FILES_${MLPREFIX}libasound-module-pcm-oss += "\
+        ${datadir}/alsa/alsa.conf.d/50-oss.conf \
+        ${sysconfdir}/alsa/conf.d/50-oss.conf \
+"
+FILES_${MLPREFIX}libasound-module-pcm-speex += "\
+        ${datadir}/alsa/alsa.conf.d/60-speex.conf \
+        ${sysconfdir}/alsa/conf.d/60-speex.conf \
+"
+FILES_${MLPREFIX}libasound-module-pcm-upmix += "\
+        ${datadir}/alsa/alsa.conf.d/60-upmix.conf \
+        ${sysconfdir}/alsa/conf.d/60-upmix.conf \
+"
+FILES_${MLPREFIX}libasound-module-pcm-usb-stream += "\
+        ${datadir}/alsa/alsa.conf.d/98-usb-stream.conf \
+        ${sysconfdir}/alsa/conf.d/98-usb-stream.conf \
+"
+FILES_${MLPREFIX}libasound-module-pcm-vdownmix += "\
+        ${datadir}/alsa/alsa.conf.d/60-vdownmix.conf \
+        ${sysconfdir}/alsa/conf.d/60-vdownmix.conf \
+"
+FILES_${MLPREFIX}libasound-module-rate-lavrate += "\
+        ${datadir}/alsa/alsa.conf.d/10-rate-lav.conf \
+        ${sysconfdir}/alsa/conf.d/10-rate-lav.conf \
+"
+FILES_${MLPREFIX}libasound-module-rate-samplerate += "\
+        ${datadir}/alsa/alsa.conf.d/10-samplerate.conf \
+        ${sysconfdir}/alsa/conf.d/10-samplerate.conf \
+"
+FILES_${MLPREFIX}libasound-module-rate-speexrate += "\
+        ${datadir}/alsa/alsa.conf.d/10-speexrate.conf \
+        ${sysconfdir}/alsa/conf.d/10-speexrate.conf \
+"
+
+# The rate plugins create some symlinks. For example, the samplerate plugin
+# creates these links to the main plugin file:
+#
+#   libasound_module_rate_samplerate_best.so
+#   libasound_module_rate_samplerate_linear.so
+#   libasound_module_rate_samplerate_medium.so
+#   libasound_module_rate_samplerate_order.so
+#
+# The other rate plugins create similar links. We have to add the links to
+# FILES manually, because do_split_packages() skips the links (which is good,
+# because we wouldn't want do_split_packages() to create separate packages for
+# the symlinks).
+#
+# The symlinks cause QA errors, because usually it's a bug if a non
+# -dev/-dbg/-nativesdk package contains links to .so files, but in this case
+# the errors are false positives, so we disable the QA checks.
+FILES_${MLPREFIX}libasound-module-rate-lavrate += "${libdir}/alsa-lib/*rate_lavrate_*.so"
+FILES_${MLPREFIX}libasound-module-rate-samplerate += "${libdir}/alsa-lib/*rate_samplerate_*.so"
+FILES_${MLPREFIX}libasound-module-rate-speexrate += "${libdir}/alsa-lib/*rate_speexrate_*.so"
+INSANE_SKIP_${MLPREFIX}libasound-module-rate-lavrate = "dev-so"
+INSANE_SKIP_${MLPREFIX}libasound-module-rate-samplerate = "dev-so"
+INSANE_SKIP_${MLPREFIX}libasound-module-rate-speexrate = "dev-so"
+
+# 50-pulseaudio.conf defines a device named "pulse" that applications can use
+# if they explicitly want to use the PulseAudio plugin.
+# 99-pulseaudio-default.conf configures the "default" device to use the
+# PulseAudio plugin.
+FILES_${PN}-pulseaudio-conf += "\
+        ${datadir}/alsa/alsa.conf.d/50-pulseaudio.conf \
+        ${datadir}/alsa/alsa.conf.d/99-pulseaudio-default.conf \
+        ${sysconfdir}/alsa/conf.d/50-pulseaudio.conf \
+        ${sysconfdir}/alsa/conf.d/99-pulseaudio-default.conf \
+"
+
+RDEPENDS_${PN}-pulseaudio-conf += "\
+        libasound-module-conf-pulse \
+        libasound-module-ctl-pulse \
+        libasound-module-pcm-pulse \
+"
diff --git a/poky/meta/recipes-multimedia/alsa/alsa-tools/0002-Fix-clang-Wreserved-user-defined-literal-warnings.patch b/poky/meta/recipes-multimedia/alsa/alsa-tools/0002-Fix-clang-Wreserved-user-defined-literal-warnings.patch
deleted file mode 100644
index c137bc8..0000000
--- a/poky/meta/recipes-multimedia/alsa/alsa-tools/0002-Fix-clang-Wreserved-user-defined-literal-warnings.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-Upstream-Status: Backport
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-
-From a861bdabf02cd9bfb3ec7c0571c563c0fa14adfb Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Tue, 24 Apr 2018 12:24:32 -0700
-Subject: [PATCH] us428control: Fix clang -Wreserved-user-defined-literal
- warnings
-
-| us428control.cc:66:18: error: invalid suffix on literal; C++11 requires a space between literal and identifier [-Wreserved-user-defined-literal]
-|         printf("usage: "PROGNAME" [-v verbosity_level 0..2] [-c card] [-D device] [-u usb-device] [-m mode]\n");
-|                         ^
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-Signed-off-by: Takashi Iwai <tiwai@suse.de>
----
- us428control/us428control.cc | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/us428control/us428control.cc b/us428control/us428control.cc
-index e839bf4..8cb3c42 100644
---- a/us428control/us428control.cc
-+++ b/us428control/us428control.cc
-@@ -63,7 +63,7 @@ static void usage(void)
- {
- 	printf("Tascam US-428 Control\n");
- 	printf("version %s\n", VERSION);
--	printf("usage: "PROGNAME" [-v verbosity_level 0..2] [-c card] [-D device] [-u usb-device] [-m mode]\n");
-+	printf("usage: " PROGNAME " [-v verbosity_level 0..2] [-c card] [-D device] [-u usb-device] [-m mode]\n");
- 	printf("mode is one of (us224, us428, mixxx)\n");
- }
- /*
--- 
-1.7.11.7
diff --git a/poky/meta/recipes-multimedia/alsa/alsa-tools/musl.patch b/poky/meta/recipes-multimedia/alsa/alsa-tools/musl.patch
deleted file mode 100644
index 9eb129c..0000000
--- a/poky/meta/recipes-multimedia/alsa/alsa-tools/musl.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-
-From 235d9c5e8381518b0a8661786e7e0cbdd1bbcd01 Mon Sep 17 00:00:00 2001
-From: Ross Burton <ross.burton@intel.com>
-Date: Tue, 12 Jun 2018 13:24:34 +0100
-Subject: [PATCH] ld10k1: define _GNU_SOURCE and use sighandler_t
-
-__sighandler_t is a glibc internal type which doesn't exist in musl.  By using
-AC_USE_SYSTEM_EXTENSIONS to get _GNU_SOURCE defined, both glibc and musl
-then expose sighandler_t.
-
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-Signed-off-by: Takashi Iwai <tiwai@suse.de>
----
- ld10k1/configure.ac      | 1 +
- ld10k1/src/ld10k1_fnc1.c | 2 +-
- 2 files changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/ld10k1/configure.ac b/ld10k1/configure.ac
-index 276b24e..f48ca31 100644
---- a/ld10k1/configure.ac
-+++ b/ld10k1/configure.ac
-@@ -4,6 +4,7 @@ AC_CONFIG_MACRO_DIR([m4])
- AM_MAINTAINER_MODE([enable])
- 
- AC_CONFIG_HEADERS(config.h)
-+AC_USE_SYSTEM_EXTENSIONS
- AC_PROG_CC
- AC_PROG_LD
- AC_PROG_INSTALL
-diff --git a/ld10k1/src/ld10k1_fnc1.c b/ld10k1/src/ld10k1_fnc1.c
-index 343584c..ddc43c6 100644
---- a/ld10k1/src/ld10k1_fnc1.c
-+++ b/ld10k1/src/ld10k1_fnc1.c
-@@ -179,7 +179,7 @@ int main_loop(comm_param *param, int audigy, const char *card_id, int tram_size,
- {
- 	fd_set active_fd_set/*, read_fd_set*/;
- 	int i, j, res = 0;
--	__sighandler_t old_sig_pipe;
-+	sighandler_t old_sig_pipe;
- 
- 	int main_sock = 0;
- 	int data_sock = 0;
--- 
-2.11.0
-
diff --git a/poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.6.bb b/poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.7.bb
similarity index 88%
rename from poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.6.bb
rename to poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.7.bb
index 90e54db..e1b50fa 100644
--- a/poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.6.bb
+++ b/poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.7.bb
@@ -9,13 +9,10 @@
                     file://ld10k1/COPYING.LIB;md5=a916467b91076e631dd8edb7424769c7 \
                     "
 
-SRC_URI = "ftp://ftp.alsa-project.org/pub/tools/${BP}.tar.bz2 \
-           file://0002-Fix-clang-Wreserved-user-defined-literal-warnings.patch \
-           file://musl.patch \
-           "
+SRC_URI = "https://www.alsa-project.org/files/pub/tools/${BP}.tar.bz2"
 
-SRC_URI[md5sum] = "5ca8c9437ae779997cd62fb2815fef19"
-SRC_URI[sha256sum] = "d69c4dc2fb641a974d9903e9eb78c94cb0c7ac6c45bae664f0c9d6c0a1593227"
+SRC_URI[md5sum] = "475bdf6457bcf55c8c895d653ee56a54"
+SRC_URI[sha256sum] = "a0243328a8f6f691a3055c484fd8d3326393096325e93743b246029d327c4ef6"
 
 inherit autotools-brokensep pkgconfig
 # brokensep as as10k1 (and probably more) fail out of tree
@@ -38,7 +35,6 @@
 PACKAGECONFIG[hdspconf] = ",,fltk"
 PACKAGECONFIG[hdsploader] = ""
 PACKAGECONFIG[hdspmixer] = ",,fltk"
-PACKAGECONFIG[hwmixvolume] = ",,,python-core python-pygtk"
 PACKAGECONFIG[ld10k1] = ""
 PACKAGECONFIG[mixartloader] = ""
 PACKAGECONFIG[pcxhrloader] = ""
@@ -51,6 +47,10 @@
 PACKAGECONFIG[usx2yloader] = ""
 PACKAGECONFIG[vxloader] = ""
 
+# At the time of writing pyalsa is not packaged for OE, so this is not expected
+# to work.
+PACKAGECONFIG[hwmixvolume] = ",,,python-core python-pygobject pyalsa"
+
 python do_configure() {
     for subdir in d.getVar("PACKAGECONFIG").split():
         subdir = subdir.replace("--", "/")
diff --git a/poky/meta/recipes-multimedia/alsa/alsa-utils-scripts_1.1.6.bb b/poky/meta/recipes-multimedia/alsa/alsa-utils-scripts_1.1.8.bb
similarity index 100%
rename from poky/meta/recipes-multimedia/alsa/alsa-utils-scripts_1.1.6.bb
rename to poky/meta/recipes-multimedia/alsa/alsa-utils-scripts_1.1.8.bb
diff --git a/poky/meta/recipes-multimedia/alsa/alsa-utils_1.1.6.bb b/poky/meta/recipes-multimedia/alsa/alsa-utils_1.1.8.bb
similarity index 88%
rename from poky/meta/recipes-multimedia/alsa/alsa-utils_1.1.6.bb
rename to poky/meta/recipes-multimedia/alsa/alsa-utils_1.1.8.bb
index b8ba0cb..96d54e5 100644
--- a/poky/meta/recipes-multimedia/alsa/alsa-utils_1.1.6.bb
+++ b/poky/meta/recipes-multimedia/alsa/alsa-utils_1.1.8.bb
@@ -19,11 +19,10 @@
 PACKAGECONFIG[udev] = "--with-udev-rules-dir=`pkg-config --variable=udevdir udev`/rules.d,--with-udev-rules-dir=/unwanted/rules.d,udev"
 PACKAGECONFIG[manpages] = "--enable-xmlto, --disable-xmlto, xmlto-native docbook-xml-dtd4-native docbook-xsl-stylesheets-native"
 
-SRC_URI = "ftp://ftp.alsa-project.org/pub/utils/alsa-utils-${PV}.tar.bz2 \
-          "
-
-SRC_URI[md5sum] = "50ae75567459646b843bed78d916b002"
-SRC_URI[sha256sum] = "155caecc40b2220f686f34ba3655a53e3bdbc0586adb1056733949feaaf7d36e"
+# alsa-utils specified in SRC_URI due to alsa-utils-scripts recipe
+SRC_URI = "https://www.alsa-project.org/files/pub/utils/alsa-utils-${PV}.tar.bz2"
+SRC_URI[md5sum] = "54d6f9b483144823d0fc0c26e8cea028"
+SRC_URI[sha256sum] = "fd9bf528922b3829a91913b89a1858c58a0b24271a7b5f529923aa9ea12fa4cf"
 
 # On build machines with python-docutils (not python3-docutils !!) installed
 # rst2man (not rst2man.py) is detected and compile fails with
@@ -59,7 +58,7 @@
 FILES_${PN} = ""
 FILES_alsa-utils-alsabat     = "${bindir}/alsabat"
 FILES_alsa-utils-alsatplg    = "${bindir}/alsatplg"
-FILES_alsa-utils-aplay       = "${bindir}/aplay ${bindir}/arecord"
+FILES_alsa-utils-aplay       = "${bindir}/aplay ${bindir}/arecord ${bindir}/axfer"
 FILES_alsa-utils-amixer      = "${bindir}/amixer"
 FILES_alsa-utils-alsamixer   = "${bindir}/alsamixer"
 FILES_alsa-utils-speakertest = "${bindir}/speaker-test ${datadir}/sounds/alsa/ ${datadir}/alsa/speaker-test/"
@@ -67,10 +66,10 @@
 FILES_alsa-utils-aconnect    = "${bindir}/aconnect"
 FILES_alsa-utils-aseqnet     = "${bindir}/aseqnet"
 FILES_alsa-utils-iecset      = "${bindir}/iecset"
-FILES_alsa-utils-alsactl     = "${sbindir}/alsactl */udev/rules.d */*/udev/rules.d ${systemd_unitdir} ${localstatedir}/lib/alsa ${datadir}/alsa/init/"
+FILES_alsa-utils-alsactl     = "${sbindir}/alsactl */udev/rules.d/90-alsa-restore.rules */*/udev/rules.d/90-alsa-restore.rules ${systemd_unitdir} ${localstatedir}/lib/alsa ${datadir}/alsa/init/"
 FILES_alsa-utils-aseqdump    = "${bindir}/aseqdump"
 FILES_alsa-utils-alsaloop    = "${bindir}/alsaloop"
-FILES_alsa-utils-alsaucm     = "${bindir}/alsaucm"
+FILES_alsa-utils-alsaucm     = "${bindir}/alsaucm */udev/rules.d/89-alsa-ucm.rules */*/udev/rules.d/89-alsa-ucm.rules"
 
 SUMMARY_alsa-utils-alsabat      = "Command-line sound tester for ALSA sound card driver"
 SUMMARY_alsa-utils-alsatplg     = "Converts topology text files into binary format for kernel"
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2018-15822.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2018-15822.patch
deleted file mode 100644
index 7d5868a..0000000
--- a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2018-15822.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From 6b67d7f05918f7a1ee8fc6ff21355d7e8736aa10 Mon Sep 17 00:00:00 2001
-From: Michael Niedermayer <michael@niedermayer.cc>
-Date: Sat, 28 Jul 2018 15:03:50 +0200
-Subject: [PATCH] avformat/flvenc: Check audio packet size
-
-Fixes: Assertion failure
-Fixes: assert_flvenc.c:941_1.swf
-
-Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/6b67d7f05918f7a1ee8fc6ff21355d7e8736aa10]
-CVE: CVE-2018-15822
-
-Found-by: #CHEN HONGXU# <HCHEN017@e.ntu.edu.sg>
-Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
----
- libavformat/flvenc.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/libavformat/flvenc.c b/libavformat/flvenc.c
-index 1c552a3e6b..e4863f1fc7 100644
---- a/libavformat/flvenc.c
-+++ b/libavformat/flvenc.c
-@@ -883,6 +883,11 @@ static int flv_write_packet(AVFormatContext *s, AVPacket *pkt)
-     int flags = -1, flags_size, ret;
-     int64_t cur_offset = avio_tell(pb);
- 
-+    if (par->codec_type == AVMEDIA_TYPE_AUDIO && !pkt->size) {
-+        av_log(s, AV_LOG_WARNING, "Empty audio Packet\n");
-+        return AVERROR(EINVAL);
-+    }
-+
-     if (par->codec_id == AV_CODEC_ID_VP6F || par->codec_id == AV_CODEC_ID_VP6A ||
-         par->codec_id == AV_CODEC_ID_VP6  || par->codec_id == AV_CODEC_ID_AAC)
-         flags_size = 2;
--- 
-2.17.1
-
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.0.2.bb b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.1.1.bb
similarity index 96%
rename from poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.0.2.bb
rename to poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.1.1.bb
index 7d1af04..749b3d0 100644
--- a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.0.2.bb
+++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.1.1.bb
@@ -25,10 +25,9 @@
 
 SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
            file://mips64_cpu_detection.patch \
-           file://CVE-2018-15822.patch \
            "
-SRC_URI[md5sum] = "ae0bfdf809306a212b4f0e6eb8d1c75e"
-SRC_URI[sha256sum] = "a95c0cc9eb990e94031d2183f2e6e444cc61c99f6f182d1575c433d62afb2f97"
+SRC_URI[md5sum] = "720fc84617a2c38aeae79aff3689a567"
+SRC_URI[sha256sum] = "373749824dfd334d84e55dff406729edfd1606575ee44dd485d97d45ea4d2d86"
 
 # Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717
 ARM_INSTRUCTION_SET_armv4 = "arm"
@@ -43,7 +42,7 @@
 
 inherit autotools pkgconfig
 
-PACKAGECONFIG ??= "avdevice avfilter avcodec avformat swresample swscale postproc \
+PACKAGECONFIG ??= "avdevice avfilter avcodec avformat swresample swscale postproc avresample \
                    bzlib gpl lzma theora x264 \
                    ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xv', '', d)}"
 
diff --git a/poky/meta/recipes-multimedia/gstreamer/files/0002-gstconfig.h.in-initial-RISC-V-support.patch b/poky/meta/recipes-multimedia/gstreamer/files/0002-gstconfig.h.in-initial-RISC-V-support.patch
new file mode 100644
index 0000000..db742de
--- /dev/null
+++ b/poky/meta/recipes-multimedia/gstreamer/files/0002-gstconfig.h.in-initial-RISC-V-support.patch
@@ -0,0 +1,30 @@
+From 8a156d1725ecd03f2e8cdc8874e081dda2d3b43d Mon Sep 17 00:00:00 2001
+From: Aurelien Jarno <aurelien@aurel32.net>
+Date: Sun, 15 Apr 2018 00:49:55 +0200
+Subject: [PATCH] gstconfig.h.in: initial RISC-V support
+
+RISC-V supports unaligned accesses, but these might run extremely slowly
+depending on the implementation. Therefore set GST_HAVE_UNALIGNED_ACCESS
+to 0 on this architecture.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=795271
+
+Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
+Upstream-Status: Accepted [1.15.1 - https://bugzilla.gnome.org/show_bug.cgi?id=795271]
+---
+ gst/gstconfig.h.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/gst/gstconfig.h.in b/gst/gstconfig.h.in
+index 6351c04da..33dfed1f6 100644
+--- a/gst/gstconfig.h.in
++++ b/gst/gstconfig.h.in
+@@ -104,7 +104,7 @@
+  * http://docs.oracle.com/cd/E19205-01/820-4155/c++_faq.html#Vers6
+  * https://software.intel.com/en-us/node/583402
+  */
+-#if defined(__alpha__) || defined(__arc__) || defined(__arm__) || defined(__aarch64__) || defined(__bfin) || defined(__hppa__) || defined(__nios2__) || defined(__MICROBLAZE__) || defined(__mips__) || defined(__or1k__) || defined(__sh__) || defined(__SH4__) || defined(__sparc__) || defined(__sparc) || defined(__ia64__) || defined(_M_ALPHA) || defined(_M_ARM) || defined(_M_IA64) || defined(__xtensa__) || defined(__e2k__)
++#if defined(__alpha__) || defined(__arc__) || defined(__arm__) || defined(__aarch64__) || defined(__bfin) || defined(__hppa__) || defined(__nios2__) || defined(__MICROBLAZE__) || defined(__mips__) || defined(__or1k__) || defined(__sh__) || defined(__SH4__) || defined(__sparc__) || defined(__sparc) || defined(__ia64__) || defined(_M_ALPHA) || defined(_M_ARM) || defined(_M_IA64) || defined(__xtensa__) || defined(__e2k__) || defined(__riscv)
+ #  define GST_HAVE_UNALIGNED_ACCESS 0
+ #elif defined(__i386__) || defined(__i386) || defined(__amd64__) || defined(__amd64) || defined(__x86_64__) || defined(__ppc__) || defined(__ppc64__) || defined(__powerpc__) || defined(__powerpc64__) || defined(__m68k__) || defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || defined(__s390__) || defined(__s390x__) || defined(__zarch__)
+ #  define GST_HAVE_UNALIGNED_ACCESS 1
diff --git a/poky/meta/recipes-multimedia/gstreamer/gst-examples_git.bb b/poky/meta/recipes-multimedia/gstreamer/gst-examples_git.bb
index 1d87f24..75ac9b7 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gst-examples_git.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gst-examples_git.bb
@@ -4,11 +4,11 @@
 
 DEPENDS = "glib-2.0 gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-bad gtk+3 glib-2.0-native"
 
-SRC_URI = "git://anongit.freedesktop.org/gstreamer/gst-examples \
+SRC_URI = "git://gitlab.freedesktop.org/gstreamer/gst-examples.git;protocol=https \
            file://0001-Make-player-examples-installable.patch \
            file://gst-player.desktop"
 
-SRCREV = "48247c6ab6807d6ae179cf653cbdc64714d3313c"
+SRCREV = "2b3fc175c252cd5a537e4b2864b572a8372473d6"
 PV = "0.0.1+git${SRCPV}"
 UPSTREAM_CHECK_COMMITS = "1"
 
diff --git a/poky/meta/recipes-multimedia/gstreamer/gst-plugins-package.inc b/poky/meta/recipes-multimedia/gstreamer/gst-plugins-package.inc
index 3fdb10e..6781e98 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gst-plugins-package.inc
+++ b/poky/meta/recipes-multimedia/gstreamer/gst-plugins-package.inc
@@ -6,26 +6,26 @@
     postinst = d.getVar('plugin_postinst')
     glibdir = d.getVar('libdir')
 
-    do_split_packages(d, glibdir, '^lib(.*)\.so\.*', 'lib%s', 'gstreamer %s library', extra_depends='', allow_links=True)
-    do_split_packages(d, gst_libdir, 'libgst(.*)\.so$', d.expand('${PN}-%s'), 'GStreamer plugin for %s', postinst=postinst, extra_depends='')
-    do_split_packages(d, glibdir+'/girepository-1.0', 'Gst(.*)-1.0\.typelib$', d.expand('${PN}-%s-typelib'), 'GStreamer typelib file for %s', postinst=postinst, extra_depends='')
-    do_split_packages(d, gst_libdir, 'libgst(.*)\.la$', d.expand('${PN}-%s-dev'), 'GStreamer plugin for %s (development files)', extra_depends='${PN}-dev')
-    do_split_packages(d, gst_libdir, 'libgst(.*)\.a$', d.expand('${PN}-%s-staticdev'), 'GStreamer plugin for %s (static development files)', extra_depends='${PN}-staticdev')
+    do_split_packages(d, glibdir, r'^lib(.*)\.so\.*', 'lib%s', 'gstreamer %s library', extra_depends='', allow_links=True)
+    do_split_packages(d, gst_libdir, r'libgst(.*)\.so$', d.expand('${PN}-%s'), 'GStreamer plugin for %s', postinst=postinst, extra_depends='')
+    do_split_packages(d, glibdir+'/girepository-1.0', r'Gst(.*)-1.0\.typelib$', d.expand('${PN}-%s-typelib'), 'GStreamer typelib file for %s', postinst=postinst, extra_depends='')
+    do_split_packages(d, gst_libdir, r'libgst(.*)\.la$', d.expand('${PN}-%s-dev'), 'GStreamer plugin for %s (development files)', extra_depends='${PN}-dev')
+    do_split_packages(d, gst_libdir, r'libgst(.*)\.a$', d.expand('${PN}-%s-staticdev'), 'GStreamer plugin for %s (static development files)', extra_depends='${PN}-staticdev')
 }
 
 python set_metapkg_rdepends () {
     import os
+    import oe.utils
 
     pn = d.getVar('PN')
     metapkg =  pn + '-meta'
     d.setVar('ALLOW_EMPTY_' + metapkg, "1")
     d.setVar('FILES_' + metapkg, "")
-    blacklist = [ pn, pn + '-locale', pn + '-dev', pn + '-dbg', pn + '-doc', pn + '-meta' ]
+    blacklist = [ pn, pn + '-meta' ]
     metapkg_rdepends = []
-    packages = d.getVar('PACKAGES').split()
     pkgdest = d.getVar('PKGDEST')
-    for pkg in packages[1:]:
-        if not pkg in blacklist and not pkg in metapkg_rdepends and not pkg.endswith('-dev') and not pkg.endswith('-dbg') and not pkg.count('locale') and not pkg.count('-staticdev'):
+    for pkg in oe.utils.packages_filter_out_system(d):
+        if pkg not in blacklist and pkg not in metapkg_rdepends:
             # See if the package is empty by looking at the contents of its PKGDEST subdirectory. 
             # If this subdirectory is empty, then the package is.
             # Empty packages do not get added to the meta package's RDEPENDS
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.14.4.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.14.4.bb
index 8c7c235..4987be8 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.14.4.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.14.4.bb
@@ -18,7 +18,7 @@
 LIC_FILES_CHKSUM = "file://COPYING;md5=73a5855a8119deb017f5f13cf327095d \
                     file://COPYING.LIB;md5=21682e4e8fea52413fd26c60acb907e5 "
 
-DEPENDS += "gstreamer1.0-plugins-base jpeg"
+DEPENDS += "gstreamer1.0-plugins-base"
 
 inherit gettext bluetooth
 
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.14.4.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.14.4.bb
index c59ba1d..168e64d 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.14.4.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.14.4.bb
@@ -15,7 +15,7 @@
 
 S = "${WORKDIR}/gst-plugins-ugly-${PV}"
 
-DEPENDS += "gstreamer1.0-plugins-base libid3tag"
+DEPENDS += "gstreamer1.0-plugins-base"
 
 inherit gettext
 
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.14.4.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.14.4.bb
index 232234b..98c9a28 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.14.4.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.14.4.bb
@@ -25,6 +25,7 @@
     file://gtk-doc-tweaks.patch \
     file://0001-gst-gstpluginloader.c-when-env-var-is-set-do-not-fal.patch \
     file://add-a-target-to-compile-tests.patch \
+    file://0002-gstconfig.h.in-initial-RISC-V-support.patch \
     file://run-ptest \
 "
 SRC_URI[md5sum] = "f67fbbc42bd85a0701df119f52fb52bd"
diff --git a/poky/meta/recipes-multimedia/libid3tag/libid3tag/10_utf16.dpatch b/poky/meta/recipes-multimedia/libid3tag/libid3tag/10_utf16.patch
similarity index 100%
rename from poky/meta/recipes-multimedia/libid3tag/libid3tag/10_utf16.dpatch
rename to poky/meta/recipes-multimedia/libid3tag/libid3tag/10_utf16.patch
diff --git a/poky/meta/recipes-multimedia/libid3tag/libid3tag_0.15.1b.bb b/poky/meta/recipes-multimedia/libid3tag/libid3tag_0.15.1b.bb
index fe31646..43edd3f 100644
--- a/poky/meta/recipes-multimedia/libid3tag/libid3tag_0.15.1b.bb
+++ b/poky/meta/recipes-multimedia/libid3tag/libid3tag_0.15.1b.bb
@@ -13,7 +13,7 @@
            file://addpkgconfig.patch \
            file://obsolete_automake_macros.patch \
            file://0001-Fix-gperf-3.1-incompatibility.patch \
-           file://10_utf16.dpatch \
+           file://10_utf16.patch \
            "
 UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/mad/files/libid3tag/"
 UPSTREAM_CHECK_REGEX = "/projects/mad/files/libid3tag/(?P<pver>.*)/$"
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/0001-a-ulaw-fix-multiple-buffer-overflows-432.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/0001-a-ulaw-fix-multiple-buffer-overflows-432.patch
index c3f44ca..a4679ce 100644
--- a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/0001-a-ulaw-fix-multiple-buffer-overflows-432.patch
+++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/0001-a-ulaw-fix-multiple-buffer-overflows-432.patch
@@ -1,3 +1,15 @@
+This patch fixes #429 (CVE-2018-19661 CVE-2018-19662) and #344 (CVE-2017-17456
+CVE-2017-17457). As per
+https://github.com/erikd/libsndfile/issues/344#issuecomment-448504425 it also
+fixes #317 (CVE-2017-14245 CVE-2017-14246).
+
+CVE: CVE-2017-14245 CVE-2017-14246
+CVE: CVE-2017-17456 CVE-2017-17457
+CVE: CVE-2018-19661 CVE-2018-19662
+
+Upstream-Status: Backport [8ddc442d539ca775d80cdbc7af17a718634a743f]
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+
 From 39453899fe1bb39b2e041fdf51a85aecd177e9c7 Mon Sep 17 00:00:00 2001
 From: Changqing Li <changqing.li@windriver.com>
 Date: Mon, 7 Jan 2019 15:55:03 +0800
@@ -17,12 +29,6 @@
 This commit fixes #429 (CVE-2018-19661 and CVE-2018-19662) and
 fixes #344 (CVE-2017-17456 and CVE-2017-17457).
 
-Upstream-Status: Backport[https://github.com/erikd/libsndfile/
-commit/585cc28a93be27d6938f276af0011401b9f7c0ca]
-
-CVE: CVE-2017-17456 CVE-2017-17457 CVE-2018-19661 CVE-2018-19662
-
-Signed-off-by: Changqing Li <changqing.li@windriver.com>
 ---
  src/alaw.c | 9 +++++++--
  src/ulaw.c | 9 +++++++--
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-12562.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-12562.patch
new file mode 100644
index 0000000..491dae3
--- /dev/null
+++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-12562.patch
@@ -0,0 +1,96 @@
+Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in
+libsndfile through 1.0.28 allows remote attackers to cause a denial of service
+(application crash) or possibly have unspecified other impact.
+
+CVE: CVE-2017-12562
+Upstream-Status: Backport [cf7a8182c2642c50f1cf90dddea9ce96a8bad2e8]
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+
+From b6a9d7e95888ffa77d8c75ce3f03e6c7165587cd Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?J=C3=B6rn=20Heusipp?= <osmanx@problemloesungsmaschine.de>
+Date: Wed, 14 Jun 2017 12:25:40 +0200
+Subject: [PATCH] src/common.c: Fix heap buffer overflows when writing strings
+ in binheader
+
+Fixes the following problems:
+ 1. Case 's' only enlarges the buffer by 16 bytes instead of size bytes.
+ 2. psf_binheader_writef() enlarges the header buffer (if needed) prior to the
+    big switch statement by an amount (16 bytes) which is enough for all cases
+    where only a single value gets added. Cases 's', 'S', 'p' however
+    additionally write an arbitrary length block of data and again enlarge the
+    buffer to the required amount. However, the required space calculation does
+    not take into account the size of the length field which gets output before
+    the data.
+ 3. Buffer size requirement calculation in case 'S' does not account for the
+    padding byte ("size += (size & 1) ;" happens after the calculation which
+    uses "size").
+ 4. Case 'S' can overrun the header buffer by 1 byte when no padding is
+    involved
+    ("memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size + 1) ;" while
+    the buffer is only guaranteed to have "size" space available).
+ 5. "psf->header.ptr [psf->header.indx] = 0 ;" in case 'S' always writes 1 byte
+    beyond the space which is guaranteed to be allocated in the header buffer.
+ 6. Case 's' can overrun the provided source string by 1 byte if padding is
+    involved ("memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size) ;"
+    where "size" is "strlen (strptr) + 1" (which includes the 0 terminator,
+    plus optionally another 1 which is padding and not guaranteed to be
+    readable via the source string pointer).
+
+Closes: https://github.com/erikd/libsndfile/issues/292
+---
+ src/common.c | 15 +++++++--------
+ 1 file changed, 7 insertions(+), 8 deletions(-)
+
+diff --git a/src/common.c b/src/common.c
+index 1a6204ca..6b2a2ee9 100644
+--- a/src/common.c
++++ b/src/common.c
+@@ -681,16 +681,16 @@ psf_binheader_writef (SF_PRIVATE *psf, const char *format, ...)
+ 					/* Write a C string (guaranteed to have a zero terminator). */
+ 					strptr = va_arg (argptr, char *) ;
+ 					size = strlen (strptr) + 1 ;
+-					size += (size & 1) ;
+ 
+-					if (psf->header.indx + (sf_count_t) size >= psf->header.len && psf_bump_header_allocation (psf, 16))
++					if (psf->header.indx + 4 + (sf_count_t) size + (sf_count_t) (size & 1) > psf->header.len && psf_bump_header_allocation (psf, 4 + size + (size & 1)))
+ 						return count ;
+ 
+ 					if (psf->rwf_endian == SF_ENDIAN_BIG)
+-						header_put_be_int (psf, size) ;
++						header_put_be_int (psf, size + (size & 1)) ;
+ 					else
+-						header_put_le_int (psf, size) ;
++						header_put_le_int (psf, size + (size & 1)) ;
+ 					memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size) ;
++					size += (size & 1) ;
+ 					psf->header.indx += size ;
+ 					psf->header.ptr [psf->header.indx - 1] = 0 ;
+ 					count += 4 + size ;
+@@ -703,16 +703,15 @@ psf_binheader_writef (SF_PRIVATE *psf, const char *format, ...)
+ 					*/
+ 					strptr = va_arg (argptr, char *) ;
+ 					size = strlen (strptr) ;
+-					if (psf->header.indx + (sf_count_t) size > psf->header.len && psf_bump_header_allocation (psf, size))
++					if (psf->header.indx + 4 + (sf_count_t) size + (sf_count_t) (size & 1) > psf->header.len && psf_bump_header_allocation (psf, 4 + size + (size & 1)))
+ 						return count ;
+ 					if (psf->rwf_endian == SF_ENDIAN_BIG)
+ 						header_put_be_int (psf, size) ;
+ 					else
+ 						header_put_le_int (psf, size) ;
+-					memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size + 1) ;
++					memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size + (size & 1)) ;
+ 					size += (size & 1) ;
+ 					psf->header.indx += size ;
+-					psf->header.ptr [psf->header.indx] = 0 ;
+ 					count += 4 + size ;
+ 					break ;
+ 
+@@ -724,7 +723,7 @@ psf_binheader_writef (SF_PRIVATE *psf, const char *format, ...)
+ 					size = (size & 1) ? size : size + 1 ;
+ 					size = (size > 254) ? 254 : size ;
+ 
+-					if (psf->header.indx + (sf_count_t) size > psf->header.len && psf_bump_header_allocation (psf, size))
++					if (psf->header.indx + 1 + (sf_count_t) size > psf->header.len && psf_bump_header_allocation (psf, 1 + size))
+ 						return count ;
+ 
+ 					header_put_byte (psf, size) ;
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-14245-14246.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-14245-14246.patch
deleted file mode 100644
index a17ec21..0000000
--- a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-14245-14246.patch
+++ /dev/null
@@ -1,121 +0,0 @@
-From 2d54514a4f6437b67829717c05472d2e3300a258 Mon Sep 17 00:00:00 2001
-From: Fabian Greffrath <fabian@greffrath.com>
-Date: Wed, 27 Sep 2017 14:46:17 +0200
-Subject: [PATCH] sfe_copy_data_fp: check value of "max" variable for being
- normal
-
-and check elements of the data[] array for being finite.
-
-Both checks use functions provided by the <math.h> header as declared
-by the C99 standard.
-
-Fixes #317
-CVE: CVE-2017-14245
-CVE: CVE-2017-14246
-
-Upstream-Status: Backport [https://github.com/fabiangreffrath/libsndfile/commit/2d54514a4f6437b67829717c05472d2e3300a258]
-
-Signed-off-by: Fabian Greffrath <fabian@greffrath.com>
-Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
----
- programs/common.c          | 20 ++++++++++++++++----
- programs/common.h          |  2 +-
- programs/sndfile-convert.c |  6 +++++-
- 3 files changed, 22 insertions(+), 6 deletions(-)
-
-diff --git a/programs/common.c b/programs/common.c
-index a21e62c..a249a58 100644
---- a/programs/common.c
-+++ b/programs/common.c
-@@ -36,6 +36,7 @@
- #include <string.h>
- #include <ctype.h>
- #include <stdint.h>
-+#include <math.h>
- 
- #include <sndfile.h>
- 
-@@ -45,7 +46,7 @@
- 
- #define	MIN(x, y)	((x) < (y) ? (x) : (y))
- 
--void
-+int
- sfe_copy_data_fp (SNDFILE *outfile, SNDFILE *infile, int channels, int normalize)
- {	static double	data [BUFFER_LEN], max ;
- 	int		frames, readcount, k ;
-@@ -54,6 +55,8 @@ sfe_copy_data_fp (SNDFILE *outfile, SNDFILE *infile, int channels, int normalize
- 	readcount = frames ;
- 
- 	sf_command (infile, SFC_CALC_SIGNAL_MAX, &max, sizeof (max)) ;
-+	if (!isnormal (max)) /* neither zero, subnormal, infinite, nor NaN */
-+		return 1 ;
- 
- 	if (!normalize && max < 1.0)
- 	{	while (readcount > 0)
-@@ -67,12 +70,16 @@ sfe_copy_data_fp (SNDFILE *outfile, SNDFILE *infile, int channels, int normalize
- 		while (readcount > 0)
- 		{	readcount = sf_readf_double (infile, data, frames) ;
- 			for (k = 0 ; k < readcount * channels ; k++)
--				data [k] /= max ;
-+			{	data [k] /= max ;
-+
-+				if (!isfinite (data [k])) /* infinite or NaN */
-+					return 1;
-+				}
- 			sf_writef_double (outfile, data, readcount) ;
- 			} ;
- 		} ;
- 
--	return ;
-+	return 0 ;
- } /* sfe_copy_data_fp */
- 
- void
-@@ -252,7 +259,12 @@ sfe_apply_metadata_changes (const char * filenames [2], const METADATA_INFO * in
- 
- 		/* If the input file is not the same as the output file, copy the data. */
- 		if ((infileminor == SF_FORMAT_DOUBLE) || (infileminor == SF_FORMAT_FLOAT))
--			sfe_copy_data_fp (outfile, infile, sfinfo.channels, SF_FALSE) ;
-+		{	if (sfe_copy_data_fp (outfile, infile, sfinfo.channels, SF_FALSE) != 0)
-+			{	printf ("Error : Not able to decode input file '%s'\n", filenames [0]) ;
-+				error_code = 1 ;
-+				goto cleanup_exit ;
-+				} ;
-+			}
- 		else
- 			sfe_copy_data_int (outfile, infile, sfinfo.channels) ;
- 		} ;
-diff --git a/programs/common.h b/programs/common.h
-index eda2d7d..986277e 100644
---- a/programs/common.h
-+++ b/programs/common.h
-@@ -62,7 +62,7 @@ typedef SF_BROADCAST_INFO_VAR (2048) SF_BROADCAST_INFO_2K ;
- 
- void sfe_apply_metadata_changes (const char * filenames [2], const METADATA_INFO * info) ;
- 
--void sfe_copy_data_fp (SNDFILE *outfile, SNDFILE *infile, int channels, int normalize) ;
-+int sfe_copy_data_fp (SNDFILE *outfile, SNDFILE *infile, int channels, int normalize) ;
- 
- void sfe_copy_data_int (SNDFILE *outfile, SNDFILE *infile, int channels) ;
- 
-diff --git a/programs/sndfile-convert.c b/programs/sndfile-convert.c
-index dff7f79..e6de593 100644
---- a/programs/sndfile-convert.c
-+++ b/programs/sndfile-convert.c
-@@ -335,7 +335,11 @@ main (int argc, char * argv [])
- 			|| (outfileminor == SF_FORMAT_DOUBLE) || (outfileminor == SF_FORMAT_FLOAT)
- 			|| (infileminor == SF_FORMAT_DOUBLE) || (infileminor == SF_FORMAT_FLOAT)
- 			|| (infileminor == SF_FORMAT_VORBIS) || (outfileminor == SF_FORMAT_VORBIS))
--		sfe_copy_data_fp (outfile, infile, sfinfo.channels, normalize) ;
-+	{	if (sfe_copy_data_fp (outfile, infile, sfinfo.channels, normalize) != 0)
-+		{	printf ("Error : Not able to decode input file %s.\n", infilename) ;
-+			return 1 ;
-+			} ;
-+		}
- 	else
- 		sfe_copy_data_int (outfile, infile, sfinfo.channels) ;
- 
--- 
-2.7.4
-
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch
index 4ae3674..707373d 100644
--- a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch
+++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch
@@ -1,23 +1,25 @@
-From 5473aeef7875e54bd0f786fbdd259a35aaee875c Mon Sep 17 00:00:00 2001
-From: Changqing Li <changqing.li@windriver.com>
-Date: Wed, 10 Oct 2018 08:59:30 +0800
-Subject: [PATCH] libsndfile1: patch for CVE-2018-13139
-
-Upstream-Status: Backport [https://github.com/bwarden/libsndfile/
-commit/df18323c622b54221ee7ace74b177cdcccc152d7]
-
 CVE: CVE-2018-13139
+Upstream-Status: Backport [9dc989eb89cd697e19897afa616d6ab0debe4822]
+Signed-off-by: Ross Burton <ross.burton@intel.com>
 
-Signed-off-by: Changqing Li <changqing.li@windriver.com>
+From 9dc989eb89cd697e19897afa616d6ab0debe4822 Mon Sep 17 00:00:00 2001
+From: "Brett T. Warden" <brett.t.warden@intel.com>
+Date: Tue, 28 Aug 2018 12:01:17 -0700
+Subject: [PATCH] Check MAX_CHANNELS in sndfile-deinterleave
+
+Allocated buffer has space for only 16 channels. Verify that input file
+meets this limit.
+
+Fixes #397
 ---
- programs/sndfile-deinterleave.c | 6 ++++++
- 1 file changed, 6 insertions(+)
+ programs/sndfile-deinterleave.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
 
 diff --git a/programs/sndfile-deinterleave.c b/programs/sndfile-deinterleave.c
-index e27593e..721bee7 100644
+index e27593e2..cb497e1f 100644
 --- a/programs/sndfile-deinterleave.c
 +++ b/programs/sndfile-deinterleave.c
-@@ -89,6 +89,12 @@ main (int argc, char **argv)
+@@ -89,6 +89,13 @@ main (int argc, char **argv)
  		exit (1) ;
  		} ;
  
@@ -27,9 +29,9 @@
 +		exit (1) ;
 +		} ;
 +
++
  	state.channels = sfinfo.channels ;
  	sfinfo.channels = 1 ;
  
 -- 
-2.7.4
-
+2.11.0
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-19758.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-19758.patch
new file mode 100644
index 0000000..c3586f9
--- /dev/null
+++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-19758.patch
@@ -0,0 +1,34 @@
+There is a heap-based buffer over-read at wav.c in wav_write_header in
+libsndfile 1.0.28 that will cause a denial of service.
+
+CVE: CVE-2018-19758
+Upstream-Status: Backport [42132c543358cee9f7c3e9e9b15bb6c1063a608e]
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+
+From c12173b0197dd0c5cfa2cd27977e982d2ae59486 Mon Sep 17 00:00:00 2001
+From: Erik de Castro Lopo <erikd@mega-nerd.com>
+Date: Tue, 1 Jan 2019 20:11:46 +1100
+Subject: [PATCH] src/wav.c: Fix heap read overflow
+
+This is CVE-2018-19758.
+
+Closes: https://github.com/erikd/libsndfile/issues/435
+---
+ src/wav.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/wav.c b/src/wav.c
+index e8405b55..6fb94ae8 100644
+--- a/src/wav.c
++++ b/src/wav.c
+@@ -1094,6 +1094,8 @@ wav_write_header (SF_PRIVATE *psf, int calc_length)
+ 		psf_binheader_writef (psf, "44", 0, 0) ; /* SMTPE format */
+ 		psf_binheader_writef (psf, "44", psf->instrument->loop_count, 0) ;
+ 
++		/* Loop count is signed 16 bit number so we limit it range to something sensible. */
++		psf->instrument->loop_count &= 0x7fff ;
+ 		for (tmp = 0 ; tmp < psf->instrument->loop_count ; tmp++)
+ 		{	int type ;
+ 
+-- 
+2.11.0
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2019-3832.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2019-3832.patch
new file mode 100644
index 0000000..ab37211
--- /dev/null
+++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2019-3832.patch
@@ -0,0 +1,37 @@
+From 43886efc408c21e1e329086ef70c88860310f25b Mon Sep 17 00:00:00 2001
+From: Emilio Pozuelo Monfort <pochu27@gmail.com>
+Date: Tue, 5 Mar 2019 11:27:17 +0100
+Subject: [PATCH] wav_write_header: don't read past the array end
+
+CVE-2018-19758 wasn't entirely fixed in the fix, so fix it harder.
+
+CVE: CVE-2019-3832
+Upstream-Status: Backport [7408c4c788ce047d4e652b60a04e7796bcd7267e]
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+
+If loop_count is bigger than the array, truncate it to the array
+length (and not to 32k).
+
+CVE-2019-3832
+
+---
+ src/wav.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/src/wav.c b/src/wav.c
+index daae3cc..8851549 100644
+--- a/src/wav.c
++++ b/src/wav.c
+@@ -1094,8 +1094,10 @@ wav_write_header (SF_PRIVATE *psf, int calc_length)
+ 		psf_binheader_writef (psf, "44", 0, 0) ; /* SMTPE format */
+ 		psf_binheader_writef (psf, "44", psf->instrument->loop_count, 0) ;
+ 
+-		/* Loop count is signed 16 bit number so we limit it range to something sensible. */
+-		psf->instrument->loop_count &= 0x7fff ;
++		/* Make sure we don't read past the loops array end. */
++		if (psf->instrument->loop_count > ARRAY_LEN (psf->instrument->loops))
++			psf->instrument->loop_count = ARRAY_LEN (psf->instrument->loops) ;
++
+ 		for (tmp = 0 ; tmp < psf->instrument->loop_count ; tmp++)
+ 		{	int type ;
+ 
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb b/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
index 9700f4a..77393db 100644
--- a/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
+++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
@@ -10,11 +10,13 @@
            file://CVE-2017-8361-8365.patch \
            file://CVE-2017-8362.patch \
            file://CVE-2017-8363.patch \
-           file://CVE-2017-14245-14246.patch \
            file://CVE-2017-14634.patch \
            file://CVE-2018-13139.patch \
            file://0001-a-ulaw-fix-multiple-buffer-overflows-432.patch \
            file://CVE-2018-19432.patch \
+           file://CVE-2017-12562.patch \
+           file://CVE-2018-19758.patch \
+           file://CVE-2019-3832.patch \
           "
 
 SRC_URI[md5sum] = "646b5f98ce89ac60cdb060fcd398247c"
diff --git a/poky/meta/recipes-multimedia/libtiff/files/CVE-2017-17095.patch b/poky/meta/recipes-multimedia/libtiff/files/CVE-2017-17095.patch
deleted file mode 100644
index 9b9962e..0000000
--- a/poky/meta/recipes-multimedia/libtiff/files/CVE-2017-17095.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From 9171da596c88e6a2dadcab4a3a89dddd6e1b4655 Mon Sep 17 00:00:00 2001
-From: Nathan Baker <elitebadger@gmail.com>
-Date: Thu, 25 Jan 2018 21:28:15 +0000
-Subject: [PATCH] Add workaround to pal2rgb buffer overflow.
-
-CVE: CVE-2017-17095
-
-Upstream-Status: Backport (unchanged) [gitlab.com/libtiff/libtiff/commit/9171da5...]
-
-Signed-off-by: Joe Slater <joe.slater@windriver.com.
-
----
- tools/pal2rgb.c |   17 +++++++++++++++--
- 1 file changed, 15 insertions(+), 2 deletions(-)
-
-diff --git a/tools/pal2rgb.c b/tools/pal2rgb.c
-index 0423598..01fcf94 100644
---- a/tools/pal2rgb.c
-+++ b/tools/pal2rgb.c
-@@ -182,8 +182,21 @@ main(int argc, char* argv[])
- 	{ unsigned char *ibuf, *obuf;
- 	  register unsigned char* pp;
- 	  register uint32 x;
--	  ibuf = (unsigned char*)_TIFFmalloc(TIFFScanlineSize(in));
--	  obuf = (unsigned char*)_TIFFmalloc(TIFFScanlineSize(out));
-+	  tmsize_t tss_in = TIFFScanlineSize(in);
-+	  tmsize_t tss_out = TIFFScanlineSize(out);
-+	  if (tss_out / tss_in < 3) {
-+		/*
-+		 * BUG 2750: The following code does not know about chroma
-+		 * subsampling of JPEG data. It assumes that the output buffer is 3x
-+		 * the length of the input buffer due to exploding the palette into
-+		 * RGB tuples. If this assumption is incorrect, it could lead to a
-+		 * buffer overflow. Go ahead and fail now to prevent that.
-+		 */
-+		fprintf(stderr, "Could not determine correct image size for output. Exiting.\n");
-+		return -1;
-+      }
-+	  ibuf = (unsigned char*)_TIFFmalloc(tss_in);
-+	  obuf = (unsigned char*)_TIFFmalloc(tss_out);
- 	  switch (config) {
- 	  case PLANARCONFIG_CONTIG:
- 		for (row = 0; row < imagelength; row++) {
--- 
-1.7.9.5
-
diff --git a/poky/meta/recipes-multimedia/libtiff/files/CVE-2017-18013.patch b/poky/meta/recipes-multimedia/libtiff/files/CVE-2017-18013.patch
deleted file mode 100644
index 878e0de..0000000
--- a/poky/meta/recipes-multimedia/libtiff/files/CVE-2017-18013.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From 293c8b0298e91d20ba51291e2351ab7d110671d0 Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Sun, 31 Dec 2017 15:09:41 +0100
-Subject: [PATCH] libtiff/tif_print.c: TIFFPrintDirectory(): fix null pointer
- dereference on corrupted file. Fixes
- http://bugzilla.maptools.org/show_bug.cgi?id=2770
-
-Upstream-Status: Backport
-[https://gitlab.com/libtiff/libtiff/commit/c6f41df7b581402dfba3c19a1e3df4454c551a01]
-
-CVE: CVE-2017-18013
-
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
----
- libtiff/tif_print.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/libtiff/tif_print.c b/libtiff/tif_print.c
-index 24d4b98..f494cfb 100644
---- a/libtiff/tif_print.c
-+++ b/libtiff/tif_print.c
-@@ -667,13 +667,13 @@ TIFFPrintDirectory(TIFF* tif, FILE* fd, long flags)
- #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
- 			fprintf(fd, "    %3lu: [%8I64u, %8I64u]\n",
- 			    (unsigned long) s,
--			    (unsigned __int64) td->td_stripoffset[s],
--			    (unsigned __int64) td->td_stripbytecount[s]);
-+			    td->td_stripoffset ? (unsigned __int64) td->td_stripoffset[s] : 0,
-+			    td->td_stripbytecount ? (unsigned __int64) td->td_stripbytecount[s] : 0);
- #else
- 			fprintf(fd, "    %3lu: [%8llu, %8llu]\n",
- 			    (unsigned long) s,
--			    (unsigned long long) td->td_stripoffset[s],
--			    (unsigned long long) td->td_stripbytecount[s]);
-+			    td->td_stripoffset ? (unsigned long long) td->td_stripoffset[s] : 0,
-+			    td->td_stripbytecount ? (unsigned long long) td->td_stripbytecount[s] : 0);
- #endif
- 	}
- }
--- 
-2.7.4
-
diff --git a/poky/meta/recipes-multimedia/libtiff/files/CVE-2017-9935.patch b/poky/meta/recipes-multimedia/libtiff/files/CVE-2017-9935.patch
deleted file mode 100644
index 60684dd..0000000
--- a/poky/meta/recipes-multimedia/libtiff/files/CVE-2017-9935.patch
+++ /dev/null
@@ -1,160 +0,0 @@
-From abb0055d21c52a9925314d5b0628fb2b6307619c Mon Sep 17 00:00:00 2001
-From: Brian May <brian@linuxpenguins.xyz>
-Date: Thu, 7 Dec 2017 07:46:47 +1100
-Subject: [PATCH] tiff2pdf: Fix CVE-2017-9935
-
-Fix for http://bugzilla.maptools.org/show_bug.cgi?id=2704
-
-This vulnerability - at least for the supplied test case - is because we
-assume that a tiff will only have one transfer function that is the same
-for all pages. This is not required by the TIFF standards.
-
-We than read the transfer function for every page.  Depending on the
-transfer function, we allocate either 2 or 4 bytes to the XREF buffer.
-We allocate this memory after we read in the transfer function for the
-page.
-
-For the first exploit - POC1, this file has 3 pages. For the first page
-we allocate 2 extra extra XREF entries. Then for the next page 2 more
-entries. Then for the last page the transfer function changes and we
-allocate 4 more entries.
-
-When we read the file into memory, we assume we have 4 bytes extra for
-each and every page (as per the last transfer function we read). Which
-is not correct, we only have 2 bytes extra for the first 2 pages. As a
-result, we end up writing past the end of the buffer.
-
-There are also some related issues that this also fixes. For example,
-TIFFGetField can return uninitalized pointer values, and the logic to
-detect a N=3 vs N=1 transfer function seemed rather strange.
-
-It is also strange that we declare the transfer functions to be of type
-float, when the standard says they are unsigned 16 bit values. This is
-fixed in another patch.
-
-This patch will check to ensure that the N value for every transfer
-function is the same for every page. If this changes, we abort with an
-error. In theory, we should perhaps check that the transfer function
-itself is identical for every page, however we don't do that due to the
-confusion of the type of the data in the transfer function.
-
-Upstream-Status: Backport
-[https://gitlab.com/libtiff/libtiff/commit/3dd8f6a357981a4090f126ab9025056c938b6940]
-
-CVE: CVE-2017-9935
-
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
----
- libtiff/tif_dir.c |  3 +++
- tools/tiff2pdf.c  | 65 +++++++++++++++++++++++++++++++++++++------------------
- 2 files changed, 47 insertions(+), 21 deletions(-)
-
-diff --git a/libtiff/tif_dir.c b/libtiff/tif_dir.c
-index f00f808..c36a5f3 100644
---- a/libtiff/tif_dir.c
-+++ b/libtiff/tif_dir.c
-@@ -1067,6 +1067,9 @@ _TIFFVGetField(TIFF* tif, uint32 tag, va_list ap)
- 			if (td->td_samplesperpixel - td->td_extrasamples > 1) {
- 				*va_arg(ap, uint16**) = td->td_transferfunction[1];
- 				*va_arg(ap, uint16**) = td->td_transferfunction[2];
-+			} else {
-+				*va_arg(ap, uint16**) = NULL;
-+				*va_arg(ap, uint16**) = NULL;
- 			}
- 			break;
- 		case TIFFTAG_REFERENCEBLACKWHITE:
-diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c
-index 454befb..0b5973e 100644
---- a/tools/tiff2pdf.c
-+++ b/tools/tiff2pdf.c
-@@ -1047,6 +1047,8 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){
- 	uint16 pagen=0;
- 	uint16 paged=0;
- 	uint16 xuint16=0;
-+	uint16 tiff_transferfunctioncount=0;
-+	float* tiff_transferfunction[3];
- 
- 	directorycount=TIFFNumberOfDirectories(input);
- 	t2p->tiff_pages = (T2P_PAGE*) _TIFFmalloc(TIFFSafeMultiply(tmsize_t,directorycount,sizeof(T2P_PAGE)));
-@@ -1147,26 +1149,48 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){
-                 }
- #endif
- 		if (TIFFGetField(input, TIFFTAG_TRANSFERFUNCTION,
--                                 &(t2p->tiff_transferfunction[0]),
--                                 &(t2p->tiff_transferfunction[1]),
--                                 &(t2p->tiff_transferfunction[2]))) {
--			if((t2p->tiff_transferfunction[1] != (float*) NULL) &&
--                           (t2p->tiff_transferfunction[2] != (float*) NULL) &&
--                           (t2p->tiff_transferfunction[1] !=
--                            t2p->tiff_transferfunction[0])) {
--				t2p->tiff_transferfunctioncount = 3;
--				t2p->tiff_pages[i].page_extra += 4;
--				t2p->pdf_xrefcount += 4;
--			} else {
--				t2p->tiff_transferfunctioncount = 1;
--				t2p->tiff_pages[i].page_extra += 2;
--				t2p->pdf_xrefcount += 2;
--			}
--			if(t2p->pdf_minorversion < 2)
--				t2p->pdf_minorversion = 2;
-+                                 &(tiff_transferfunction[0]),
-+                                 &(tiff_transferfunction[1]),
-+                                 &(tiff_transferfunction[2]))) {
-+
-+                        if((tiff_transferfunction[1] != (float*) NULL) &&
-+                           (tiff_transferfunction[2] != (float*) NULL)
-+                          ) {
-+                            tiff_transferfunctioncount=3;
-+                        } else {
-+                            tiff_transferfunctioncount=1;
-+                        }
-                 } else {
--			t2p->tiff_transferfunctioncount=0;
-+			tiff_transferfunctioncount=0;
- 		}
-+
-+                if (i > 0){
-+                    if (tiff_transferfunctioncount != t2p->tiff_transferfunctioncount){
-+                        TIFFError(
-+                            TIFF2PDF_MODULE,
-+                            "Different transfer function on page %d",
-+                            i);
-+                        t2p->t2p_error = T2P_ERR_ERROR;
-+                        return;
-+                    }
-+                }
-+
-+                t2p->tiff_transferfunctioncount = tiff_transferfunctioncount;
-+                t2p->tiff_transferfunction[0] = tiff_transferfunction[0];
-+                t2p->tiff_transferfunction[1] = tiff_transferfunction[1];
-+                t2p->tiff_transferfunction[2] = tiff_transferfunction[2];
-+                if(tiff_transferfunctioncount == 3){
-+                        t2p->tiff_pages[i].page_extra += 4;
-+                        t2p->pdf_xrefcount += 4;
-+                        if(t2p->pdf_minorversion < 2)
-+                                t2p->pdf_minorversion = 2;
-+                } else if (tiff_transferfunctioncount == 1){
-+                        t2p->tiff_pages[i].page_extra += 2;
-+                        t2p->pdf_xrefcount += 2;
-+                        if(t2p->pdf_minorversion < 2)
-+                                t2p->pdf_minorversion = 2;
-+                }
-+
- 		if( TIFFGetField(
- 			input, 
- 			TIFFTAG_ICCPROFILE, 
-@@ -1828,9 +1852,8 @@ void t2p_read_tiff_data(T2P* t2p, TIFF* input){
- 			 &(t2p->tiff_transferfunction[1]),
- 			 &(t2p->tiff_transferfunction[2]))) {
- 		if((t2p->tiff_transferfunction[1] != (float*) NULL) &&
--                   (t2p->tiff_transferfunction[2] != (float*) NULL) &&
--                   (t2p->tiff_transferfunction[1] !=
--                    t2p->tiff_transferfunction[0])) {
-+                   (t2p->tiff_transferfunction[2] != (float*) NULL)
-+                  ) {
- 			t2p->tiff_transferfunctioncount=3;
- 		} else {
- 			t2p->tiff_transferfunctioncount=1;
--- 
-2.7.4
-
diff --git a/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch b/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
deleted file mode 100644
index 7252298..0000000
--- a/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From de144fd228e4be8aa484c3caf3d814b6fa88c6d9 Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Sat, 12 May 2018 14:24:15 +0200
-Subject: [PATCH] TIFFWriteDirectorySec: avoid assertion. Fixes
- http://bugzilla.maptools.org/show_bug.cgi?id=2795.
- CVE-2018-10963
-
----
-CVE: CVE-2018-10963
-
-Upstream-Status: Backport [gitlab.com/libtiff/libtiff/commit/de144f...]
-
-Signed-off-by: Joe Slater <joe.slater@windriver.com>
-
----
- libtiff/tif_dirwrite.c |    7 +++++--
- 1 file changed, 5 insertions(+), 2 deletions(-)
-
-diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c
-index 2430de6..c15a28d 100644
---- a/libtiff/tif_dirwrite.c
-+++ b/libtiff/tif_dirwrite.c
-@@ -695,8 +695,11 @@ TIFFWriteDirectorySec(TIFF* tif, int isimage, int imagedone, uint64* pdiroff)
- 								}
- 								break;
- 							default:
--								assert(0);   /* we should never get here */
--								break;
-+								TIFFErrorExt(tif->tif_clientdata,module,
-+								            "Cannot write tag %d (%s)",
-+								            TIFFFieldTag(o),
-+                                                                            o->field_name ? o->field_name : "unknown");
-+								goto bad;
- 						}
- 					}
- 				}
--- 
-1.7.9.5
-
diff --git a/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-5784.patch b/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-5784.patch
deleted file mode 100644
index 406001d..0000000
--- a/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-5784.patch
+++ /dev/null
@@ -1,135 +0,0 @@
-From 6cdea15213be6b67d9f8380c7bb40e325d3adace Mon Sep 17 00:00:00 2001
-From: Nathan Baker <nathanb@lenovo-chrome.com>
-Date: Tue, 6 Feb 2018 10:13:57 -0500
-Subject: [PATCH] Fix for bug 2772
-
-It is possible to craft a TIFF document where the IFD list is circular,
-leading to an infinite loop while traversing the chain. The libtiff
-directory reader has a failsafe that will break out of this loop after
-reading 65535 directory entries, but it will continue processing,
-consuming time and resources to process what is essentially a bogus TIFF
-document.
-
-This change fixes the above behavior by breaking out of processing when
-a TIFF document has >= 65535 directories and terminating with an error.
-
-Upstream-Status: Backport
-[https://gitlab.com/libtiff/libtiff/commit/473851d211cf8805a161820337ca74cc9615d6ef]
-
-CVE: CVE-2018-5784
-
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
----
- contrib/addtiffo/tif_overview.c | 14 +++++++++++++-
- tools/tiff2pdf.c                | 10 ++++++++++
- tools/tiffcrop.c                | 13 +++++++++++--
- 3 files changed, 34 insertions(+), 3 deletions(-)
-
-diff --git a/contrib/addtiffo/tif_overview.c b/contrib/addtiffo/tif_overview.c
-index c61ffbb..03b3573 100644
---- a/contrib/addtiffo/tif_overview.c
-+++ b/contrib/addtiffo/tif_overview.c
-@@ -65,6 +65,8 @@
- #  define MAX(a,b)      ((a>b) ? a : b)
- #endif
- 
-+#define TIFF_DIR_MAX  65534
-+
- void TIFFBuildOverviews( TIFF *, int, int *, int, const char *,
-                          int (*)(double,void*), void * );
- 
-@@ -91,6 +93,7 @@ uint32 TIFF_WriteOverview( TIFF *hTIFF, uint32 nXSize, uint32 nYSize,
- {
-     toff_t	nBaseDirOffset;
-     toff_t	nOffset;
-+    tdir_t	iNumDir;
- 
-     (void) bUseSubIFDs;
- 
-@@ -147,7 +150,16 @@ uint32 TIFF_WriteOverview( TIFF *hTIFF, uint32 nXSize, uint32 nYSize,
-         return 0;
- 
-     TIFFWriteDirectory( hTIFF );
--    TIFFSetDirectory( hTIFF, (tdir_t) (TIFFNumberOfDirectories(hTIFF)-1) );
-+    iNumDir = TIFFNumberOfDirectories(hTIFF);
-+    if( iNumDir > TIFF_DIR_MAX )
-+    {
-+        TIFFErrorExt( TIFFClientdata(hTIFF),
-+                      "TIFF_WriteOverview",
-+                      "File `%s' has too many directories.\n",
-+                      TIFFFileName(hTIFF) );
-+        exit(-1);
-+    }
-+    TIFFSetDirectory( hTIFF, (tdir_t) (iNumDir - 1) );
- 
-     nOffset = TIFFCurrentDirOffset( hTIFF );
- 
-diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c
-index 0b5973e..ef5d6a0 100644
---- a/tools/tiff2pdf.c
-+++ b/tools/tiff2pdf.c
-@@ -68,6 +68,8 @@ extern int getopt(int, char**, char*);
- 
- #define PS_UNIT_SIZE	72.0F
- 
-+#define TIFF_DIR_MAX    65534
-+
- /* This type is of PDF color spaces. */
- typedef enum {
- 	T2P_CS_BILEVEL = 0x01,	/* Bilevel, black and white */
-@@ -1051,6 +1053,14 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){
- 	float* tiff_transferfunction[3];
- 
- 	directorycount=TIFFNumberOfDirectories(input);
-+	if(directorycount > TIFF_DIR_MAX) {
-+		TIFFError(
-+			TIFF2PDF_MODULE,
-+			"TIFF contains too many directories, %s",
-+			TIFFFileName(input));
-+		t2p->t2p_error = T2P_ERR_ERROR;
-+		return;
-+	}
- 	t2p->tiff_pages = (T2P_PAGE*) _TIFFmalloc(TIFFSafeMultiply(tmsize_t,directorycount,sizeof(T2P_PAGE)));
- 	if(t2p->tiff_pages==NULL){
- 		TIFFError(
-diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
-index c69177e..c60cb38 100644
---- a/tools/tiffcrop.c
-+++ b/tools/tiffcrop.c
-@@ -217,6 +217,8 @@ extern int getopt(int argc, char * const argv[], const char *optstring);
- #define DUMP_TEXT   1
- #define DUMP_RAW    2
- 
-+#define TIFF_DIR_MAX  65534
-+
- /* Offsets into buffer for margins and fixed width and length segments */
- struct offset {
-   uint32  tmargin;
-@@ -2233,7 +2235,7 @@ main(int argc, char* argv[])
-     pageNum = -1;
-   else
-     total_images = 0;
--  /* read multiple input files and write to output file(s) */
-+  /* Read multiple input files and write to output file(s) */
-   while (optind < argc - 1)
-     {
-     in = TIFFOpen (argv[optind], "r");
-@@ -2241,7 +2243,14 @@ main(int argc, char* argv[])
-       return (-3);
- 
-     /* If only one input file is specified, we can use directory count */
--    total_images = TIFFNumberOfDirectories(in); 
-+    total_images = TIFFNumberOfDirectories(in);
-+    if (total_images > TIFF_DIR_MAX)
-+      {
-+      TIFFError (TIFFFileName(in), "File contains too many directories");
-+      if (out != NULL)
-+        (void) TIFFClose(out);
-+      return (1);
-+      }
-     if (image_count == 0)
-       {
-       dirnum = 0;
--- 
-2.7.4
-
diff --git a/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-7456.patch b/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-7456.patch
deleted file mode 100644
index 2c11f93..0000000
--- a/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-7456.patch
+++ /dev/null
@@ -1,178 +0,0 @@
-From be4c85b16e8801a16eec25e80eb9f3dd6a96731b Mon Sep 17 00:00:00 2001
-From: Hugo Lefeuvre <hle@debian.org>
-Date: Sun, 8 Apr 2018 14:07:08 -0400
-Subject: [PATCH] Fix NULL pointer dereference in TIFFPrintDirectory
-
-The TIFFPrintDirectory function relies on the following assumptions,
-supposed to be guaranteed by the specification:
-
-(a) A Transfer Function field is only present if the TIFF file has
-    photometric type < 3.
-
-(b) If SamplesPerPixel > Color Channels, then the ExtraSamples field
-    has count SamplesPerPixel - (Color Channels) and contains
-    information about supplementary channels.
-
-While respect of (a) and (b) are essential for the well functioning of
-TIFFPrintDirectory, no checks are realized neither by the callee nor
-by TIFFPrintDirectory itself. Hence, following scenarios might happen
-and trigger the NULL pointer dereference:
-
-(1) TIFF File of photometric type 4 or more has illegal Transfer
-    Function field.
-
-(2) TIFF File has photometric type 3 or less and defines a
-    SamplesPerPixel field such that SamplesPerPixel > Color Channels
-    without defining all extra samples in the ExtraSamples fields.
-
-In this patch, we address both issues with respect of the following
-principles:
-
-(A) In the case of (1), the defined transfer table should be printed
-    safely even if it isn't 'legal'. This allows us to avoid expensive
-    checks in TIFFPrintDirectory. Also, it is quite possible that
-    an alternative photometric type would be developed (not part of the
-    standard) and would allow definition of Transfer Table. We want
-    libtiff to be able to handle this scenario out of the box.
-
-(B) In the case of (2), the transfer table should be printed at its
-    right size, that is if TIFF file has photometric type Palette
-    then the transfer table should have one row and not three, even
-    if two extra samples are declared.
-
-In order to fulfill (A) we simply add a new 'i < 3' end condition to
-the broken TIFFPrintDirectory loop. This makes sure that in any case
-where (b) would be respected but not (a), everything stays fine.
-
-(B) is fulfilled by the loop condition
-'i < td->td_samplesperpixel - td->td_extrasamples'. This is enough as
-long as (b) is respected.
-
-Naturally, we also make sure (b) is respected. This is done in the
-TIFFReadDirectory function by making sure any non-color channel is
-counted in ExtraSamples.
-
-This commit addresses CVE-2018-7456.
-
----
-CVE: CVE-2018-7456
-
-Upstream-Status: Backport [gitlab.com/libtiff/libtiff/commit/be4c85b...]
-
-Signed-off-by: Joe Slater <joe.slater@windriver.com>
-
----
- libtiff/tif_dirread.c |   62 +++++++++++++++++++++++++++++++++++++++++++++++++
- libtiff/tif_print.c   |    2 +-
- 2 files changed, 63 insertions(+), 1 deletion(-)
-
-diff --git a/libtiff/tif_dirread.c b/libtiff/tif_dirread.c
-index 6baa7b3..af5b84a 100644
---- a/libtiff/tif_dirread.c
-+++ b/libtiff/tif_dirread.c
-@@ -165,6 +165,7 @@ static int TIFFFetchStripThing(TIFF* tif, TIFFDirEntry* dir, uint32 nstrips, uin
- static int TIFFFetchSubjectDistance(TIFF*, TIFFDirEntry*);
- static void ChopUpSingleUncompressedStrip(TIFF*);
- static uint64 TIFFReadUInt64(const uint8 *value);
-+static int _TIFFGetMaxColorChannels(uint16 photometric);
- 
- static int _TIFFFillStrilesInternal( TIFF *tif, int loadStripByteCount );
- 
-@@ -3505,6 +3506,35 @@ static void TIFFReadDirEntryOutputErr(TIFF* tif, enum TIFFReadDirEntryErr err, c
- }
- 
- /*
-+ * Return the maximum number of color channels specified for a given photometric
-+ * type. 0 is returned if photometric type isn't supported or no default value
-+ * is defined by the specification.
-+ */
-+static int _TIFFGetMaxColorChannels( uint16 photometric )
-+{
-+    switch (photometric) {
-+	case PHOTOMETRIC_PALETTE:
-+	case PHOTOMETRIC_MINISWHITE:
-+	case PHOTOMETRIC_MINISBLACK:
-+            return 1;
-+	case PHOTOMETRIC_YCBCR:
-+	case PHOTOMETRIC_RGB:
-+	case PHOTOMETRIC_CIELAB:
-+            return 3;
-+	case PHOTOMETRIC_SEPARATED:
-+	case PHOTOMETRIC_MASK:
-+            return 4;
-+	case PHOTOMETRIC_LOGL:
-+	case PHOTOMETRIC_LOGLUV:
-+	case PHOTOMETRIC_CFA:
-+	case PHOTOMETRIC_ITULAB:
-+	case PHOTOMETRIC_ICCLAB:
-+	default:
-+            return 0;
-+    }
-+}
-+
-+/*
-  * Read the next TIFF directory from a file and convert it to the internal
-  * format. We read directories sequentially.
-  */
-@@ -3520,6 +3550,7 @@ TIFFReadDirectory(TIFF* tif)
- 	uint32 fii=FAILED_FII;
-         toff_t nextdiroff;
-     int bitspersample_read = FALSE;
-+        int color_channels;
- 
- 	tif->tif_diroff=tif->tif_nextdiroff;
- 	if (!TIFFCheckDirOffset(tif,tif->tif_nextdiroff))
-@@ -4024,6 +4055,37 @@ TIFFReadDirectory(TIFF* tif)
- 			}
- 		}
- 	}
-+
-+	/*
-+	 * Make sure all non-color channels are extrasamples.
-+	 * If it's not the case, define them as such.
-+	 */
-+        color_channels = _TIFFGetMaxColorChannels(tif->tif_dir.td_photometric);
-+        if (color_channels && tif->tif_dir.td_samplesperpixel - tif->tif_dir.td_extrasamples > color_channels) {
-+                uint16 old_extrasamples;
-+                uint16 *new_sampleinfo;
-+
-+                TIFFWarningExt(tif->tif_clientdata,module, "Sum of Photometric type-related "
-+                    "color channels and ExtraSamples doesn't match SamplesPerPixel. "
-+                    "Defining non-color channels as ExtraSamples.");
-+
-+                old_extrasamples = tif->tif_dir.td_extrasamples;
-+                tif->tif_dir.td_extrasamples = (tif->tif_dir.td_samplesperpixel - color_channels);
-+
-+                // sampleinfo should contain information relative to these new extra samples
-+                new_sampleinfo = (uint16*) _TIFFcalloc(tif->tif_dir.td_extrasamples, sizeof(uint16));
-+                if (!new_sampleinfo) {
-+                    TIFFErrorExt(tif->tif_clientdata, module, "Failed to allocate memory for "
-+                                "temporary new sampleinfo array (%d 16 bit elements)",
-+                                tif->tif_dir.td_extrasamples);
-+                    goto bad;
-+                }
-+
-+                memcpy(new_sampleinfo, tif->tif_dir.td_sampleinfo, old_extrasamples * sizeof(uint16));
-+                _TIFFsetShortArray(&tif->tif_dir.td_sampleinfo, new_sampleinfo, tif->tif_dir.td_extrasamples);
-+                _TIFFfree(new_sampleinfo);
-+        }
-+
- 	/*
- 	 * Verify Palette image has a Colormap.
- 	 */
-diff --git a/libtiff/tif_print.c b/libtiff/tif_print.c
-index 8deceb2..1d86adb 100644
---- a/libtiff/tif_print.c
-+++ b/libtiff/tif_print.c
-@@ -544,7 +544,7 @@ TIFFPrintDirectory(TIFF* tif, FILE* fd, long flags)
- 				uint16 i;
- 				fprintf(fd, "    %2ld: %5u",
- 				    l, td->td_transferfunction[0][l]);
--				for (i = 1; i < td->td_samplesperpixel; i++)
-+				for (i = 1; i < td->td_samplesperpixel - td->td_extrasamples && i < 3; i++)
- 					fprintf(fd, " %5u",
- 					    td->td_transferfunction[i][l]);
- 				fputc('\n', fd);
--- 
-1.7.9.5
-
diff --git a/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-8905.patch b/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-8905.patch
deleted file mode 100644
index 962646d..0000000
--- a/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-8905.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-From 58a898cb4459055bb488ca815c23b880c242a27d Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Sat, 12 May 2018 15:32:31 +0200
-Subject: [PATCH] LZWDecodeCompat(): fix potential index-out-of-bounds write.
- Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2780 /
- CVE-2018-8905
-
-The fix consists in using the similar code LZWDecode() to validate we
-don't write outside of the output buffer.
-
----
-CVE: CVE-2018-8905
-
-Upstream-Status: Backport [gitlab.com/libtiff/libtiff/commit/58a898...]
-
-Signed-off-by: Joe Slater <joe.slater@windriver.com>
-
----
- libtiff/tif_lzw.c |   18 ++++++++++++------
- 1 file changed, 12 insertions(+), 6 deletions(-)
-
-diff --git a/libtiff/tif_lzw.c b/libtiff/tif_lzw.c
-index 4ccb443..94d85e3 100644
---- a/libtiff/tif_lzw.c
-+++ b/libtiff/tif_lzw.c
-@@ -602,6 +602,7 @@ LZWDecodeCompat(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s)
- 	char *tp;
- 	unsigned char *bp;
- 	int code, nbits;
-+	int len;
- 	long nextbits, nextdata, nbitsmask;
- 	code_t *codep, *free_entp, *maxcodep, *oldcodep;
- 
-@@ -753,13 +754,18 @@ LZWDecodeCompat(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s)
- 				}  while (--occ);
- 				break;
- 			}
--			assert(occ >= codep->length);
--			op += codep->length;
--			occ -= codep->length;
--			tp = op;
-+			len = codep->length;
-+			tp = op + len;
- 			do {
--				*--tp = codep->value;
--			} while( (codep = codep->next) != NULL );
-+				int t;
-+				--tp;
-+				t = codep->value;
-+				codep = codep->next;
-+				*tp = (char)t;
-+			} while (codep && tp > op);
-+			assert(occ >= len);
-+			op += len;
-+			occ -= len;
- 		} else {
- 			*op++ = (char)code;
- 			occ--;
--- 
-1.7.9.5
-
diff --git a/poky/meta/recipes-multimedia/libtiff/files/libtool2.patch b/poky/meta/recipes-multimedia/libtiff/files/libtool2.patch
index a84c688..96233b4 100644
--- a/poky/meta/recipes-multimedia/libtiff/files/libtool2.patch
+++ b/poky/meta/recipes-multimedia/libtiff/files/libtool2.patch
@@ -1,16 +1,21 @@
+From 5b893206e0a0d529ba2d0caf58cfffc03bccb598 Mon Sep 17 00:00:00 2001
+From: Marcin Juszkiewicz <hrw@openedhand.com>
+Date: Sat, 14 Jun 2008 13:42:22 +0000
+Subject: [PATCH] tiff: make it work after libtool upgrade
+
 Upstream-Status: Inappropriate [configuration]
 
 ---
- configure.ac |    2 +-
+ configure.ac | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
 
-Index: tiff-4.0.9/configure.ac
-===================================================================
---- tiff-4.0.9.orig/configure.ac
-+++ tiff-4.0.9/configure.ac
-@@ -27,7 +27,7 @@ dnl Process this file with autoconf to p
+diff --git a/configure.ac b/configure.ac
+index c7b02e2..ae1c964 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -27,7 +27,7 @@ dnl Process this file with autoconf to produce a configure script.
  AC_PREREQ(2.64)
- AC_INIT([LibTIFF Software],[4.0.9],[tiff@lists.maptools.org],[tiff])
+ AC_INIT([LibTIFF Software],[4.0.10],[tiff@lists.maptools.org],[tiff])
  AC_CONFIG_AUX_DIR(config)
 -AC_CONFIG_MACRO_DIR(m4)
 +dnl AC_CONFIG_MACRO_DIR(m4)
diff --git a/poky/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb b/poky/meta/recipes-multimedia/libtiff/tiff_4.0.10.bb
similarity index 80%
rename from poky/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
rename to poky/meta/recipes-multimedia/libtiff/tiff_4.0.10.bb
index 93beddb..152fa81 100644
--- a/poky/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
+++ b/poky/meta/recipes-multimedia/libtiff/tiff_4.0.10.bb
@@ -6,17 +6,10 @@
 
 SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
            file://libtool2.patch \
-           file://CVE-2017-9935.patch \
-           file://CVE-2017-18013.patch \
-           file://CVE-2018-5784.patch \
-           file://CVE-2018-10963.patch \
-           file://CVE-2018-8905.patch \
-           file://CVE-2018-7456.patch \
-           file://CVE-2017-17095.patch \
-          "
+           "
 
-SRC_URI[md5sum] = "54bad211279cc93eb4fca31ba9bfdc79"
-SRC_URI[sha256sum] = "6e7bdeec2c310734e734d19aae3a71ebe37a4d842e0e23dbb1b8921c0026cfcd"
+SRC_URI[md5sum] = "114192d7ebe537912a2b97408832e7fd"
+SRC_URI[sha256sum] = "2c52d11ccaf767457db0c46795d9c7d1a8d8f76f68b0b800a3dfe45786b996e4"
 
 # exclude betas
 UPSTREAM_CHECK_REGEX = "tiff-(?P<pver>\d+(\.\d+)+).tar"
diff --git a/poky/meta/recipes-multimedia/mpeg2dec/files/61_global-symbol-test.patch b/poky/meta/recipes-multimedia/mpeg2dec/files/61_global-symbol-test.patch
new file mode 100644
index 0000000..00b667d
--- /dev/null
+++ b/poky/meta/recipes-multimedia/mpeg2dec/files/61_global-symbol-test.patch
@@ -0,0 +1,70 @@
+Rewrite the public symbol check to verify the shared libraries, to check for
+more things, and to avoid duplication; fixes make check on ARM
+
+Taken From
+https://sources.debian.org/src/mpeg2dec/0.5.1-8/debian/patches/61_global-symbol-test.patch/
+
+Upstream-Status: Pending
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ test/globals |   42 +++++++++++++++++++++++++++---------------
+ 1 file changed, 27 insertions(+), 15 deletions(-)
+
+--- mpeg2dec.orig/test/globals
++++ mpeg2dec/test/globals
+@@ -1,4 +1,8 @@
+ #!/bin/sh
++# TODO
++# - fix checking of .a libs; problem is that "nm -g --defined-only" lists
++#   internal symbols; this can be solved by using objdump, but it's probably
++#   good enough to just run the tests on the shared lib
+ 
+ if test x"$srcdir" != x""; then
+     builddir="."	# running from make check, but it does not define that
+@@ -14,22 +18,30 @@ builddir=`cd $builddir;pwd`
+ 
+ error=0
+ 
+-bad_globals=`nm -g --defined-only $builddir/../libmpeg2/*.o |\
+-    awk '{if ($3) print $3}' | grep -v '^_\?mpeg2_'`
+-
+-if test x"$bad_globals" != x""; then
+-    echo BAD GLOBAL SYMBOLS:
+-    for s in $bad_globals; do echo $s; done
++# check_bad_public_symbols <symbol prefix> <lib file> [<lib file>...]
++#
++# checks public symbols in shared libs:
++# - allow prefix_anything
++# - reject _prefixanything
++# - allow _anything
++# - reject anything else
++#
++# NB: skips missing files
++check_bad_public_symbols() {
++    symbols_prefix="$1"
++    shift
++    lib_files=`ls "$@" 2>/dev/null`
++    [ -z "$lib_files" ] && return
++    bad_globals=`nm -g --defined-only $lib_files |
++        awk '{if ($3) print $3}' |
++        sed -n "/^${symbols_prefix}_/ d; /^_${symbols_prefix}/ { p; d }; /^_/ d; p"`
++    [ -z "$bad_globals" ] && return
+     error=1
+-fi
+-
+-bad_globals=`nm -g --defined-only $builddir/../libmpeg2/convert/*.o |\
+-    awk '{if ($3) print $3}' | grep -v '^_\?mpeg2convert_'`
++    echo BAD GLOBAL SYMBOLS in $lib_files:
++    echo "$bad_globals"
++}
+ 
+-if test x"$bad_globals" != x""; then
+-    echo BAD GLOBAL SYMBOLS:
+-    for s in $bad_globals; do echo $s; done
+-    error=1
+-fi
++check_bad_public_symbols mpeg2 $builddir/../libmpeg2/.libs/libmpeg2.so
++check_bad_public_symbols mpeg2convert $builddir/../libmpeg2/convert/.libs/libmpeg2convert.so
+ 
+ exit $error
diff --git a/poky/meta/recipes-multimedia/mpeg2dec/mpeg2dec_0.5.1.bb b/poky/meta/recipes-multimedia/mpeg2dec/mpeg2dec_0.5.1.bb
index 7711c2d..6b59d4f 100644
--- a/poky/meta/recipes-multimedia/mpeg2dec/mpeg2dec_0.5.1.bb
+++ b/poky/meta/recipes-multimedia/mpeg2dec/mpeg2dec_0.5.1.bb
@@ -10,6 +10,7 @@
            file://altivec_h_needed.patch \
            file://0001-check-for-available-arm-optimizations.patch \
            file://0002-Set-visibility-of-global-symbols-used-in-ARM-specifi.patch \
+           file://61_global-symbol-test.patch \
            "
 
 S = "${WORKDIR}/libmpeg2-${PV}"
diff --git a/poky/meta/recipes-multimedia/pulseaudio/pulseaudio.inc b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio.inc
index f526690..9a95e7c 100644
--- a/poky/meta/recipes-multimedia/pulseaudio/pulseaudio.inc
+++ b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio.inc
@@ -58,10 +58,10 @@
 
 DEPENDS = "libatomic-ops libsndfile1 libtool intltool-native"
 # optional
-DEPENDS += "udev alsa-lib glib-2.0 gconf"
+DEPENDS += "udev alsa-lib glib-2.0"
 DEPENDS += "speexdsp libxml-parser-perl-native libcap"
 
-inherit autotools bash-completion pkgconfig useradd gettext perlnative bluetooth systemd manpages
+inherit autotools bash-completion pkgconfig useradd gettext perlnative bluetooth systemd manpages gsettings
 
 # *.desktop rules wont be generated during configure and build will fail
 # if using --disable-nls
@@ -76,8 +76,9 @@
 		--with-database=simple \
 		--without-zsh-completion-dir \
 		--with-udev-rules-dir=`pkg-config --variable=udevdir udev`/rules.d \
-                ac_cv_header_valgrind_memcheck_h=no \
-                --disable-tests \
+		ac_cv_header_valgrind_memcheck_h=no \
+		--disable-tests \
+		--disable-running-from-build-tree \
 "
 
 # soxr (the SoX Resampler library) doesn't seem to be currently packaged in
@@ -97,20 +98,18 @@
 # very good anyway, better alternatives exist (such as the webrtc canceller).
 EXTRA_OECONF += "--disable-adrian-aec"
 
-# FIXME: The gsettings module is temporarily disabled, because adding support
-# for it is a bit complicated.
-EXTRA_OECONF += "--disable-gsettings"
-
 PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', '${BLUEZ}', '', d)} \
                    ${@bb.utils.contains('DISTRO_FEATURES', 'zeroconf', 'avahi', '', d)} \
                    ${@bb.utils.contains('DISTRO_FEATURES', '3g', 'ofono', '', d)} \
                    ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6 systemd x11', d)} \
-                   dbus \
+                   dbus gsettings \
                    "
 
 PACKAGECONFIG[dbus] = "--enable-dbus,--disable-dbus,dbus"
 PACKAGECONFIG[bluez4] = "--enable-bluez4,--disable-bluez4,bluez4 sbc"
 PACKAGECONFIG[bluez5] = "--enable-bluez5,--disable-bluez5,bluez5 sbc"
+PACKAGECONFIG[gconf] = "--enable-gconf,--disable-gconf,gconf"
+PACKAGECONFIG[gsettings] = "--enable-gsettings,--disable-gsettings,glib-2.0-native glib-2.0"
 PACKAGECONFIG[ofono] = "--enable-bluez5-ofono-headset,--disable-bluez5-ofono-headset,ofono"
 PACKAGECONFIG[gtk] = "--enable-gtk3,--disable-gtk3,gtk+3"
 PACKAGECONFIG[systemd] = "--enable-systemd-daemon --enable-systemd-login --enable-systemd-journal --with-systemduserunitdir=${systemd_user_unitdir},--disable-systemd-daemon --disable-systemd-login --disable-systemd-journal,systemd"
@@ -193,6 +192,7 @@
 FILES_${PN}-misc = "${bindir}/* ${libdir}/pulseaudio/libpulsedsp.so"
 
 # Allow the pulseaudio package to be created empty as a placeholder (-dbg and -dev depend on it)
+FILES_${PN} = ""
 ALLOW_EMPTY_${PN} = "1"
 
 CONFFILES_libpulse = "${sysconfdir}/pulse/client.conf"
@@ -210,11 +210,9 @@
 }
 
 python populate_packages_prepend() {
-    #d.setVar('PKG_pulseaudio', 'pulseaudio')
-
     plugindir = d.expand('${libdir}/pulse-${PV}/modules/')
-    do_split_packages(d, plugindir, '^module-(.*)\.so$', 'pulseaudio-module-%s', 'PulseAudio module for %s', extra_depends='', prepend=True)
-    do_split_packages(d, plugindir, '^lib(.*)\.so$', 'pulseaudio-lib-%s', 'PulseAudio library for %s', extra_depends='', prepend=True)
+    do_split_packages(d, plugindir, r'^module-(.*)\.so$', '${PN}-module-%s', 'PulseAudio module for %s', extra_depends='', prepend=True)
+    do_split_packages(d, plugindir, r'^lib(.*)\.so$', '${PN}-lib-%s', 'PulseAudio library for %s', extra_depends='', prepend=True)
 }
 
 RDEPENDS_pulseaudio-server = " \
@@ -250,8 +248,11 @@
 RDEPENDS_pulseaudio-module-console-kit =+ "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'consolekit', '', d)}"
 RDEPENDS_pulseaudio-misc += "pulseaudio-module-cli-protocol-unix"
 
-FILES_pulseaudio-module-gconf += "${libexecdir}/pulse/gconf-helper"
-FILES_pulseaudio-module-alsa-card += "${datadir}/pulseaudio/alsa-mixer"
+FILES_${PN}-module-alsa-card += "${datadir}/pulseaudio/alsa-mixer"
+FILES_${PN}-module-gconf += "${libexecdir}/pulse/gconf-helper"
+
+GSETTINGS_PACKAGE = "${@bb.utils.contains('PACKAGECONFIG', 'gsettings', '${PN}-module-gsettings', '', d)}"
+FILES_${PN}-module-gsettings += "${libexecdir}/pulse/gsettings-helper ${datadir}/GConf/gsettings ${datadir}/glib-2.0/schemas"
 
 # The console-kit module is good to have on X11 systems (it keeps PulseAudio
 # running for the duration of the user login session). The device-manager and
diff --git a/poky/meta/recipes-multimedia/pulseaudio/pulseaudio/0001-introduce-a-special-build-flag-to-explicitly-disable.patch b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio/0001-introduce-a-special-build-flag-to-explicitly-disable.patch
new file mode 100644
index 0000000..b7e9cd8
--- /dev/null
+++ b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio/0001-introduce-a-special-build-flag-to-explicitly-disable.patch
@@ -0,0 +1,161 @@
+From 36feb98e568221e24286615730888d5f6ff323f0 Mon Sep 17 00:00:00 2001
+From: Hongxu Jia <hongxu.jia@windriver.com>
+Date: Fri, 7 Dec 2018 15:12:38 +0800
+Subject: [PATCH] introduce a special build flag to explicitly disables running
+ from build tree
+
+It is helpful to improve reproducibility build [1] since
+PA_SRCDIR/PA_BUILDDIR contains build path, disable running
+from build tree could drop these macros at precompilation.
+
+[1] https://reproducible-builds.org/
+
+Upstream-Status: Submitted [pulseaudio-discuss@lists.freedesktop.org]
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+Acked-by: Tanu Kaskinen <tanuk@iki.fi>
+---
+ configure.ac                             | 10 ++++++++++
+ src/daemon/daemon-conf.c                 |  4 +++-
+ src/daemon/main.c                        |  6 ++++++
+ src/modules/alsa/alsa-mixer.c            |  4 ++++
+ src/modules/gconf/module-gconf.c         |  2 +-
+ src/modules/gsettings/module-gsettings.c |  2 +-
+ src/pulsecore/core-util.c                |  4 +++-
+ 7 files changed, 28 insertions(+), 4 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index c9c414f..8b345ef 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -998,6 +998,16 @@ AS_IF([test "x$enable_asyncns" = "xyes" && test "x$HAVE_LIBASYNCNS" = "x0"],
+ AM_CONDITIONAL([HAVE_LIBASYNCNS], [test "x$HAVE_LIBASYNCNS" = x1])
+ AS_IF([test "x$HAVE_LIBASYNCNS" = "x1"], AC_DEFINE([HAVE_LIBASYNCNS], 1, [Have libasyncns?]))
+ 
++#### Running from build tree (optional) ####
++
++AC_ARG_ENABLE([running-from-build-tree],
++    AS_HELP_STRING([--disable-running-from-build-tree],[Disable running from build tree]))
++
++AS_IF([test "x$enable_running_from_build_tree" != "xno"],
++      AC_DEFINE([HAVE_RUNNING_FROM_BUILD_TREE], 1, [Have running from build tree]))
++
++AC_SUBST(HAVE_RUNNING_FROM_BUILD_TREE)
++
+ #### TCP wrappers (optional) ####
+ 
+ AC_ARG_ENABLE([tcpwrap],
+diff --git a/src/daemon/daemon-conf.c b/src/daemon/daemon-conf.c
+index 9883126..f01eff4 100644
+--- a/src/daemon/daemon-conf.c
++++ b/src/daemon/daemon-conf.c
+@@ -155,12 +155,14 @@ pa_daemon_conf *pa_daemon_conf_new(void) {
+     c->dl_search_path = pa_sprintf_malloc("%s" PA_PATH_SEP "lib" PA_PATH_SEP "pulse-%d.%d" PA_PATH_SEP "modules",
+                                           pa_win32_get_toplevel(NULL), PA_MAJOR, PA_MINOR);
+ #else
++#ifdef HAVE_RUNNING_FROM_BUILD_TREE
+     if (pa_run_from_build_tree()) {
+         pa_log_notice("Detected that we are run from the build tree, fixing search path.");
+         c->dl_search_path = pa_xstrdup(PA_BUILDDIR);
+     } else
+-        c->dl_search_path = pa_xstrdup(PA_DLSEARCHPATH);
+ #endif
++        c->dl_search_path = pa_xstrdup(PA_DLSEARCHPATH);
++#endif //Endof #ifdef OS_IS_WIN32
+ 
+     return c;
+ }
+diff --git a/src/daemon/main.c b/src/daemon/main.c
+index c80fa94..1e00388 100644
+--- a/src/daemon/main.c
++++ b/src/daemon/main.c
+@@ -932,6 +932,12 @@ int main(int argc, char *argv[]) {
+ 
+     pa_log_debug("Running in VM: %s", pa_yes_no(pa_running_in_vm()));
+ 
++#ifdef HAVE_RUNNING_FROM_BUILD_TREE
++    pa_log_debug("Running from build tree: %s", pa_yes_no(pa_run_from_build_tree()));
++#else
++    pa_log_debug("Running from build tree: no");
++#endif
++
+ #ifdef __OPTIMIZE__
+     pa_log_debug("Optimized build: yes");
+ #else
+diff --git a/src/modules/alsa/alsa-mixer.c b/src/modules/alsa/alsa-mixer.c
+index a524d6d..670f646 100644
+--- a/src/modules/alsa/alsa-mixer.c
++++ b/src/modules/alsa/alsa-mixer.c
+@@ -2571,9 +2571,11 @@ static int path_verify(pa_alsa_path *p) {
+ }
+ 
+ static const char *get_default_paths_dir(void) {
++#ifdef HAVE_RUNNING_FROM_BUILD_TREE
+     if (pa_run_from_build_tree())
+         return PA_SRCDIR "/modules/alsa/mixer/paths/";
+     else
++#endif
+         return PA_ALSA_PATHS_DIR;
+ }
+ 
+@@ -4455,7 +4457,9 @@ pa_alsa_profile_set* pa_alsa_profile_set_new(const char *fname, const pa_channel
+         fname = "default.conf";
+ 
+     fn = pa_maybe_prefix_path(fname,
++#ifdef HAVE_RUNNING_FROM_BUILD_TREE
+                               pa_run_from_build_tree() ? PA_SRCDIR "/modules/alsa/mixer/profile-sets/" :
++#endif
+                               PA_ALSA_PROFILE_SETS_DIR);
+ 
+     r = pa_config_parse(fn, NULL, items, NULL, false, ps);
+diff --git a/src/modules/gconf/module-gconf.c b/src/modules/gconf/module-gconf.c
+index c0f4dde..76a1f19 100644
+--- a/src/modules/gconf/module-gconf.c
++++ b/src/modules/gconf/module-gconf.c
+@@ -51,7 +51,7 @@ int pa__init(pa_module*m) {
+     u->buf_fill = 0;
+ 
+     if ((u->fd = pa_start_child_for_read(
+-#if defined(__linux__) && !defined(__OPTIMIZE__)
++#if defined(__linux__) && defined(HAVE_RUNNING_FROM_BUILD_TREE)
+                               pa_run_from_build_tree() ? PA_BUILDDIR "/gconf-helper" :
+ #endif
+                  PA_GCONF_HELPER, NULL, &u->pid)) < 0)
+diff --git a/src/modules/gsettings/module-gsettings.c b/src/modules/gsettings/module-gsettings.c
+index 330eca1..209c857 100644
+--- a/src/modules/gsettings/module-gsettings.c
++++ b/src/modules/gsettings/module-gsettings.c
+@@ -51,7 +51,7 @@ int pa__init(pa_module*m) {
+     u->buf_fill = 0;
+ 
+     if ((u->fd = pa_start_child_for_read(
+-#if defined(__linux__) && !defined(__OPTIMIZE__)
++#if defined(__linux__) && defined(HAVE_RUNNING_FROM_BUILD_TREE)
+                               pa_run_from_build_tree() ? PA_BUILDDIR "/gsettings-helper" :
+ #endif
+                  PA_GSETTINGS_HELPER, NULL, &u->pid)) < 0)
+diff --git a/src/pulsecore/core-util.c b/src/pulsecore/core-util.c
+index 64e9f21..f85dd20 100644
+--- a/src/pulsecore/core-util.c
++++ b/src/pulsecore/core-util.c
+@@ -3436,15 +3436,17 @@ void pa_reset_personality(void) {
+ }
+ 
+ bool pa_run_from_build_tree(void) {
+-    char *rp;
+     static bool b = false;
+ 
++#ifdef HAVE_RUNNING_FROM_BUILD_TREE
++    char *rp;
+     PA_ONCE_BEGIN {
+         if ((rp = pa_readlink("/proc/self/exe"))) {
+             b = pa_startswith(rp, PA_BUILDDIR);
+             pa_xfree(rp);
+         }
+     } PA_ONCE_END;
++#endif
+ 
+     return b;
+ }
+-- 
+2.7.4
+
diff --git a/poky/meta/recipes-multimedia/pulseaudio/pulseaudio/0002-do-not-display-CLFAGS-to-improve-reproducibility-bui.patch b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio/0002-do-not-display-CLFAGS-to-improve-reproducibility-bui.patch
new file mode 100644
index 0000000..43add75
--- /dev/null
+++ b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio/0002-do-not-display-CLFAGS-to-improve-reproducibility-bui.patch
@@ -0,0 +1,30 @@
+From f0ddd7c36556ad05c1398fdd132947323ad26473 Mon Sep 17 00:00:00 2001
+From: Hongxu Jia <hongxu.jia@windriver.com>
+Date: Thu, 6 Dec 2018 11:43:41 +0800
+Subject: [PATCH 2/2] do not display CLFAGS to improve reproducibility build
+
+Macro PA_CFLAGS contains build path, do not use it to
+display CFLAGS which could improve reproducibility build.
+
+Upstream-Status: Inappropriate [oe specific]
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+---
+ src/daemon/main.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/daemon/main.c b/src/daemon/main.c
+index c80fa94..75496be 100644
+--- a/src/daemon/main.c
++++ b/src/daemon/main.c
+@@ -908,7 +908,7 @@ int main(int argc, char *argv[]) {
+ 
+     pa_log_info("This is PulseAudio %s", PACKAGE_VERSION);
+     pa_log_debug("Compilation host: %s", CANONICAL_HOST);
+-    pa_log_debug("Compilation CFLAGS: %s", PA_CFLAGS);
++    pa_log_debug("Compilation CFLAGS: ***");
+ 
+ #ifdef HAVE_LIBSAMPLERATE
+     pa_log_warn("Compiled with DEPRECATED libsamplerate support!");
+-- 
+2.7.4
+
diff --git a/poky/meta/recipes-multimedia/pulseaudio/pulseaudio_12.2.bb b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio_12.2.bb
index 36d92bc..c020fbd 100644
--- a/poky/meta/recipes-multimedia/pulseaudio/pulseaudio_12.2.bb
+++ b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio_12.2.bb
@@ -2,6 +2,8 @@
 
 SRC_URI = "http://freedesktop.org/software/pulseaudio/releases/${BP}.tar.xz \
            file://0001-client-conf-Add-allow-autospawn-for-root.patch \
+           file://0001-introduce-a-special-build-flag-to-explicitly-disable.patch \
+           file://0002-do-not-display-CLFAGS-to-improve-reproducibility-bui.patch \
            file://volatiles.04_pulse \
            "
 SRC_URI[md5sum] = "c42f1f1465e8df9859d023dc184734bf"
diff --git a/poky/meta/recipes-multimedia/sbc/sbc_1.3.bb b/poky/meta/recipes-multimedia/sbc/sbc_1.4.bb
similarity index 84%
rename from poky/meta/recipes-multimedia/sbc/sbc_1.3.bb
rename to poky/meta/recipes-multimedia/sbc/sbc_1.4.bb
index 2bb895d..674d77e 100644
--- a/poky/meta/recipes-multimedia/sbc/sbc_1.3.bb
+++ b/poky/meta/recipes-multimedia/sbc/sbc_1.4.bb
@@ -14,8 +14,8 @@
 
 SRC_URI = "${KERNELORG_MIRROR}/linux/bluetooth/${BP}.tar.xz"
 
-SRC_URI[md5sum] = "2d8b7841f2c11ab287718d562f2b981c"
-SRC_URI[sha256sum] = "e61022cf576f14190241e7071753fdacdce5d1dea89ffd704110fc50be689309"
+SRC_URI[md5sum] = "800fb0908899baa48dc216d8e156cc05"
+SRC_URI[sha256sum] = "518bf46e6bb3dc808a95e1eabad26fdebe8a099c1e781c27ed7fca6c2f4a54c9"
 
 inherit autotools pkgconfig
 
diff --git a/poky/meta/recipes-multimedia/webp/libwebp_1.0.0.bb b/poky/meta/recipes-multimedia/webp/libwebp_1.0.2.bb
similarity index 93%
rename from poky/meta/recipes-multimedia/webp/libwebp_1.0.0.bb
rename to poky/meta/recipes-multimedia/webp/libwebp_1.0.2.bb
index 1a9679f..8b3ffe0 100644
--- a/poky/meta/recipes-multimedia/webp/libwebp_1.0.0.bb
+++ b/poky/meta/recipes-multimedia/webp/libwebp_1.0.2.bb
@@ -14,8 +14,8 @@
                     file://PATENTS;md5=c6926d0cb07d296f886ab6e0cc5a85b7"
 
 SRC_URI = "http://downloads.webmproject.org/releases/webp/${BP}.tar.gz"
-SRC_URI[md5sum] = "967b8f087cb392e6cc94d5e116a120c0"
-SRC_URI[sha256sum] = "84259c4388f18637af3c5a6361536d754a5394492f91be1abc2e981d4983225b"
+SRC_URI[md5sum] = "02c0c55f1dd8612cd4d462e3409ad35d"
+SRC_URI[sha256sum] = "3d47b48c40ed6476e8047b2ddb81d93835e0ca1b8d3e8c679afbb3004dd564b1"
 
 UPSTREAM_CHECK_URI = "http://downloads.webmproject.org/releases/webp/index.html"
 
diff --git a/poky/meta/recipes-multimedia/x264/x264_git.bb b/poky/meta/recipes-multimedia/x264/x264_git.bb
index 4174cb2..34c7dc4 100644
--- a/poky/meta/recipes-multimedia/x264/x264_git.bb
+++ b/poky/meta/recipes-multimedia/x264/x264_git.bb
@@ -14,16 +14,16 @@
            "
 UPSTREAM_CHECK_COMMITS = "1"
 
-SRCREV = "e9a5903edf8ca59ef20e6f4894c196f135af735e"
+SRCREV = "0a84d986e7020f8344f00752e3600b9769cc1e85"
 
-PV = "r2854+git${SRCPV}"
+PV = "r2917+git${SRCPV}"
 
 S = "${WORKDIR}/git"
 
-inherit lib_package pkgconfig perlnative
+inherit lib_package pkgconfig
 
 X264_DISABLE_ASM = ""
-X264_DISABLE_ASM_x86_libc-musl = "--disable-asm"
+X264_DISABLE_ASM_x86 = "--disable-asm"
 X264_DISABLE_ASM_armv4 = "--disable-asm"
 X264_DISABLE_ASM_armv5 = "--disable-asm"
 X264_DISABLE_ASM_powerpc = "${@bb.utils.contains("TUNE_FEATURES", "spe", "--disable-asm", "", d)}"