reset upstream subtrees to HEAD
Reset the following subtrees on HEAD:
poky: 8217b477a1(master)
meta-xilinx: 64aa3d35ae(master)
meta-openembedded: 0435c9e193(master)
meta-raspberrypi: 490a4441ac(master)
meta-security: cb6d1c85ee(master)
Squashed patches:
meta-phosphor: drop systemd 239 patches
meta-phosphor: mrw-api: use correct install path
Change-Id: I268e2646d9174ad305630c6bbd3fbc1a6105f43d
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
diff --git a/poky/meta/recipes-multimedia/alsa/alsa-lib_1.1.6.bb b/poky/meta/recipes-multimedia/alsa/alsa-lib_1.1.8.bb
similarity index 83%
rename from poky/meta/recipes-multimedia/alsa/alsa-lib_1.1.6.bb
rename to poky/meta/recipes-multimedia/alsa/alsa-lib_1.1.8.bb
index 25e7a3c..76cc962 100644
--- a/poky/meta/recipes-multimedia/alsa/alsa-lib_1.1.6.bb
+++ b/poky/meta/recipes-multimedia/alsa/alsa-lib_1.1.8.bb
@@ -7,9 +7,9 @@
file://src/socket.c;md5=dd1bc7f44872690224d89c1a9806e495;beginline=1;endline=26 \
"
-SRC_URI = "ftp://ftp.alsa-project.org/pub/lib/${BP}.tar.bz2"
-SRC_URI[md5sum] = "2f981a8f7897c59ec2ddc44916d33788"
-SRC_URI[sha256sum] = "5f2cd274b272cae0d0d111e8a9e363f08783329157e8dd68b3de0c096de6d724"
+SRC_URI = "https://www.alsa-project.org/files/pub/lib/${BP}.tar.bz2"
+SRC_URI[md5sum] = "0eec0d657a07927795809c8f87fb76ca"
+SRC_URI[sha256sum] = "3cdc3a93a6427a26d8efab4ada2152e64dd89140d981f6ffa003e85be707aedf"
inherit autotools pkgconfig
diff --git a/poky/meta/recipes-multimedia/alsa/alsa-plugins_1.1.6.bb b/poky/meta/recipes-multimedia/alsa/alsa-plugins_1.1.6.bb
deleted file mode 100644
index 17c1879..0000000
--- a/poky/meta/recipes-multimedia/alsa/alsa-plugins_1.1.6.bb
+++ /dev/null
@@ -1,103 +0,0 @@
-SUMMARY = "ALSA Plugins"
-HOMEPAGE = "http://alsa-project.org"
-BUGTRACKER = "http://alsa-project.org/main/index.php/Bug_Tracking"
-SECTION = "multimedia"
-
-# The primary license of alsa-plugins is LGPLv2.1.
-#
-# m4/attributes.m4 is licensed under GPLv2+. m4/attributes.m4 is part of the
-# build system, and doesn't affect the licensing of the build result.
-#
-# The samplerate plugin source code is licensed under GPLv2+ to be consistent
-# with the libsamplerate license. However, if the licensee has a commercial
-# license for libsamplerate, the samplerate plugin may be used under the terms
-# of LGPLv2.1 like the rest of the plugins.
-LICENSE = "LGPLv2.1 & GPLv2+"
-LIC_FILES_CHKSUM = "\
- file://COPYING;md5=a916467b91076e631dd8edb7424769c7 \
- file://COPYING.GPL;md5=59530bdf33659b29e73d4adb9f9f6552 \
- file://m4/attributes.m4;endline=33;md5=b25958da44c02231e3641f1bccef53eb \
- file://rate/rate_samplerate.c;endline=35;md5=fd77bce85f4a338c0e8ab18430b69fae \
-"
-
-SRC_URI = "ftp://ftp.alsa-project.org/pub/plugins/${BP}.tar.bz2"
-SRC_URI[md5sum] = "8387279e99feeb2ecffaac5f293223d7"
-SRC_URI[sha256sum] = "6f1d31ebe3b1fa1cc8dade60b7bed1cb2583ac998167002d350dc0a5e3e40c13"
-
-DEPENDS += "alsa-lib"
-
-inherit autotools pkgconfig
-
-PACKAGECONFIG ??= "\
- samplerate \
- speexdsp \
- ${@bb.utils.filter('DISTRO_FEATURES', 'pulseaudio', d)} \
-"
-PACKAGECONFIG[avcodec] = "--enable-avcodec,--disable-avcodec,libav"
-PACKAGECONFIG[jack] = "--enable-jack,--disable-jack,jack"
-PACKAGECONFIG[maemo-plugin] = "--enable-maemo-plugin,--disable-maemo-plugin"
-PACKAGECONFIG[maemo-resource-manager] = "--enable-maemo-resource-manager,--disable-maemo-resource-manager,dbus"
-PACKAGECONFIG[pulseaudio] = "--enable-pulseaudio,--disable-pulseaudio,pulseaudio"
-PACKAGECONFIG[samplerate] = "--enable-samplerate,--disable-samplerate,libsamplerate0"
-PACKAGECONFIG[speexdsp] = "--with-speex=lib,--with-speex=no,speexdsp"
-
-PACKAGES += "${@bb.utils.contains('PACKAGECONFIG', 'pulseaudio', 'alsa-plugins-pulseaudio-conf', '', d)}"
-
-PACKAGES_DYNAMIC = "^libasound-module-.*"
-
-# The alsa-plugins package doesn't itself contain anything, it just depends on
-# all built plugins.
-ALLOW_EMPTY_${PN} = "1"
-
-do_install_append() {
- rm ${D}${libdir}/alsa-lib/*.la
-
- # We use the example as is, so just drop the .example suffix.
- if [ "${@bb.utils.contains('PACKAGECONFIG', 'pulseaudio', 'yes', 'no', d)}" = "yes" ]; then
- mv ${D}${datadir}/alsa/alsa.conf.d/99-pulseaudio-default.conf.example ${D}${datadir}/alsa/alsa.conf.d/99-pulseaudio-default.conf
- fi
-}
-
-python populate_packages_prepend() {
- plugindir = d.expand('${libdir}/alsa-lib/')
- packages = " ".join(do_split_packages(d, plugindir, '^libasound_module_(.*)\.so$', 'libasound-module-%s', 'Alsa plugin for %s', extra_depends=''))
- d.setVar("RDEPENDS_alsa-plugins", packages)
-}
-
-# The rate plugins create some symlinks. For example, the samplerate plugin
-# creates these links to the main plugin file:
-#
-# libasound_module_rate_samplerate_best.so
-# libasound_module_rate_samplerate_linear.so
-# libasound_module_rate_samplerate_medium.so
-# libasound_module_rate_samplerate_order.so
-#
-# The other rate plugins create similar links. We have to add the links to
-# FILES manually, because do_split_packages() skips the links (which is good,
-# because we wouldn't want do_split_packages() to create separate packages for
-# the symlinks).
-#
-# The symlinks cause QA errors, because usually it's a bug if a non
-# -dev/-dbg/-nativesdk package contains links to .so files, but in this case
-# the errors are false positives, so we disable the QA checks.
-FILES_${MLPREFIX}libasound-module-rate-lavcrate += "${libdir}/alsa-lib/*rate_lavcrate_*.so"
-FILES_${MLPREFIX}libasound-module-rate-samplerate += "${libdir}/alsa-lib/*rate_samplerate_*.so"
-FILES_${MLPREFIX}libasound-module-rate-speexrate += "${libdir}/alsa-lib/*rate_speexrate_*.so"
-INSANE_SKIP_${MLPREFIX}libasound-module-rate-lavcrate = "dev-so"
-INSANE_SKIP_${MLPREFIX}libasound-module-rate-samplerate = "dev-so"
-INSANE_SKIP_${MLPREFIX}libasound-module-rate-speexrate = "dev-so"
-
-# 50-pulseaudio.conf defines a device named "pulse" that applications can use
-# if they explicitly want to use the PulseAudio plugin.
-# 99-pulseaudio-default.conf configures the "default" device to use the
-# PulseAudio plugin.
-FILES_${PN}-pulseaudio-conf += "\
- ${datadir}/alsa/alsa.conf.d/50-pulseaudio.conf \
- ${datadir}/alsa/alsa.conf.d/99-pulseaudio-default.conf \
-"
-
-RDEPENDS_${PN}-pulseaudio-conf += "\
- libasound-module-conf-pulse \
- libasound-module-ctl-pulse \
- libasound-module-pcm-pulse \
-"
diff --git a/poky/meta/recipes-multimedia/alsa/alsa-plugins_1.1.8.bb b/poky/meta/recipes-multimedia/alsa/alsa-plugins_1.1.8.bb
new file mode 100644
index 0000000..2d9cc06
--- /dev/null
+++ b/poky/meta/recipes-multimedia/alsa/alsa-plugins_1.1.8.bb
@@ -0,0 +1,173 @@
+SUMMARY = "ALSA Plugins"
+HOMEPAGE = "http://alsa-project.org"
+BUGTRACKER = "http://alsa-project.org/main/index.php/Bug_Tracking"
+SECTION = "multimedia"
+
+# The primary license of alsa-plugins is LGPLv2.1.
+#
+# m4/attributes.m4 is licensed under GPLv2+. m4/attributes.m4 is part of the
+# build system, and doesn't affect the licensing of the build result.
+#
+# The samplerate plugin source code is licensed under GPLv2+ to be consistent
+# with the libsamplerate license. However, if the licensee has a commercial
+# license for libsamplerate, the samplerate plugin may be used under the terms
+# of LGPLv2.1 like the rest of the plugins.
+LICENSE = "LGPLv2.1 & GPLv2+"
+LIC_FILES_CHKSUM = "\
+ file://COPYING;md5=a916467b91076e631dd8edb7424769c7 \
+ file://COPYING.GPL;md5=59530bdf33659b29e73d4adb9f9f6552 \
+ file://m4/attributes.m4;endline=33;md5=b25958da44c02231e3641f1bccef53eb \
+ file://rate/rate_samplerate.c;endline=35;md5=fd77bce85f4a338c0e8ab18430b69fae \
+"
+
+SRC_URI = "https://www.alsa-project.org/files/pub/plugins/${BP}.tar.bz2"
+SRC_URI[md5sum] = "d0f87211d1560f2c07c8eae4297bc4f6"
+SRC_URI[sha256sum] = "7f77df171685ccec918268477623a39db4d9f32d5dc5e76874ef2467a2405994"
+
+DEPENDS += "alsa-lib"
+
+inherit autotools pkgconfig
+
+PACKAGECONFIG ??= "\
+ samplerate \
+ speexdsp \
+ ${@bb.utils.filter('DISTRO_FEATURES', 'pulseaudio', d)} \
+"
+PACKAGECONFIG[aaf] = "--enable-aaf,--disable-aaf,avtp"
+PACKAGECONFIG[jack] = "--enable-jack,--disable-jack,jack"
+PACKAGECONFIG[libav] = "--enable-libav,--disable-libav,libav"
+PACKAGECONFIG[maemo-plugin] = "--enable-maemo-plugin,--disable-maemo-plugin"
+PACKAGECONFIG[maemo-resource-manager] = "--enable-maemo-resource-manager,--disable-maemo-resource-manager,dbus"
+PACKAGECONFIG[pulseaudio] = "--enable-pulseaudio,--disable-pulseaudio,pulseaudio"
+PACKAGECONFIG[samplerate] = "--enable-samplerate,--disable-samplerate,libsamplerate0"
+PACKAGECONFIG[speexdsp] = "--with-speex=lib,--with-speex=no,speexdsp"
+
+PACKAGES += "${@bb.utils.contains('PACKAGECONFIG', 'pulseaudio', 'alsa-plugins-pulseaudio-conf', '', d)}"
+
+PACKAGES_DYNAMIC = "^libasound-module-.*"
+
+# The alsa-plugins package doesn't itself contain anything, it just depends on
+# all built plugins.
+FILES_${PN} = ""
+ALLOW_EMPTY_${PN} = "1"
+
+do_install_append() {
+ rm ${D}${libdir}/alsa-lib/*.la
+
+ if [ "${@bb.utils.contains('PACKAGECONFIG', 'pulseaudio', 'yes', 'no', d)}" = "yes" ]; then
+ # We use the example as is. Upstream installs the file under
+ # /etc, but we move it under /usr/share and add a symlink under
+ # /etc to be consistent with other installed configuration
+ # files.
+ mv ${D}${sysconfdir}/alsa/conf.d/99-pulseaudio-default.conf.example ${D}${datadir}/alsa/alsa.conf.d/99-pulseaudio-default.conf
+ ln -s ${datadir}/alsa/alsa.conf.d/99-pulseaudio-default.conf ${D}${sysconfdir}/alsa/conf.d/99-pulseaudio-default.conf
+ fi
+}
+
+python populate_packages_prepend() {
+ plugindir = d.expand('${libdir}/alsa-lib/')
+ packages = " ".join(do_split_packages(d, plugindir, r'^libasound_module_(.*)\.so$', 'libasound-module-%s', 'Alsa plugin for %s', extra_depends=''))
+ d.setVar("RDEPENDS_alsa-plugins", packages)
+}
+
+# Many plugins have a configuration file (plus a symlink in /etc) associated
+# with them. We put the plugin and it's configuration usually in the same
+# package, but that's problematic when the configuration file is related to
+# multiple plugins, as is the case with the pulse, oss and maemo plugins. In
+# case of the pulse plugins, we have a separate alsa-plugins-pulseaudio-conf
+# package that depends on all the pulse plugins, which ensures that all plugins
+# that the configuration references are installed. The oss and maemo
+# configuration files, on the other hand, are in the respective pcm plugin
+# packages. Therefore it's possible to install the configuration file without
+# the ctl plugin that the configuration file references. This is unlikely to
+# cause big problems, but some kind of improvement to the packaging could
+# probably be done here (at least it would be good to handle the different
+# plugins in a consistent way).
+FILES_${MLPREFIX}libasound-module-ctl-arcam-av += "\
+ ${datadir}/alsa/alsa.conf.d/50-arcam-av-ctl.conf \
+ ${sysconfdir}/alsa/conf.d/50-arcam-av-ctl.conf \
+"
+FILES_${MLPREFIX}libasound-module-pcm-a52 += "\
+ ${datadir}/alsa/alsa.conf.d/60-a52-encoder.conf \
+ ${sysconfdir}/alsa/conf.d/60-a52-encoder.conf \
+"
+FILES_${MLPREFIX}libasound-module-pcm-alsa-dsp += "\
+ ${datadir}/alsa/alsa.conf.d/98-maemo.conf \
+ ${sysconfdir}/alsa/conf.d/98-maemo.conf \
+"
+FILES_${MLPREFIX}libasound-module-pcm-jack += "\
+ ${datadir}/alsa/alsa.conf.d/50-jack.conf \
+ ${sysconfdir}/alsa/conf.d/50-jack.conf \
+"
+FILES_${MLPREFIX}libasound-module-pcm-oss += "\
+ ${datadir}/alsa/alsa.conf.d/50-oss.conf \
+ ${sysconfdir}/alsa/conf.d/50-oss.conf \
+"
+FILES_${MLPREFIX}libasound-module-pcm-speex += "\
+ ${datadir}/alsa/alsa.conf.d/60-speex.conf \
+ ${sysconfdir}/alsa/conf.d/60-speex.conf \
+"
+FILES_${MLPREFIX}libasound-module-pcm-upmix += "\
+ ${datadir}/alsa/alsa.conf.d/60-upmix.conf \
+ ${sysconfdir}/alsa/conf.d/60-upmix.conf \
+"
+FILES_${MLPREFIX}libasound-module-pcm-usb-stream += "\
+ ${datadir}/alsa/alsa.conf.d/98-usb-stream.conf \
+ ${sysconfdir}/alsa/conf.d/98-usb-stream.conf \
+"
+FILES_${MLPREFIX}libasound-module-pcm-vdownmix += "\
+ ${datadir}/alsa/alsa.conf.d/60-vdownmix.conf \
+ ${sysconfdir}/alsa/conf.d/60-vdownmix.conf \
+"
+FILES_${MLPREFIX}libasound-module-rate-lavrate += "\
+ ${datadir}/alsa/alsa.conf.d/10-rate-lav.conf \
+ ${sysconfdir}/alsa/conf.d/10-rate-lav.conf \
+"
+FILES_${MLPREFIX}libasound-module-rate-samplerate += "\
+ ${datadir}/alsa/alsa.conf.d/10-samplerate.conf \
+ ${sysconfdir}/alsa/conf.d/10-samplerate.conf \
+"
+FILES_${MLPREFIX}libasound-module-rate-speexrate += "\
+ ${datadir}/alsa/alsa.conf.d/10-speexrate.conf \
+ ${sysconfdir}/alsa/conf.d/10-speexrate.conf \
+"
+
+# The rate plugins create some symlinks. For example, the samplerate plugin
+# creates these links to the main plugin file:
+#
+# libasound_module_rate_samplerate_best.so
+# libasound_module_rate_samplerate_linear.so
+# libasound_module_rate_samplerate_medium.so
+# libasound_module_rate_samplerate_order.so
+#
+# The other rate plugins create similar links. We have to add the links to
+# FILES manually, because do_split_packages() skips the links (which is good,
+# because we wouldn't want do_split_packages() to create separate packages for
+# the symlinks).
+#
+# The symlinks cause QA errors, because usually it's a bug if a non
+# -dev/-dbg/-nativesdk package contains links to .so files, but in this case
+# the errors are false positives, so we disable the QA checks.
+FILES_${MLPREFIX}libasound-module-rate-lavrate += "${libdir}/alsa-lib/*rate_lavrate_*.so"
+FILES_${MLPREFIX}libasound-module-rate-samplerate += "${libdir}/alsa-lib/*rate_samplerate_*.so"
+FILES_${MLPREFIX}libasound-module-rate-speexrate += "${libdir}/alsa-lib/*rate_speexrate_*.so"
+INSANE_SKIP_${MLPREFIX}libasound-module-rate-lavrate = "dev-so"
+INSANE_SKIP_${MLPREFIX}libasound-module-rate-samplerate = "dev-so"
+INSANE_SKIP_${MLPREFIX}libasound-module-rate-speexrate = "dev-so"
+
+# 50-pulseaudio.conf defines a device named "pulse" that applications can use
+# if they explicitly want to use the PulseAudio plugin.
+# 99-pulseaudio-default.conf configures the "default" device to use the
+# PulseAudio plugin.
+FILES_${PN}-pulseaudio-conf += "\
+ ${datadir}/alsa/alsa.conf.d/50-pulseaudio.conf \
+ ${datadir}/alsa/alsa.conf.d/99-pulseaudio-default.conf \
+ ${sysconfdir}/alsa/conf.d/50-pulseaudio.conf \
+ ${sysconfdir}/alsa/conf.d/99-pulseaudio-default.conf \
+"
+
+RDEPENDS_${PN}-pulseaudio-conf += "\
+ libasound-module-conf-pulse \
+ libasound-module-ctl-pulse \
+ libasound-module-pcm-pulse \
+"
diff --git a/poky/meta/recipes-multimedia/alsa/alsa-tools/0002-Fix-clang-Wreserved-user-defined-literal-warnings.patch b/poky/meta/recipes-multimedia/alsa/alsa-tools/0002-Fix-clang-Wreserved-user-defined-literal-warnings.patch
deleted file mode 100644
index c137bc8..0000000
--- a/poky/meta/recipes-multimedia/alsa/alsa-tools/0002-Fix-clang-Wreserved-user-defined-literal-warnings.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-Upstream-Status: Backport
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-
-From a861bdabf02cd9bfb3ec7c0571c563c0fa14adfb Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Tue, 24 Apr 2018 12:24:32 -0700
-Subject: [PATCH] us428control: Fix clang -Wreserved-user-defined-literal
- warnings
-
-| us428control.cc:66:18: error: invalid suffix on literal; C++11 requires a space between literal and identifier [-Wreserved-user-defined-literal]
-| printf("usage: "PROGNAME" [-v verbosity_level 0..2] [-c card] [-D device] [-u usb-device] [-m mode]\n");
-| ^
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-Signed-off-by: Takashi Iwai <tiwai@suse.de>
----
- us428control/us428control.cc | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/us428control/us428control.cc b/us428control/us428control.cc
-index e839bf4..8cb3c42 100644
---- a/us428control/us428control.cc
-+++ b/us428control/us428control.cc
-@@ -63,7 +63,7 @@ static void usage(void)
- {
- printf("Tascam US-428 Control\n");
- printf("version %s\n", VERSION);
-- printf("usage: "PROGNAME" [-v verbosity_level 0..2] [-c card] [-D device] [-u usb-device] [-m mode]\n");
-+ printf("usage: " PROGNAME " [-v verbosity_level 0..2] [-c card] [-D device] [-u usb-device] [-m mode]\n");
- printf("mode is one of (us224, us428, mixxx)\n");
- }
- /*
---
-1.7.11.7
diff --git a/poky/meta/recipes-multimedia/alsa/alsa-tools/musl.patch b/poky/meta/recipes-multimedia/alsa/alsa-tools/musl.patch
deleted file mode 100644
index 9eb129c..0000000
--- a/poky/meta/recipes-multimedia/alsa/alsa-tools/musl.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-
-From 235d9c5e8381518b0a8661786e7e0cbdd1bbcd01 Mon Sep 17 00:00:00 2001
-From: Ross Burton <ross.burton@intel.com>
-Date: Tue, 12 Jun 2018 13:24:34 +0100
-Subject: [PATCH] ld10k1: define _GNU_SOURCE and use sighandler_t
-
-__sighandler_t is a glibc internal type which doesn't exist in musl. By using
-AC_USE_SYSTEM_EXTENSIONS to get _GNU_SOURCE defined, both glibc and musl
-then expose sighandler_t.
-
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-Signed-off-by: Takashi Iwai <tiwai@suse.de>
----
- ld10k1/configure.ac | 1 +
- ld10k1/src/ld10k1_fnc1.c | 2 +-
- 2 files changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/ld10k1/configure.ac b/ld10k1/configure.ac
-index 276b24e..f48ca31 100644
---- a/ld10k1/configure.ac
-+++ b/ld10k1/configure.ac
-@@ -4,6 +4,7 @@ AC_CONFIG_MACRO_DIR([m4])
- AM_MAINTAINER_MODE([enable])
-
- AC_CONFIG_HEADERS(config.h)
-+AC_USE_SYSTEM_EXTENSIONS
- AC_PROG_CC
- AC_PROG_LD
- AC_PROG_INSTALL
-diff --git a/ld10k1/src/ld10k1_fnc1.c b/ld10k1/src/ld10k1_fnc1.c
-index 343584c..ddc43c6 100644
---- a/ld10k1/src/ld10k1_fnc1.c
-+++ b/ld10k1/src/ld10k1_fnc1.c
-@@ -179,7 +179,7 @@ int main_loop(comm_param *param, int audigy, const char *card_id, int tram_size,
- {
- fd_set active_fd_set/*, read_fd_set*/;
- int i, j, res = 0;
-- __sighandler_t old_sig_pipe;
-+ sighandler_t old_sig_pipe;
-
- int main_sock = 0;
- int data_sock = 0;
---
-2.11.0
-
diff --git a/poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.6.bb b/poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.7.bb
similarity index 88%
rename from poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.6.bb
rename to poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.7.bb
index 90e54db..e1b50fa 100644
--- a/poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.6.bb
+++ b/poky/meta/recipes-multimedia/alsa/alsa-tools_1.1.7.bb
@@ -9,13 +9,10 @@
file://ld10k1/COPYING.LIB;md5=a916467b91076e631dd8edb7424769c7 \
"
-SRC_URI = "ftp://ftp.alsa-project.org/pub/tools/${BP}.tar.bz2 \
- file://0002-Fix-clang-Wreserved-user-defined-literal-warnings.patch \
- file://musl.patch \
- "
+SRC_URI = "https://www.alsa-project.org/files/pub/tools/${BP}.tar.bz2"
-SRC_URI[md5sum] = "5ca8c9437ae779997cd62fb2815fef19"
-SRC_URI[sha256sum] = "d69c4dc2fb641a974d9903e9eb78c94cb0c7ac6c45bae664f0c9d6c0a1593227"
+SRC_URI[md5sum] = "475bdf6457bcf55c8c895d653ee56a54"
+SRC_URI[sha256sum] = "a0243328a8f6f691a3055c484fd8d3326393096325e93743b246029d327c4ef6"
inherit autotools-brokensep pkgconfig
# brokensep as as10k1 (and probably more) fail out of tree
@@ -38,7 +35,6 @@
PACKAGECONFIG[hdspconf] = ",,fltk"
PACKAGECONFIG[hdsploader] = ""
PACKAGECONFIG[hdspmixer] = ",,fltk"
-PACKAGECONFIG[hwmixvolume] = ",,,python-core python-pygtk"
PACKAGECONFIG[ld10k1] = ""
PACKAGECONFIG[mixartloader] = ""
PACKAGECONFIG[pcxhrloader] = ""
@@ -51,6 +47,10 @@
PACKAGECONFIG[usx2yloader] = ""
PACKAGECONFIG[vxloader] = ""
+# At the time of writing pyalsa is not packaged for OE, so this is not expected
+# to work.
+PACKAGECONFIG[hwmixvolume] = ",,,python-core python-pygobject pyalsa"
+
python do_configure() {
for subdir in d.getVar("PACKAGECONFIG").split():
subdir = subdir.replace("--", "/")
diff --git a/poky/meta/recipes-multimedia/alsa/alsa-utils-scripts_1.1.6.bb b/poky/meta/recipes-multimedia/alsa/alsa-utils-scripts_1.1.8.bb
similarity index 100%
rename from poky/meta/recipes-multimedia/alsa/alsa-utils-scripts_1.1.6.bb
rename to poky/meta/recipes-multimedia/alsa/alsa-utils-scripts_1.1.8.bb
diff --git a/poky/meta/recipes-multimedia/alsa/alsa-utils_1.1.6.bb b/poky/meta/recipes-multimedia/alsa/alsa-utils_1.1.8.bb
similarity index 88%
rename from poky/meta/recipes-multimedia/alsa/alsa-utils_1.1.6.bb
rename to poky/meta/recipes-multimedia/alsa/alsa-utils_1.1.8.bb
index b8ba0cb..96d54e5 100644
--- a/poky/meta/recipes-multimedia/alsa/alsa-utils_1.1.6.bb
+++ b/poky/meta/recipes-multimedia/alsa/alsa-utils_1.1.8.bb
@@ -19,11 +19,10 @@
PACKAGECONFIG[udev] = "--with-udev-rules-dir=`pkg-config --variable=udevdir udev`/rules.d,--with-udev-rules-dir=/unwanted/rules.d,udev"
PACKAGECONFIG[manpages] = "--enable-xmlto, --disable-xmlto, xmlto-native docbook-xml-dtd4-native docbook-xsl-stylesheets-native"
-SRC_URI = "ftp://ftp.alsa-project.org/pub/utils/alsa-utils-${PV}.tar.bz2 \
- "
-
-SRC_URI[md5sum] = "50ae75567459646b843bed78d916b002"
-SRC_URI[sha256sum] = "155caecc40b2220f686f34ba3655a53e3bdbc0586adb1056733949feaaf7d36e"
+# alsa-utils specified in SRC_URI due to alsa-utils-scripts recipe
+SRC_URI = "https://www.alsa-project.org/files/pub/utils/alsa-utils-${PV}.tar.bz2"
+SRC_URI[md5sum] = "54d6f9b483144823d0fc0c26e8cea028"
+SRC_URI[sha256sum] = "fd9bf528922b3829a91913b89a1858c58a0b24271a7b5f529923aa9ea12fa4cf"
# On build machines with python-docutils (not python3-docutils !!) installed
# rst2man (not rst2man.py) is detected and compile fails with
@@ -59,7 +58,7 @@
FILES_${PN} = ""
FILES_alsa-utils-alsabat = "${bindir}/alsabat"
FILES_alsa-utils-alsatplg = "${bindir}/alsatplg"
-FILES_alsa-utils-aplay = "${bindir}/aplay ${bindir}/arecord"
+FILES_alsa-utils-aplay = "${bindir}/aplay ${bindir}/arecord ${bindir}/axfer"
FILES_alsa-utils-amixer = "${bindir}/amixer"
FILES_alsa-utils-alsamixer = "${bindir}/alsamixer"
FILES_alsa-utils-speakertest = "${bindir}/speaker-test ${datadir}/sounds/alsa/ ${datadir}/alsa/speaker-test/"
@@ -67,10 +66,10 @@
FILES_alsa-utils-aconnect = "${bindir}/aconnect"
FILES_alsa-utils-aseqnet = "${bindir}/aseqnet"
FILES_alsa-utils-iecset = "${bindir}/iecset"
-FILES_alsa-utils-alsactl = "${sbindir}/alsactl */udev/rules.d */*/udev/rules.d ${systemd_unitdir} ${localstatedir}/lib/alsa ${datadir}/alsa/init/"
+FILES_alsa-utils-alsactl = "${sbindir}/alsactl */udev/rules.d/90-alsa-restore.rules */*/udev/rules.d/90-alsa-restore.rules ${systemd_unitdir} ${localstatedir}/lib/alsa ${datadir}/alsa/init/"
FILES_alsa-utils-aseqdump = "${bindir}/aseqdump"
FILES_alsa-utils-alsaloop = "${bindir}/alsaloop"
-FILES_alsa-utils-alsaucm = "${bindir}/alsaucm"
+FILES_alsa-utils-alsaucm = "${bindir}/alsaucm */udev/rules.d/89-alsa-ucm.rules */*/udev/rules.d/89-alsa-ucm.rules"
SUMMARY_alsa-utils-alsabat = "Command-line sound tester for ALSA sound card driver"
SUMMARY_alsa-utils-alsatplg = "Converts topology text files into binary format for kernel"
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2018-15822.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2018-15822.patch
deleted file mode 100644
index 7d5868a..0000000
--- a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2018-15822.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From 6b67d7f05918f7a1ee8fc6ff21355d7e8736aa10 Mon Sep 17 00:00:00 2001
-From: Michael Niedermayer <michael@niedermayer.cc>
-Date: Sat, 28 Jul 2018 15:03:50 +0200
-Subject: [PATCH] avformat/flvenc: Check audio packet size
-
-Fixes: Assertion failure
-Fixes: assert_flvenc.c:941_1.swf
-
-Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/6b67d7f05918f7a1ee8fc6ff21355d7e8736aa10]
-CVE: CVE-2018-15822
-
-Found-by: #CHEN HONGXU# <HCHEN017@e.ntu.edu.sg>
-Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
----
- libavformat/flvenc.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/libavformat/flvenc.c b/libavformat/flvenc.c
-index 1c552a3e6b..e4863f1fc7 100644
---- a/libavformat/flvenc.c
-+++ b/libavformat/flvenc.c
-@@ -883,6 +883,11 @@ static int flv_write_packet(AVFormatContext *s, AVPacket *pkt)
- int flags = -1, flags_size, ret;
- int64_t cur_offset = avio_tell(pb);
-
-+ if (par->codec_type == AVMEDIA_TYPE_AUDIO && !pkt->size) {
-+ av_log(s, AV_LOG_WARNING, "Empty audio Packet\n");
-+ return AVERROR(EINVAL);
-+ }
-+
- if (par->codec_id == AV_CODEC_ID_VP6F || par->codec_id == AV_CODEC_ID_VP6A ||
- par->codec_id == AV_CODEC_ID_VP6 || par->codec_id == AV_CODEC_ID_AAC)
- flags_size = 2;
---
-2.17.1
-
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.0.2.bb b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.1.1.bb
similarity index 96%
rename from poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.0.2.bb
rename to poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.1.1.bb
index 7d1af04..749b3d0 100644
--- a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.0.2.bb
+++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.1.1.bb
@@ -25,10 +25,9 @@
SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
file://mips64_cpu_detection.patch \
- file://CVE-2018-15822.patch \
"
-SRC_URI[md5sum] = "ae0bfdf809306a212b4f0e6eb8d1c75e"
-SRC_URI[sha256sum] = "a95c0cc9eb990e94031d2183f2e6e444cc61c99f6f182d1575c433d62afb2f97"
+SRC_URI[md5sum] = "720fc84617a2c38aeae79aff3689a567"
+SRC_URI[sha256sum] = "373749824dfd334d84e55dff406729edfd1606575ee44dd485d97d45ea4d2d86"
# Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717
ARM_INSTRUCTION_SET_armv4 = "arm"
@@ -43,7 +42,7 @@
inherit autotools pkgconfig
-PACKAGECONFIG ??= "avdevice avfilter avcodec avformat swresample swscale postproc \
+PACKAGECONFIG ??= "avdevice avfilter avcodec avformat swresample swscale postproc avresample \
bzlib gpl lzma theora x264 \
${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xv', '', d)}"
diff --git a/poky/meta/recipes-multimedia/gstreamer/files/0002-gstconfig.h.in-initial-RISC-V-support.patch b/poky/meta/recipes-multimedia/gstreamer/files/0002-gstconfig.h.in-initial-RISC-V-support.patch
new file mode 100644
index 0000000..db742de
--- /dev/null
+++ b/poky/meta/recipes-multimedia/gstreamer/files/0002-gstconfig.h.in-initial-RISC-V-support.patch
@@ -0,0 +1,30 @@
+From 8a156d1725ecd03f2e8cdc8874e081dda2d3b43d Mon Sep 17 00:00:00 2001
+From: Aurelien Jarno <aurelien@aurel32.net>
+Date: Sun, 15 Apr 2018 00:49:55 +0200
+Subject: [PATCH] gstconfig.h.in: initial RISC-V support
+
+RISC-V supports unaligned accesses, but these might run extremely slowly
+depending on the implementation. Therefore set GST_HAVE_UNALIGNED_ACCESS
+to 0 on this architecture.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=795271
+
+Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
+Upstream-Status: Accepted [1.15.1 - https://bugzilla.gnome.org/show_bug.cgi?id=795271]
+---
+ gst/gstconfig.h.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/gst/gstconfig.h.in b/gst/gstconfig.h.in
+index 6351c04da..33dfed1f6 100644
+--- a/gst/gstconfig.h.in
++++ b/gst/gstconfig.h.in
+@@ -104,7 +104,7 @@
+ * http://docs.oracle.com/cd/E19205-01/820-4155/c++_faq.html#Vers6
+ * https://software.intel.com/en-us/node/583402
+ */
+-#if defined(__alpha__) || defined(__arc__) || defined(__arm__) || defined(__aarch64__) || defined(__bfin) || defined(__hppa__) || defined(__nios2__) || defined(__MICROBLAZE__) || defined(__mips__) || defined(__or1k__) || defined(__sh__) || defined(__SH4__) || defined(__sparc__) || defined(__sparc) || defined(__ia64__) || defined(_M_ALPHA) || defined(_M_ARM) || defined(_M_IA64) || defined(__xtensa__) || defined(__e2k__)
++#if defined(__alpha__) || defined(__arc__) || defined(__arm__) || defined(__aarch64__) || defined(__bfin) || defined(__hppa__) || defined(__nios2__) || defined(__MICROBLAZE__) || defined(__mips__) || defined(__or1k__) || defined(__sh__) || defined(__SH4__) || defined(__sparc__) || defined(__sparc) || defined(__ia64__) || defined(_M_ALPHA) || defined(_M_ARM) || defined(_M_IA64) || defined(__xtensa__) || defined(__e2k__) || defined(__riscv)
+ # define GST_HAVE_UNALIGNED_ACCESS 0
+ #elif defined(__i386__) || defined(__i386) || defined(__amd64__) || defined(__amd64) || defined(__x86_64__) || defined(__ppc__) || defined(__ppc64__) || defined(__powerpc__) || defined(__powerpc64__) || defined(__m68k__) || defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || defined(__s390__) || defined(__s390x__) || defined(__zarch__)
+ # define GST_HAVE_UNALIGNED_ACCESS 1
diff --git a/poky/meta/recipes-multimedia/gstreamer/gst-examples_git.bb b/poky/meta/recipes-multimedia/gstreamer/gst-examples_git.bb
index 1d87f24..75ac9b7 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gst-examples_git.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gst-examples_git.bb
@@ -4,11 +4,11 @@
DEPENDS = "glib-2.0 gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-bad gtk+3 glib-2.0-native"
-SRC_URI = "git://anongit.freedesktop.org/gstreamer/gst-examples \
+SRC_URI = "git://gitlab.freedesktop.org/gstreamer/gst-examples.git;protocol=https \
file://0001-Make-player-examples-installable.patch \
file://gst-player.desktop"
-SRCREV = "48247c6ab6807d6ae179cf653cbdc64714d3313c"
+SRCREV = "2b3fc175c252cd5a537e4b2864b572a8372473d6"
PV = "0.0.1+git${SRCPV}"
UPSTREAM_CHECK_COMMITS = "1"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gst-plugins-package.inc b/poky/meta/recipes-multimedia/gstreamer/gst-plugins-package.inc
index 3fdb10e..6781e98 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gst-plugins-package.inc
+++ b/poky/meta/recipes-multimedia/gstreamer/gst-plugins-package.inc
@@ -6,26 +6,26 @@
postinst = d.getVar('plugin_postinst')
glibdir = d.getVar('libdir')
- do_split_packages(d, glibdir, '^lib(.*)\.so\.*', 'lib%s', 'gstreamer %s library', extra_depends='', allow_links=True)
- do_split_packages(d, gst_libdir, 'libgst(.*)\.so$', d.expand('${PN}-%s'), 'GStreamer plugin for %s', postinst=postinst, extra_depends='')
- do_split_packages(d, glibdir+'/girepository-1.0', 'Gst(.*)-1.0\.typelib$', d.expand('${PN}-%s-typelib'), 'GStreamer typelib file for %s', postinst=postinst, extra_depends='')
- do_split_packages(d, gst_libdir, 'libgst(.*)\.la$', d.expand('${PN}-%s-dev'), 'GStreamer plugin for %s (development files)', extra_depends='${PN}-dev')
- do_split_packages(d, gst_libdir, 'libgst(.*)\.a$', d.expand('${PN}-%s-staticdev'), 'GStreamer plugin for %s (static development files)', extra_depends='${PN}-staticdev')
+ do_split_packages(d, glibdir, r'^lib(.*)\.so\.*', 'lib%s', 'gstreamer %s library', extra_depends='', allow_links=True)
+ do_split_packages(d, gst_libdir, r'libgst(.*)\.so$', d.expand('${PN}-%s'), 'GStreamer plugin for %s', postinst=postinst, extra_depends='')
+ do_split_packages(d, glibdir+'/girepository-1.0', r'Gst(.*)-1.0\.typelib$', d.expand('${PN}-%s-typelib'), 'GStreamer typelib file for %s', postinst=postinst, extra_depends='')
+ do_split_packages(d, gst_libdir, r'libgst(.*)\.la$', d.expand('${PN}-%s-dev'), 'GStreamer plugin for %s (development files)', extra_depends='${PN}-dev')
+ do_split_packages(d, gst_libdir, r'libgst(.*)\.a$', d.expand('${PN}-%s-staticdev'), 'GStreamer plugin for %s (static development files)', extra_depends='${PN}-staticdev')
}
python set_metapkg_rdepends () {
import os
+ import oe.utils
pn = d.getVar('PN')
metapkg = pn + '-meta'
d.setVar('ALLOW_EMPTY_' + metapkg, "1")
d.setVar('FILES_' + metapkg, "")
- blacklist = [ pn, pn + '-locale', pn + '-dev', pn + '-dbg', pn + '-doc', pn + '-meta' ]
+ blacklist = [ pn, pn + '-meta' ]
metapkg_rdepends = []
- packages = d.getVar('PACKAGES').split()
pkgdest = d.getVar('PKGDEST')
- for pkg in packages[1:]:
- if not pkg in blacklist and not pkg in metapkg_rdepends and not pkg.endswith('-dev') and not pkg.endswith('-dbg') and not pkg.count('locale') and not pkg.count('-staticdev'):
+ for pkg in oe.utils.packages_filter_out_system(d):
+ if pkg not in blacklist and pkg not in metapkg_rdepends:
# See if the package is empty by looking at the contents of its PKGDEST subdirectory.
# If this subdirectory is empty, then the package is.
# Empty packages do not get added to the meta package's RDEPENDS
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.14.4.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.14.4.bb
index 8c7c235..4987be8 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.14.4.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.14.4.bb
@@ -18,7 +18,7 @@
LIC_FILES_CHKSUM = "file://COPYING;md5=73a5855a8119deb017f5f13cf327095d \
file://COPYING.LIB;md5=21682e4e8fea52413fd26c60acb907e5 "
-DEPENDS += "gstreamer1.0-plugins-base jpeg"
+DEPENDS += "gstreamer1.0-plugins-base"
inherit gettext bluetooth
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.14.4.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.14.4.bb
index c59ba1d..168e64d 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.14.4.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.14.4.bb
@@ -15,7 +15,7 @@
S = "${WORKDIR}/gst-plugins-ugly-${PV}"
-DEPENDS += "gstreamer1.0-plugins-base libid3tag"
+DEPENDS += "gstreamer1.0-plugins-base"
inherit gettext
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.14.4.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.14.4.bb
index 232234b..98c9a28 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.14.4.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.14.4.bb
@@ -25,6 +25,7 @@
file://gtk-doc-tweaks.patch \
file://0001-gst-gstpluginloader.c-when-env-var-is-set-do-not-fal.patch \
file://add-a-target-to-compile-tests.patch \
+ file://0002-gstconfig.h.in-initial-RISC-V-support.patch \
file://run-ptest \
"
SRC_URI[md5sum] = "f67fbbc42bd85a0701df119f52fb52bd"
diff --git a/poky/meta/recipes-multimedia/libid3tag/libid3tag/10_utf16.dpatch b/poky/meta/recipes-multimedia/libid3tag/libid3tag/10_utf16.patch
similarity index 100%
rename from poky/meta/recipes-multimedia/libid3tag/libid3tag/10_utf16.dpatch
rename to poky/meta/recipes-multimedia/libid3tag/libid3tag/10_utf16.patch
diff --git a/poky/meta/recipes-multimedia/libid3tag/libid3tag_0.15.1b.bb b/poky/meta/recipes-multimedia/libid3tag/libid3tag_0.15.1b.bb
index fe31646..43edd3f 100644
--- a/poky/meta/recipes-multimedia/libid3tag/libid3tag_0.15.1b.bb
+++ b/poky/meta/recipes-multimedia/libid3tag/libid3tag_0.15.1b.bb
@@ -13,7 +13,7 @@
file://addpkgconfig.patch \
file://obsolete_automake_macros.patch \
file://0001-Fix-gperf-3.1-incompatibility.patch \
- file://10_utf16.dpatch \
+ file://10_utf16.patch \
"
UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/mad/files/libid3tag/"
UPSTREAM_CHECK_REGEX = "/projects/mad/files/libid3tag/(?P<pver>.*)/$"
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/0001-a-ulaw-fix-multiple-buffer-overflows-432.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/0001-a-ulaw-fix-multiple-buffer-overflows-432.patch
index c3f44ca..a4679ce 100644
--- a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/0001-a-ulaw-fix-multiple-buffer-overflows-432.patch
+++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/0001-a-ulaw-fix-multiple-buffer-overflows-432.patch
@@ -1,3 +1,15 @@
+This patch fixes #429 (CVE-2018-19661 CVE-2018-19662) and #344 (CVE-2017-17456
+CVE-2017-17457). As per
+https://github.com/erikd/libsndfile/issues/344#issuecomment-448504425 it also
+fixes #317 (CVE-2017-14245 CVE-2017-14246).
+
+CVE: CVE-2017-14245 CVE-2017-14246
+CVE: CVE-2017-17456 CVE-2017-17457
+CVE: CVE-2018-19661 CVE-2018-19662
+
+Upstream-Status: Backport [8ddc442d539ca775d80cdbc7af17a718634a743f]
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+
From 39453899fe1bb39b2e041fdf51a85aecd177e9c7 Mon Sep 17 00:00:00 2001
From: Changqing Li <changqing.li@windriver.com>
Date: Mon, 7 Jan 2019 15:55:03 +0800
@@ -17,12 +29,6 @@
This commit fixes #429 (CVE-2018-19661 and CVE-2018-19662) and
fixes #344 (CVE-2017-17456 and CVE-2017-17457).
-Upstream-Status: Backport[https://github.com/erikd/libsndfile/
-commit/585cc28a93be27d6938f276af0011401b9f7c0ca]
-
-CVE: CVE-2017-17456 CVE-2017-17457 CVE-2018-19661 CVE-2018-19662
-
-Signed-off-by: Changqing Li <changqing.li@windriver.com>
---
src/alaw.c | 9 +++++++--
src/ulaw.c | 9 +++++++--
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-12562.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-12562.patch
new file mode 100644
index 0000000..491dae3
--- /dev/null
+++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-12562.patch
@@ -0,0 +1,96 @@
+Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in
+libsndfile through 1.0.28 allows remote attackers to cause a denial of service
+(application crash) or possibly have unspecified other impact.
+
+CVE: CVE-2017-12562
+Upstream-Status: Backport [cf7a8182c2642c50f1cf90dddea9ce96a8bad2e8]
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+
+From b6a9d7e95888ffa77d8c75ce3f03e6c7165587cd Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?J=C3=B6rn=20Heusipp?= <osmanx@problemloesungsmaschine.de>
+Date: Wed, 14 Jun 2017 12:25:40 +0200
+Subject: [PATCH] src/common.c: Fix heap buffer overflows when writing strings
+ in binheader
+
+Fixes the following problems:
+ 1. Case 's' only enlarges the buffer by 16 bytes instead of size bytes.
+ 2. psf_binheader_writef() enlarges the header buffer (if needed) prior to the
+ big switch statement by an amount (16 bytes) which is enough for all cases
+ where only a single value gets added. Cases 's', 'S', 'p' however
+ additionally write an arbitrary length block of data and again enlarge the
+ buffer to the required amount. However, the required space calculation does
+ not take into account the size of the length field which gets output before
+ the data.
+ 3. Buffer size requirement calculation in case 'S' does not account for the
+ padding byte ("size += (size & 1) ;" happens after the calculation which
+ uses "size").
+ 4. Case 'S' can overrun the header buffer by 1 byte when no padding is
+ involved
+ ("memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size + 1) ;" while
+ the buffer is only guaranteed to have "size" space available).
+ 5. "psf->header.ptr [psf->header.indx] = 0 ;" in case 'S' always writes 1 byte
+ beyond the space which is guaranteed to be allocated in the header buffer.
+ 6. Case 's' can overrun the provided source string by 1 byte if padding is
+ involved ("memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size) ;"
+ where "size" is "strlen (strptr) + 1" (which includes the 0 terminator,
+ plus optionally another 1 which is padding and not guaranteed to be
+ readable via the source string pointer).
+
+Closes: https://github.com/erikd/libsndfile/issues/292
+---
+ src/common.c | 15 +++++++--------
+ 1 file changed, 7 insertions(+), 8 deletions(-)
+
+diff --git a/src/common.c b/src/common.c
+index 1a6204ca..6b2a2ee9 100644
+--- a/src/common.c
++++ b/src/common.c
+@@ -681,16 +681,16 @@ psf_binheader_writef (SF_PRIVATE *psf, const char *format, ...)
+ /* Write a C string (guaranteed to have a zero terminator). */
+ strptr = va_arg (argptr, char *) ;
+ size = strlen (strptr) + 1 ;
+- size += (size & 1) ;
+
+- if (psf->header.indx + (sf_count_t) size >= psf->header.len && psf_bump_header_allocation (psf, 16))
++ if (psf->header.indx + 4 + (sf_count_t) size + (sf_count_t) (size & 1) > psf->header.len && psf_bump_header_allocation (psf, 4 + size + (size & 1)))
+ return count ;
+
+ if (psf->rwf_endian == SF_ENDIAN_BIG)
+- header_put_be_int (psf, size) ;
++ header_put_be_int (psf, size + (size & 1)) ;
+ else
+- header_put_le_int (psf, size) ;
++ header_put_le_int (psf, size + (size & 1)) ;
+ memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size) ;
++ size += (size & 1) ;
+ psf->header.indx += size ;
+ psf->header.ptr [psf->header.indx - 1] = 0 ;
+ count += 4 + size ;
+@@ -703,16 +703,15 @@ psf_binheader_writef (SF_PRIVATE *psf, const char *format, ...)
+ */
+ strptr = va_arg (argptr, char *) ;
+ size = strlen (strptr) ;
+- if (psf->header.indx + (sf_count_t) size > psf->header.len && psf_bump_header_allocation (psf, size))
++ if (psf->header.indx + 4 + (sf_count_t) size + (sf_count_t) (size & 1) > psf->header.len && psf_bump_header_allocation (psf, 4 + size + (size & 1)))
+ return count ;
+ if (psf->rwf_endian == SF_ENDIAN_BIG)
+ header_put_be_int (psf, size) ;
+ else
+ header_put_le_int (psf, size) ;
+- memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size + 1) ;
++ memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size + (size & 1)) ;
+ size += (size & 1) ;
+ psf->header.indx += size ;
+- psf->header.ptr [psf->header.indx] = 0 ;
+ count += 4 + size ;
+ break ;
+
+@@ -724,7 +723,7 @@ psf_binheader_writef (SF_PRIVATE *psf, const char *format, ...)
+ size = (size & 1) ? size : size + 1 ;
+ size = (size > 254) ? 254 : size ;
+
+- if (psf->header.indx + (sf_count_t) size > psf->header.len && psf_bump_header_allocation (psf, size))
++ if (psf->header.indx + 1 + (sf_count_t) size > psf->header.len && psf_bump_header_allocation (psf, 1 + size))
+ return count ;
+
+ header_put_byte (psf, size) ;
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-14245-14246.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-14245-14246.patch
deleted file mode 100644
index a17ec21..0000000
--- a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-14245-14246.patch
+++ /dev/null
@@ -1,121 +0,0 @@
-From 2d54514a4f6437b67829717c05472d2e3300a258 Mon Sep 17 00:00:00 2001
-From: Fabian Greffrath <fabian@greffrath.com>
-Date: Wed, 27 Sep 2017 14:46:17 +0200
-Subject: [PATCH] sfe_copy_data_fp: check value of "max" variable for being
- normal
-
-and check elements of the data[] array for being finite.
-
-Both checks use functions provided by the <math.h> header as declared
-by the C99 standard.
-
-Fixes #317
-CVE: CVE-2017-14245
-CVE: CVE-2017-14246
-
-Upstream-Status: Backport [https://github.com/fabiangreffrath/libsndfile/commit/2d54514a4f6437b67829717c05472d2e3300a258]
-
-Signed-off-by: Fabian Greffrath <fabian@greffrath.com>
-Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
----
- programs/common.c | 20 ++++++++++++++++----
- programs/common.h | 2 +-
- programs/sndfile-convert.c | 6 +++++-
- 3 files changed, 22 insertions(+), 6 deletions(-)
-
-diff --git a/programs/common.c b/programs/common.c
-index a21e62c..a249a58 100644
---- a/programs/common.c
-+++ b/programs/common.c
-@@ -36,6 +36,7 @@
- #include <string.h>
- #include <ctype.h>
- #include <stdint.h>
-+#include <math.h>
-
- #include <sndfile.h>
-
-@@ -45,7 +46,7 @@
-
- #define MIN(x, y) ((x) < (y) ? (x) : (y))
-
--void
-+int
- sfe_copy_data_fp (SNDFILE *outfile, SNDFILE *infile, int channels, int normalize)
- { static double data [BUFFER_LEN], max ;
- int frames, readcount, k ;
-@@ -54,6 +55,8 @@ sfe_copy_data_fp (SNDFILE *outfile, SNDFILE *infile, int channels, int normalize
- readcount = frames ;
-
- sf_command (infile, SFC_CALC_SIGNAL_MAX, &max, sizeof (max)) ;
-+ if (!isnormal (max)) /* neither zero, subnormal, infinite, nor NaN */
-+ return 1 ;
-
- if (!normalize && max < 1.0)
- { while (readcount > 0)
-@@ -67,12 +70,16 @@ sfe_copy_data_fp (SNDFILE *outfile, SNDFILE *infile, int channels, int normalize
- while (readcount > 0)
- { readcount = sf_readf_double (infile, data, frames) ;
- for (k = 0 ; k < readcount * channels ; k++)
-- data [k] /= max ;
-+ { data [k] /= max ;
-+
-+ if (!isfinite (data [k])) /* infinite or NaN */
-+ return 1;
-+ }
- sf_writef_double (outfile, data, readcount) ;
- } ;
- } ;
-
-- return ;
-+ return 0 ;
- } /* sfe_copy_data_fp */
-
- void
-@@ -252,7 +259,12 @@ sfe_apply_metadata_changes (const char * filenames [2], const METADATA_INFO * in
-
- /* If the input file is not the same as the output file, copy the data. */
- if ((infileminor == SF_FORMAT_DOUBLE) || (infileminor == SF_FORMAT_FLOAT))
-- sfe_copy_data_fp (outfile, infile, sfinfo.channels, SF_FALSE) ;
-+ { if (sfe_copy_data_fp (outfile, infile, sfinfo.channels, SF_FALSE) != 0)
-+ { printf ("Error : Not able to decode input file '%s'\n", filenames [0]) ;
-+ error_code = 1 ;
-+ goto cleanup_exit ;
-+ } ;
-+ }
- else
- sfe_copy_data_int (outfile, infile, sfinfo.channels) ;
- } ;
-diff --git a/programs/common.h b/programs/common.h
-index eda2d7d..986277e 100644
---- a/programs/common.h
-+++ b/programs/common.h
-@@ -62,7 +62,7 @@ typedef SF_BROADCAST_INFO_VAR (2048) SF_BROADCAST_INFO_2K ;
-
- void sfe_apply_metadata_changes (const char * filenames [2], const METADATA_INFO * info) ;
-
--void sfe_copy_data_fp (SNDFILE *outfile, SNDFILE *infile, int channels, int normalize) ;
-+int sfe_copy_data_fp (SNDFILE *outfile, SNDFILE *infile, int channels, int normalize) ;
-
- void sfe_copy_data_int (SNDFILE *outfile, SNDFILE *infile, int channels) ;
-
-diff --git a/programs/sndfile-convert.c b/programs/sndfile-convert.c
-index dff7f79..e6de593 100644
---- a/programs/sndfile-convert.c
-+++ b/programs/sndfile-convert.c
-@@ -335,7 +335,11 @@ main (int argc, char * argv [])
- || (outfileminor == SF_FORMAT_DOUBLE) || (outfileminor == SF_FORMAT_FLOAT)
- || (infileminor == SF_FORMAT_DOUBLE) || (infileminor == SF_FORMAT_FLOAT)
- || (infileminor == SF_FORMAT_VORBIS) || (outfileminor == SF_FORMAT_VORBIS))
-- sfe_copy_data_fp (outfile, infile, sfinfo.channels, normalize) ;
-+ { if (sfe_copy_data_fp (outfile, infile, sfinfo.channels, normalize) != 0)
-+ { printf ("Error : Not able to decode input file %s.\n", infilename) ;
-+ return 1 ;
-+ } ;
-+ }
- else
- sfe_copy_data_int (outfile, infile, sfinfo.channels) ;
-
---
-2.7.4
-
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch
index 4ae3674..707373d 100644
--- a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch
+++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch
@@ -1,23 +1,25 @@
-From 5473aeef7875e54bd0f786fbdd259a35aaee875c Mon Sep 17 00:00:00 2001
-From: Changqing Li <changqing.li@windriver.com>
-Date: Wed, 10 Oct 2018 08:59:30 +0800
-Subject: [PATCH] libsndfile1: patch for CVE-2018-13139
-
-Upstream-Status: Backport [https://github.com/bwarden/libsndfile/
-commit/df18323c622b54221ee7ace74b177cdcccc152d7]
-
CVE: CVE-2018-13139
+Upstream-Status: Backport [9dc989eb89cd697e19897afa616d6ab0debe4822]
+Signed-off-by: Ross Burton <ross.burton@intel.com>
-Signed-off-by: Changqing Li <changqing.li@windriver.com>
+From 9dc989eb89cd697e19897afa616d6ab0debe4822 Mon Sep 17 00:00:00 2001
+From: "Brett T. Warden" <brett.t.warden@intel.com>
+Date: Tue, 28 Aug 2018 12:01:17 -0700
+Subject: [PATCH] Check MAX_CHANNELS in sndfile-deinterleave
+
+Allocated buffer has space for only 16 channels. Verify that input file
+meets this limit.
+
+Fixes #397
---
- programs/sndfile-deinterleave.c | 6 ++++++
- 1 file changed, 6 insertions(+)
+ programs/sndfile-deinterleave.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
diff --git a/programs/sndfile-deinterleave.c b/programs/sndfile-deinterleave.c
-index e27593e..721bee7 100644
+index e27593e2..cb497e1f 100644
--- a/programs/sndfile-deinterleave.c
+++ b/programs/sndfile-deinterleave.c
-@@ -89,6 +89,12 @@ main (int argc, char **argv)
+@@ -89,6 +89,13 @@ main (int argc, char **argv)
exit (1) ;
} ;
@@ -27,9 +29,9 @@
+ exit (1) ;
+ } ;
+
++
state.channels = sfinfo.channels ;
sfinfo.channels = 1 ;
--
-2.7.4
-
+2.11.0
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-19758.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-19758.patch
new file mode 100644
index 0000000..c3586f9
--- /dev/null
+++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-19758.patch
@@ -0,0 +1,34 @@
+There is a heap-based buffer over-read at wav.c in wav_write_header in
+libsndfile 1.0.28 that will cause a denial of service.
+
+CVE: CVE-2018-19758
+Upstream-Status: Backport [42132c543358cee9f7c3e9e9b15bb6c1063a608e]
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+
+From c12173b0197dd0c5cfa2cd27977e982d2ae59486 Mon Sep 17 00:00:00 2001
+From: Erik de Castro Lopo <erikd@mega-nerd.com>
+Date: Tue, 1 Jan 2019 20:11:46 +1100
+Subject: [PATCH] src/wav.c: Fix heap read overflow
+
+This is CVE-2018-19758.
+
+Closes: https://github.com/erikd/libsndfile/issues/435
+---
+ src/wav.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/wav.c b/src/wav.c
+index e8405b55..6fb94ae8 100644
+--- a/src/wav.c
++++ b/src/wav.c
+@@ -1094,6 +1094,8 @@ wav_write_header (SF_PRIVATE *psf, int calc_length)
+ psf_binheader_writef (psf, "44", 0, 0) ; /* SMTPE format */
+ psf_binheader_writef (psf, "44", psf->instrument->loop_count, 0) ;
+
++ /* Loop count is signed 16 bit number so we limit it range to something sensible. */
++ psf->instrument->loop_count &= 0x7fff ;
+ for (tmp = 0 ; tmp < psf->instrument->loop_count ; tmp++)
+ { int type ;
+
+--
+2.11.0
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2019-3832.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2019-3832.patch
new file mode 100644
index 0000000..ab37211
--- /dev/null
+++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2019-3832.patch
@@ -0,0 +1,37 @@
+From 43886efc408c21e1e329086ef70c88860310f25b Mon Sep 17 00:00:00 2001
+From: Emilio Pozuelo Monfort <pochu27@gmail.com>
+Date: Tue, 5 Mar 2019 11:27:17 +0100
+Subject: [PATCH] wav_write_header: don't read past the array end
+
+CVE-2018-19758 wasn't entirely fixed in the fix, so fix it harder.
+
+CVE: CVE-2019-3832
+Upstream-Status: Backport [7408c4c788ce047d4e652b60a04e7796bcd7267e]
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+
+If loop_count is bigger than the array, truncate it to the array
+length (and not to 32k).
+
+CVE-2019-3832
+
+---
+ src/wav.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/src/wav.c b/src/wav.c
+index daae3cc..8851549 100644
+--- a/src/wav.c
++++ b/src/wav.c
+@@ -1094,8 +1094,10 @@ wav_write_header (SF_PRIVATE *psf, int calc_length)
+ psf_binheader_writef (psf, "44", 0, 0) ; /* SMTPE format */
+ psf_binheader_writef (psf, "44", psf->instrument->loop_count, 0) ;
+
+- /* Loop count is signed 16 bit number so we limit it range to something sensible. */
+- psf->instrument->loop_count &= 0x7fff ;
++ /* Make sure we don't read past the loops array end. */
++ if (psf->instrument->loop_count > ARRAY_LEN (psf->instrument->loops))
++ psf->instrument->loop_count = ARRAY_LEN (psf->instrument->loops) ;
++
+ for (tmp = 0 ; tmp < psf->instrument->loop_count ; tmp++)
+ { int type ;
+
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb b/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
index 9700f4a..77393db 100644
--- a/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
+++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
@@ -10,11 +10,13 @@
file://CVE-2017-8361-8365.patch \
file://CVE-2017-8362.patch \
file://CVE-2017-8363.patch \
- file://CVE-2017-14245-14246.patch \
file://CVE-2017-14634.patch \
file://CVE-2018-13139.patch \
file://0001-a-ulaw-fix-multiple-buffer-overflows-432.patch \
file://CVE-2018-19432.patch \
+ file://CVE-2017-12562.patch \
+ file://CVE-2018-19758.patch \
+ file://CVE-2019-3832.patch \
"
SRC_URI[md5sum] = "646b5f98ce89ac60cdb060fcd398247c"
diff --git a/poky/meta/recipes-multimedia/libtiff/files/CVE-2017-17095.patch b/poky/meta/recipes-multimedia/libtiff/files/CVE-2017-17095.patch
deleted file mode 100644
index 9b9962e..0000000
--- a/poky/meta/recipes-multimedia/libtiff/files/CVE-2017-17095.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From 9171da596c88e6a2dadcab4a3a89dddd6e1b4655 Mon Sep 17 00:00:00 2001
-From: Nathan Baker <elitebadger@gmail.com>
-Date: Thu, 25 Jan 2018 21:28:15 +0000
-Subject: [PATCH] Add workaround to pal2rgb buffer overflow.
-
-CVE: CVE-2017-17095
-
-Upstream-Status: Backport (unchanged) [gitlab.com/libtiff/libtiff/commit/9171da5...]
-
-Signed-off-by: Joe Slater <joe.slater@windriver.com.
-
----
- tools/pal2rgb.c | 17 +++++++++++++++--
- 1 file changed, 15 insertions(+), 2 deletions(-)
-
-diff --git a/tools/pal2rgb.c b/tools/pal2rgb.c
-index 0423598..01fcf94 100644
---- a/tools/pal2rgb.c
-+++ b/tools/pal2rgb.c
-@@ -182,8 +182,21 @@ main(int argc, char* argv[])
- { unsigned char *ibuf, *obuf;
- register unsigned char* pp;
- register uint32 x;
-- ibuf = (unsigned char*)_TIFFmalloc(TIFFScanlineSize(in));
-- obuf = (unsigned char*)_TIFFmalloc(TIFFScanlineSize(out));
-+ tmsize_t tss_in = TIFFScanlineSize(in);
-+ tmsize_t tss_out = TIFFScanlineSize(out);
-+ if (tss_out / tss_in < 3) {
-+ /*
-+ * BUG 2750: The following code does not know about chroma
-+ * subsampling of JPEG data. It assumes that the output buffer is 3x
-+ * the length of the input buffer due to exploding the palette into
-+ * RGB tuples. If this assumption is incorrect, it could lead to a
-+ * buffer overflow. Go ahead and fail now to prevent that.
-+ */
-+ fprintf(stderr, "Could not determine correct image size for output. Exiting.\n");
-+ return -1;
-+ }
-+ ibuf = (unsigned char*)_TIFFmalloc(tss_in);
-+ obuf = (unsigned char*)_TIFFmalloc(tss_out);
- switch (config) {
- case PLANARCONFIG_CONTIG:
- for (row = 0; row < imagelength; row++) {
---
-1.7.9.5
-
diff --git a/poky/meta/recipes-multimedia/libtiff/files/CVE-2017-18013.patch b/poky/meta/recipes-multimedia/libtiff/files/CVE-2017-18013.patch
deleted file mode 100644
index 878e0de..0000000
--- a/poky/meta/recipes-multimedia/libtiff/files/CVE-2017-18013.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From 293c8b0298e91d20ba51291e2351ab7d110671d0 Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Sun, 31 Dec 2017 15:09:41 +0100
-Subject: [PATCH] libtiff/tif_print.c: TIFFPrintDirectory(): fix null pointer
- dereference on corrupted file. Fixes
- http://bugzilla.maptools.org/show_bug.cgi?id=2770
-
-Upstream-Status: Backport
-[https://gitlab.com/libtiff/libtiff/commit/c6f41df7b581402dfba3c19a1e3df4454c551a01]
-
-CVE: CVE-2017-18013
-
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
----
- libtiff/tif_print.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/libtiff/tif_print.c b/libtiff/tif_print.c
-index 24d4b98..f494cfb 100644
---- a/libtiff/tif_print.c
-+++ b/libtiff/tif_print.c
-@@ -667,13 +667,13 @@ TIFFPrintDirectory(TIFF* tif, FILE* fd, long flags)
- #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
- fprintf(fd, " %3lu: [%8I64u, %8I64u]\n",
- (unsigned long) s,
-- (unsigned __int64) td->td_stripoffset[s],
-- (unsigned __int64) td->td_stripbytecount[s]);
-+ td->td_stripoffset ? (unsigned __int64) td->td_stripoffset[s] : 0,
-+ td->td_stripbytecount ? (unsigned __int64) td->td_stripbytecount[s] : 0);
- #else
- fprintf(fd, " %3lu: [%8llu, %8llu]\n",
- (unsigned long) s,
-- (unsigned long long) td->td_stripoffset[s],
-- (unsigned long long) td->td_stripbytecount[s]);
-+ td->td_stripoffset ? (unsigned long long) td->td_stripoffset[s] : 0,
-+ td->td_stripbytecount ? (unsigned long long) td->td_stripbytecount[s] : 0);
- #endif
- }
- }
---
-2.7.4
-
diff --git a/poky/meta/recipes-multimedia/libtiff/files/CVE-2017-9935.patch b/poky/meta/recipes-multimedia/libtiff/files/CVE-2017-9935.patch
deleted file mode 100644
index 60684dd..0000000
--- a/poky/meta/recipes-multimedia/libtiff/files/CVE-2017-9935.patch
+++ /dev/null
@@ -1,160 +0,0 @@
-From abb0055d21c52a9925314d5b0628fb2b6307619c Mon Sep 17 00:00:00 2001
-From: Brian May <brian@linuxpenguins.xyz>
-Date: Thu, 7 Dec 2017 07:46:47 +1100
-Subject: [PATCH] tiff2pdf: Fix CVE-2017-9935
-
-Fix for http://bugzilla.maptools.org/show_bug.cgi?id=2704
-
-This vulnerability - at least for the supplied test case - is because we
-assume that a tiff will only have one transfer function that is the same
-for all pages. This is not required by the TIFF standards.
-
-We than read the transfer function for every page. Depending on the
-transfer function, we allocate either 2 or 4 bytes to the XREF buffer.
-We allocate this memory after we read in the transfer function for the
-page.
-
-For the first exploit - POC1, this file has 3 pages. For the first page
-we allocate 2 extra extra XREF entries. Then for the next page 2 more
-entries. Then for the last page the transfer function changes and we
-allocate 4 more entries.
-
-When we read the file into memory, we assume we have 4 bytes extra for
-each and every page (as per the last transfer function we read). Which
-is not correct, we only have 2 bytes extra for the first 2 pages. As a
-result, we end up writing past the end of the buffer.
-
-There are also some related issues that this also fixes. For example,
-TIFFGetField can return uninitalized pointer values, and the logic to
-detect a N=3 vs N=1 transfer function seemed rather strange.
-
-It is also strange that we declare the transfer functions to be of type
-float, when the standard says they are unsigned 16 bit values. This is
-fixed in another patch.
-
-This patch will check to ensure that the N value for every transfer
-function is the same for every page. If this changes, we abort with an
-error. In theory, we should perhaps check that the transfer function
-itself is identical for every page, however we don't do that due to the
-confusion of the type of the data in the transfer function.
-
-Upstream-Status: Backport
-[https://gitlab.com/libtiff/libtiff/commit/3dd8f6a357981a4090f126ab9025056c938b6940]
-
-CVE: CVE-2017-9935
-
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
----
- libtiff/tif_dir.c | 3 +++
- tools/tiff2pdf.c | 65 +++++++++++++++++++++++++++++++++++++------------------
- 2 files changed, 47 insertions(+), 21 deletions(-)
-
-diff --git a/libtiff/tif_dir.c b/libtiff/tif_dir.c
-index f00f808..c36a5f3 100644
---- a/libtiff/tif_dir.c
-+++ b/libtiff/tif_dir.c
-@@ -1067,6 +1067,9 @@ _TIFFVGetField(TIFF* tif, uint32 tag, va_list ap)
- if (td->td_samplesperpixel - td->td_extrasamples > 1) {
- *va_arg(ap, uint16**) = td->td_transferfunction[1];
- *va_arg(ap, uint16**) = td->td_transferfunction[2];
-+ } else {
-+ *va_arg(ap, uint16**) = NULL;
-+ *va_arg(ap, uint16**) = NULL;
- }
- break;
- case TIFFTAG_REFERENCEBLACKWHITE:
-diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c
-index 454befb..0b5973e 100644
---- a/tools/tiff2pdf.c
-+++ b/tools/tiff2pdf.c
-@@ -1047,6 +1047,8 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){
- uint16 pagen=0;
- uint16 paged=0;
- uint16 xuint16=0;
-+ uint16 tiff_transferfunctioncount=0;
-+ float* tiff_transferfunction[3];
-
- directorycount=TIFFNumberOfDirectories(input);
- t2p->tiff_pages = (T2P_PAGE*) _TIFFmalloc(TIFFSafeMultiply(tmsize_t,directorycount,sizeof(T2P_PAGE)));
-@@ -1147,26 +1149,48 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){
- }
- #endif
- if (TIFFGetField(input, TIFFTAG_TRANSFERFUNCTION,
-- &(t2p->tiff_transferfunction[0]),
-- &(t2p->tiff_transferfunction[1]),
-- &(t2p->tiff_transferfunction[2]))) {
-- if((t2p->tiff_transferfunction[1] != (float*) NULL) &&
-- (t2p->tiff_transferfunction[2] != (float*) NULL) &&
-- (t2p->tiff_transferfunction[1] !=
-- t2p->tiff_transferfunction[0])) {
-- t2p->tiff_transferfunctioncount = 3;
-- t2p->tiff_pages[i].page_extra += 4;
-- t2p->pdf_xrefcount += 4;
-- } else {
-- t2p->tiff_transferfunctioncount = 1;
-- t2p->tiff_pages[i].page_extra += 2;
-- t2p->pdf_xrefcount += 2;
-- }
-- if(t2p->pdf_minorversion < 2)
-- t2p->pdf_minorversion = 2;
-+ &(tiff_transferfunction[0]),
-+ &(tiff_transferfunction[1]),
-+ &(tiff_transferfunction[2]))) {
-+
-+ if((tiff_transferfunction[1] != (float*) NULL) &&
-+ (tiff_transferfunction[2] != (float*) NULL)
-+ ) {
-+ tiff_transferfunctioncount=3;
-+ } else {
-+ tiff_transferfunctioncount=1;
-+ }
- } else {
-- t2p->tiff_transferfunctioncount=0;
-+ tiff_transferfunctioncount=0;
- }
-+
-+ if (i > 0){
-+ if (tiff_transferfunctioncount != t2p->tiff_transferfunctioncount){
-+ TIFFError(
-+ TIFF2PDF_MODULE,
-+ "Different transfer function on page %d",
-+ i);
-+ t2p->t2p_error = T2P_ERR_ERROR;
-+ return;
-+ }
-+ }
-+
-+ t2p->tiff_transferfunctioncount = tiff_transferfunctioncount;
-+ t2p->tiff_transferfunction[0] = tiff_transferfunction[0];
-+ t2p->tiff_transferfunction[1] = tiff_transferfunction[1];
-+ t2p->tiff_transferfunction[2] = tiff_transferfunction[2];
-+ if(tiff_transferfunctioncount == 3){
-+ t2p->tiff_pages[i].page_extra += 4;
-+ t2p->pdf_xrefcount += 4;
-+ if(t2p->pdf_minorversion < 2)
-+ t2p->pdf_minorversion = 2;
-+ } else if (tiff_transferfunctioncount == 1){
-+ t2p->tiff_pages[i].page_extra += 2;
-+ t2p->pdf_xrefcount += 2;
-+ if(t2p->pdf_minorversion < 2)
-+ t2p->pdf_minorversion = 2;
-+ }
-+
- if( TIFFGetField(
- input,
- TIFFTAG_ICCPROFILE,
-@@ -1828,9 +1852,8 @@ void t2p_read_tiff_data(T2P* t2p, TIFF* input){
- &(t2p->tiff_transferfunction[1]),
- &(t2p->tiff_transferfunction[2]))) {
- if((t2p->tiff_transferfunction[1] != (float*) NULL) &&
-- (t2p->tiff_transferfunction[2] != (float*) NULL) &&
-- (t2p->tiff_transferfunction[1] !=
-- t2p->tiff_transferfunction[0])) {
-+ (t2p->tiff_transferfunction[2] != (float*) NULL)
-+ ) {
- t2p->tiff_transferfunctioncount=3;
- } else {
- t2p->tiff_transferfunctioncount=1;
---
-2.7.4
-
diff --git a/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch b/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
deleted file mode 100644
index 7252298..0000000
--- a/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-10963.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From de144fd228e4be8aa484c3caf3d814b6fa88c6d9 Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Sat, 12 May 2018 14:24:15 +0200
-Subject: [PATCH] TIFFWriteDirectorySec: avoid assertion. Fixes
- http://bugzilla.maptools.org/show_bug.cgi?id=2795.
- CVE-2018-10963
-
----
-CVE: CVE-2018-10963
-
-Upstream-Status: Backport [gitlab.com/libtiff/libtiff/commit/de144f...]
-
-Signed-off-by: Joe Slater <joe.slater@windriver.com>
-
----
- libtiff/tif_dirwrite.c | 7 +++++--
- 1 file changed, 5 insertions(+), 2 deletions(-)
-
-diff --git a/libtiff/tif_dirwrite.c b/libtiff/tif_dirwrite.c
-index 2430de6..c15a28d 100644
---- a/libtiff/tif_dirwrite.c
-+++ b/libtiff/tif_dirwrite.c
-@@ -695,8 +695,11 @@ TIFFWriteDirectorySec(TIFF* tif, int isimage, int imagedone, uint64* pdiroff)
- }
- break;
- default:
-- assert(0); /* we should never get here */
-- break;
-+ TIFFErrorExt(tif->tif_clientdata,module,
-+ "Cannot write tag %d (%s)",
-+ TIFFFieldTag(o),
-+ o->field_name ? o->field_name : "unknown");
-+ goto bad;
- }
- }
- }
---
-1.7.9.5
-
diff --git a/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-5784.patch b/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-5784.patch
deleted file mode 100644
index 406001d..0000000
--- a/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-5784.patch
+++ /dev/null
@@ -1,135 +0,0 @@
-From 6cdea15213be6b67d9f8380c7bb40e325d3adace Mon Sep 17 00:00:00 2001
-From: Nathan Baker <nathanb@lenovo-chrome.com>
-Date: Tue, 6 Feb 2018 10:13:57 -0500
-Subject: [PATCH] Fix for bug 2772
-
-It is possible to craft a TIFF document where the IFD list is circular,
-leading to an infinite loop while traversing the chain. The libtiff
-directory reader has a failsafe that will break out of this loop after
-reading 65535 directory entries, but it will continue processing,
-consuming time and resources to process what is essentially a bogus TIFF
-document.
-
-This change fixes the above behavior by breaking out of processing when
-a TIFF document has >= 65535 directories and terminating with an error.
-
-Upstream-Status: Backport
-[https://gitlab.com/libtiff/libtiff/commit/473851d211cf8805a161820337ca74cc9615d6ef]
-
-CVE: CVE-2018-5784
-
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
----
- contrib/addtiffo/tif_overview.c | 14 +++++++++++++-
- tools/tiff2pdf.c | 10 ++++++++++
- tools/tiffcrop.c | 13 +++++++++++--
- 3 files changed, 34 insertions(+), 3 deletions(-)
-
-diff --git a/contrib/addtiffo/tif_overview.c b/contrib/addtiffo/tif_overview.c
-index c61ffbb..03b3573 100644
---- a/contrib/addtiffo/tif_overview.c
-+++ b/contrib/addtiffo/tif_overview.c
-@@ -65,6 +65,8 @@
- # define MAX(a,b) ((a>b) ? a : b)
- #endif
-
-+#define TIFF_DIR_MAX 65534
-+
- void TIFFBuildOverviews( TIFF *, int, int *, int, const char *,
- int (*)(double,void*), void * );
-
-@@ -91,6 +93,7 @@ uint32 TIFF_WriteOverview( TIFF *hTIFF, uint32 nXSize, uint32 nYSize,
- {
- toff_t nBaseDirOffset;
- toff_t nOffset;
-+ tdir_t iNumDir;
-
- (void) bUseSubIFDs;
-
-@@ -147,7 +150,16 @@ uint32 TIFF_WriteOverview( TIFF *hTIFF, uint32 nXSize, uint32 nYSize,
- return 0;
-
- TIFFWriteDirectory( hTIFF );
-- TIFFSetDirectory( hTIFF, (tdir_t) (TIFFNumberOfDirectories(hTIFF)-1) );
-+ iNumDir = TIFFNumberOfDirectories(hTIFF);
-+ if( iNumDir > TIFF_DIR_MAX )
-+ {
-+ TIFFErrorExt( TIFFClientdata(hTIFF),
-+ "TIFF_WriteOverview",
-+ "File `%s' has too many directories.\n",
-+ TIFFFileName(hTIFF) );
-+ exit(-1);
-+ }
-+ TIFFSetDirectory( hTIFF, (tdir_t) (iNumDir - 1) );
-
- nOffset = TIFFCurrentDirOffset( hTIFF );
-
-diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c
-index 0b5973e..ef5d6a0 100644
---- a/tools/tiff2pdf.c
-+++ b/tools/tiff2pdf.c
-@@ -68,6 +68,8 @@ extern int getopt(int, char**, char*);
-
- #define PS_UNIT_SIZE 72.0F
-
-+#define TIFF_DIR_MAX 65534
-+
- /* This type is of PDF color spaces. */
- typedef enum {
- T2P_CS_BILEVEL = 0x01, /* Bilevel, black and white */
-@@ -1051,6 +1053,14 @@ void t2p_read_tiff_init(T2P* t2p, TIFF* input){
- float* tiff_transferfunction[3];
-
- directorycount=TIFFNumberOfDirectories(input);
-+ if(directorycount > TIFF_DIR_MAX) {
-+ TIFFError(
-+ TIFF2PDF_MODULE,
-+ "TIFF contains too many directories, %s",
-+ TIFFFileName(input));
-+ t2p->t2p_error = T2P_ERR_ERROR;
-+ return;
-+ }
- t2p->tiff_pages = (T2P_PAGE*) _TIFFmalloc(TIFFSafeMultiply(tmsize_t,directorycount,sizeof(T2P_PAGE)));
- if(t2p->tiff_pages==NULL){
- TIFFError(
-diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
-index c69177e..c60cb38 100644
---- a/tools/tiffcrop.c
-+++ b/tools/tiffcrop.c
-@@ -217,6 +217,8 @@ extern int getopt(int argc, char * const argv[], const char *optstring);
- #define DUMP_TEXT 1
- #define DUMP_RAW 2
-
-+#define TIFF_DIR_MAX 65534
-+
- /* Offsets into buffer for margins and fixed width and length segments */
- struct offset {
- uint32 tmargin;
-@@ -2233,7 +2235,7 @@ main(int argc, char* argv[])
- pageNum = -1;
- else
- total_images = 0;
-- /* read multiple input files and write to output file(s) */
-+ /* Read multiple input files and write to output file(s) */
- while (optind < argc - 1)
- {
- in = TIFFOpen (argv[optind], "r");
-@@ -2241,7 +2243,14 @@ main(int argc, char* argv[])
- return (-3);
-
- /* If only one input file is specified, we can use directory count */
-- total_images = TIFFNumberOfDirectories(in);
-+ total_images = TIFFNumberOfDirectories(in);
-+ if (total_images > TIFF_DIR_MAX)
-+ {
-+ TIFFError (TIFFFileName(in), "File contains too many directories");
-+ if (out != NULL)
-+ (void) TIFFClose(out);
-+ return (1);
-+ }
- if (image_count == 0)
- {
- dirnum = 0;
---
-2.7.4
-
diff --git a/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-7456.patch b/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-7456.patch
deleted file mode 100644
index 2c11f93..0000000
--- a/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-7456.patch
+++ /dev/null
@@ -1,178 +0,0 @@
-From be4c85b16e8801a16eec25e80eb9f3dd6a96731b Mon Sep 17 00:00:00 2001
-From: Hugo Lefeuvre <hle@debian.org>
-Date: Sun, 8 Apr 2018 14:07:08 -0400
-Subject: [PATCH] Fix NULL pointer dereference in TIFFPrintDirectory
-
-The TIFFPrintDirectory function relies on the following assumptions,
-supposed to be guaranteed by the specification:
-
-(a) A Transfer Function field is only present if the TIFF file has
- photometric type < 3.
-
-(b) If SamplesPerPixel > Color Channels, then the ExtraSamples field
- has count SamplesPerPixel - (Color Channels) and contains
- information about supplementary channels.
-
-While respect of (a) and (b) are essential for the well functioning of
-TIFFPrintDirectory, no checks are realized neither by the callee nor
-by TIFFPrintDirectory itself. Hence, following scenarios might happen
-and trigger the NULL pointer dereference:
-
-(1) TIFF File of photometric type 4 or more has illegal Transfer
- Function field.
-
-(2) TIFF File has photometric type 3 or less and defines a
- SamplesPerPixel field such that SamplesPerPixel > Color Channels
- without defining all extra samples in the ExtraSamples fields.
-
-In this patch, we address both issues with respect of the following
-principles:
-
-(A) In the case of (1), the defined transfer table should be printed
- safely even if it isn't 'legal'. This allows us to avoid expensive
- checks in TIFFPrintDirectory. Also, it is quite possible that
- an alternative photometric type would be developed (not part of the
- standard) and would allow definition of Transfer Table. We want
- libtiff to be able to handle this scenario out of the box.
-
-(B) In the case of (2), the transfer table should be printed at its
- right size, that is if TIFF file has photometric type Palette
- then the transfer table should have one row and not three, even
- if two extra samples are declared.
-
-In order to fulfill (A) we simply add a new 'i < 3' end condition to
-the broken TIFFPrintDirectory loop. This makes sure that in any case
-where (b) would be respected but not (a), everything stays fine.
-
-(B) is fulfilled by the loop condition
-'i < td->td_samplesperpixel - td->td_extrasamples'. This is enough as
-long as (b) is respected.
-
-Naturally, we also make sure (b) is respected. This is done in the
-TIFFReadDirectory function by making sure any non-color channel is
-counted in ExtraSamples.
-
-This commit addresses CVE-2018-7456.
-
----
-CVE: CVE-2018-7456
-
-Upstream-Status: Backport [gitlab.com/libtiff/libtiff/commit/be4c85b...]
-
-Signed-off-by: Joe Slater <joe.slater@windriver.com>
-
----
- libtiff/tif_dirread.c | 62 +++++++++++++++++++++++++++++++++++++++++++++++++
- libtiff/tif_print.c | 2 +-
- 2 files changed, 63 insertions(+), 1 deletion(-)
-
-diff --git a/libtiff/tif_dirread.c b/libtiff/tif_dirread.c
-index 6baa7b3..af5b84a 100644
---- a/libtiff/tif_dirread.c
-+++ b/libtiff/tif_dirread.c
-@@ -165,6 +165,7 @@ static int TIFFFetchStripThing(TIFF* tif, TIFFDirEntry* dir, uint32 nstrips, uin
- static int TIFFFetchSubjectDistance(TIFF*, TIFFDirEntry*);
- static void ChopUpSingleUncompressedStrip(TIFF*);
- static uint64 TIFFReadUInt64(const uint8 *value);
-+static int _TIFFGetMaxColorChannels(uint16 photometric);
-
- static int _TIFFFillStrilesInternal( TIFF *tif, int loadStripByteCount );
-
-@@ -3505,6 +3506,35 @@ static void TIFFReadDirEntryOutputErr(TIFF* tif, enum TIFFReadDirEntryErr err, c
- }
-
- /*
-+ * Return the maximum number of color channels specified for a given photometric
-+ * type. 0 is returned if photometric type isn't supported or no default value
-+ * is defined by the specification.
-+ */
-+static int _TIFFGetMaxColorChannels( uint16 photometric )
-+{
-+ switch (photometric) {
-+ case PHOTOMETRIC_PALETTE:
-+ case PHOTOMETRIC_MINISWHITE:
-+ case PHOTOMETRIC_MINISBLACK:
-+ return 1;
-+ case PHOTOMETRIC_YCBCR:
-+ case PHOTOMETRIC_RGB:
-+ case PHOTOMETRIC_CIELAB:
-+ return 3;
-+ case PHOTOMETRIC_SEPARATED:
-+ case PHOTOMETRIC_MASK:
-+ return 4;
-+ case PHOTOMETRIC_LOGL:
-+ case PHOTOMETRIC_LOGLUV:
-+ case PHOTOMETRIC_CFA:
-+ case PHOTOMETRIC_ITULAB:
-+ case PHOTOMETRIC_ICCLAB:
-+ default:
-+ return 0;
-+ }
-+}
-+
-+/*
- * Read the next TIFF directory from a file and convert it to the internal
- * format. We read directories sequentially.
- */
-@@ -3520,6 +3550,7 @@ TIFFReadDirectory(TIFF* tif)
- uint32 fii=FAILED_FII;
- toff_t nextdiroff;
- int bitspersample_read = FALSE;
-+ int color_channels;
-
- tif->tif_diroff=tif->tif_nextdiroff;
- if (!TIFFCheckDirOffset(tif,tif->tif_nextdiroff))
-@@ -4024,6 +4055,37 @@ TIFFReadDirectory(TIFF* tif)
- }
- }
- }
-+
-+ /*
-+ * Make sure all non-color channels are extrasamples.
-+ * If it's not the case, define them as such.
-+ */
-+ color_channels = _TIFFGetMaxColorChannels(tif->tif_dir.td_photometric);
-+ if (color_channels && tif->tif_dir.td_samplesperpixel - tif->tif_dir.td_extrasamples > color_channels) {
-+ uint16 old_extrasamples;
-+ uint16 *new_sampleinfo;
-+
-+ TIFFWarningExt(tif->tif_clientdata,module, "Sum of Photometric type-related "
-+ "color channels and ExtraSamples doesn't match SamplesPerPixel. "
-+ "Defining non-color channels as ExtraSamples.");
-+
-+ old_extrasamples = tif->tif_dir.td_extrasamples;
-+ tif->tif_dir.td_extrasamples = (tif->tif_dir.td_samplesperpixel - color_channels);
-+
-+ // sampleinfo should contain information relative to these new extra samples
-+ new_sampleinfo = (uint16*) _TIFFcalloc(tif->tif_dir.td_extrasamples, sizeof(uint16));
-+ if (!new_sampleinfo) {
-+ TIFFErrorExt(tif->tif_clientdata, module, "Failed to allocate memory for "
-+ "temporary new sampleinfo array (%d 16 bit elements)",
-+ tif->tif_dir.td_extrasamples);
-+ goto bad;
-+ }
-+
-+ memcpy(new_sampleinfo, tif->tif_dir.td_sampleinfo, old_extrasamples * sizeof(uint16));
-+ _TIFFsetShortArray(&tif->tif_dir.td_sampleinfo, new_sampleinfo, tif->tif_dir.td_extrasamples);
-+ _TIFFfree(new_sampleinfo);
-+ }
-+
- /*
- * Verify Palette image has a Colormap.
- */
-diff --git a/libtiff/tif_print.c b/libtiff/tif_print.c
-index 8deceb2..1d86adb 100644
---- a/libtiff/tif_print.c
-+++ b/libtiff/tif_print.c
-@@ -544,7 +544,7 @@ TIFFPrintDirectory(TIFF* tif, FILE* fd, long flags)
- uint16 i;
- fprintf(fd, " %2ld: %5u",
- l, td->td_transferfunction[0][l]);
-- for (i = 1; i < td->td_samplesperpixel; i++)
-+ for (i = 1; i < td->td_samplesperpixel - td->td_extrasamples && i < 3; i++)
- fprintf(fd, " %5u",
- td->td_transferfunction[i][l]);
- fputc('\n', fd);
---
-1.7.9.5
-
diff --git a/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-8905.patch b/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-8905.patch
deleted file mode 100644
index 962646d..0000000
--- a/poky/meta/recipes-multimedia/libtiff/files/CVE-2018-8905.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-From 58a898cb4459055bb488ca815c23b880c242a27d Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Sat, 12 May 2018 15:32:31 +0200
-Subject: [PATCH] LZWDecodeCompat(): fix potential index-out-of-bounds write.
- Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2780 /
- CVE-2018-8905
-
-The fix consists in using the similar code LZWDecode() to validate we
-don't write outside of the output buffer.
-
----
-CVE: CVE-2018-8905
-
-Upstream-Status: Backport [gitlab.com/libtiff/libtiff/commit/58a898...]
-
-Signed-off-by: Joe Slater <joe.slater@windriver.com>
-
----
- libtiff/tif_lzw.c | 18 ++++++++++++------
- 1 file changed, 12 insertions(+), 6 deletions(-)
-
-diff --git a/libtiff/tif_lzw.c b/libtiff/tif_lzw.c
-index 4ccb443..94d85e3 100644
---- a/libtiff/tif_lzw.c
-+++ b/libtiff/tif_lzw.c
-@@ -602,6 +602,7 @@ LZWDecodeCompat(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s)
- char *tp;
- unsigned char *bp;
- int code, nbits;
-+ int len;
- long nextbits, nextdata, nbitsmask;
- code_t *codep, *free_entp, *maxcodep, *oldcodep;
-
-@@ -753,13 +754,18 @@ LZWDecodeCompat(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s)
- } while (--occ);
- break;
- }
-- assert(occ >= codep->length);
-- op += codep->length;
-- occ -= codep->length;
-- tp = op;
-+ len = codep->length;
-+ tp = op + len;
- do {
-- *--tp = codep->value;
-- } while( (codep = codep->next) != NULL );
-+ int t;
-+ --tp;
-+ t = codep->value;
-+ codep = codep->next;
-+ *tp = (char)t;
-+ } while (codep && tp > op);
-+ assert(occ >= len);
-+ op += len;
-+ occ -= len;
- } else {
- *op++ = (char)code;
- occ--;
---
-1.7.9.5
-
diff --git a/poky/meta/recipes-multimedia/libtiff/files/libtool2.patch b/poky/meta/recipes-multimedia/libtiff/files/libtool2.patch
index a84c688..96233b4 100644
--- a/poky/meta/recipes-multimedia/libtiff/files/libtool2.patch
+++ b/poky/meta/recipes-multimedia/libtiff/files/libtool2.patch
@@ -1,16 +1,21 @@
+From 5b893206e0a0d529ba2d0caf58cfffc03bccb598 Mon Sep 17 00:00:00 2001
+From: Marcin Juszkiewicz <hrw@openedhand.com>
+Date: Sat, 14 Jun 2008 13:42:22 +0000
+Subject: [PATCH] tiff: make it work after libtool upgrade
+
Upstream-Status: Inappropriate [configuration]
---
- configure.ac | 2 +-
+ configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
-Index: tiff-4.0.9/configure.ac
-===================================================================
---- tiff-4.0.9.orig/configure.ac
-+++ tiff-4.0.9/configure.ac
-@@ -27,7 +27,7 @@ dnl Process this file with autoconf to p
+diff --git a/configure.ac b/configure.ac
+index c7b02e2..ae1c964 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -27,7 +27,7 @@ dnl Process this file with autoconf to produce a configure script.
AC_PREREQ(2.64)
- AC_INIT([LibTIFF Software],[4.0.9],[tiff@lists.maptools.org],[tiff])
+ AC_INIT([LibTIFF Software],[4.0.10],[tiff@lists.maptools.org],[tiff])
AC_CONFIG_AUX_DIR(config)
-AC_CONFIG_MACRO_DIR(m4)
+dnl AC_CONFIG_MACRO_DIR(m4)
diff --git a/poky/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb b/poky/meta/recipes-multimedia/libtiff/tiff_4.0.10.bb
similarity index 80%
rename from poky/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
rename to poky/meta/recipes-multimedia/libtiff/tiff_4.0.10.bb
index 93beddb..152fa81 100644
--- a/poky/meta/recipes-multimedia/libtiff/tiff_4.0.9.bb
+++ b/poky/meta/recipes-multimedia/libtiff/tiff_4.0.10.bb
@@ -6,17 +6,10 @@
SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
file://libtool2.patch \
- file://CVE-2017-9935.patch \
- file://CVE-2017-18013.patch \
- file://CVE-2018-5784.patch \
- file://CVE-2018-10963.patch \
- file://CVE-2018-8905.patch \
- file://CVE-2018-7456.patch \
- file://CVE-2017-17095.patch \
- "
+ "
-SRC_URI[md5sum] = "54bad211279cc93eb4fca31ba9bfdc79"
-SRC_URI[sha256sum] = "6e7bdeec2c310734e734d19aae3a71ebe37a4d842e0e23dbb1b8921c0026cfcd"
+SRC_URI[md5sum] = "114192d7ebe537912a2b97408832e7fd"
+SRC_URI[sha256sum] = "2c52d11ccaf767457db0c46795d9c7d1a8d8f76f68b0b800a3dfe45786b996e4"
# exclude betas
UPSTREAM_CHECK_REGEX = "tiff-(?P<pver>\d+(\.\d+)+).tar"
diff --git a/poky/meta/recipes-multimedia/mpeg2dec/files/61_global-symbol-test.patch b/poky/meta/recipes-multimedia/mpeg2dec/files/61_global-symbol-test.patch
new file mode 100644
index 0000000..00b667d
--- /dev/null
+++ b/poky/meta/recipes-multimedia/mpeg2dec/files/61_global-symbol-test.patch
@@ -0,0 +1,70 @@
+Rewrite the public symbol check to verify the shared libraries, to check for
+more things, and to avoid duplication; fixes make check on ARM
+
+Taken From
+https://sources.debian.org/src/mpeg2dec/0.5.1-8/debian/patches/61_global-symbol-test.patch/
+
+Upstream-Status: Pending
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ test/globals | 42 +++++++++++++++++++++++++++---------------
+ 1 file changed, 27 insertions(+), 15 deletions(-)
+
+--- mpeg2dec.orig/test/globals
++++ mpeg2dec/test/globals
+@@ -1,4 +1,8 @@
+ #!/bin/sh
++# TODO
++# - fix checking of .a libs; problem is that "nm -g --defined-only" lists
++# internal symbols; this can be solved by using objdump, but it's probably
++# good enough to just run the tests on the shared lib
+
+ if test x"$srcdir" != x""; then
+ builddir="." # running from make check, but it does not define that
+@@ -14,22 +18,30 @@ builddir=`cd $builddir;pwd`
+
+ error=0
+
+-bad_globals=`nm -g --defined-only $builddir/../libmpeg2/*.o |\
+- awk '{if ($3) print $3}' | grep -v '^_\?mpeg2_'`
+-
+-if test x"$bad_globals" != x""; then
+- echo BAD GLOBAL SYMBOLS:
+- for s in $bad_globals; do echo $s; done
++# check_bad_public_symbols <symbol prefix> <lib file> [<lib file>...]
++#
++# checks public symbols in shared libs:
++# - allow prefix_anything
++# - reject _prefixanything
++# - allow _anything
++# - reject anything else
++#
++# NB: skips missing files
++check_bad_public_symbols() {
++ symbols_prefix="$1"
++ shift
++ lib_files=`ls "$@" 2>/dev/null`
++ [ -z "$lib_files" ] && return
++ bad_globals=`nm -g --defined-only $lib_files |
++ awk '{if ($3) print $3}' |
++ sed -n "/^${symbols_prefix}_/ d; /^_${symbols_prefix}/ { p; d }; /^_/ d; p"`
++ [ -z "$bad_globals" ] && return
+ error=1
+-fi
+-
+-bad_globals=`nm -g --defined-only $builddir/../libmpeg2/convert/*.o |\
+- awk '{if ($3) print $3}' | grep -v '^_\?mpeg2convert_'`
++ echo BAD GLOBAL SYMBOLS in $lib_files:
++ echo "$bad_globals"
++}
+
+-if test x"$bad_globals" != x""; then
+- echo BAD GLOBAL SYMBOLS:
+- for s in $bad_globals; do echo $s; done
+- error=1
+-fi
++check_bad_public_symbols mpeg2 $builddir/../libmpeg2/.libs/libmpeg2.so
++check_bad_public_symbols mpeg2convert $builddir/../libmpeg2/convert/.libs/libmpeg2convert.so
+
+ exit $error
diff --git a/poky/meta/recipes-multimedia/mpeg2dec/mpeg2dec_0.5.1.bb b/poky/meta/recipes-multimedia/mpeg2dec/mpeg2dec_0.5.1.bb
index 7711c2d..6b59d4f 100644
--- a/poky/meta/recipes-multimedia/mpeg2dec/mpeg2dec_0.5.1.bb
+++ b/poky/meta/recipes-multimedia/mpeg2dec/mpeg2dec_0.5.1.bb
@@ -10,6 +10,7 @@
file://altivec_h_needed.patch \
file://0001-check-for-available-arm-optimizations.patch \
file://0002-Set-visibility-of-global-symbols-used-in-ARM-specifi.patch \
+ file://61_global-symbol-test.patch \
"
S = "${WORKDIR}/libmpeg2-${PV}"
diff --git a/poky/meta/recipes-multimedia/pulseaudio/pulseaudio.inc b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio.inc
index f526690..9a95e7c 100644
--- a/poky/meta/recipes-multimedia/pulseaudio/pulseaudio.inc
+++ b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio.inc
@@ -58,10 +58,10 @@
DEPENDS = "libatomic-ops libsndfile1 libtool intltool-native"
# optional
-DEPENDS += "udev alsa-lib glib-2.0 gconf"
+DEPENDS += "udev alsa-lib glib-2.0"
DEPENDS += "speexdsp libxml-parser-perl-native libcap"
-inherit autotools bash-completion pkgconfig useradd gettext perlnative bluetooth systemd manpages
+inherit autotools bash-completion pkgconfig useradd gettext perlnative bluetooth systemd manpages gsettings
# *.desktop rules wont be generated during configure and build will fail
# if using --disable-nls
@@ -76,8 +76,9 @@
--with-database=simple \
--without-zsh-completion-dir \
--with-udev-rules-dir=`pkg-config --variable=udevdir udev`/rules.d \
- ac_cv_header_valgrind_memcheck_h=no \
- --disable-tests \
+ ac_cv_header_valgrind_memcheck_h=no \
+ --disable-tests \
+ --disable-running-from-build-tree \
"
# soxr (the SoX Resampler library) doesn't seem to be currently packaged in
@@ -97,20 +98,18 @@
# very good anyway, better alternatives exist (such as the webrtc canceller).
EXTRA_OECONF += "--disable-adrian-aec"
-# FIXME: The gsettings module is temporarily disabled, because adding support
-# for it is a bit complicated.
-EXTRA_OECONF += "--disable-gsettings"
-
PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', '${BLUEZ}', '', d)} \
${@bb.utils.contains('DISTRO_FEATURES', 'zeroconf', 'avahi', '', d)} \
${@bb.utils.contains('DISTRO_FEATURES', '3g', 'ofono', '', d)} \
${@bb.utils.filter('DISTRO_FEATURES', 'ipv6 systemd x11', d)} \
- dbus \
+ dbus gsettings \
"
PACKAGECONFIG[dbus] = "--enable-dbus,--disable-dbus,dbus"
PACKAGECONFIG[bluez4] = "--enable-bluez4,--disable-bluez4,bluez4 sbc"
PACKAGECONFIG[bluez5] = "--enable-bluez5,--disable-bluez5,bluez5 sbc"
+PACKAGECONFIG[gconf] = "--enable-gconf,--disable-gconf,gconf"
+PACKAGECONFIG[gsettings] = "--enable-gsettings,--disable-gsettings,glib-2.0-native glib-2.0"
PACKAGECONFIG[ofono] = "--enable-bluez5-ofono-headset,--disable-bluez5-ofono-headset,ofono"
PACKAGECONFIG[gtk] = "--enable-gtk3,--disable-gtk3,gtk+3"
PACKAGECONFIG[systemd] = "--enable-systemd-daemon --enable-systemd-login --enable-systemd-journal --with-systemduserunitdir=${systemd_user_unitdir},--disable-systemd-daemon --disable-systemd-login --disable-systemd-journal,systemd"
@@ -193,6 +192,7 @@
FILES_${PN}-misc = "${bindir}/* ${libdir}/pulseaudio/libpulsedsp.so"
# Allow the pulseaudio package to be created empty as a placeholder (-dbg and -dev depend on it)
+FILES_${PN} = ""
ALLOW_EMPTY_${PN} = "1"
CONFFILES_libpulse = "${sysconfdir}/pulse/client.conf"
@@ -210,11 +210,9 @@
}
python populate_packages_prepend() {
- #d.setVar('PKG_pulseaudio', 'pulseaudio')
-
plugindir = d.expand('${libdir}/pulse-${PV}/modules/')
- do_split_packages(d, plugindir, '^module-(.*)\.so$', 'pulseaudio-module-%s', 'PulseAudio module for %s', extra_depends='', prepend=True)
- do_split_packages(d, plugindir, '^lib(.*)\.so$', 'pulseaudio-lib-%s', 'PulseAudio library for %s', extra_depends='', prepend=True)
+ do_split_packages(d, plugindir, r'^module-(.*)\.so$', '${PN}-module-%s', 'PulseAudio module for %s', extra_depends='', prepend=True)
+ do_split_packages(d, plugindir, r'^lib(.*)\.so$', '${PN}-lib-%s', 'PulseAudio library for %s', extra_depends='', prepend=True)
}
RDEPENDS_pulseaudio-server = " \
@@ -250,8 +248,11 @@
RDEPENDS_pulseaudio-module-console-kit =+ "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'consolekit', '', d)}"
RDEPENDS_pulseaudio-misc += "pulseaudio-module-cli-protocol-unix"
-FILES_pulseaudio-module-gconf += "${libexecdir}/pulse/gconf-helper"
-FILES_pulseaudio-module-alsa-card += "${datadir}/pulseaudio/alsa-mixer"
+FILES_${PN}-module-alsa-card += "${datadir}/pulseaudio/alsa-mixer"
+FILES_${PN}-module-gconf += "${libexecdir}/pulse/gconf-helper"
+
+GSETTINGS_PACKAGE = "${@bb.utils.contains('PACKAGECONFIG', 'gsettings', '${PN}-module-gsettings', '', d)}"
+FILES_${PN}-module-gsettings += "${libexecdir}/pulse/gsettings-helper ${datadir}/GConf/gsettings ${datadir}/glib-2.0/schemas"
# The console-kit module is good to have on X11 systems (it keeps PulseAudio
# running for the duration of the user login session). The device-manager and
diff --git a/poky/meta/recipes-multimedia/pulseaudio/pulseaudio/0001-introduce-a-special-build-flag-to-explicitly-disable.patch b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio/0001-introduce-a-special-build-flag-to-explicitly-disable.patch
new file mode 100644
index 0000000..b7e9cd8
--- /dev/null
+++ b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio/0001-introduce-a-special-build-flag-to-explicitly-disable.patch
@@ -0,0 +1,161 @@
+From 36feb98e568221e24286615730888d5f6ff323f0 Mon Sep 17 00:00:00 2001
+From: Hongxu Jia <hongxu.jia@windriver.com>
+Date: Fri, 7 Dec 2018 15:12:38 +0800
+Subject: [PATCH] introduce a special build flag to explicitly disables running
+ from build tree
+
+It is helpful to improve reproducibility build [1] since
+PA_SRCDIR/PA_BUILDDIR contains build path, disable running
+from build tree could drop these macros at precompilation.
+
+[1] https://reproducible-builds.org/
+
+Upstream-Status: Submitted [pulseaudio-discuss@lists.freedesktop.org]
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+Acked-by: Tanu Kaskinen <tanuk@iki.fi>
+---
+ configure.ac | 10 ++++++++++
+ src/daemon/daemon-conf.c | 4 +++-
+ src/daemon/main.c | 6 ++++++
+ src/modules/alsa/alsa-mixer.c | 4 ++++
+ src/modules/gconf/module-gconf.c | 2 +-
+ src/modules/gsettings/module-gsettings.c | 2 +-
+ src/pulsecore/core-util.c | 4 +++-
+ 7 files changed, 28 insertions(+), 4 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index c9c414f..8b345ef 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -998,6 +998,16 @@ AS_IF([test "x$enable_asyncns" = "xyes" && test "x$HAVE_LIBASYNCNS" = "x0"],
+ AM_CONDITIONAL([HAVE_LIBASYNCNS], [test "x$HAVE_LIBASYNCNS" = x1])
+ AS_IF([test "x$HAVE_LIBASYNCNS" = "x1"], AC_DEFINE([HAVE_LIBASYNCNS], 1, [Have libasyncns?]))
+
++#### Running from build tree (optional) ####
++
++AC_ARG_ENABLE([running-from-build-tree],
++ AS_HELP_STRING([--disable-running-from-build-tree],[Disable running from build tree]))
++
++AS_IF([test "x$enable_running_from_build_tree" != "xno"],
++ AC_DEFINE([HAVE_RUNNING_FROM_BUILD_TREE], 1, [Have running from build tree]))
++
++AC_SUBST(HAVE_RUNNING_FROM_BUILD_TREE)
++
+ #### TCP wrappers (optional) ####
+
+ AC_ARG_ENABLE([tcpwrap],
+diff --git a/src/daemon/daemon-conf.c b/src/daemon/daemon-conf.c
+index 9883126..f01eff4 100644
+--- a/src/daemon/daemon-conf.c
++++ b/src/daemon/daemon-conf.c
+@@ -155,12 +155,14 @@ pa_daemon_conf *pa_daemon_conf_new(void) {
+ c->dl_search_path = pa_sprintf_malloc("%s" PA_PATH_SEP "lib" PA_PATH_SEP "pulse-%d.%d" PA_PATH_SEP "modules",
+ pa_win32_get_toplevel(NULL), PA_MAJOR, PA_MINOR);
+ #else
++#ifdef HAVE_RUNNING_FROM_BUILD_TREE
+ if (pa_run_from_build_tree()) {
+ pa_log_notice("Detected that we are run from the build tree, fixing search path.");
+ c->dl_search_path = pa_xstrdup(PA_BUILDDIR);
+ } else
+- c->dl_search_path = pa_xstrdup(PA_DLSEARCHPATH);
+ #endif
++ c->dl_search_path = pa_xstrdup(PA_DLSEARCHPATH);
++#endif //Endof #ifdef OS_IS_WIN32
+
+ return c;
+ }
+diff --git a/src/daemon/main.c b/src/daemon/main.c
+index c80fa94..1e00388 100644
+--- a/src/daemon/main.c
++++ b/src/daemon/main.c
+@@ -932,6 +932,12 @@ int main(int argc, char *argv[]) {
+
+ pa_log_debug("Running in VM: %s", pa_yes_no(pa_running_in_vm()));
+
++#ifdef HAVE_RUNNING_FROM_BUILD_TREE
++ pa_log_debug("Running from build tree: %s", pa_yes_no(pa_run_from_build_tree()));
++#else
++ pa_log_debug("Running from build tree: no");
++#endif
++
+ #ifdef __OPTIMIZE__
+ pa_log_debug("Optimized build: yes");
+ #else
+diff --git a/src/modules/alsa/alsa-mixer.c b/src/modules/alsa/alsa-mixer.c
+index a524d6d..670f646 100644
+--- a/src/modules/alsa/alsa-mixer.c
++++ b/src/modules/alsa/alsa-mixer.c
+@@ -2571,9 +2571,11 @@ static int path_verify(pa_alsa_path *p) {
+ }
+
+ static const char *get_default_paths_dir(void) {
++#ifdef HAVE_RUNNING_FROM_BUILD_TREE
+ if (pa_run_from_build_tree())
+ return PA_SRCDIR "/modules/alsa/mixer/paths/";
+ else
++#endif
+ return PA_ALSA_PATHS_DIR;
+ }
+
+@@ -4455,7 +4457,9 @@ pa_alsa_profile_set* pa_alsa_profile_set_new(const char *fname, const pa_channel
+ fname = "default.conf";
+
+ fn = pa_maybe_prefix_path(fname,
++#ifdef HAVE_RUNNING_FROM_BUILD_TREE
+ pa_run_from_build_tree() ? PA_SRCDIR "/modules/alsa/mixer/profile-sets/" :
++#endif
+ PA_ALSA_PROFILE_SETS_DIR);
+
+ r = pa_config_parse(fn, NULL, items, NULL, false, ps);
+diff --git a/src/modules/gconf/module-gconf.c b/src/modules/gconf/module-gconf.c
+index c0f4dde..76a1f19 100644
+--- a/src/modules/gconf/module-gconf.c
++++ b/src/modules/gconf/module-gconf.c
+@@ -51,7 +51,7 @@ int pa__init(pa_module*m) {
+ u->buf_fill = 0;
+
+ if ((u->fd = pa_start_child_for_read(
+-#if defined(__linux__) && !defined(__OPTIMIZE__)
++#if defined(__linux__) && defined(HAVE_RUNNING_FROM_BUILD_TREE)
+ pa_run_from_build_tree() ? PA_BUILDDIR "/gconf-helper" :
+ #endif
+ PA_GCONF_HELPER, NULL, &u->pid)) < 0)
+diff --git a/src/modules/gsettings/module-gsettings.c b/src/modules/gsettings/module-gsettings.c
+index 330eca1..209c857 100644
+--- a/src/modules/gsettings/module-gsettings.c
++++ b/src/modules/gsettings/module-gsettings.c
+@@ -51,7 +51,7 @@ int pa__init(pa_module*m) {
+ u->buf_fill = 0;
+
+ if ((u->fd = pa_start_child_for_read(
+-#if defined(__linux__) && !defined(__OPTIMIZE__)
++#if defined(__linux__) && defined(HAVE_RUNNING_FROM_BUILD_TREE)
+ pa_run_from_build_tree() ? PA_BUILDDIR "/gsettings-helper" :
+ #endif
+ PA_GSETTINGS_HELPER, NULL, &u->pid)) < 0)
+diff --git a/src/pulsecore/core-util.c b/src/pulsecore/core-util.c
+index 64e9f21..f85dd20 100644
+--- a/src/pulsecore/core-util.c
++++ b/src/pulsecore/core-util.c
+@@ -3436,15 +3436,17 @@ void pa_reset_personality(void) {
+ }
+
+ bool pa_run_from_build_tree(void) {
+- char *rp;
+ static bool b = false;
+
++#ifdef HAVE_RUNNING_FROM_BUILD_TREE
++ char *rp;
+ PA_ONCE_BEGIN {
+ if ((rp = pa_readlink("/proc/self/exe"))) {
+ b = pa_startswith(rp, PA_BUILDDIR);
+ pa_xfree(rp);
+ }
+ } PA_ONCE_END;
++#endif
+
+ return b;
+ }
+--
+2.7.4
+
diff --git a/poky/meta/recipes-multimedia/pulseaudio/pulseaudio/0002-do-not-display-CLFAGS-to-improve-reproducibility-bui.patch b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio/0002-do-not-display-CLFAGS-to-improve-reproducibility-bui.patch
new file mode 100644
index 0000000..43add75
--- /dev/null
+++ b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio/0002-do-not-display-CLFAGS-to-improve-reproducibility-bui.patch
@@ -0,0 +1,30 @@
+From f0ddd7c36556ad05c1398fdd132947323ad26473 Mon Sep 17 00:00:00 2001
+From: Hongxu Jia <hongxu.jia@windriver.com>
+Date: Thu, 6 Dec 2018 11:43:41 +0800
+Subject: [PATCH 2/2] do not display CLFAGS to improve reproducibility build
+
+Macro PA_CFLAGS contains build path, do not use it to
+display CFLAGS which could improve reproducibility build.
+
+Upstream-Status: Inappropriate [oe specific]
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+---
+ src/daemon/main.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/daemon/main.c b/src/daemon/main.c
+index c80fa94..75496be 100644
+--- a/src/daemon/main.c
++++ b/src/daemon/main.c
+@@ -908,7 +908,7 @@ int main(int argc, char *argv[]) {
+
+ pa_log_info("This is PulseAudio %s", PACKAGE_VERSION);
+ pa_log_debug("Compilation host: %s", CANONICAL_HOST);
+- pa_log_debug("Compilation CFLAGS: %s", PA_CFLAGS);
++ pa_log_debug("Compilation CFLAGS: ***");
+
+ #ifdef HAVE_LIBSAMPLERATE
+ pa_log_warn("Compiled with DEPRECATED libsamplerate support!");
+--
+2.7.4
+
diff --git a/poky/meta/recipes-multimedia/pulseaudio/pulseaudio_12.2.bb b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio_12.2.bb
index 36d92bc..c020fbd 100644
--- a/poky/meta/recipes-multimedia/pulseaudio/pulseaudio_12.2.bb
+++ b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio_12.2.bb
@@ -2,6 +2,8 @@
SRC_URI = "http://freedesktop.org/software/pulseaudio/releases/${BP}.tar.xz \
file://0001-client-conf-Add-allow-autospawn-for-root.patch \
+ file://0001-introduce-a-special-build-flag-to-explicitly-disable.patch \
+ file://0002-do-not-display-CLFAGS-to-improve-reproducibility-bui.patch \
file://volatiles.04_pulse \
"
SRC_URI[md5sum] = "c42f1f1465e8df9859d023dc184734bf"
diff --git a/poky/meta/recipes-multimedia/sbc/sbc_1.3.bb b/poky/meta/recipes-multimedia/sbc/sbc_1.4.bb
similarity index 84%
rename from poky/meta/recipes-multimedia/sbc/sbc_1.3.bb
rename to poky/meta/recipes-multimedia/sbc/sbc_1.4.bb
index 2bb895d..674d77e 100644
--- a/poky/meta/recipes-multimedia/sbc/sbc_1.3.bb
+++ b/poky/meta/recipes-multimedia/sbc/sbc_1.4.bb
@@ -14,8 +14,8 @@
SRC_URI = "${KERNELORG_MIRROR}/linux/bluetooth/${BP}.tar.xz"
-SRC_URI[md5sum] = "2d8b7841f2c11ab287718d562f2b981c"
-SRC_URI[sha256sum] = "e61022cf576f14190241e7071753fdacdce5d1dea89ffd704110fc50be689309"
+SRC_URI[md5sum] = "800fb0908899baa48dc216d8e156cc05"
+SRC_URI[sha256sum] = "518bf46e6bb3dc808a95e1eabad26fdebe8a099c1e781c27ed7fca6c2f4a54c9"
inherit autotools pkgconfig
diff --git a/poky/meta/recipes-multimedia/webp/libwebp_1.0.0.bb b/poky/meta/recipes-multimedia/webp/libwebp_1.0.2.bb
similarity index 93%
rename from poky/meta/recipes-multimedia/webp/libwebp_1.0.0.bb
rename to poky/meta/recipes-multimedia/webp/libwebp_1.0.2.bb
index 1a9679f..8b3ffe0 100644
--- a/poky/meta/recipes-multimedia/webp/libwebp_1.0.0.bb
+++ b/poky/meta/recipes-multimedia/webp/libwebp_1.0.2.bb
@@ -14,8 +14,8 @@
file://PATENTS;md5=c6926d0cb07d296f886ab6e0cc5a85b7"
SRC_URI = "http://downloads.webmproject.org/releases/webp/${BP}.tar.gz"
-SRC_URI[md5sum] = "967b8f087cb392e6cc94d5e116a120c0"
-SRC_URI[sha256sum] = "84259c4388f18637af3c5a6361536d754a5394492f91be1abc2e981d4983225b"
+SRC_URI[md5sum] = "02c0c55f1dd8612cd4d462e3409ad35d"
+SRC_URI[sha256sum] = "3d47b48c40ed6476e8047b2ddb81d93835e0ca1b8d3e8c679afbb3004dd564b1"
UPSTREAM_CHECK_URI = "http://downloads.webmproject.org/releases/webp/index.html"
diff --git a/poky/meta/recipes-multimedia/x264/x264_git.bb b/poky/meta/recipes-multimedia/x264/x264_git.bb
index 4174cb2..34c7dc4 100644
--- a/poky/meta/recipes-multimedia/x264/x264_git.bb
+++ b/poky/meta/recipes-multimedia/x264/x264_git.bb
@@ -14,16 +14,16 @@
"
UPSTREAM_CHECK_COMMITS = "1"
-SRCREV = "e9a5903edf8ca59ef20e6f4894c196f135af735e"
+SRCREV = "0a84d986e7020f8344f00752e3600b9769cc1e85"
-PV = "r2854+git${SRCPV}"
+PV = "r2917+git${SRCPV}"
S = "${WORKDIR}/git"
-inherit lib_package pkgconfig perlnative
+inherit lib_package pkgconfig
X264_DISABLE_ASM = ""
-X264_DISABLE_ASM_x86_libc-musl = "--disable-asm"
+X264_DISABLE_ASM_x86 = "--disable-asm"
X264_DISABLE_ASM_armv4 = "--disable-asm"
X264_DISABLE_ASM_armv5 = "--disable-asm"
X264_DISABLE_ASM_powerpc = "${@bb.utils.contains("TUNE_FEATURES", "spe", "--disable-asm", "", d)}"