subtree updates

meta-raspberrypi: 8dc3a31088..c7f4c739a3:
  Khem Raj (5):
        linux-raspberrypi: Upgrade to 5.10.52
        userland: Update to latest master branch
        raspberrypi-firmware: Update to latest
        raspberrypi-tools: Update to latest
        sdcard_image-rpi.bbclass: Fix IMAGE_TYPEDEP override to use new syntax

  Martin Jansa (4):
        Convert to new override syntax
        Manually fix conversion
        layer.conf: Update to honister
        userland: package man pages in PN-doc

  Pierre-Jean Texier (2):
        kas: local.conf: bump CONF_VERSION variable
        kas: local.conf: disable prelink

poky: 17aabc0127..492205ea83:
  Alexander Kanavin (17):
        llvm: update 12.0.0 -> 12.0.1
        systemd: update 248.3 -> 249.1
        python3-testools: update 2.4.0 -> 2.5.0
        libuv: update 1.41.0 -> 1.42.0
        gnu-config: update to latest revision
        vulkan-samples: update to latest revision
        cmake: update 3.20.5 -> 3.21.0
        cmake: update 3.21.0 -> 3.21.1
        mtools: update 4.0.32 -> 4.0.34
        util-linux: update 2.37 -> 2.37.1
        iputils: update 20210202 -> 20210722
        freetype: update 2.10.4 -> 2.11.0
        devtool: print a warning on upgrades if PREFERRED_VERSION is set
        rpm: do not RRECOMMEND rpm-build
        selftest: add core-image-weston to no-gpl3-no-meta-gpl2 image test
        shadow: update 4.8.1 -> 4.9
        local.conf.sample: disable prelink

  Bernhard Rosenkränzer (1):
        gcc: update 11.1 -> 11.2

  Bruce Ashfield (6):
        linux-yocto/5.10: update to v5.10.53
        linux-yocto/5.13: update to v5.13.5
        linux-yocto/5.4: update to v5.4.135
        linux-yocto-rt/5.10: update to -rt47
        linux-yocto/5.13: enable TYPEC_TCPCI in usbc fragment
        linux-yocto/5.10: enable TYPEC_TCPCI in usbc fragment

  Changqing Li (1):
        archiver.bbclass: fix do_ar_configured failure for kernel

  Chen Qi (3):
        zstd: fix CVE_PRODUCT
        insane.bbclass: fix the file-rdeps QA message for the new override syntax
        iputils: fix do_configure failure of missing ip command

  Damian Wrobel (1):
        rootfs: remove ldconfig auxiliary cache where appropriate

  Denys Dmytriyenko (4):
        meta: convert nested overrides leftovers to new syntax
        convert-overrides.py: handle few more cases of overrides
        libwpe: remove rpi-specific custom code
        poky-tiny: drop uclibc override

  Jon Mason (1):
        parselogs.py: qemuarm should be qemuarmv5

  Joshua Watt (4):
        mesa: Fix v3d & vc4 dmabuf import
        bitbake: bitbake: asyncrpc: Catch early SIGTERM
        libxft: Fix bad PKG value
        bitbake: contrib: vim: Update for new override syntax

  Kai Kang (2):
        u-boot_2021.07: set UBOOT_MACHINE for qemumips and qemumips64
        python3-pytest: display correct version info

  Kevin Hao (2):
        meta-yocto-bsp: Introduce the v5.13 bbappend
        meta-yocto-bsp: Bump to the v5.10.55

  Khem Raj (10):
        binutils: Upgrade to 2.37 branch
        texinfo: Update gnulib to fix build with glibc 2.34
        systemd: Fix build on musl
        stress-ng: Drop defining daddr_t
        stress-ng: Detemine minimal stack size via sysconf
        mesa: Define a fallback for DRIDRIVERS
        libssh2: Fix syntax for using ptest override
        toaster-managed-mode.json: Correctly specify term with new override syntax
        distrooverrides.bbclass: Correct override syntax
        devtool.py: Correct override syntax

  Lee Chee Yang (1):
        aspell: fix CVE-2019-25051

  Marek Vasut (2):
        image_types: Restore pre-btrfs-tools 4.14.1 mkfs.btrfs shrink behavior
        kernel-uboot: Handle gzip and lzo compression options

  Martin Jansa (6):
        convert-overrides.py: show processed file and version of this script
        convert-overrides.py: remove base_dep_prepend and autotools_dep_prepend exception
        convert-overrides.py: 0.9.1 include '(' as delimiter for shortvars
        convert-overrides.py: allow specifying multiple target dirs
        convert-overrides.py: allow dots before override in vars_re and shortvars_re
        systemd-boot: use ld.bfd as efi-ld even when gold or lld is used in ${LD}

  Matthias Klein (2):
        runqemu: Fix typo in error message
        runqemu: decouple bios and kernel options

  Matthias Schiffer (3):
        initscripts: populate-volatile.sh: do not log to tty0
        initscripts: populate-volatile.sh: run create_file synchronously
        initscripts: fix creation order for /var/log with VOLATILE_LOG_DIR=true

  Michael Halstead (1):
        releases: update to include 3.3.1

  Michael Opdenacker (18):
        oe-setup-builddir: update YP docs and OE URLs
        conf-notes.txt: now suggesting to run 'runqemu qemux86-64'
        test-manual: document LTO related reproducibility bug
        quick start manual: update "source oe-init-build-env" output
        dev-manual: fix wrong reference to class
        documentation/README: improve BitBake manual referencing guidelines
        manuals: simplify references to BitBake manual
        manuals: remove explicit BitBake variable references
        meta-skeleton: add recipe examples from documentation sources
        bitbake: doc: bitbake-user-manual: fix syntax in example and improve description
        bitbake: doc: bitbake-user-manual: update bitbake option help
        bitbake: doc: bitbake-user-manual: grammar fix for the number of "metadata"
        manuals: initial documentation for CVE management
        ref-manual: remove example recipe source files
        profile-manual: document how to build perf manpages on target
        cve-check: fix comments
        cve-check: update link to NVD website for CVE details
        cve-check: improve comment about CVE patch file names

  Mingli Yu (2):
        perlcross: not break build if already patched
        curl: Upgrade to 7.78.0

  Nicolas Dechesne (4):
        yocto-check-layer: improve missed dependencies
        checklayer: new function get_layer_dependencies()
        checklayer: rename _find_layer_depends
        yocto-check-layer: ensure that all layer dependencies are tested too

  Oleksandr Kravchuk (1):
        bitbake.conf: change GNOME_MIRROR to new one

  Patrick Williams (1):
        pixman: re-disable iwmmxt

  Paul Barker (4):
        bitbake: asyncrpc: Fix bad message error in client
        bitbake: asyncrpc: Set timeout when waiting for reply from server
        bitbake: parse/ast: Substitute '~' when naming anonymous functions
        kernel-yocto: Simplify no git repo case in do_kernel_checkout

  Quentin Schulz (4):
        bitbake: doc: Makefile: turn warnings into errors by default
        bitbake: doc: bitbake-user-manual: ref-variables: order alphabetically the glossary sources
        bitbake: doc: bitbake-user-manual: ref-variables: force glossary output to be alphabetically sorted
        bitbake: doc: bitbake-user-manual: replace ``FOO`` by :term:`FOO` where possible

  Richard Purdie (49):
        Add MAINTAINERS.md file
        yocto-check-layer: Remove duplicated code
        libubootenv: Drop default-env RRECOMMENDS
        bitbake: data_smart: Allow colon in variable expansion regex
        meta-poky/meta-yocto-bsp: Convert to new override syntax
        layer.conf: Update to honister
        autotools/base/icecc: Remove prepend from function names
        scripts/contrib: Add override conversion script
        systemtap: Fix headers issue with x86 and 5.13 headers
        migration-guides: Add start of 3.4 guide with override migration notes
        common-tasks: Fix conversion error in npm example
        bitbake: bitbake: Switch to using new override syntax
        bitbake: doc/lib: Update to use new override syntax containing colons
        bitbake: doc/lib: Add fixes for issues missed by the automated conversion
        bitbake: bitbake: Update to version 1.51.1
        layer.conf: Override changes mean we're only compatible with honister
        Convert to new override syntax
        meta: Manual override fixes
        local.conf.sample: Bump version so users update their config
        sanity.conf: Require bitbake 1.51.1
        dropbear: Fix incorrect package override for postrm
        convert-overrides: Allow script to handle patch/diffs
        sdk: Decouple default install path from built in path
        sstate: Fix rebuilds when changing layer config
        populate_sdk_ext: Fix handling of TOOLCHAIN_HOST_TASK in the eSDK case
        local.conf.sample: Bump version so users update their config
        poky: Use SDKPATHINSTALL instead of SDKPATH
        vim: Clarify where RDEPENDS/RRECOMMENDS apply
        bitbake: data_smart: Fix inactive overide accidental variable value corruption
        local.conf.sample: Fix missed override conversion
        license: Exclude COPYING.MIT from pseudo
        meta: Convert IMAGE_TYPEDEP to use override syntax
        uboot-extlinux-config: Fix missing override conversion
        image/image_types: Convert CONVERSION_CMD/COMPRESS_CMD to new override syntax
        image: Drop COMPRESS_CMD
        devupstream: Allow support of native class extensions
        diffoscope: Upgrade 178 -> 179
        strace: Upgrade 5.12 -> 5.13
        valgrind: Add patches for glibc 2.34 support
        bitbake: runqueue: Improve multiconfig deferred task issues
        elfutils: Add patch from upstream for glibc 2.34 ptest fixes
        bitbake: doc: Fix append/prepend/remove references
        bitbake: fetch/tests/toaster: Override conversion fixups
        bitbake: process: Improve traceback error reporting from main loop
        bitbake: command: Ensure we catch/handle exceptions
        bitbake: ui/taskexp: Improve startup exception handling
        bitbake: ui/taskexp: Fix to work with empty build directories
        oeqa/runtime/cases/ptest: Increase test timeout from 300s to 450s
        packagedata: Fix after override syntax change

  Ross Burton (2):
        glew: fix Makefile race
        libx11: fix xkb compilation with _EVDEVK symbols

  Saul Wold (1):
        MAINTAINERS: Saul will cover devtool and eSDK

  Stefan Wiehler (1):
        dev-manual: fix source release example script

  Stefano Babic (1):
        mtd-utils: upgrade 2.1.2 -> 2.1.3

  Tim Orling (2):
        python3-hypothesis: upgrade 6.14.3 -> 6.14.5
        python3-importlib-metadata: upgrade 4.6.1 -> 4.6.3

  Tony Battersby (2):
        lto.inc: disable LTO for grub
        gcc: Backport patch to make LTO builds more reproducible

  Tony Tascioglu (6):
        ffmpeg: fix-CVE-2020-20446
        ffmpeg: fix CVE-2020-20453
        ffmpeg: fix CVE-2020-22015
        ffmpeg: fix CVE-2020-22021
        ffmpeg: fix CVE-2020-22033 and CVE-2020-22019
        ffmpeg: fix CVE-2021-33815

  Trevor Woerner (1):
        ffmpeg: add libatomic for armv5

  Ulrich Ölmann (2):
        initramfs-framework: fix whitespace issue
        initramfs-framework/setup-live: fix shebang

  Vinay Kumar (1):
        glibc: Fix CVE-2021-33574

  Vivien Didelot (1):
        init-manager-systemd: define weak dev manager

  Zqiang (1):
        python3: use monotonic clock for condvar if possible

  hongxu (1):
        createrepo-c: fix createrepo-c failed in nativesdk

  leimaohui (1):
        archiver.bbclass: Fix patch error for recipes that inherit dos2unix.

  wangmy (3):
        bind: upgrade 9.16.18 -> 9.16.19
        i2c-tools: upgrade 4.2 -> 4.3
        diffoscope: upgrade 177 -> 178

  zangrc (2):
        python3-dbus: upgrade 1.2.16 -> 1.2.18
        python3-pip: upgrade 21.1.3 -> 21.2.1

meta-openembedded: 8fbcfb9f02..3cf2475ea0:
  Anastasios Kavoukis (1):
        pm-qa: fix paths for shell scripts

  Andreas Müller (3):
        mozjs/0001-Port-build-to-python3.patch: Fix typos in description
        jack: upgrade 1.19.18 -> 1.19.19
        fluidsynth: upgrade 2.2.1 -> 2.2.2

  Andrej Valek (1):
        thrift: upgrade to 0.14.2

  Andrew Jeffery (2):
        python3-gmpy: Add native support
        python3-ecdsa: Add native support

  Armin Kuster (2):
        hiawatha: fix url.
        wireshark: update to 3.4.7

  Ben Brown (1):
        android-tools: fix install of adb client when TOOLS is overridden

  Changqing Li (1):
        apache2: upgrade 2.4.46 -> 2.4.48

  Devendra Tewari (1):
        Suppress eol in functionfs setup scripts (#147)

  Gianfranco (1):
        vboxguestdrivers: upgrade 6.1.22 -> 6.1.24

  Joe Slater (2):
        php: move to version 7.4.21
        gtksourceview4: work around dependency deficiency

  Johannes Obermüller (1):
        evtest: fix timestamps in output

  Kai Kang (2):
        python3-blivet: 3.1.4 -> 3.4.0
        python3-blivetgui: 2.1.10 -> 2.2.1

  Khem Raj (23):
        netperf: Update to latest
        netperf: Add systemd unit file
        packagegroup-meta-oe: Add lmdb
        packagegroup-meta-oe: Add mbw
        addcli: check for ns_get16 and ns_get32
        fuse: Define closefrom if not available
        autofs: Fix build with glibc 2.34+
        ntp: Do not use PTHREAD_STACK_MIN on glibc
        ntp: Fix make check
        mongodb: Upgrade to 4.4.7
        vboxguestdrivers: Remove __divmoddi4 patch
        packagegroup-meta-oe: Add jemalloc
        apitrace: Exclude from builds with glibc 2.34+
        libhugetlbfs: Disable build with glibc 2.34+
        fvwm: Package extra files and man pages
        luajit: Fix override syntax
        lua: Drop uclibc patch
        packagegroup-meta-oe: Correct override name and fix syntax
        recipes: Fix override syntax
        emacs,libgpiod,cockpit: Fix override syntax in using FILES_${PN}
        fvwm: Fix build time paths in target perl/python scripts
        nis: Drop uclibc check in anon python function
        jemalloc: Fix build on musl

  Leon Anavi (3):
        python3-networkx: Upgrade 2.6.1 -> 2.6.2
        python3-pysonos: Upgrade 0.0.53 -> 0.0.54
        python3-zeroconf: Upgrade 0.33.1 -> 0.33.2

  Li Wang (1):
        openlldp: fix segfault

  Maksym Sloyko (1):
        libusbgx: Configure the Devices Used

  Martin Jansa (5):
        Convert to new override syntax
        layer.conf: Update to honister
        mariadb: manually fix the conversion
        packagegroup-meta-oe: manually finish override syntax conversion
        klibc.bbclass, image_types_sparse.bbclass, packagegroup-meta-oe.bb: update the overrides syntax conversion

  Mingli Yu (4):
        mariadb: redefine log-error item
        jemalloc: add new recipe
        hdf5: improve reproducibility
        mariadb: Update SRC_URI

  Nicolas Dechesne (1):
        mbw: add new recipe

  Paulo Neves (1):
        htop: Add ncurses-terminfo-base to RDEPENDS

  Sakib Sajal (1):
        lmdb: add recipe

  Salman Ahmed (2):
        nginx: upgrade 1.18.0 -> 1.20.1
        nginx: upgrade 1.19.6 -> 1.21.1

  Tony Battersby (1):
        net-snmp: fix QA Issue after LDFLAGS change

  Yi Zhao (3):
        postfix: upgrade 3.6.1 -> 3.6.2
        audit: upgrade 3.0.2 -> 3.0.3
        audit: fix compile error for 2.8.5

  Zang Ruochen (1):
        python3-robotframework: upgrade 4.0.3 -> 4.1

  wangmy (17):
        evince: upgrade 40.2 -> 40.4
        gnome-backgrounds: upgrade 3.36.0 -> 3.38.0
        gnome-desktop3: upgrade 3.36.6 -> 3.38.8
        cmark: upgrade 0.30.0 -> 0.30.1
        ctags: upgrade 5.9.20210711.0 -> 5.9.20210718.0
        libnet-dns-perl: upgrade 1.31 -> 1.32
        libtalloc: upgrade 2.3.2 -> 2.3.3
        nghttp2: upgrade 1.43.0 -> 1.44.0
        bats: upgrade 1.3.0 -> 1.4.1
        networkmanager: upgrade 1.32.2 -> 1.32.4
        gensio: upgrade 2.2.7 -> 2.2.8
        libmbim: upgrade 1.24.8 -> 1.26.0
        fetchmail: upgrade 6.4.19 -> 6.4.20
        ctags: upgrade 5.9.20210718.0 -> 5.9.20210801.0
        libblockdev: upgrade 2.25 -> 2.26
        libqmi: upgrade 1.28.6 -> 1.28.8
        monit: upgrade 5.28.0 -> 5.28.1

  zangrc (15):
        python3-qrcode: upgrade 7.1 -> 7.2
        python3-rdflib: upgrade 5.0.0 -> 6.0.0
        python3-simplejson: upgrade 3.17.2 -> 3.17.3
        python3-bitstring: upgrade 3.1.7 -> 3.1.9
        python3-iso8601: upgrade 0.1.14 -> 0.1.16
        python3-gmqtt: upgrade 0.6.9 -> 0.6.10
        python3-graphviz: upgrade 0.16 -> 0.17
        python3-smbus: upgrade 4.2 -> 4.3
        python3-pandas: upgrade 1.3.0 -> 1.3.1
        python3-progress: upgrade 1.5 -> 1.6
        python3-sentry-sdk: upgrade 1.3.0 -> 1.3.1
        python3-socketio: upgrade 5.3.0 -> 5.4.0
        python3-tqdm: upgrade 4.61.2 -> 4.62.0
        python3-twisted: upgrade 21.2.0 -> 21.7.0
        python3-xlsxwriter: upgrade 1.4.4 -> 1.4.5

  zhengruoqin (15):
        live555: upgrade 20210710 -> 20210720
        libtest-warnings-perl: upgrade 0.030 -> 0.031
        python3-pybind11: upgrade 2.6.2 -> 2.7.0
        python3-pymongo: upgrade 3.11.4 -> 3.12.0
        python3-sqlalchemy: upgrade 1.4.20 -> 1.4.22
        python3-sentry-sdk: upgrade 1.2.0 -> 1.3.0
        libcurses-perl: upgrade 1.37 -> 1.38
        libdbd-sqlite-perl: upgrade 1.66 -> 1.68
        libencode-perl: upgrade 3.10 -> 3.11
        python3-bitarray: upgrade 2.2.2 -> 2.2.3
        python3-cbor2: upgrade 5.4.0 -> 5.4.1
        python3-gast: upgrade 0.5.0 -> 0.5.1
        poppler: upgrade 21.07.0 -> 21.08.0
        valijson: upgrade 0.4 -> 0.5
        xwd: upgrade 1.0.7 -> 1.0.8

meta-security: 152cdb506b..c885d399cd:
  Armin Kuster (18):
        suricata.inc: exclude ppc in rust version
        suricata: Drop 4.1.x its EOL
        add meta-rust
        crowdsec: add pkg
        packagegroup-core-security.bb: fix suricat-ptest inclusion
        gitlab-ci.yml:  streamline builds matrix
        krill: Add new pkg
        clamav: fix branch name and update
        meta-security: Convert to new override syntax
        meta-tpm: Convert to new override syntax
        meta-integrity: Convert to new override syntax
        meta-hardening: Convert to new override syntax
        meta-security-isafw: Convert to new override syntax
        meta-parsec: Convert to new override syntax
        meta-security-compliance: Convert to new override syntax
        dynamix-layers: Convert to new override syntax
        kas: Convert to new override syntax
        packagegroup-core-security.bb: only include suricat-ptest if rust is included

  Martin Jansa (1):
        layer.conf: Update to honister

Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: Iec7301cf1c43b7cec462dcf88292a8b1b12a5045
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch
new file mode 100644
index 0000000..f048c2e
--- /dev/null
+++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch
@@ -0,0 +1,35 @@
+From 223b5e8ac9f6461bb13ed365419ec485c5b2b002 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Fri, 28 May 2021 20:18:25 +0200
+Subject: [PATCH] avcodec/aacpsy: Avoid floating point division by 0 of
+ norm_fac
+
+Fixes: Ticket7995
+Fixes: CVE-2020-20446
+
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+CVE: CVE-2020-20446
+Upstream-Status: Backport [223b5e8ac9f6461bb13ed365419ec485c5b2b002]
+
+Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
+---
+ libavcodec/aacpsy.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libavcodec/aacpsy.c b/libavcodec/aacpsy.c
+index 482113d427..e51d29750b 100644
+--- a/libavcodec/aacpsy.c
++++ b/libavcodec/aacpsy.c
+@@ -794,7 +794,7 @@ static void psy_3gpp_analyze_channel(FFPsyContext *ctx, int channel,
+ 
+         if (pe < 1.15f * desired_pe) {
+             /* 6.6.1.3.6 "Final threshold modification by linearization" */
+-            norm_fac = 1.0f / norm_fac;
++            norm_fac = norm_fac ? 1.0f / norm_fac : 0;
+             for (w = 0; w < wi->num_windows*16; w += 16) {
+                 for (g = 0; g < num_bands; g++) {
+                     AacPsyBand *band = &pch->band[w+g];
+-- 
+2.32.0
+
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20453.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20453.patch
new file mode 100644
index 0000000..b1c9405
--- /dev/null
+++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20453.patch
@@ -0,0 +1,42 @@
+From a7a7f32c8ad0179a1a85d0a8cff35924e6d90be8 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Fri, 28 May 2021 21:37:26 +0200
+Subject: [PATCH] avcodec/aacenc: Avoid 0 lambda
+
+Fixes: Ticket8003
+Fixes: CVE-2020-20453
+
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+CVE: CVE-2020-20453
+Upstream-Status: Backport [a7a7f32c8ad0179a1a85d0a8cff35924e6d90be8]
+
+Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
+---
+ libavcodec/aacenc.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/libavcodec/aacenc.c b/libavcodec/aacenc.c
+index aa223cf25f..e80591ba86 100644
+--- a/libavcodec/aacenc.c
++++ b/libavcodec/aacenc.c
+@@ -28,6 +28,7 @@
+  *              TODOs:
+  * add sane pulse detection
+  ***********************************/
++#include <float.h>
+ 
+ #include "libavutil/libm.h"
+ #include "libavutil/float_dsp.h"
+@@ -852,7 +853,7 @@ static int aac_encode_frame(AVCodecContext *avctx, AVPacket *avpkt,
+                 /* Not so fast though */
+                 ratio = sqrtf(ratio);
+             }
+-            s->lambda = FFMIN(s->lambda * ratio, 65536.f);
++            s->lambda = av_clipf(s->lambda * ratio, FLT_MIN, 65536.f);
+ 
+             /* Keep iterating if we must reduce and lambda is in the sky */
+             if (ratio > 0.9f && ratio < 1.1f) {
+-- 
+2.32.0
+
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22015.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22015.patch
new file mode 100644
index 0000000..5c91129
--- /dev/null
+++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22015.patch
@@ -0,0 +1,44 @@
+From 4c1afa292520329eecd1cc7631bc59a8cca95c46 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Sat, 29 May 2021 09:22:27 +0200
+Subject: [PATCH] avformat/movenc: Check pal_size before use
+
+Fixes: assertion failure
+Fixes: out of array read
+Fixes: Ticket8190
+Fixes: CVE-2020-22015
+
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+
+CVE: CVE-2020-22015
+Upstream-Status: Backport [4c1afa292520329eecd1cc7631bc59a8cca95c46]
+
+Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
+---
+ libavformat/movenc.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/libavformat/movenc.c b/libavformat/movenc.c
+index 2ab507df15..7d839f447b 100644
+--- a/libavformat/movenc.c
++++ b/libavformat/movenc.c
+@@ -2160,11 +2160,13 @@ static int mov_write_video_tag(AVFormatContext *s, AVIOContext *pb, MOVMuxContex
+         avio_wb16(pb, 0x18); /* Reserved */
+ 
+     if (track->mode == MODE_MOV && track->par->format == AV_PIX_FMT_PAL8) {
+-        int pal_size = 1 << track->par->bits_per_coded_sample;
+-        int i;
++        int pal_size, i;
+         avio_wb16(pb, 0);             /* Color table ID */
+         avio_wb32(pb, 0);             /* Color table seed */
+         avio_wb16(pb, 0x8000);        /* Color table flags */
++        if (track->par->bits_per_coded_sample < 0 || track->par->bits_per_coded_sample > 8)
++            return AVERROR(EINVAL);
++        pal_size = 1 << track->par->bits_per_coded_sample;
+         avio_wb16(pb, pal_size - 1);  /* Color table size (zero-relative) */
+         for (i = 0; i < pal_size; i++) {
+             uint32_t rgb = track->palette[i];
+-- 
+2.32.0
+
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22021.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22021.patch
new file mode 100644
index 0000000..6f7fce0
--- /dev/null
+++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22021.patch
@@ -0,0 +1,87 @@
+From 7971f62120a55c141ec437aa3f0bacc1c1a3526b Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Sat, 29 May 2021 11:17:35 +0200
+Subject: [PATCH] avfilter/vf_yadif: Fix handing of tiny images
+
+Fixes: out of array access
+Fixes: Ticket8240
+Fixes: CVE-2020-22021
+
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+CVE: CVE-2020-22021
+Upstream-Status: Backport [7971f62120a55c141ec437aa3f0bacc1c1a3526b]
+
+Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
+---
+ libavfilter/vf_yadif.c | 32 ++++++++++++++++++--------------
+ 1 file changed, 18 insertions(+), 14 deletions(-)
+
+diff --git a/libavfilter/vf_yadif.c b/libavfilter/vf_yadif.c
+index 91cc79ecc3..b0d9fbaf1f 100644
+--- a/libavfilter/vf_yadif.c
++++ b/libavfilter/vf_yadif.c
+@@ -123,20 +123,22 @@ static void filter_edges(void *dst1, void *prev1, void *cur1, void *next1,
+     uint8_t *next2 = parity ? cur  : next;
+ 
+     const int edge = MAX_ALIGN - 1;
++    int offset = FFMAX(w - edge, 3);
+ 
+     /* Only edge pixels need to be processed here.  A constant value of false
+      * for is_not_edge should let the compiler ignore the whole branch. */
+-    FILTER(0, 3, 0)
++    FILTER(0, FFMIN(3, w), 0)
+ 
+-    dst  = (uint8_t*)dst1  + w - edge;
+-    prev = (uint8_t*)prev1 + w - edge;
+-    cur  = (uint8_t*)cur1  + w - edge;
+-    next = (uint8_t*)next1 + w - edge;
++    dst  = (uint8_t*)dst1  + offset;
++    prev = (uint8_t*)prev1 + offset;
++    cur  = (uint8_t*)cur1  + offset;
++    next = (uint8_t*)next1 + offset;
+     prev2 = (uint8_t*)(parity ? prev : cur);
+     next2 = (uint8_t*)(parity ? cur  : next);
+ 
+-    FILTER(w - edge, w - 3, 1)
+-    FILTER(w - 3, w, 0)
++    FILTER(offset, w - 3, 1)
++    offset = FFMAX(offset, w - 3);
++    FILTER(offset, w, 0)
+ }
+ 
+ 
+@@ -170,21 +172,23 @@ static void filter_edges_16bit(void *dst1, void *prev1, void *cur1, void *next1,
+     uint16_t *next2 = parity ? cur  : next;
+ 
+     const int edge = MAX_ALIGN / 2 - 1;
++    int offset = FFMAX(w - edge, 3);
+ 
+     mrefs /= 2;
+     prefs /= 2;
+ 
+-    FILTER(0, 3, 0)
++    FILTER(0,  FFMIN(3, w), 0)
+ 
+-    dst   = (uint16_t*)dst1  + w - edge;
+-    prev  = (uint16_t*)prev1 + w - edge;
+-    cur   = (uint16_t*)cur1  + w - edge;
+-    next  = (uint16_t*)next1 + w - edge;
++    dst   = (uint16_t*)dst1  + offset;
++    prev  = (uint16_t*)prev1 + offset;
++    cur   = (uint16_t*)cur1  + offset;
++    next  = (uint16_t*)next1 + offset;
+     prev2 = (uint16_t*)(parity ? prev : cur);
+     next2 = (uint16_t*)(parity ? cur  : next);
+ 
+-    FILTER(w - edge, w - 3, 1)
+-    FILTER(w - 3, w, 0)
++    FILTER(offset, w - 3, 1)
++    offset = FFMAX(offset, w - 3);
++    FILTER(offset, w, 0)
+ }
+ 
+ static int filter_slice(AVFilterContext *ctx, void *arg, int jobnr, int nb_jobs)
+-- 
+2.32.0
+
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22033-CVE-2020-22019.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22033-CVE-2020-22019.patch
new file mode 100644
index 0000000..5d979ca
--- /dev/null
+++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22033-CVE-2020-22019.patch
@@ -0,0 +1,40 @@
+From 82ad1b76751bcfad5005440db48c46a4de5d6f02 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Sat, 29 May 2021 09:58:31 +0200
+Subject: [PATCH] avfilter/vf_vmafmotion: Check dimensions
+
+Fixes: out of array access
+Fixes: Ticket8241
+Fixes: Ticket8246
+Fixes: CVE-2020-22019
+Fixes: CVE-2020-22033
+
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+
+CVE: CVE-2020-22033
+CVE: CVE-2020-22019
+Upstream-Status: Backport [82ad1b76751bcfad5005440db48c46a4de5d6f02]
+
+Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
+---
+ libavfilter/vf_vmafmotion.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/libavfilter/vf_vmafmotion.c b/libavfilter/vf_vmafmotion.c
+index 2db4783d8d..454ebb8afa 100644
+--- a/libavfilter/vf_vmafmotion.c
++++ b/libavfilter/vf_vmafmotion.c
+@@ -238,6 +238,9 @@ int ff_vmafmotion_init(VMAFMotionData *s,
+     int i;
+     const AVPixFmtDescriptor *desc = av_pix_fmt_desc_get(fmt);
+ 
++    if (w < 3 || h < 3)
++        return AVERROR(EINVAL);
++
+     s->width = w;
+     s->height = h;
+     s->stride = FFALIGN(w * sizeof(uint16_t), 32);
+-- 
+2.32.0
+
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2021-33815.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2021-33815.patch
new file mode 100644
index 0000000..51edb76
--- /dev/null
+++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2021-33815.patch
@@ -0,0 +1,44 @@
+From 26d3c81bc5ef2f8c3f09d45eaeacfb4b1139a777 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Tue, 25 May 2021 19:29:18 +0200
+Subject: [PATCH] avcodec/exr: More strictly check dc_count
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Fixes: out of array access
+Fixes: exr/deneme
+
+Found-by: Burak Çarıkçı <burakcarikci@crypttech.com>
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+
+CVE: CVE-2021-33815
+Upstream-Status: Backport [26d3c81bc5ef2f8c3f09d45eaeacfb4b1139a777]
+
+Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
+---
+ libavcodec/exr.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/libavcodec/exr.c b/libavcodec/exr.c
+index 9377a89169..4648ed7d62 100644
+--- a/libavcodec/exr.c
++++ b/libavcodec/exr.c
+@@ -1059,11 +1059,11 @@ static int dwa_uncompress(EXRContext *s, const uint8_t *src, int compressed_size
+         bytestream2_skip(&gb, ac_size);
+     }
+ 
+-    if (dc_size > 0) {
++    {
+         unsigned long dest_len = dc_count * 2LL;
+         GetByteContext agb = gb;
+ 
+-        if (dc_count > (6LL * td->xsize * td->ysize + 63) / 64)
++        if (dc_count != dc_w * dc_h * 3)
+             return AVERROR_INVALIDDATA;
+ 
+         av_fast_padded_malloc(&td->dc_data, &td->dc_size, FFALIGN(dest_len, 64) * 2);
+-- 
+2.32.0
+
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb
index 3ed009b..e190775 100644
--- a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb
+++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb
@@ -6,16 +6,16 @@
 SECTION = "libs"
 
 LICENSE = "BSD & GPLv2+ & LGPLv2.1+ & MIT"
-LICENSE_${PN} = "GPLv2+"
-LICENSE_libavcodec = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
-LICENSE_libavdevice = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
-LICENSE_libavfilter = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
-LICENSE_libavformat = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
-LICENSE_libavresample = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
-LICENSE_libavutil = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
-LICENSE_libpostproc = "GPLv2+"
-LICENSE_libswresample = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
-LICENSE_libswscale = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
+LICENSE:${PN} = "GPLv2+"
+LICENSE:libavcodec = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
+LICENSE:libavdevice = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
+LICENSE:libavfilter = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
+LICENSE:libavformat = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
+LICENSE:libavresample = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
+LICENSE:libavutil = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
+LICENSE:libpostproc = "GPLv2+"
+LICENSE:libswresample = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
+LICENSE:libswscale = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
 LICENSE_FLAGS = "commercial"
 
 LIC_FILES_CHKSUM = "file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
@@ -25,13 +25,19 @@
 
 SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
            file://0001-libavutil-include-assembly-with-full-path-from-sourc.patch \
+           file://fix-CVE-2020-20446.patch \
+           file://fix-CVE-2020-20453.patch \
+           file://fix-CVE-2020-22015.patch \
+           file://fix-CVE-2020-22021.patch \
+           file://fix-CVE-2020-22033-CVE-2020-22019.patch \
+           file://fix-CVE-2021-33815.patch \
            "
 SRC_URI[sha256sum] = "06b10a183ce5371f915c6bb15b7b1fffbe046e8275099c96affc29e17645d909"
 
 # Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717
-ARM_INSTRUCTION_SET_armv4 = "arm"
-ARM_INSTRUCTION_SET_armv5 = "arm"
-ARM_INSTRUCTION_SET_armv6 = "arm"
+ARM_INSTRUCTION_SET:armv4 = "arm"
+ARM_INSTRUCTION_SET:armv5 = "arm"
+ARM_INSTRUCTION_SET:armv6 = "arm"
 
 # Should be API compatible with libav (which was a fork of ffmpeg)
 # libpostproc was previously packaged from a separate recipe
@@ -121,20 +127,21 @@
     --pkg-config=pkg-config \
 "
 
-EXTRA_OECONF_append_linux-gnux32 = " --disable-asm"
+EXTRA_OECONF:append:linux-gnux32 = " --disable-asm"
 
 EXTRA_OECONF += "${@bb.utils.contains('TUNE_FEATURES', 'mipsisa64r6', '--disable-mips64r2 --disable-mips32r2', '', d)}"
 EXTRA_OECONF += "${@bb.utils.contains('TUNE_FEATURES', 'mipsisa64r2', '--disable-mips64r6 --disable-mips32r6', '', d)}"
 EXTRA_OECONF += "${@bb.utils.contains('TUNE_FEATURES', 'mips32r2', '--disable-mips64r6 --disable-mips32r6', '', d)}"
 EXTRA_OECONF += "${@bb.utils.contains('TUNE_FEATURES', 'mips32r6', '--disable-mips64r2 --disable-mips32r2', '', d)}"
-EXTRA_OECONF_append_mips = " --extra-libs=-latomic --disable-mips32r5 --disable-mipsdsp --disable-mipsdspr2 \
+EXTRA_OECONF:append:mips = " --extra-libs=-latomic --disable-mips32r5 --disable-mipsdsp --disable-mipsdspr2 \
                              --disable-loongson2 --disable-loongson3 --disable-mmi --disable-msa --disable-msa2"
-EXTRA_OECONF_append_riscv32 = " --extra-libs=-latomic"
+EXTRA_OECONF:append:riscv32 = " --extra-libs=-latomic"
+EXTRA_OECONF:append:armv5 = " --extra-libs=-latomic"
 
 # gold crashes on x86, another solution is to --disable-asm but thats more hacky
 # ld.gold: internal error in relocate_section, at ../../gold/i386.cc:3684
 
-LDFLAGS_append_x86 = "${@bb.utils.contains('DISTRO_FEATURES', 'ld-is-gold', ' -fuse-ld=bfd ', '', d)}"
+LDFLAGS:append:x86 = "${@bb.utils.contains('DISTRO_FEATURES', 'ld-is-gold', ' -fuse-ld=bfd ', '', d)}"
 
 EXTRA_OEMAKE = "V=1"
 
@@ -143,7 +150,7 @@
 }
 
 # patch out build host paths for reproducibility
-do_compile_prepend_class-target() {
+do_compile:prepend:class-target() {
         sed -i -e "s,${WORKDIR},,g" ${B}/config.h
 }
 
@@ -157,23 +164,23 @@
              libswresample \
              libswscale"
 
-FILES_libavcodec = "${libdir}/libavcodec${SOLIBS}"
-FILES_libavdevice = "${libdir}/libavdevice${SOLIBS}"
-FILES_libavfilter = "${libdir}/libavfilter${SOLIBS}"
-FILES_libavformat = "${libdir}/libavformat${SOLIBS}"
-FILES_libavresample = "${libdir}/libavresample${SOLIBS}"
-FILES_libavutil = "${libdir}/libavutil${SOLIBS}"
-FILES_libpostproc = "${libdir}/libpostproc${SOLIBS}"
-FILES_libswresample = "${libdir}/libswresample${SOLIBS}"
-FILES_libswscale = "${libdir}/libswscale${SOLIBS}"
+FILES:libavcodec = "${libdir}/libavcodec${SOLIBS}"
+FILES:libavdevice = "${libdir}/libavdevice${SOLIBS}"
+FILES:libavfilter = "${libdir}/libavfilter${SOLIBS}"
+FILES:libavformat = "${libdir}/libavformat${SOLIBS}"
+FILES:libavresample = "${libdir}/libavresample${SOLIBS}"
+FILES:libavutil = "${libdir}/libavutil${SOLIBS}"
+FILES:libpostproc = "${libdir}/libpostproc${SOLIBS}"
+FILES:libswresample = "${libdir}/libswresample${SOLIBS}"
+FILES:libswscale = "${libdir}/libswscale${SOLIBS}"
 
 # ffmpeg disables PIC on some platforms (e.g. x86-32)
-INSANE_SKIP_${MLPREFIX}libavcodec = "textrel"
-INSANE_SKIP_${MLPREFIX}libavdevice = "textrel"
-INSANE_SKIP_${MLPREFIX}libavfilter = "textrel"
-INSANE_SKIP_${MLPREFIX}libavformat = "textrel"
-INSANE_SKIP_${MLPREFIX}libavutil = "textrel"
-INSANE_SKIP_${MLPREFIX}libavresample = "textrel"
-INSANE_SKIP_${MLPREFIX}libswscale = "textrel"
-INSANE_SKIP_${MLPREFIX}libswresample = "textrel"
-INSANE_SKIP_${MLPREFIX}libpostproc = "textrel"
+INSANE_SKIP:${MLPREFIX}libavcodec = "textrel"
+INSANE_SKIP:${MLPREFIX}libavdevice = "textrel"
+INSANE_SKIP:${MLPREFIX}libavfilter = "textrel"
+INSANE_SKIP:${MLPREFIX}libavformat = "textrel"
+INSANE_SKIP:${MLPREFIX}libavutil = "textrel"
+INSANE_SKIP:${MLPREFIX}libavresample = "textrel"
+INSANE_SKIP:${MLPREFIX}libswscale = "textrel"
+INSANE_SKIP:${MLPREFIX}libswresample = "textrel"
+INSANE_SKIP:${MLPREFIX}libpostproc = "textrel"