summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* linux-yocto-dev: Dynamic SRCREV updateDarren Hart2014-05-281-18/+11
| | | | | | | | | | | | | | | | | | | | | | The current implementation would result in the default SRCREVs being used by the fetcher, even though the anonymous python would update them to AUTOREV. This appears to be something to do with early parsing bitbake black magic. This patch ensures the default is never assigned if we are actually building the recipe by using a function to assign it in the first place. The USE_DEFAULT* variables are removed as they are not necessary to allow for overriding the SRCREVs. The anonymous python parse check is moved closer to the top of the recipe to be a bit more logically representative of its intended purpose. (From OE-Core rev: a0334b0de654a41c53df54ef80625094368113f6) Signed-off-by: Darren Hart <dvhart@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto/3.10: bump kver to v3.10.40Bruce Ashfield2014-05-283-16/+16
| | | | | | | | | Integrating the latest korg releases for the 3.10 kernel. (From OE-Core rev: 574c03bd5fd73281472f8267a31cfecb235f1c65) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* beaglebone: enable the nowayout option for the watchdogBruce Ashfield2014-05-283-3/+3
| | | | | | | | | | | | | | | | | | | | | | Bumping the meta SRCREV for the following fix: [ The default watchdog behaviour is to stop the timer if the process managing it closes the file /dev/watchdog. The system would not reboot if watchdog daemon crashes due to a bug in it or get killed by other malicious code. So we prefer to enable nowayout option for the watchdong. With this enabled, there is no way of disabling the watchdog once it has been started. This option is also enabled in the predecessor of this BSP (beagleboard) ] [YOCTO: 3937] (From OE-Core rev: 7006412c285a4a6c75d5349f60dc71b0b735ff90) Signed-off-by: Kevin Hao <kexin.hao@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto-rt/3.14: update to 3.14-rt5Bruce Ashfield2014-05-281-3/+3
| | | | | | | | | Updating the the latest 3.14-rt release. (From OE-Core rev: ca1d952c964ce25bf78d47c7a856105d59d72cac) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto/3.14: update to v3.14.4Bruce Ashfield2014-05-283-16/+16
| | | | | | | | | Bumping the 3.14 recipes to the latest korg -stable release. (From OE-Core rev: 5c0088767a59c63d2197b54450a54578fa10fa07) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: fetch2/hg: Fix missing proto param for hg checkout with user and pwVolker Vogelhuber2014-05-281-1/+1
| | | | | | | | | | A fix for the former patch when checking out a repository with username and password using HG (Bitbake rev: 0e7b594ccbceb3149f38776cea204807031ef69f) Signed-off-by: Volker Vogelhuber <v.vogelhuber@digitalendoscopy.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: bitbake-layers: show-cross-depends: add support for RRECOMMENDSPaul Eggleton2014-05-281-0/+20
| | | | | | | | | | RRECOMMENDS must be satisfied at build time, and these could cross layer boundaries, so report these if they exist. (Bitbake rev: 5569b3dca61e6d962494ca65c7aad09b2eb2ae63) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: bitbake-layers: show-cross-depends: ignore self-satisfied RDEPENDSPaul Eggleton2014-05-281-0/+3
| | | | | | | | | | | Overlayed recipes caused this to show false positives because the overlaying version appeared to be satisfying the overlayed version's RDEPENDS; but you'd never be building both at the same time. (Bitbake rev: b94318174fe7f92b9a20eabb0bc4055066cb3d51) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: bitbake-layers: show-cross-depends: ignore global inheritsPaul Eggleton2014-05-281-0/+5
| | | | | | | | | | It's not particularly useful to show globally inherited classes here since they do not normally represent a dependency. (Bitbake rev: d16948bb88fcf44d861985838030be7c08697963) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: bitbake-layers: show-cross-depends: add option to ignore a layerPaul Eggleton2014-05-281-20/+24
| | | | | | | | | | | | | | | | By default, show-cross-depends shows dependencies on OE-Core (i.e. "meta") which is not particularly useful. Add an option to allow you to hide those. For example, to hide all dependencies on OE-Core: bitbake-layers show-cross-depends -i meta Multiple layers can be specified by using commas as separators (no spaces). (Bitbake rev: 0e9062e65acbb05c1d9b3a9145eb866c3d562309) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lighthttp: Use pkg-config for pcre dependencyRichard Purdie2014-05-282-0/+34
| | | | | | (From OE-Core rev: d2457880e7bb08b9c2f8d60e70b1d59ed84e9da9) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libarchive: Use pkg-config for libxml2 dependencyRichard Purdie2014-05-282-0/+26
| | | | | | (From OE-Core rev: fe277bf0a61d5d7787dba699ee1ed4d979ba5cff) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libksba: Use pkg-config for dependenciesRichard Purdie2014-05-282-19/+116
| | | | | | | | | Use pkg-config in the m4 macros for the package, ensure we have a host field in the .pc file. (From OE-Core rev: 4a971a90988435902a4a8dd9c721d440cd80c0bd) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gpgme: Update to ensure we pkg-config for dependenciesRichard Purdie2014-05-281-0/+6
| | | | | | (From OE-Core rev: ffffc627b21a3cf8b407d16a437793b5fddf7127) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: Use pkg-config for dependenciesRichard Purdie2014-05-282-2/+107
| | | | | | | | Use pkg-config instead of -config files in the m4 macros. (From OE-Core rev: 74d73cf1e4607cb313b5e4c7138b555d5999a46d) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxslt: Use pkg-config for dependenciesRichard Purdie2014-05-282-1/+120
| | | | | | (From OE-Core rev: f0479e60b660778ab27b946d426daa17a08a28ea) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: Convert to use pkg-config for dependenciesRichard Purdie2014-05-282-1/+96
| | | | | | | | | Use pkg-config to find pth instead of pth-config and our own macros from aclocal-copy. (From OE-Core rev: 437ad15de308769c9251a37ed41dabed5653fc96) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libassuan: Improve pkgconfig supportRichard Purdie2014-05-283-57/+163
| | | | | | | | | Add api_version and host to the .pc file and use pkg-config in the m4 macros for the package. (From OE-Core rev: 17e5793847601d2aeb497ffe14871df65543abfb) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgpg-error: Extend pkgconfig support to m4 macrosRichard Purdie2014-05-281-13/+90
| | | | | | | | | | Whilst there is currently .pc file pkgconfig support, it was unused by the m4 macros. This extends the support so they're used instead of the -config scripts. (From OE-Core rev: ff573270f7e87296840911189fd2087a1bc597f7) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* devshell: Add interactive python shellRichard Purdie2014-05-282-0/+213
| | | | | | | | | | | | | | | Being able to interact with the python context in the Bitbake task execution environment has long been desireable. This patch introduces such a mechanism. Executing "bitbake X -c devpyshell" will open a terminal connected to a python interactive interpretor in the task context so for example you can run commands like "d.getVar('WORKDIR')" This version now includes readline support for command history and various other bug fixes such as exiting cleanly compared to previous versions. (From OE-Core rev: 36734f34fe6e4b91e293234687e63c02f5b3117e) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pseudo: Honor umask againPeter Seebach2014-05-281-6/+163
| | | | | | | | | | | | The fchmodat-permissions patch was fine for the fchmod case, but had the unintended side effect of disregarding umask settings for open, mknod, mkdir, and their close relatives. Start tracking umask and masking the umask bits out where appropriate. (From OE-Core rev: ce23c1cc33a015fbd184df6c16658353334ab611) Signed-off-by: Peter Seebach <peter.seebach@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cmake: Avoid accidentally including libacl.hMike Crowe2014-05-281-0/+1
| | | | | | | | | | | | | | | | The cmake recipe doesn't depend on libacl yet cmake will detect libacl.h and use it by default. This risks build failures if libacl.h is unstaged during the build and it also means that the build cmake will sometimes support ACLs and sometimes not. This can be avoided by setting ENABLE_ACL=0 but until the fix for http://cmake.org/Bug/view.php?id=14866 is released we also need to set HAVE_ACL_LIBACL_H=0. (From OE-Core rev: e76973b4ef687c5b36ed6f9eb202322ae4af9b9f) Signed-off-by: Mike Crowe <mac@mcrowe.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ddimage: Support Mac OSDarren Hart2014-05-281-5/+20
| | | | | | | | | | | | | | Update the ddimage script to allow it to work on Mac OS too. The biggest difference is sysfs vs diskutil and in the syntax of the stat command between Mac OS and Linux, unfortunately. Workarounds using ls, cut, and columns got really fragile really quickly. Relying on stat and switching on uname seemed the more robust solution. (From OE-Core rev: 8962fe11a0697348affb8a1ab95abca4995470a6) Signed-off-by: Darren Hart <dvhart@linux.intel.com> Cc: Koen Kooi <koen@dominion.thruhere.net> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* eglinfo: updated to compile with mesa10+Valentin Popa2014-05-271-1/+1
| | | | | | | | | | Updated to the newer 4b317648ec6cf39556a9e5d8078f605bc0edd5de. (From OE-Core rev: 9948e4239b88026804c33d84830dbfe6b0ed3e59) Signed-off-by: Valentin Popa <valentin.popa@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxshmfence: add it to oe-coreValentin Popa2014-05-271-0/+17
| | | | | | | | | | | mesa 10+ depends on this (if the user builds mesa with dri3 support enabled). So add it to oe-core. (From OE-Core rev: afa3e8943d9e52a2d20ceea1e6a02a3133ef79fa) Signed-off-by: Valentin Popa <valentin.popa@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dri3proto: add it to oe-coreValentin Popa2014-05-271-0/+14
| | | | | | | | | | | mesa 10+ depends on this (if the user builds mesa with dri3 support enabled). So add it to oe-core. (From OE-Core rev: 6a9717bd34854ecb56a4ab1731b6bf3cf4b471ea) Signed-off-by: Valentin Popa <valentin.popa@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* distro_features_check.bbclass: fix searching whole listSebastian Wiegand2014-05-271-3/+3
| | | | | | | | | | | Search whole list of REQUIRED_DISTRO_FEATURES. Print only the missing/conflicting feature on error. (From OE-Core rev: 4290e10c17aa5477bbd57023c35426c12fcc25cb) Signed-off-by: Sebastian Wiegand <sebastian.wiegand@gersys.de> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* weston: upgrade to 1.5.0Tim Orling2014-05-274-35/+43
| | | | | | | | | | | | | * replace 0001-remove-dependence-on-wayland-scanner-flags.patch with disable-wayland-scanner-pkg-check.patch * add make-lcms-configureable.patch (WIP... needs work) = fix for JaMa test-dependencies (From OE-Core rev: 7c40efb62f34f866c98a0b2df50d66c60d76143a) Signed-off-by: Tim Orling <TicoTimo@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wayland: upgrade to 1.5.0Tim Orling2014-05-273-54/+4
| | | | | | | | | | | | * update disable-macro-checks-not-used-for-scanner.patch = trivial change to non-patched text (+ posix_fallocate) * drop just-scanner.patch, no longer needed (From OE-Core rev: f453259c6710a6b3fb3c542b3921426baf160347) Signed-off-by: Tim Orling <TicoTimo@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perl: stop perl-modules recommending perl-ptestRoss Burton2014-05-271-1/+6
| | | | | | | | | | | | | | Change the logic that generates the perl-modules recommends to be an include filter instead of an exclude filter, so that new sub-packages don't become dependants of perl-modules (such as perl-ptest). [ YOCTO #6203 ] (From OE-Core rev: 94e164c5b5316e2797c5bab51d127935002c6008) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* babeltrace: fix alignment issueRoy Li2014-05-272-1/+57
| | | | | | | | | | Fix alignment issue in babeltrace (From OE-Core rev: 862f14832d2d8a1917a5046d0299dbbbe6dc66da) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lttng-tools: fix alignment issueRoy Li2014-05-273-0/+49
| | | | | | | | | | Fix alignment issue in lttng-tools (From OE-Core rev: 539b77a29eb24b3896c9c436c0b4ce61c6b72b34) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: upgrade to 5.19Cristian Iorga2014-05-272-3/+3
| | | | | | | | | | | | - Fixes to OBEX, AVRCP browsing, HID over GATT and handling of device unpaired events for dual-mode devices. - New features: user space based HID host implementation (for BR/EDR). (From OE-Core rev: 5dce15e6623748ce3c1456f12d5cde6edc1be939) Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perl: fix for CVE-2010-4777yanjun.zhu2014-05-273-2/+49
| | | | | | | | | | | | | | | | | | The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (assertion failure and application exit) via crafted input that is not properly handled when using certain regular expressions, as demonstrated by causing SpamAssassin and OCSInventory to crash. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4777 (From OE-Core rev: 368df9f13ddf124e6aaaec06c02ab698c9e0b6c3) Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pseudo: handle fchmodat better, mask out unwanted write bitsPeter Seebach2014-05-272-1/+109
| | | | | | | | | | | | | | | | | | | | | | | It turns out that pseudo's decision not to report errors from the host system's fchmodat() can break GNU tar in a very strange way, resulting in directories being mode 0700 instead of whatever they should have been. Additionally, it turns out that if you make directories in your rootfs mode 777, that results in the local copies being mode 777, which could allow a hypothetical attacker with access to the machine to add files to your rootfs image. We should mask out the 022 bits when making actual mode changes in the rootfs. This patch represents a backport to the 1.5.1 branch of three patches from the 1.6 branch, because it took a couple of tries to get this quite right. (From OE-Core rev: 45371858129bbad8f4cfb874e237374a5ba8db4c) Signed-off-by: Peter Seebach <peter.seebach@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python-native : Add patch to fix configure error with gcc 4.8.Philip Balister2014-05-271-0/+1
| | | | | | | | | | | | | We apply this patch to the python recipe already. Without this patch the zeroc-ice-native recipe will not build. See: http://bugs.python.org/issue17547 for more details. (From OE-Core rev: 2335a8ed3748e687e7f34f21f27f8e4029d1e26b) Signed-off-by: Philip Balister <philip@balister.org> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake.conf: add default ${CPAN_MIRROR}Tim Orling2014-05-271-0/+1
| | | | | | | | | | * Set default to http://search.cpan.org/CPAN/, as it should be (From OE-Core rev: 7cf349c3f1f195d529fbd73ce4bf63a439ffa4e6) Signed-off-by: Tim Orling <TicoTimo@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mirrors.bbclass: add ${CPAN_MIRROR} optionTim Orling2014-05-271-0/+2
| | | | | | | | | | | * Perl modules fail to fetch because default CPAN site has been flaky lately. * Create option to use metacpan.org as a mirror. (From OE-Core rev: ffca381d9ad5de3e593c93274cfdb3d2ff4a447f) Signed-off-by: Tim Orling <TicoTimo@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* initramfs-live-install: avoid using grub.d/40_customRobert Yang2014-05-271-8/+7
| | | | | | | | | | | | | | | | | | | | | | | | | We have this in recipes-bsp/grub/grub/40_custom: [snip] menuentry "Linux" { set root=(hd0,1) linux /vmlinuz root=__ROOTFS__ rw __CONSOLE__ __VIDEO_MODE__ __VGA_MODE__ quiet } [snip] These lines are only for initrdscripts/files/init-install.sh, the side effect is that it would make the target's grub-mkconfig doesn't work well since the 40_custom will be installed to /etc/grub.d/40_custom, the grub-mkconfig will run the 40_custom, and there will always be a 'menuentry "Linux"' menu in grub.cfg no matter it is valid or not, we can do this in init-install.sh rather than grub to fix the problem, which is also much simpler. (From OE-Core rev: 8ae89d08454c11035eb2826a06e2243c9f2568b4) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* taglib: Force a disable of the floating dependency on boostRichard Purdie2014-05-271-0/+2
| | | | | | | | | | | | taglib appears to depend on boost if it finds it in the sysroot. Force it not to do this. Someone with better cmake skills may be able to do this in a neater way. (From OE-Core rev: 2c6c6c98416e5a458a02106524b5aa10a4b71d60) (From OE-Core rev: 87fd1d7331f6f64a9037d97672dbe66d93f276de) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* guile: Update to 2.0.11 versionChong Lu2014-05-212-68/+2
| | | | | | | | | | | Upgrade guile to 2.0.11 version and remove unneeded patch since it's included in new version. (From OE-Core rev: f1727bb18f35ff01e53d3d442a6ff3c613639fa6) Signed-off-by: Chong Lu <Chong.Lu@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* byacc: Update to 20140422 versionChong Lu2014-05-211-2/+2
| | | | | | | | | | Upgrade byacc to 20140422 version. (From OE-Core rev: d58ab8819724cf460360458ac6e59a9c0ca7966c) Signed-off-by: Chong Lu <Chong.Lu@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* flex: Update to 2.5.39 versionChong Lu2014-05-211-2/+2
| | | | | | | | | | Upgrade flex to 2.5.39 version. (From OE-Core rev: 701f1ae89926306dfbd19786fe0ddabc36fb485c) Signed-off-by: Chong Lu <Chong.Lu@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-ffmpeg: fix for Security Advisory CVE-2013-0849Yue Tao2014-05-212-0/+37
| | | | | | | | | | | | | | | | The roq_decode_init function in libavcodec/roqvideodec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted (1) width or (2) height dimension that is not a multiple of sixteen in id RoQ video data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0849 (From OE-Core rev: 1a43a8054f51fbd542f3f037dc35f8b501e455bf) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-ffmpeg: fix for Security Advisory CVE-2013-0850Yue Tao2014-05-212-0/+30
| | | | | | | | | | | | | | | The decode_slice_header function in libavcodec/h264.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted H.264 data, which triggers an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0850 (From OE-Core rev: 69f3f0f94f4fd224e5a6b275207adf0539d085c3) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-ffmpeg: fix for Security Advisory CVE-2013-0856Yue Tao2014-05-212-0/+31
| | | | | | | | | | | | | | | The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec (ALAC) data, related to a large nb_samples value. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0856 (From OE-Core rev: 571ccce77859435ff8010785e11627b20d8b31f4) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-ffmpeg: fix for Security Advisory CVE-2013-0854Yue Tao2014-05-212-0/+33
| | | | | | | | | | | | | | | The mjpeg_decode_scan_progressive_ac function in libavcodec/mjpegdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted MJPEG data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0854 (From OE-Core rev: b3d9c8f603ebdbc21cb2ba7e62f8b5ebb57c40c1) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-ffmpeg: fix for Security Advisory CVE-2013-0851Yue Tao2014-05-212-0/+30
| | | | | | | | | | | | | | | | The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Electronic Arts Madcow video data, which triggers an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0851 (From OE-Core rev: 8c9868d074f5d09022efc9419ee09eb805f68394) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-ffmpeg: fix for Security Advisory CVE-2013-0858Yue Tao2014-05-212-0/+38
| | | | | | | | | | | | | | | The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via ATRAC3 data with the joint stereo coding mode set and fewer than two channels. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0858 (From OE-Core rev: 0ee8754c973f5eff3ba4d00319a5308888c12b17) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-ffmpeg: fix for Security Advisory CVE-2013-0852Yue Tao2014-05-212-0/+35
| | | | | | | | | | | | | | | The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted RLE data, which triggers an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0852 (From OE-Core rev: 37f9371b44bd914fdd64e4c4e4448a2908512203) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
OpenPOWER on IntegriCloud