sysmo-bts
/
generic-poky
9
0
Fork 0
Code Pull Requests Releases Activity
generic-poky/meta/recipes-multimedia
History
Jackie Huang 7ec1ed5c80 libsndfile1: Fix CVE-2017-8361 and CVE-2017-8365 
Backport the patch to fix two CVEs:

CVE-2017-8361:
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows
remote attackers to cause a denial of service (buffer overflow and
application crash) or possibly have unspecified other impact via a
crafted audio file.

CVE-2017-8365:
The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote
attackers to cause a denial of service (buffer over-read and application
crash) via a crafted audio file.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-8361
https://nvd.nist.gov/vuln/detail/CVE-2017-8365

(From OE-Core rev: d92877ade8fd4dd9b548c6b664bf4357a1f9428a)

(From OE-Core rev: a23241c1e10c706754c19d7f69fe7c6cbac3732e)

Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 		2017-09-11 22:15:58 +01:00
..
alsa meta: replace uses of bb.data.expand(VARNAME, d) with d.expand(VARNAME) 2017-03-22 11:35:19 +00:00
ffmpeg ffmpeg: use static package list 2017-03-01 23:27:10 +00:00
flac flac_1.3.1.bb: set CVE_PRODUCT to libflac 2017-08-29 11:57:27 +01:00
gstreamer gst-player: Disable visualizations as workaround 2017-04-29 11:17:23 +01:00
lame meta: update patch metadata 2016-07-08 09:57:24 +01:00
liba52 package_regex.inc: split sourceforge related entries to their own recipes 2015-12-08 10:20:52 +00:00
libid3tag libid3tag: use "foreign" automake strictness 2014-07-16 10:31:16 +01:00
libogg libogg: upgrade to 1.3.2 2014-06-01 14:29:31 +01:00
libomxil meta: Drop now pointless manual -dbg packaging 2015-12-16 11:56:30 +00:00
libpng libpng: Upgrade 1.6.26 -> 1.6.28 2017-01-26 10:44:28 +00:00
libsamplerate libsamplerate0_0.1.9.bb: set CVE_PRODUCT to libsamplerate 2017-08-29 11:57:27 +01:00
libsndfile libsndfile1: Fix CVE-2017-8361 and CVE-2017-8365 2017-09-11 22:15:58 +01:00
libtheora package_regex.inc: split the rest of the entries to their recipes 2015-12-08 10:20:52 +00:00
libtiff libtiff: Security Advisory - libtiff - CVE-2017-5225 2017-01-31 14:43:01 +00:00
libvorbis libvorbis: Contain gcc specific compiler flags using configure option 2017-03-24 23:43:32 +00:00
mpeg2dec recipes: Make use of the new bb.utils.filter() function 2017-03-01 11:17:45 +00:00
mpg123 recipes: Make use of the new bb.utils.filter() function 2017-03-01 11:17:45 +00:00
pulseaudio recipes: Make use of the new bb.utils.filter() function 2017-03-01 11:17:45 +00:00
sbc sbc: upgrade to 1.3 2014-11-20 14:08:08 +00:00
speex speex: 1.2rc1 -> 1.2rc2 2015-07-16 15:09:15 +01:00
webp libwebp: update to 0.6.0 2017-03-01 23:27:09 +00:00
x264 x264: Upgrade to stable branch head 2017-03-01 23:27:07 +00:00