openembedded-core.git/meta/recipes-multimedia, branch krogoth Mirror of openembedded-core pulseaudio: Disable unit tests 2016-10-06T07:50:47+00:00 Davis, Michael michael.davis@essvote.com 2016-09-28T18:36:41+00:00 3bb87439e8458cff898a4e120dd65a9e32d7197b Pulseaudio unit tests create a dependency on check not in the recipe. Since unit tests are not used they are disabled to eliminate build race condition. Backported from master commit 92cfdb2ba7e04e2b70986c6569f500dd2a48b5d1 Signed-off-by: Michael Davis <michael.davis@essvote.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
Pulseaudio unit tests create a dependency on check not in the recipe.
Since unit tests are not used they are disabled to eliminate build race condition.

Backported from master commit 92cfdb2ba7e04e2b70986c6569f500dd2a48b5d1

Signed-off-by: Michael Davis <michael.davis@essvote.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
tiff: Update download URL 2016-09-23T14:26:46+00:00 Jussi Kukkonen jussi.kukkonen@intel.com 2016-09-08T13:35:31+00:00 ee2b4b537233172cfc62779bc2397eac598d87e6 remotesensing.org domain has been taken over by someone unrelated. There does not seem to be an up-to-date tiff homepage, but osgeo.org is a reliable download site. (From OE-Core rev: f544e1d10e9dc0f750efdb45a78ce9d5c9603070) Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
remotesensing.org domain has been taken over by someone unrelated.
There does not seem to be an up-to-date tiff homepage, but
osgeo.org is a reliable download site.

(From OE-Core rev: f544e1d10e9dc0f750efdb45a78ce9d5c9603070)

Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
tiff: Security fix CVE-2016-5323 2016-09-23T14:25:56+00:00 Yi Zhao yi.zhao@windriver.com 2016-08-10T07:11:20+00:00 e066ba81ac7aecd3d9dfa1cb5d89acb6dc073e8f CVE-2016-5323 libtiff: a maliciously crafted TIFF file could cause the application to crash when using tiffcrop command External References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5323 http://bugzilla.maptools.org/show_bug.cgi?id=2559 Patch from: https://github.com/vadz/libtiff/commit/2f79856097f423eb33796a15fcf700d2ea41bf31 (From OE-Core rev: 4ad1220e0a7f9ca9096860f4f9ae7017b36e29e4) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
CVE-2016-5323 libtiff: a maliciously crafted TIFF file could cause the
application to crash when using tiffcrop command

External References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5323
http://bugzilla.maptools.org/show_bug.cgi?id=2559

Patch from:
https://github.com/vadz/libtiff/commit/2f79856097f423eb33796a15fcf700d2ea41bf31

(From OE-Core rev: 4ad1220e0a7f9ca9096860f4f9ae7017b36e29e4)

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
tiff: Security fix CVE-2016-5321 2016-09-23T14:25:56+00:00 Yi Zhao yi.zhao@windriver.com 2016-08-10T07:11:19+00:00 ff5d0abf31394d332c5db06a2d3ef337b1f8db9d CVE-2016-5321 libtiff: a maliciously crafted TIFF file could cause the application to crash when using tiffcrop command External References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5321 http://bugzilla.maptools.org/show_bug.cgi?id=2558 Patch from: https://github.com/vadz/libtiff/commit/d9783e4a1476b6787a51c5ae9e9b3156527589f0 (From OE-Core rev: 4a167cfb6ad79bbe2a2ff7f7b43c4a162ca42a4d) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
CVE-2016-5321 libtiff: a maliciously crafted TIFF file could cause the
application to crash when using tiffcrop command

External References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5321
http://bugzilla.maptools.org/show_bug.cgi?id=2558

Patch from:
https://github.com/vadz/libtiff/commit/d9783e4a1476b6787a51c5ae9e9b3156527589f0

(From OE-Core rev: 4a167cfb6ad79bbe2a2ff7f7b43c4a162ca42a4d)

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
tiff: Security fix CVE-2016-3186 2016-09-23T14:25:55+00:00 Yi Zhao yi.zhao@windriver.com 2016-08-10T07:11:18+00:00 bebb2683ddeda2bef25eca3077c366c93c0a81b4 CVE-2016-3186 libtiff: buffer overflow in the readextension function in gif2tiff.c allows remote attackers to cause a denial of service via a crafted GIF file External References: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3186 https://bugzilla.redhat.com/show_bug.cgi?id=1319503 Patch from: https://bugzilla.redhat.com/attachment.cgi?id=1144235&action=diff (From OE-Core rev: 3d818fc862b1d85252443fefa2222262542a10ae) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
CVE-2016-3186 libtiff: buffer overflow in the readextension function in
gif2tiff.c allows remote attackers to cause a denial of service via a
crafted GIF file

External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3186
https://bugzilla.redhat.com/show_bug.cgi?id=1319503

Patch from:
https://bugzilla.redhat.com/attachment.cgi?id=1144235&action=diff

(From OE-Core rev: 3d818fc862b1d85252443fefa2222262542a10ae)

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
tiff: Security fix CVE-2015-8784 2016-09-23T14:25:54+00:00 Armin Kuster akuster@mvista.com 2016-08-10T07:11:17+00:00 a1839427c5626367beb6bf59d900904dedb6bf03 CVE-2015-8784 libtiff: out-of-bound write in NeXTDecode() External Reference: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8784 (From OE-Core rev: 36097da9679ab2ce3c4044cd8ed64e5577e3f63e) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
CVE-2015-8784 libtiff: out-of-bound write in NeXTDecode()

External Reference:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8784

(From OE-Core rev: 36097da9679ab2ce3c4044cd8ed64e5577e3f63e)

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
tiff: Security fix CVE-2015-8781 2016-09-23T14:25:52+00:00 Armin Kuster akuster@mvista.com 2016-08-10T07:11:16+00:00 18d8f81c16cbf165183f5deda71fef0763386a21 CVE-2015-8781 libtiff: out-of-bounds writes for invalid images External Reference: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8781 (From OE-Core rev: 9e97ff5582fab9f157ecd970c7c3559265210131) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
CVE-2015-8781 libtiff: out-of-bounds writes for invalid images

External Reference:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8781

(From OE-Core rev: 9e97ff5582fab9f157ecd970c7c3559265210131)

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
pulseaudio: fix crash when disconnecting bluetooth devices 2016-09-23T14:25:41+00:00 Tanu Kaskinen tanuk@iki.fi 2016-08-03T20:41:31+00:00 e416c32f6059a5d4cb47809186c2feaaef7ff4ba [YOCTO #10018] Add a patch that makes the bluetooth code create the HSP/HFP card profile only once. The old behaviour of creating the profile twice was not compatible with 0001-card-add-pa_card_profile.ports.patch. This fix is not needed for master, because master doesn't any more have 0001-card-add-pa_card_profile.ports.patch. Signed-off-by: Tanu Kaskinen <tanuk@iki.fi> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
[YOCTO #10018]

Add a patch that makes the bluetooth code create the HSP/HFP card
profile only once. The old behaviour of creating the profile twice
was not compatible with 0001-card-add-pa_card_profile.ports.patch.

This fix is not needed for master, because master doesn't any more
have 0001-card-add-pa_card_profile.ports.patch.

Signed-off-by: Tanu Kaskinen <tanuk@iki.fi>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
alsa-lib: Fix incorrect appl pointer when mmap_commit() returns error. 2016-06-29T18:34:40+00:00 Yuqing Zhu carol.zhu@nxp.com 2016-05-04T09:46:46+00:00 4ddef11c6a0f0a2d2ff0d4e556c0bbb3d5999f83 The appl pointer needs to be updated only when snd_pcm_mmap_commit() is successfully returned. Or it shouldn't be updated. This is to fix the avail_update()'s result is incorrect when returns error. (From OE-Core rev: fcd7e439497174256a5c467532aad402f4d19ca1) Signed-off-by: Yuqing Zhu <carol.zhu@nxp.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> 
The appl pointer needs to be updated only when snd_pcm_mmap_commit() is
successfully returned. Or it shouldn't be updated.
This is to fix the avail_update()'s result is incorrect when returns error.

(From OE-Core rev: fcd7e439497174256a5c467532aad402f4d19ca1)

Signed-off-by: Yuqing Zhu <carol.zhu@nxp.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
tiff: Security fixes CVE-2015-8665 and CVE-2015-8683 2016-04-29T06:36:30+00:00 Armin Kuster akuster@mvista.com 2016-04-26T00:29:41+00:00 b7a38a45bf404b8f9b419bf7c054102d68cf2673 same fix for both CVE's tiff <= 4.0.6 Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
same fix for both CVE's

tiff <= 4.0.6

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>