| Age | Commit message (Collapse) | Author | Files |
|---|
|
CVE-2017-14160, CVE-2018-10393 (same as 14160), and CVE-2018-10392.
These fixes should be in libvorbis 1.3.7.
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Rebased 0001-configure-Check-for-clang.patch.
Removed the backported CVE patches.
License-Update: copyright years refreshed
Signed-off-by: Tanu Kaskinen <tanuk@iki.fi>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Prevent out-of-bounds write in codebook decoding. The bug could allow
code execution from a specially crafted Ogg Vorbis file.
References:
https://www.debian.org/security/2018/dsa-4140
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146
Signed-off-by: Tanu Kaskinen <tanuk@iki.fi>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing
uninitialized memory in the function vorbis_analysis_headerout() in
info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14632
Signed-off-by: Tanu Kaskinen <tanuk@iki.fi>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability
exists in the function mapping0_forward() in mapping0.c, which may lead
to DoS when operating on a crafted audio file with vorbis_analysis().
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14633
Signed-off-by: Tanu Kaskinen <tanuk@iki.fi>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Those code fragments date back to ancient times. EXTRA_OECONF is not
required anymore and we should give gcc another try to do it right.
Testing on cortex-a8 with thumb and -O2 reveals a performance boost of
82 percent during encoding in comparison to -O0. -O4 gives another 7
percent.
Signed-off-by: Stefan Müller-Klieser <s.mueller-klieser@phytec.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Licence years have changes causing checksum changes
-Copyright (c) 2002-2008 Xiph.org Foundation
+Copyright (c) 2002-2015 Xiph.org Foundation
(From OE-Core rev: cb034175054ae31f7065677ba36b6a45dc067be0)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
- Updated website;
- Cleaned up bugtracker web address;
- Removed PR;
- Switched to ${BP} variable;
- removed obsolete_automake_macros.patch,
included in upstream;
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Add obsolete_automake_macros.patch that replaces automake macros
no longer supported by automake-1.13 with modern constructs.
Signed-off-by: Marko Lindqvist <cazfi74@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Shane Wang <shane.wang@intel.com>
|
|
Add SUMMARY and update DESCRIPTIONS as appropriate
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
|
|
Having one monolithic packages directory makes it hard to find things
and is generally overwhelming. This commit splits it into several
logical sections roughly based on function, recipes.txt gives more
information about the classifications used.
The opportunity is also used to switch from "packages" to "recipes"
as used in OpenEmbedded as the term "packages" can be confusing to
people and has many different meanings.
Not all recipes have been classified yet, this is just a first pass
at separating things out. Some packages are moved to meta-extras as
they're no longer actively used or maintained.
Signed-off-by: Richard Purdie <rpurdie@linux.intel.com>
|
