summaryrefslogtreecommitdiff
path: root/meta/recipes-multimedia
AgeCommit message (Collapse)AuthorFiles
2014-06-17libtiff: Security Advisory - CVE-2012-4564Yue Tao2
v2 changes: * update format for commit log * add Upstream-Status for patch ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4564 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-16binconfig-disabled: Add class and useRichard Purdie1
This adds a binconfig-disabled class which can be used by recipes where a -config file is installed but we wish to disable it and just rely on the .pc files instead. Rather than simply deleting it, we make the script "exit 1" so that it can be found in PATH and raise a build error rather than something silently falling back to the build system for example. Rather than randomly finding -config files, this adds in the specification of a list of binconfig scripts which is more deterministic and maintainable moving forward. This patch converts various users in OE-Core to use this, a world build of OE-Core tests out ok with this change. There will likely be issues in other layers however, hence this being a RFT. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-14alsa-tools: Add missing pkgconfg dependencyRichard Purdie1
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-14gstreamer1.0-rtsp-server: depends on libcgroup and gstreamer1.0-plugins-baseRobert Yang1
Otherwise may do_compile error: test-cgroups.c:43:23:: fatal error: libcgroup.h: No such file or directory and: configure: No package 'gstreamer-plugins-base-1.0' found Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-06gstreamer1.0-rtsp-server: Add recipe to support gst-rtsp-serverAlex J Lennon2
A Gstreamer library which provides an API to create an RTSP server (e.g. to stream RTP to VLC clients and similar). Tested, works with GStreamer 1.2.3 + videotestsrc based pipeline on RPi. Signed-off-by: Alex J Lennon <ajlennon@dynamicdevices.co.uk> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-03x264: Update SRCREV to match commit in upstream git repoKhem Raj1
It seems that 585324fee380109acd9986388f857f413a60b896 is no longer there in git and it has been rewritten to ffc3ad4945da69f3caa2b40e4eed715a9a8d9526 Change-Id: I9ffe8bd9bcef0d2dc5e6f6d3a6e4317bada8f4be Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-03lame: Add missing DEPENDS on gettext-nativeRichard Purdie1
Without this, configure will fail due to a missing AM_ICONV macro. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-03recipes: Add missing pkgconfig class inheritsRichard Purdie4
These recipes all use pkg-config in some way but were missing dependencies on the tool, this patch adds them. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-01libogg: upgrade to 1.3.2Cristian Iorga1
- Switched to BP variable. Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-05-21gst-ffmpeg: fix for Security Advisory CVE-2013-0849Yue Tao2
The roq_decode_init function in libavcodec/roqvideodec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted (1) width or (2) height dimension that is not a multiple of sixteen in id RoQ video data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0849 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2014-05-21gst-ffmpeg: fix for Security Advisory CVE-2013-0850Yue Tao2
The decode_slice_header function in libavcodec/h264.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted H.264 data, which triggers an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0850 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2014-05-21gst-ffmpeg: fix for Security Advisory CVE-2013-0856Yue Tao2
The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec (ALAC) data, related to a large nb_samples value. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0856 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2014-05-21gst-ffmpeg: fix for Security Advisory CVE-2013-0854Yue Tao2
The mjpeg_decode_scan_progressive_ac function in libavcodec/mjpegdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted MJPEG data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0854 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2014-05-21gst-ffmpeg: fix for Security Advisory CVE-2013-0851Yue Tao2
The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Electronic Arts Madcow video data, which triggers an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0851 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2014-05-21gst-ffmpeg: fix for Security Advisory CVE-2013-0858Yue Tao2
The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via ATRAC3 data with the joint stereo coding mode set and fewer than two channels. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0858 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2014-05-21gst-ffmpeg: fix for Security Advisory CVE-2013-0852Yue Tao2
The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted RLE data, which triggers an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0852 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2014-05-21gst-ffmpeg: fix for Security Advisory CVE-2013-0845Yue Tao2
libavcodec/alsdec.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via a crafted block length, which triggers an out-of-bounds write. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0845 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2014-05-21gst-ffmpeg: fix for Security Advisory CVE-2013-0868Yue Tao3
libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers to have an unspecified impact via crafted Huffyuv data, related to an out-of-bounds write and (1) unchecked return codes from the init_vlc function and (2) len==0 cases. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0868 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2014-05-21gst-ffmpeg: fix for Security Advisory CVE-2014-2099Yue Tao2
The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before 2.1.4 does not properly calculate line sizes, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Microsoft RLE video data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2099 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2014-05-21gst-ffmpeg: fix for Security Advisory CVE-2013-0865Yue Tao2
The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via a large (1) cbp0 or (2) cbpz chunk in Westwood Studios VQA Video file, which triggers an out-of-bounds write. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0865 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2014-05-21gst-ffmpeg: fix for Security Advisory CVE-2014-2263Yue Tao2
The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB) muxer (libavformat/mpegtsenc.c) in FFmpeg, possibly 2.1 and earlier, allows remote attackers to have unspecified impact and vectors, which trigger an out-of-bounds write. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2263 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2014-05-21libav: upgrade 9.x version to 9.13Paul Eggleton1
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2014-05-21libav: upgrade 0.8.x version to 0.8.11Paul Eggleton1
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2014-05-21tiff: fix for Security Advisory CVE-2013-4231Yue Tao2
Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which states that the input cannot exceed the allocated buffer size. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4231Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which states that the input cannot exceed the allocated buffer size. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4231 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2014-05-15gstreamer/lame: Better gcc 4.9 fixRichard Purdie3
gstreamer/lame does runtime detection to enable/disable things like SSE code. Unfortunately it is broken and will try and use this even with i586 compiler flags. This change forces it back to the approach with gcc 4.8 by disabling the problematic headers. Its suboptimal but less so that the proposed previous forced enabling of SSE on x86 everywhere. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-05-13gstreamer: remove unused FILESPATHPetter Mabäcker2
Fixes [YOCTO #4497] Usage of FILESPATH is discouraged, since it can make recipes harder to bbappend. Instead FILESEXTRAPATHS should be used to extend the path. However in gstreamer no FILESPATH additions are currently needed so instead it should be removed. Signed-off-by: Petter Mabäcker <petter@technux.se> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-05-13gst-openmax: fix build with GLib 2.40 onwardsRoss Burton2
GLib 2.40 adds g_ptr_array_insert, but gst-openmax is definining that as a static helper function. Rename the static function so it doesn't conflict with GLib's namespace. Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-05-11gstreamer1.0-plugins-good: add libxfixes and libxdamange to x11 dependsMartin Jansa1
* fixes following issue in test-dependencies report: gstreamer1.0-plugins-good/gstreamer1.0-plugins-good-ximagesrc/latest lost dependency on libxdamage Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-05-11gst-plugins-good: add PACKAGECONFIG for x11Martin Jansa1
* fixes following issues from test-dependencies report: gst-plugins-good/gst-plugins-good-ximagesrc/latest lost dependency on libxdamage Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-05-11gst-plugins-bad: add PACKAGECONFIG for schro, dc1394 and faacMartin Jansa1
* resolve following issues from test-dependencies issues: gst-plugins-bad/gst-plugins-bad-meta/latest lost dependency on gst-plugins-bad-dc1394 gst-plugins-bad-faac gst-plugins-bad-schro Found errors: gst-plugins-bad/gst-plugins-bad-dc1394/latest doesn't exist gst-plugins-bad/gst-plugins-bad-dc1394-dev/latest doesn't exist gst-plugins-bad/gst-plugins-bad-faac/latest doesn't exist gst-plugins-bad/gst-plugins-bad-faac-dev/latest doesn't exist gst-plugins-bad/gst-plugins-bad-schro/latest doesn't exist gst-plugins-bad/gst-plugins-bad-schro-dev/latest doesn't exist Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-30alsa-tools: Enable GTK support for X11, Wayland and DirectFBOtavio Salvador1
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-30gstreamer1.0-plugins-ugly: upgrade to 1.2.4Cristian Iorga1
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2014-04-30gstreamer1.0-plugins-bad: upgrade to 1.2.4Cristian Iorga1
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2014-04-30gstreamer1.0-plugins-good: upgrade to 1.2.4Cristian Iorga1
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2014-04-30gstreamer1.0-plugins-base: upgrade to 1.2.4Cristian Iorga1
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2014-04-30gstreamer1.0-libav: upgrade to 1.2.4Cristian Iorga1
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2014-04-30gstreamer1.0: upgrade to 1.2.4Cristian Iorga1
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2014-04-25Upstream-Status CleanupsSaul Wold1
Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-25Globally replace 'base_contains' calls with 'bb.utils.contains'Otavio Salvador14
The base_contains is kept as a compatibility method and we ought to not use it in OE-Core so we can remove it from base metadata in future. Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-24libpng: bump to 1.6.10Maxin B. John1
1. Fixes CVE-2014-0333 2. There are changes in License checksums. This is due to new contributor names being added to LICENSE and png.h file contains version of the new release.So, license remains the same. Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-23libav: Add libsdl to DEPENDS only when x11 is enabledKhem Raj1
When we have opengl in distro features but not x11 and try to build libav then it calls out to build libsdl which inturn has depependency on libglu and libglu fails to build ld: error: cannot find -lGL | collect2: error: ld returned 1 exit status | make: *** [libGLU.la] Error 1 | ERROR: oe_runmake failed since libglu wants glx enabled in mesa and glx in mesa is (righly) enabled only when x11 is in distro features. This breaks the dependency chain leading to this problem Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-04alsa-tools: Fix build without x11Otavio Salvador2
The patch had some new tool (hdajackretask) missing which were triggering build failures in O.S. Systems' builder as: ,----[ Build error in a clean tmp, without x11 ] | checking for GTK3... no | configure: error: Package requirements (gtk+-3.0) were not met: | | No package 'gtk+-3.0' found | | Consider adjusting the PKG_CONFIG_PATH environment variable if you | installed software in a non-standard prefix. | | Alternatively, you may set the environment variables GTK3_CFLAGS | and GTK3_LIBS to avoid the need to call pkg-config. | See the pkg-config man page for more details. | make: *** [all] Error 1 `---- Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-31libomxil-0.9.3: fix configure unrecognised optionMatthieu Crapet1
Drop --disable-ffmpegcomponents which is deprecated since libomxil-bellagio-0.9.1 Explicitly disable doc generation to prevent using doxygen from build machine. Components are external and are available separately here: http://sourceforge.net/projects/omxil/files/components/ Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-28libtiff: fix CVE-2013-4244Baogen Shang2
cve description: The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted GIF image. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4244 Signed-off-by: Baogen Shang <baogen.shang@windriver.com> Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-25Enable yasm in gstreamer1.0-libav by defaultCarlos Rafael Giani1
Since yasm has been moved to OE-core, there is no reason for not enabling yasm by default anymore. It improves performance of gstreamer1.0-libav considerably. Signed-off-by: Carlos Rafael Giani <dv@pseudoterminal.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-21gst-plugins-gl: removed gconf inheritanceAlexandru Palalau1
In order to remove WARN-QA message regarding --disable-schemas-install configure option. Signed-off-by: Alexandru Palalau <alexandrux.palalau@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-21pulseaudio: Upgrade 4.0 -> 5.0Khem Raj2
bluetooth-proximity has been removed in 5.0 pulseaudio now differentiates between bluez4 and bluez5 Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-21alsa-tools: fix build when x11 and gtk+ not availableSimone Agresta1
Updated patch to work with alsa-tools version 1.0.27 Signed-off-by: Simone Agresta <simone.agresta@bticino.it> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-21x264: add perlnative to inheritPaul Eggleton1
perl is run as part of the configure process, so we should ensure that it's available. Should fix [YOCTO #5768]. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-19alsa-tools: fix build when x11 and gtk+ not availableSimone Agresta1
Updated patch to work with alsa-tools version 1.0.27 Signed-off-by: Simone Agresta <simone.agresta@bticino.it> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>