summaryrefslogtreecommitdiffstats
path: root/meta/recipes-multimedia/libsndfile
Commit message (Collapse)AuthorAgeFilesLines
* recipes-multimedia: Add missing HOMEPAGE and DESCRIPTION for recipes.Meh Mbeh Ida Delphine2021-03-021-0/+3
| | | | | | | Fixes: [YOCTO #13471] Signed-off-by: Ida Delphine <idadelm@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsndfile1: mutlilibize sndfile.hJeremy A. Puhlman2020-02-151-1/+5
| | | | | | | sndfile.h can differ depending on the combined architectures. Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsndfile1: whitelist CVE-2018-13419Ross Burton2019-11-051-0/+4
| | | | | | | | This is a memory leak that nobody else can replicate and has been rejected by upstream. Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsndfile1: remove redundant autoconf seedingRoss Burton2019-07-101-6/+0
| | | | | | | | | | | | Twelve years ago libsndfile was badly detecting large file handling and generating bad code[1]. The detection code in libsndfile has had many fixes since then and this isn't needed anymore (verified by comparing config.h when built for qemuarm). [1] https://git.openembedded.org/openembedded/commit/?id=875cfc6f23ae68c6215bf32eb01a486f0387cb92 Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsndfile1: disable use of sqlite3 by defaultRoss Burton2019-07-101-1/+2
| | | | | | | | | sqlite3 is only used by the regression testing tool, which is of limited use unless you're the developer of libsndfile. Add a PACKAGECONFIG for this, but disable by default. Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsndfile1: fix CVE-2019-3832Ross Burton2019-03-252-0/+38
| | | | | | | | The previous fix for CVE-2018-19758 wasn't complete, so backport another patch to solve it properly. Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsndfile1: update security patchesRoss Burton2019-03-056-142/+160
| | | | | | | | | | | | | | | Remove CVE-2017-14245-14246.patch, fix rejected upstream as it doesn't solve the underlying issue. Instead 0001-a-ulaw-fix-multiple-buffer-overflows-432 also solves CVE-2017-14245 and CVE-2017-14246 properly. Add patches for CVE-2017-12562 and CVE-2018-19758. Refresh CVE-2018-13139.patch. Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsndfile1: Security fix CVE-2018-19432Changqing Li2019-02-252-0/+116
| | | | | | Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsndfile1: Security fix CVE-2017-17456/17457 CVE-2018-19661/19662Changqing Li2019-01-072-0/+102
| | | | | | | | fix 4 CVEs, which is backport from https://github.com/erikd/libsndfile/commit/585cc28a93be27d6938f276af0011401b9f7c0ca Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsndfile1: CVE-2018-13139Changqing Li2018-10-102-0/+36
| | | | | | | | | A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28. Fixed in https://github.com/erikd/libsndfile/issues/397 Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsndfile1: CVE-2017-14634Jagadeesh Krishnanjanappa2018-08-232-0/+43
| | | | | | | | | | | | | | | | | | | | | | double64_init: Check psf->sf.channels against upper bound This prevents division by zero later in the code. While the trivial case to catch this (i.e. sf.channels < 1) has already been covered, a crafted file may report a number of channels that is so high (i.e. > INT_MAX/sizeof(double)) that it "somehow" gets miscalculated to zero (if this makes sense) in the determination of the blockwidth. Since we only support a limited number of channels anyway, make sure to check here as well. CVE-2017-14634 Closes: #318 Affects libsndfile1 = 1.0.28 Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsndfile1: CVE-2017-14245 CVE-2017-14246Jagadeesh Krishnanjanappa2018-08-232-0/+122
| | | | | | | | | | | | | | | | | sfe_copy_data_fp: check value of "max" variable for being normal and check elements of the data[] array for being finite. Both checks use functions provided by the <math.h> header as declared by the C99 standard. Fixes #317 CVE-2017-14245 CVE-2017-14246 Affects libsndfile1 = 1.0.28 Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsndfile1: Fix CVE-2017-8363Jackie Huang2017-08-182-0/+38
| | | | | | | | | | | | | | Backport the patch to fix CVE-2017-8363: The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file. Reference: https://nvd.nist.gov/vuln/detail/CVE-2017-8363 Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsndfile1: Fix CVE-2017-8362Jackie Huang2017-08-182-0/+60
| | | | | | | | | | | | | | Backport the patch to fix CVE-2017-8362: The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted audio file. Reference: https://nvd.nist.gov/vuln/detail/CVE-2017-8362 Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsndfile1: Fix CVE-2017-8361 and CVE-2017-8365Jackie Huang2017-08-182-0/+74
| | | | | | | | | | | | | | | | | | | | | | Backport the patch to fix two CVEs: CVE-2017-8361: The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file. CVE-2017-8365: The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file. Reference: https://nvd.nist.gov/vuln/detail/CVE-2017-8361 https://nvd.nist.gov/vuln/detail/CVE-2017-8365 Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsndfile1_1.0.28.bb: set CVE_PRODUCT to libsndfileMikko Rapeli2017-07-241-0/+2
| | | | | | | | | It is used in NVD to CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2017-6892 Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libsndfile1: Fix CVE-2017-6892Fan Xin2017-06-282-1/+37
| | | | | | | | | Backport upstream patch to fix CVE-2017-6892. CVE: CVE-2017-6892 Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libsndfile1: 1.0.27 -> 1.0.28Huang Qiyu2017-05-231-2/+2
| | | | | | | Upgrade libsndfile1 from 1.0.27 to 1.0.28. Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* recipes: Make use of the new bb.utils.filter() functionPeter Kjellerstedt2017-03-011-1/+1
| | | | | Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsndfile1: 1.0.26 -> 1.0.27Tanu Kaskinen2016-07-251-2/+2
| | | | | Signed-off-by: Tanu Kaskinen <tanuk@iki.fi> Signed-off-by: Ross Burton <ross.burton@intel.com>
* meta: remove redundant ac_cv_sizeof_off_t assignmentsRoss Burton2016-04-111-1/+0
| | | | | | | | | | | | ac_cv_sizeof_off_t was previously in the site cache files, which was breaking large file support and required a workaround in each recipe that actually wanted to use large files. Now that the entry has been removed from the site cache, we can remove the workarounds. Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsndfile1: enable FLAC/Ogg/Vorbis supportTanu Kaskinen2015-12-271-3/+1
| | | | | | | | | | | | | | | | This makes it possible to handle FLAC and Vorbis files in programs that use libsndfile. It seems that the external dependencies were disabled just as a routine measure to make builds deterministic, since the dependencies were missing from DEPENDS[1]. Therefore it seems likely that nobody particularly wants to have libsndfile without support for these formats. [1] http://git.openembedded.org/openembedded-core/commit/?id=34a14ce3ea78be299175e1a803f92519aa02355b Signed-off-by: Tanu Kaskinen <tanuk@iki.fi> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libsndfile1: 1.0.25 -> 1.0.26Tanu Kaskinen2015-12-164-292/+3
| | | | | | | | | | | | | | | | | | Main points from the release announcement: * Fix for CVE-2014-9496, SD2 buffer read overflow. * Fix for CVE-2014-9756, file_io.c divide by zero. * Fix for CVE-2015-7805, AIFF heap write overflow. * Add support for ALAC encoder in a CAF container. * Add support for Cart chunks in WAV files. * Minor bug fixes and improvements. All patches we had are included in the new release. Dropped PR from the recipe. Signed-off-by: Tanu Kaskinen <tanuk@iki.fi> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libsndfile: fix CVE-2014-9756Maxin B. John2015-11-252-0/+25
| | | | | | | Fix divide by zero bug (CVE-2014-9756) Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libsndfile: Security Advisory - libsndfile - CVE-2014-9496Yue Tao2015-06-083-1/+264
| | | | | | | | Backport two commits from libsndfile upstream to fix a segfault and two potential buffer overflows. Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* Globally replace 'base_contains' calls with 'bb.utils.contains'Otavio Salvador2014-04-251-1/+1
| | | | | | | | | The base_contains is kept as a compatibility method and we ought to not use it in OE-Core so we can remove it from base metadata in future. Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: bump PRsMartin Jansa2014-03-051-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * resolves following warnings: WARNING: Use of PRINC 17 was detected in the recipe meta-openembedded/meta-systemd/recipes-core/systemd/systemd-machine-units_1.0.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe meta-openembedded/meta-gpe/recipes-support/fbreader/fbreader_0.12.10.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe meta-openembedded/meta-gpe/recipes-support/fbreader/fbreader_git.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe meta-openembedded/meta-multimedia/recipes-multimedia/sox/sox_14.4.0.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe meta-openembedded/meta-oe/recipes-multimedia/mplayer/mplayer-common.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe meta-smartphone/meta-android/recipes-bsp/chroot-script/chroot-script_1.0.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-connectivity/avahi/avahi-ui_0.6.31.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-connectivity/bind/bind_9.8.1.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-core/systemd/systemd-serialgetty.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-extended/screen/screen_4.0.3.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-extended/shadow/shadow-securetty_4.1.4.3.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-extended/shadow/shadow_4.1.4.3.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-graphics/libsdl/libsdl_1.2.15.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-graphics/packagegroups/packagegroup-core-x11-xserver.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-kernel/modutils-initscripts/modutils-initscripts.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-support/libcap/libcap_2.22.bb (or one of its .bbappends) WARNING: Use of PRINC 11 was detected in the recipe openembedded-core/meta/recipes-bsp/keymaps/keymaps_1.0.bb (or one of its .bbappends) WARNING: Use of PRINC 11 was detected in the recipe openembedded-core/meta/recipes-core/systemd/systemd-compat-units.bb (or one of its .bbappends) WARNING: Use of PRINC 12 was detected in the recipe openembedded-core/meta/recipes-core/initscripts/initscripts_1.0.bb (or one of its .bbappends) WARNING: Use of PRINC 13 was detected in the recipe openembedded-core/meta/recipes-core/base-files/base-files_3.0.14.bb (or one of its .bbappends) WARNING: Use of PRINC 2 was detected in the recipe meta-openembedded/meta-oe/recipes-navigation/navit/navit_svn.bb (or one of its .bbappends) WARNING: Use of PRINC 2 was detected in the recipe meta-openembedded/meta-oe/recipes-support/lvm2/lvm2_2.02.97.bb (or one of its .bbappends) WARNING: Use of PRINC 2 was detected in the recipe openembedded-core/meta/recipes-connectivity/portmap/portmap_6.0.bb (or one of its .bbappends) WARNING: Use of PRINC 2 was detected in the recipe openembedded-core/meta/recipes-extended/pam/libpam_1.1.6.bb (or one of its .bbappends) WARNING: Use of PRINC 2 was detected in the recipe openembedded-core/meta/recipes-graphics/packagegroups/packagegroup-core-x11.bb (or one of its .bbappends) WARNING: Use of PRINC 3 was detected in the recipe meta-openembedded/meta-efl/recipes-efl/efl/entrance_svn.bb (or one of its .bbappends) WARNING: Use of PRINC 3 was detected in the recipe meta-openembedded/meta-oe/recipes-multimedia/mplayer/mplayer2_git.bb (or one of its .bbappends) WARNING: Use of PRINC 3 was detected in the recipe openembedded-core/meta/recipes-bsp/formfactor/formfactor_0.0.bb (or one of its .bbappends) WARNING: Use of PRINC 3 was detected in the recipe openembedded-core/meta/recipes-connectivity/avahi/avahi_0.6.31.bb (or one of its .bbappends) WARNING: Use of PRINC 3 was detected in the recipe openembedded-core/meta/recipes-connectivity/dhcp/dhcp_4.2.5-P1.bb (or one of its .bbappends) WARNING: Use of PRINC 3 was detected in the recipe openembedded-core/meta/recipes-core/init-ifupdown/init-ifupdown_1.0.bb (or one of its .bbappends) WARNING: Use of PRINC 3 was detected in the recipe openembedded-core/meta/recipes-graphics/xinput-calibrator/pointercal-xinput_0.0.bb (or one of its .bbappends) WARNING: Use of PRINC 5 was detected in the recipe meta-openembedded/meta-oe/recipes-core/meta/distro-feed-configs.bb (or one of its .bbappends) WARNING: Use of PRINC 5 was detected in the recipe openembedded-core/meta/recipes-connectivity/bluez/bluez4_4.101.bb (or one of its .bbappends) WARNING: Use of PRINC 6 was detected in the recipe openembedded-core/meta/recipes-core/packagegroups/packagegroup-base.bb (or one of its .bbappends) WARNING: Use of PRINC 6 was detected in the recipe openembedded-core/meta/recipes-core/packagegroups/packagegroup-core-boot.bb (or one of its .bbappends) WARNING: Use of PRINC 6 was detected in the recipe openembedded-core/meta/recipes-graphics/xorg-xserver/xserver-xf86-config_0.1.bb (or one of its .bbappends) WARNING: Use of PRINC 7 was detected in the recipe meta-openembedded/meta-oe/recipes-navigation/gpsd/gpsd_3.7.bb (or one of its .bbappends) WARNING: Use of PRINC 7 was detected in the recipe openembedded-core/meta/recipes-core/udev/udev-extraconf_1.0.bb (or one of its .bbappends) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Replace one-line DESCRIPTION with SUMMARYPaul Eggleton2014-01-021-1/+1
| | | | | | | | | | | A lot of our recipes had short one-line DESCRIPTION values and no SUMMARY value set. In this case it's much better to just set SUMMARY since DESCRIPTION is defaulted from SUMMARY anyway and then the SUMMARY is at least useful. I also took the opportunity to fix up a lot of the new SUMMARY values, making them concisely explain the function of the recipe / package where possible. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
* libsndfile1: use PACKAGECONFIG for alsa distro featureChristopher Larson2012-05-031-1/+4
| | | | Signed-off-by: Christopher Larson <kergoth@gmail.com>
* libsndfile1: upgrade to version 1.0.25Dongxiao Xu2011-10-311-3/+3
| | | | Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
* libsndfile1: Disable external codec librbaries since we don't list in DEPENDSRichard Purdie2011-09-251-1/+3
| | | | Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsndfile1: upgrade to version 1.0.24Dongxiao Xu2011-04-283-46/+2
| | | | Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
* SRC_URI Checksums AdditionalsSaul Wold2010-12-091-0/+3
| | | | Signed-off-by: Saul Wold <sgw@linux.intel.com>
* libsndfile: remove patches that are no longer required by upstreamSaul Wold2010-11-221-3/+1
| | | | Signed-off-by: Saul Wold <sgw@linux.intel.com>
* libsndfile: Upgrade to 1.0.23Saul Wold2010-11-183-0/+68
Renamed and moved to recipes-multimedia Signed-off-by: Saul Wold <Saul.Wold@intel.com>