aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-multimedia
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-multimedia')
-rw-r--r--meta/recipes-multimedia/alsa/alsa-topology-conf_1.2.4.bb4
-rw-r--r--meta/recipes-multimedia/alsa/alsa-ucm-conf_1.2.4.bb4
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch35
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20453.patch42
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22015.patch44
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22021.patch87
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22033-CVE-2020-22019.patch39
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2021-38114.patch67
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2021-38171.patch40
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2021-38291.patch54
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb8
-rw-r--r--meta/recipes-multimedia/libsamplerate/libsamplerate0/shared_version_info.patch13
-rw-r--r--meta/recipes-multimedia/libsamplerate/libsamplerate0_0.1.9.bb1
-rw-r--r--meta/recipes-multimedia/x264/x264_git.bb2
14 files changed, 439 insertions, 1 deletions
diff --git a/meta/recipes-multimedia/alsa/alsa-topology-conf_1.2.4.bb b/meta/recipes-multimedia/alsa/alsa-topology-conf_1.2.4.bb
index 26542fbbbcd..0d4a30a304a 100644
--- a/meta/recipes-multimedia/alsa/alsa-topology-conf_1.2.4.bb
+++ b/meta/recipes-multimedia/alsa/alsa-topology-conf_1.2.4.bb
@@ -20,3 +20,7 @@ do_install() {
PACKAGES = "${PN}"
FILES_${PN} = "*"
+
+# remove at next version upgrade or when output changes
+PR = "r1"
+HASHEQUIV_HASH_VERSION .= ".1"
diff --git a/meta/recipes-multimedia/alsa/alsa-ucm-conf_1.2.4.bb b/meta/recipes-multimedia/alsa/alsa-ucm-conf_1.2.4.bb
index 32cf41c8fd3..7787dad2681 100644
--- a/meta/recipes-multimedia/alsa/alsa-ucm-conf_1.2.4.bb
+++ b/meta/recipes-multimedia/alsa/alsa-ucm-conf_1.2.4.bb
@@ -21,3 +21,7 @@ do_install() {
PACKAGES = "${PN}"
FILES_${PN} = "*"
+
+# remove at next version upgrade or when output changes
+PR = "r1"
+HASHEQUIV_HASH_VERSION .= ".1"
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch
new file mode 100644
index 00000000000..4fe80cffa10
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch
@@ -0,0 +1,35 @@
+From 073bad2fcae5be78c11a1623a20319107dfae9f8 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Fri, 28 May 2021 20:18:25 +0200
+Subject: [PATCH 1/5] avcodec/aacpsy: Avoid floating point division by 0 of
+ norm_fac
+
+Fixes: Ticket7995
+Fixes: CVE-2020-20446
+
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+CVE: CVE-2020-20446
+Upstream-Status: Backport [223b5e8ac9f6461bb13ed365419ec485c5b2b002]
+
+Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
+---
+ libavcodec/aacpsy.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libavcodec/aacpsy.c b/libavcodec/aacpsy.c
+index fca692cb15..bd444fecdc 100644
+--- a/libavcodec/aacpsy.c
++++ b/libavcodec/aacpsy.c
+@@ -794,7 +794,7 @@ static void psy_3gpp_analyze_channel(FFPsyContext *ctx, int channel,
+
+ if (pe < 1.15f * desired_pe) {
+ /* 6.6.1.3.6 "Final threshold modification by linearization" */
+- norm_fac = 1.0f / norm_fac;
++ norm_fac = norm_fac ? 1.0f / norm_fac : 0;
+ for (w = 0; w < wi->num_windows*16; w += 16) {
+ for (g = 0; g < num_bands; g++) {
+ AacPsyBand *band = &pch->band[w+g];
+--
+2.32.0
+
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20453.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20453.patch
new file mode 100644
index 00000000000..4e430726b09
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20453.patch
@@ -0,0 +1,42 @@
+From 80f9cbee46757430af0769ec999ca702be652f7f Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Fri, 28 May 2021 21:37:26 +0200
+Subject: [PATCH 2/5] avcodec/aacenc: Avoid 0 lambda
+
+Fixes: Ticket8003
+Fixes: CVE-2020-20453
+
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+CVE: CVE-2020-20453
+Upstream-Status: Backport [a7a7f32c8ad0179a1a85d0a8cff35924e6d90be8]
+
+Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
+---
+ libavcodec/aacenc.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/libavcodec/aacenc.c b/libavcodec/aacenc.c
+index db11e0ca29..9c6cb75be4 100644
+--- a/libavcodec/aacenc.c
++++ b/libavcodec/aacenc.c
+@@ -28,6 +28,7 @@
+ * TODOs:
+ * add sane pulse detection
+ ***********************************/
++#include <float.h>
+
+ #include "libavutil/libm.h"
+ #include "libavutil/thread.h"
+@@ -856,7 +857,7 @@ static int aac_encode_frame(AVCodecContext *avctx, AVPacket *avpkt,
+ /* Not so fast though */
+ ratio = sqrtf(ratio);
+ }
+- s->lambda = FFMIN(s->lambda * ratio, 65536.f);
++ s->lambda = av_clipf(s->lambda * ratio, FLT_MIN, 65536.f);
+
+ /* Keep iterating if we must reduce and lambda is in the sky */
+ if (ratio > 0.9f && ratio < 1.1f) {
+--
+2.32.0
+
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22015.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22015.patch
new file mode 100644
index 00000000000..1fdb31de7d8
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22015.patch
@@ -0,0 +1,44 @@
+From dce5d2c2ee991f8cd96ab74d51a2d1a134a1a645 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Sat, 29 May 2021 09:22:27 +0200
+Subject: [PATCH 3/5] avformat/movenc: Check pal_size before use
+
+Fixes: assertion failure
+Fixes: out of array read
+Fixes: Ticket8190
+Fixes: CVE-2020-22015
+
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+
+CVE: CVE-2020-22015
+Upstream-Status: Backport [4c1afa292520329eecd1cc7631bc59a8cca95c46]
+
+Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
+---
+ libavformat/movenc.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/libavformat/movenc.c b/libavformat/movenc.c
+index c34d86522a..9603704083 100644
+--- a/libavformat/movenc.c
++++ b/libavformat/movenc.c
+@@ -2094,11 +2094,13 @@ static int mov_write_video_tag(AVFormatContext *s, AVIOContext *pb, MOVMuxContex
+ avio_wb16(pb, 0x18); /* Reserved */
+
+ if (track->mode == MODE_MOV && track->par->format == AV_PIX_FMT_PAL8) {
+- int pal_size = 1 << track->par->bits_per_coded_sample;
+- int i;
++ int pal_size, i;
+ avio_wb16(pb, 0); /* Color table ID */
+ avio_wb32(pb, 0); /* Color table seed */
+ avio_wb16(pb, 0x8000); /* Color table flags */
++ if (track->par->bits_per_coded_sample < 0 || track->par->bits_per_coded_sample > 8)
++ return AVERROR(EINVAL);
++ pal_size = 1 << track->par->bits_per_coded_sample;
+ avio_wb16(pb, pal_size - 1); /* Color table size (zero-relative) */
+ for (i = 0; i < pal_size; i++) {
+ uint32_t rgb = track->palette[i];
+--
+2.32.0
+
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22021.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22021.patch
new file mode 100644
index 00000000000..05cba736ff9
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22021.patch
@@ -0,0 +1,87 @@
+From 384177ca945395c8cf0ebbddd4b8b1eae64e900f Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Sat, 29 May 2021 11:17:35 +0200
+Subject: [PATCH 4/5] avfilter/vf_yadif: Fix handing of tiny images
+
+Fixes: out of array access
+Fixes: Ticket8240
+Fixes: CVE-2020-22021
+
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+CVE: CVE-2020-22021
+Upstream-Status: Backport [7971f62120a55c141ec437aa3f0bacc1c1a3526b]
+
+Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
+---
+ libavfilter/vf_yadif.c | 32 ++++++++++++++++++--------------
+ 1 file changed, 18 insertions(+), 14 deletions(-)
+
+diff --git a/libavfilter/vf_yadif.c b/libavfilter/vf_yadif.c
+index 43dea67add..06fd24ecfa 100644
+--- a/libavfilter/vf_yadif.c
++++ b/libavfilter/vf_yadif.c
+@@ -123,20 +123,22 @@ static void filter_edges(void *dst1, void *prev1, void *cur1, void *next1,
+ uint8_t *next2 = parity ? cur : next;
+
+ const int edge = MAX_ALIGN - 1;
++ int offset = FFMAX(w - edge, 3);
+
+ /* Only edge pixels need to be processed here. A constant value of false
+ * for is_not_edge should let the compiler ignore the whole branch. */
+- FILTER(0, 3, 0)
++ FILTER(0, FFMIN(3, w), 0)
+
+- dst = (uint8_t*)dst1 + w - edge;
+- prev = (uint8_t*)prev1 + w - edge;
+- cur = (uint8_t*)cur1 + w - edge;
+- next = (uint8_t*)next1 + w - edge;
++ dst = (uint8_t*)dst1 + offset;
++ prev = (uint8_t*)prev1 + offset;
++ cur = (uint8_t*)cur1 + offset;
++ next = (uint8_t*)next1 + offset;
+ prev2 = (uint8_t*)(parity ? prev : cur);
+ next2 = (uint8_t*)(parity ? cur : next);
+
+- FILTER(w - edge, w - 3, 1)
+- FILTER(w - 3, w, 0)
++ FILTER(offset, w - 3, 1)
++ offset = FFMAX(offset, w - 3);
++ FILTER(offset, w, 0)
+ }
+
+
+@@ -170,21 +172,23 @@ static void filter_edges_16bit(void *dst1, void *prev1, void *cur1, void *next1,
+ uint16_t *next2 = parity ? cur : next;
+
+ const int edge = MAX_ALIGN / 2 - 1;
++ int offset = FFMAX(w - edge, 3);
+
+ mrefs /= 2;
+ prefs /= 2;
+
+- FILTER(0, 3, 0)
++ FILTER(0, FFMIN(3, w), 0)
+
+- dst = (uint16_t*)dst1 + w - edge;
+- prev = (uint16_t*)prev1 + w - edge;
+- cur = (uint16_t*)cur1 + w - edge;
+- next = (uint16_t*)next1 + w - edge;
++ dst = (uint16_t*)dst1 + offset;
++ prev = (uint16_t*)prev1 + offset;
++ cur = (uint16_t*)cur1 + offset;
++ next = (uint16_t*)next1 + offset;
+ prev2 = (uint16_t*)(parity ? prev : cur);
+ next2 = (uint16_t*)(parity ? cur : next);
+
+- FILTER(w - edge, w - 3, 1)
+- FILTER(w - 3, w, 0)
++ FILTER(offset, w - 3, 1)
++ offset = FFMAX(offset, w - 3);
++ FILTER(offset, w, 0)
+ }
+
+ static int filter_slice(AVFilterContext *ctx, void *arg, int jobnr, int nb_jobs)
+--
+2.32.0
+
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22033-CVE-2020-22019.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22033-CVE-2020-22019.patch
new file mode 100644
index 00000000000..e98ddaaede7
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-22033-CVE-2020-22019.patch
@@ -0,0 +1,39 @@
+From 2f3bf456fa641edf154a99c4586d7bf52c02a495 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Sat, 29 May 2021 09:58:31 +0200
+Subject: [PATCH 5/5] avfilter/vf_vmafmotion: Check dimensions
+
+Fixes: out of array access
+Fixes: Ticket8241
+Fixes: Ticket8246
+Fixes: CVE-2020-22019
+Fixes: CVE-2020-22033
+
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+CVE: CVE-2020-22033
+CVE: CVE-2020-22019
+Upstream-Status: Backport [82ad1b76751bcfad5005440db48c46a4de5d6f02]
+
+Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
+---
+ libavfilter/vf_vmafmotion.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/libavfilter/vf_vmafmotion.c b/libavfilter/vf_vmafmotion.c
+index 88d0b35095..0730147e7d 100644
+--- a/libavfilter/vf_vmafmotion.c
++++ b/libavfilter/vf_vmafmotion.c
+@@ -238,6 +238,9 @@ int ff_vmafmotion_init(VMAFMotionData *s,
+ int i;
+ const AVPixFmtDescriptor *desc = av_pix_fmt_desc_get(fmt);
+
++ if (w < 3 || h < 3)
++ return AVERROR(EINVAL);
++
+ s->width = w;
+ s->height = h;
+ s->stride = FFALIGN(w * sizeof(uint16_t), 32);
+--
+2.32.0
+
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2021-38114.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2021-38114.patch
new file mode 100644
index 00000000000..3de7cf7e0f3
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2021-38114.patch
@@ -0,0 +1,67 @@
+CVE: CVE-2021-38114
+Upstream-Status: Backport
+Signed-off-by: Kiran Surendran <kiran.surendran@windriver.com>
+
+From 662aef4aacf23b4be4c1cfaebd837e225b357e51 Mon Sep 17 00:00:00 2001
+From: maryam ebr <me22bee@outlook.com>
+Date: Tue, 3 Aug 2021 01:05:47 -0400
+Subject: [PATCH] avcodec/dnxhddec: check and propagate function return value
+
+Similar to CVE-2013-0868, here return value check for 'init_vlc' is needed.
+crafted DNxHD data can cause unspecified impact.
+
+Reviewed-by: Paul B Mahol <onemda@gmail.com>
+Signed-off-by: James Almer <jamrial@gmail.com>
+---
+ libavcodec/dnxhddec.c | 22 +++++++++++++++-------
+ 1 file changed, 15 insertions(+), 7 deletions(-)
+
+diff --git a/libavcodec/dnxhddec.c b/libavcodec/dnxhddec.c
+index e5d01e2e71..54f894f81b 100644
+--- a/libavcodec/dnxhddec.c
++++ b/libavcodec/dnxhddec.c
+@@ -110,6 +110,7 @@ static av_cold int dnxhd_decode_init(AVCodecContext *avctx)
+
+ static int dnxhd_init_vlc(DNXHDContext *ctx, uint32_t cid, int bitdepth)
+ {
++ int ret;
+ if (cid != ctx->cid) {
+ int index;
+
+@@ -129,19 +130,26 @@ static int dnxhd_init_vlc(DNXHDContext *ctx, uint32_t cid, int bitdepth)
+ ff_free_vlc(&ctx->dc_vlc);
+ ff_free_vlc(&ctx->run_vlc);
+
+- init_vlc(&ctx->ac_vlc, DNXHD_VLC_BITS, 257,
++ if ((ret = init_vlc(&ctx->ac_vlc, DNXHD_VLC_BITS, 257,
+ ctx->cid_table->ac_bits, 1, 1,
+- ctx->cid_table->ac_codes, 2, 2, 0);
+- init_vlc(&ctx->dc_vlc, DNXHD_DC_VLC_BITS, bitdepth > 8 ? 14 : 12,
++ ctx->cid_table->ac_codes, 2, 2, 0)) < 0)
++ goto out;
++ if ((ret = init_vlc(&ctx->dc_vlc, DNXHD_DC_VLC_BITS, bitdepth > 8 ? 14 : 12,
+ ctx->cid_table->dc_bits, 1, 1,
+- ctx->cid_table->dc_codes, 1, 1, 0);
+- init_vlc(&ctx->run_vlc, DNXHD_VLC_BITS, 62,
++ ctx->cid_table->dc_codes, 1, 1, 0)) < 0)
++ goto out;
++ if ((ret = init_vlc(&ctx->run_vlc, DNXHD_VLC_BITS, 62,
+ ctx->cid_table->run_bits, 1, 1,
+- ctx->cid_table->run_codes, 2, 2, 0);
++ ctx->cid_table->run_codes, 2, 2, 0)) < 0)
++ goto out;
+
+ ctx->cid = cid;
+ }
+- return 0;
++ ret = 0;
++out:
++ if (ret < 0)
++ av_log(ctx->avctx, AV_LOG_ERROR, "init_vlc failed\n");
++ return ret;
+ }
+
+ static int dnxhd_get_profile(int cid)
+--
+2.31.1
+
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2021-38171.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2021-38171.patch
new file mode 100644
index 00000000000..8775acd8c51
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2021-38171.patch
@@ -0,0 +1,40 @@
+CVE: CVE-2021-38171
+Upstream-Status: Backport
+Signed-off-by: Kiran Surendran <kiran.surendran@windriver.com>
+
+From d5373a9efb10c1fa87698ee41370fb04dc2e410b Mon Sep 17 00:00:00 2001
+From: maryam ebrahimzadeh <me22bee@outlook.com>
+Date: Wed, 4 Aug 2021 16:15:18 -0400
+Subject: [PATCH] avformat/adtsenc: return value check for init_get_bits in
+ adts_decode_extradata
+
+As the second argument for init_get_bits (buf) can be crafted, a return value check for this function call is necessary.
+'buf' is part of 'AVPacket pkt'.
+replace init_get_bits with init_get_bits8.
+
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+ libavformat/adtsenc.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/libavformat/adtsenc.c b/libavformat/adtsenc.c
+index d937e2bea9..a1593515e1 100644
+--- a/libavformat/adtsenc.c
++++ b/libavformat/adtsenc.c
+@@ -50,9 +50,11 @@ static int adts_decode_extradata(AVFormatContext *s, ADTSContext *adts, const ui
+ GetBitContext gb;
+ PutBitContext pb;
+ MPEG4AudioConfig m4ac;
+- int off;
++ int off, ret;
+
+- init_get_bits(&gb, buf, size * 8);
++ ret = init_get_bits8(&gb, buf, size);
++ if (ret < 0)
++ return ret;
+ off = avpriv_mpeg4audio_get_config2(&m4ac, buf, size, 1, s);
+ if (off < 0)
+ return off;
+--
+2.31.1
+
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2021-38291.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2021-38291.patch
new file mode 100644
index 00000000000..ef1c7602867
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2021-38291.patch
@@ -0,0 +1,54 @@
+CVE: CVE-2021-38291
+Upstream-Status: Backport
+Signed-off-by: Kiran Surendran <kiran.surendran@windriver.com>
+
+From e908bdb157fa493be2b50e2a11055d19c5254a15 Mon Sep 17 00:00:00 2001
+From: James Almer <jamrial@gmail.com>
+Date: Wed, 21 Jul 2021 01:02:44 -0300
+Subject: [PATCH] avcodec/utils: don't return negative values in
+ av_get_audio_frame_duration()
+
+In some extrme cases, like with adpcm_ms samples with an extremely high channel
+count, get_audio_frame_duration() may return a negative frame duration value.
+Don't propagate it, and instead return 0, signaling that a duration could not
+be determined.
+
+Fixes ticket #9312
+
+Signed-off-by: James Almer <jamrial@gmail.com>
+---
+ libavcodec/utils.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/libavcodec/utils.c b/libavcodec/utils.c
+index 81e34254e8..5fdb10fe09 100644
+--- a/libavcodec/utils.c
++++ b/libavcodec/utils.c
+@@ -1776,20 +1776,22 @@ static int get_audio_frame_duration(enum AVCodecID id, int sr, int ch, int ba,
+
+ int av_get_audio_frame_duration(AVCodecContext *avctx, int frame_bytes)
+ {
+- return get_audio_frame_duration(avctx->codec_id, avctx->sample_rate,
++ int duration = get_audio_frame_duration(avctx->codec_id, avctx->sample_rate,
+ avctx->channels, avctx->block_align,
+ avctx->codec_tag, avctx->bits_per_coded_sample,
+ avctx->bit_rate, avctx->extradata, avctx->frame_size,
+ frame_bytes);
++ return FFMAX(0, duration);
+ }
+
+ int av_get_audio_frame_duration2(AVCodecParameters *par, int frame_bytes)
+ {
+- return get_audio_frame_duration(par->codec_id, par->sample_rate,
++ int duration = get_audio_frame_duration(par->codec_id, par->sample_rate,
+ par->channels, par->block_align,
+ par->codec_tag, par->bits_per_coded_sample,
+ par->bit_rate, par->extradata, par->frame_size,
+ frame_bytes);
++ return FFMAX(0, duration);
+ }
+
+ #if !HAVE_THREADS
+--
+2.25.1
+
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
index 08be38ca507..2df8fc45cf3 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
@@ -26,6 +26,14 @@ LIC_FILES_CHKSUM = "file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
file://mips64_cpu_detection.patch \
file://0001-libavutil-include-assembly-with-full-path-from-sourc.patch \
+ file://fix-CVE-2020-20446.patch \
+ file://fix-CVE-2020-20453.patch \
+ file://fix-CVE-2020-22015.patch \
+ file://fix-CVE-2020-22021.patch \
+ file://fix-CVE-2020-22033-CVE-2020-22019.patch \
+ file://fix-CVE-2021-38291.patch \
+ file://fix-CVE-2021-38171.patch \
+ file://fix-CVE-2021-38114.patch \
"
SRC_URI[sha256sum] = "46e4e64f1dd0233cbc0934b9f1c0da676008cad34725113fb7f802cfa84ccddb"
diff --git a/meta/recipes-multimedia/libsamplerate/libsamplerate0/shared_version_info.patch b/meta/recipes-multimedia/libsamplerate/libsamplerate0/shared_version_info.patch
new file mode 100644
index 00000000000..b42d564b4b1
--- /dev/null
+++ b/meta/recipes-multimedia/libsamplerate/libsamplerate0/shared_version_info.patch
@@ -0,0 +1,13 @@
+Index: libsamplerate-0.1.8/configure.ac
+===================================================================
+--- libsamplerate-0.1.8.orig/configure.ac
++++ libsamplerate-0.1.8/configure.ac
+@@ -53,7 +53,7 @@ AC_PROG_LN_S
+ # 6. If any interfaces have been removed since the last public release, then set age
+ # to 0.
+
+-SHARED_VERSION_INFO="1:8:1"
++SHARED_VERSION_INFO="1:9:1"
+
+
+
diff --git a/meta/recipes-multimedia/libsamplerate/libsamplerate0_0.1.9.bb b/meta/recipes-multimedia/libsamplerate/libsamplerate0_0.1.9.bb
index 6dfc42b436e..8345d6880fa 100644
--- a/meta/recipes-multimedia/libsamplerate/libsamplerate0_0.1.9.bb
+++ b/meta/recipes-multimedia/libsamplerate/libsamplerate0_0.1.9.bb
@@ -10,6 +10,7 @@ PR = "r1"
SRC_URI = "http://www.mega-nerd.com/SRC/libsamplerate-${PV}.tar.gz \
file://0001-configure.ac-improve-alsa-handling.patch \
+ file://shared_version_info.patch \
"
SRC_URI[md5sum] = "2b78ae9fe63b36b9fbb6267fad93f259"
diff --git a/meta/recipes-multimedia/x264/x264_git.bb b/meta/recipes-multimedia/x264/x264_git.bb
index f95fb0c41e6..448d632145b 100644
--- a/meta/recipes-multimedia/x264/x264_git.bb
+++ b/meta/recipes-multimedia/x264/x264_git.bb
@@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f"
DEPENDS = "nasm-native"
-SRC_URI = "git://github.com/mirror/x264;branch=stable \
+SRC_URI = "git://github.com/mirror/x264;branch=stable;protocol=https \
file://don-t-default-to-cortex-a9-with-neon.patch \
file://Fix-X32-build-by-disabling-asm.patch \
"