| Age | Commit message (Collapse) | Author |
|---|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6398ae1d40c86a3b848ac79a1dce25520bd088c6)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
The field_end function in libavcodec/h264.c in FFmpeg before 1.1.2
allows remote attackers to have an unspecified impact via crafted H.264
data, related to an SPS and slice mismatch and an out-of-bounds array
access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0869
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 464123172c92d92fa08e2125c04653590ad654c7)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
libavcodec/h264.c in FFmpeg before 0.11.4 allows remote attackers to
cause a denial of service (crash) via vectors related to alternating bit
depths in H.264 data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4358
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 6a029bee3da097b9ed8c421fcd5ea61cd1a31b34)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
libssh2 is automatically linked to if present, this undetermined
dependency may cause build errors like:
.../x86_64-poky-linux/4.9.0/ld: cannot find -lssh2
libssh2 isn't an oe-core recipe, disable it for now.
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
(cherry picked from commit 0cc59247ece1ea134d060d3ff064b5561972a92b)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
RTMP feature depends on rtmpdump.
Signed-off-by: Marie Kowalczyk <marie.kowalczyk@vodalys.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 8d3dc353c8857d27957c9db4ced8b2009f2e9b2a)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Bugfix release.
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 04e53e971451b023ac1c57086603a9a7fbba838c)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Bugfix release.
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4bc977e532b67311a6ba4da78397badc0e4c4ac5)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Bugfix release.
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8fbdb1d64dd469624004cc82660a25b98f44dee0)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Bugfix release.
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1f70d23430e803e9e8950e5bd825df972194feb4)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Bugfix release.
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ba03f8ddc2fc6d6f85628d6d4a87d465c83c9fde)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Bugfix release.
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7f58488e1ed175136da49109ead3d3eaaf988aeb)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
bugfix release.
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7640444d1b947ae3d7b9b43f70bdb9798a38c5ae)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
libjpeg is automatically linked to if present. This cannot be turned off.
Adding DEPENDS on jpeg ensures that a proper dependency is established.
Signed-off-by: Carlos Rafael Giani <dv@pseudoterminal.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4c13eced019eac49f047a620994c1b56af5d4951)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
* Replace --disable/enable-gl with the individual EGL, GLES, GL switches
(--disable-gl turns off GL support entirely)
* Put the default opengl packageconfig into its own variable to make it
easier for distros and BSP layers to define what to use (GL, GLES,
or neither)
* Add libglu as a dependency for desktop GL
* Patch configure.ac to ensure libraries are only searched and linked to
if the corresponding API isn't disabled (this prevents cases where
libgstgl is linked to GLU even though desktop GL is dis- and GLES
enabled)
Signed-off-by: Carlos Rafael Giani <dv@pseudoterminal.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7bf062f2e2b92c2401fa2386b6281aae023b21a8)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
libpng is automatically linked to if present. This cannot be turned off.
Adding DEPENDS on libpng ensures that a proper dependency is established.
Signed-off-by: Carlos Rafael Giani <dv@pseudoterminal.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 413d5665cedd740125862e5eec5ca1f3b38b8363)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
gst-omx links to libgstgl if it is present, and libgstgl is built by
gstreamer1.0-plugins-bad. Adding it as a DEPENDS ensures a proper
dependency is established.
Signed-off-by: Carlos Rafael Giani <dv@pseudoterminal.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a9790695e207ef989a691d97658d63b022144c7c)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Carlos Rafael Giani <dv@pseudoterminal.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fbd886eff693135bcd9fbe62cfd37f255798ca78)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
* apply the patch only when PACKAGECONFIG is selected, because the changes
aren't backwards compatible
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7324d7deb18b81943100bc35301b0c4aa22dc404)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 466268fc86c3a08fab0ba45243c32bfaad613a96)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
This solves these floating dependencies:
WARNING: QA Issue: gstreamer1.0-plugins-good-video4linux2 rdepends on
libudev, but it isn't a build dependency? [build-deps]
WARNING: QA Issue: gstreamer1.0-plugins-good-video4linux2 rdepends on
libgudev-1.0, but it isn't a build dependency? [build-deps]
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b23a9c94e574fec0f0dcda498c1f5a0592114055)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org> (merge fixes)
|
|
set dafault value for MPEG4 without codec data in caps
https://bugzilla.gnome.org/show_bug.cgi?id=734263
Signed-off-by: Wang Zidan <b50113@freescale.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
(cherry picked from commit fe4dc1d30eea723361a0f88109717d8a70b2b17d)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
This also corrects an erroneous overwriting of the dependencies
from the inc file.
Signed-off-by: Drew Moseley <drew_moseley@mentor.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d98e43a332f708b6db75109b90dcc6f562685f7a)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Carlos Rafael Giani <dv@pseudoterminal.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
(cherry picked from commit 8b55dd80a54e9a8e10e9e689ad40fac8d0130ba7)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
* Backported patch removed, since it is already included in this release
Signed-off-by: Carlos Rafael Giani <dv@pseudoterminal.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
(cherry picked from commit e9bc4272c7415db278046d2dd9ac2df33f9b7122)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Carlos Rafael Giani <dv@pseudoterminal.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
(cherry picked from commit 095b6fdcffacfe0770ae191fde0995331969da4b)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
* eglglessink was replaced by glimagesink
* sndfile plugin has been ported to 1.0
* webp support added since libwep recipe has been added to meta-multimedia
* mfc was replaced by v4l2videodec, which does not need special flags
* cdaudio was removed
* directshow plugin was replaced by winks
Signed-off-by: Carlos Rafael Giani <dv@pseudoterminal.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
(cherry picked from commit e2fb717c0a081534252c5026401e3fee8328c502)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org> (merge fixes)
|
|
* xvideo options removed, since the V4L2 XV support never became upstream
and is pretty much dead now
Signed-off-by: Carlos Rafael Giani <dv@pseudoterminal.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
(cherry picked from commit 2ac6e260f94c7ecfc5ed00798e8431632ae6245c)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Carlos Rafael Giani <dv@pseudoterminal.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
(cherry picked from commit 831086316671a123606f3a3feef6332950f915e9)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
* Backported patch removed, since it is already included in this release
Signed-off-by: Carlos Rafael Giani <dv@pseudoterminal.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
(cherry picked from commit 3cd159ab21a0d56c9c16c8fbd534fd5db63c6819)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e1ac22b340a66e3da53182faf0d624db9ccbdee1)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Security Advisory - ffmpeg - CVE-2013-0866
The aac_decode_init function in libavcodec/aacdec.c in FFmpeg before
1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an
unspecified impact via a large number of channels in an AAC file, which
triggers an out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0866
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0875
The ff_add_png_paeth_prediction function in libavcodec/pngdec.c in
FFmpeg before 1.1.3 allows remote attackers to have an unspecified
impact via a crafted PNG image, related to an out-of-bounds array
access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0875
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0860
The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg
before 1.0.4 and 1.1.x before 1.1.1 does not properly verify that a
frame is fully initialized, which allows remote attackers to trigger a
NULL pointer dereference via crafted picture data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0860
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3934
Double free vulnerability in the vp3_update_thread_context function in
libavcodec/vp3.c in FFmpeg before 0.10 allows remote attackers to have
an unspecified impact via crafted vp3 data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3934
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3946
The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg
before 0.10 allows remote attackers to have an unspecified impact via
crafted Supplemental enhancement information (SEI) data, which triggers
an infinite loop.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3946
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7023
The ff_combine_frame function in libavcodec/parser.c in FFmpeg before
2.1 does not properly handle certain memory-allocation errors, which
allows remote attackers to cause a denial of service (out-of-bounds
array access) or possibly have unspecified other impact via crafted
data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7023
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7009
The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before
2.1 does not properly maintain a pointer to pixel data, which allows
remote attackers to cause a denial of service (out-of-bounds array
access) or possibly have unspecified other impact via crafted Apple RPZA
data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7009
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0855
Integer overflow in the alac_decode_close function in libavcodec/alac.c
in FFmpeg before 1.1 allows remote attackers to have an unspecified
impact via a large number of samples per frame in Apple Lossless Audio
Codec (ALAC) data, which triggers an out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0855
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-4351
Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x before
0.7.8, and 0.8.x before 0.8.8 allows remote attackers to execute
arbitrary code via unspecified vectors.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4351
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0848
The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1
allows remote attackers to have an unspecified impact via a crafted
width in huffyuv data with the predictor set to median and the
colorspace set to YUV422P, which triggers an out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0848
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3944
The smacker_decode_header_tree function in libavcodec/smacker.c in
FFmpeg before 0.10 allows remote attackers to have an unspecified impact
via crafted Smacker data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3944
file://0001-huffyuvdec-check-width-more-completely-avoid-out-of-.patch \
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7010
Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg
before 2.1 allow remote attackers to cause a denial of service
(out-of-bounds array access) or possibly have unspecified other impact
via crafted data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7010
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3941
The decode_mb function in libavcodec/error_resilience.c in FFmpeg before
0.10 allows remote attackers to have an unspecified impact via vectors
related to an uninitialized block index, which triggers an out-of-bound
write.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3941
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0846
Array index error in the qdm2_decode_super_block function in
libavcodec/qdm2.c in FFmpeg before 1.1 allows remote attackers to have
an unspecified impact via crafted QDM2 data, which triggers an
out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0846
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2012-6618
The av_probe_input_buffer function in libavformat/utils.c in FFmpeg
before 1.0.2, when running with certain -probesize values, allows remote
attackers to cause a denial of service (crash) via a crafted MP3 file,
possibly related to frame size or lack of sufficient frames to estimate
rate.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6618
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2012-6617
The prepare_sdp_description function in ffserver.c in FFmpeg before
1.0.2 allows remote attackers to cause a denial of service (crash) via
vectors related to the rtp format.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6617
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 58f08a96764094189b5aaf3cc8b4cc0c95e23409)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Wang Zidan <b50113@freescale.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b9a2aacfc0343d522cce9183dae15f1ae042b36d)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
has passed to streamsynchronizer.
Signed-off-by: Wang Zidan <b50113@freescale.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8b85075e592e867e7ffba919b10fca150f6a62b0)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Wang Zidan <b50113@freescale.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e25c5b228178f13b2f9e25b5bd423d5ef7b40765)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Using growable pool with at least 32 buffers for decoders.
Signed-off-by: Wang Zidan <b50113@freescale.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 81ae7794ddbc7e2d97118092e0613249793214ef)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Use the "libdir" and "sysconfdir" variables rather than
hard-coding "/usr/lib" and "/etc".
Signed-off-by: Drew Moseley <drew_moseley@mentor.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1ae73bb41436bf7e97d83052fbe1541074b4a4ac)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0f11090e566ae13fe76c4273655db320a87ba7ae)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Otherwise may do_compile error:
test-cgroups.c:43:23:: fatal error: libcgroup.h: No such file or directory
and:
configure: No package 'gstreamer-plugins-base-1.0' found
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bef49e8e8bf0a7f900f4ad44c2cbb6dec1d5d180)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
A Gstreamer library which provides an API to create an RTSP server (e.g. to stream RTP to VLC clients and similar).
Tested, works with GStreamer 1.2.3 + videotestsrc based pipeline on RPi.
Signed-off-by: Alex J Lennon <ajlennon@dynamicdevices.co.uk>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 228736f2ffba6c2e06e72042a1fdf3fc0807f9b7)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
The roq_decode_init function in libavcodec/roqvideodec.c in FFmpeg
before 1.1 allows remote attackers to have an unspecified impact via a
crafted (1) width or (2) height dimension that is not a multiple of
sixteen in id RoQ video data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0849
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
(cherry picked from commit 1a43a8054f51fbd542f3f037dc35f8b501e455bf)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
The decode_slice_header function in libavcodec/h264.c in FFmpeg before
1.1 allows remote attackers to have an unspecified impact via crafted
H.264 data, which triggers an out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0850
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
(cherry picked from commit 69f3f0f94f4fd224e5a6b275207adf0539d085c3)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1
allows remote attackers to have an unspecified impact via crafted Apple
Lossless Audio Codec (ALAC) data, related to a large nb_samples value.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0856
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
(cherry picked from commit 571ccce77859435ff8010785e11627b20d8b31f4)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
The mjpeg_decode_scan_progressive_ac function in libavcodec/mjpegdec.c
in FFmpeg before 1.1 allows remote attackers to have an unspecified
impact via crafted MJPEG data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0854
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
(cherry picked from commit b3d9c8f603ebdbc21cb2ba7e62f8b5ebb57c40c1)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1
allows remote attackers to have an unspecified impact via crafted
Electronic Arts Madcow video data, which triggers an out-of-bounds array
access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0851
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
(cherry picked from commit 8c9868d074f5d09022efc9419ee09eb805f68394)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg before
1.0.4 allows remote attackers to have an unspecified impact via ATRAC3
data with the joint stereo coding mode set and fewer than two channels.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0858
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
(cherry picked from commit 0ee8754c973f5eff3ba4d00319a5308888c12b17)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg
before 1.1 allows remote attackers to have an unspecified impact via
crafted RLE data, which triggers an out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0852
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
(cherry picked from commit 37f9371b44bd914fdd64e4c4e4448a2908512203)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
libavcodec/alsdec.c in FFmpeg before 1.0.4 allows remote attackers to
have an unspecified impact via a crafted block length, which triggers an
out-of-bounds write.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0845
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
(cherry picked from commit cc6e2ee53c49206aa3377c512c3bd1de2e14a7b7)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers
to have an unspecified impact via crafted Huffyuv data, related to an
out-of-bounds write and (1) unchecked return codes from the init_vlc
function and (2) len==0 cases.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0868
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
(cherry picked from commit 29dcc2c8e834cf43e415eedefb8fce9667b3aa40)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before
2.1.4 does not properly calculate line sizes, which allows remote
attackers to cause a denial of service (out-of-bounds array access) or
possibly have unspecified other impact via crafted Microsoft RLE video
data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2099
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
(cherry picked from commit 3e27099f9aad1eb48412b07a18dcea398c18245b)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg before
1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an
unspecified impact via a large (1) cbp0 or (2) cbpz chunk in Westwood
Studios VQA Video file, which triggers an out-of-bounds write.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0865
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
(cherry picked from commit 4a93fc0a63cedbebfdc9577e2f1deb3598fb5851)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
Ross Burton
Yue Tao
Wenzong Fan
Marie Kowalczyk
Cristian Iorga
Carlos Rafael Giani
Martin Jansa
Peter Kjellerstedt
Wang Zidan
Drew Moseley
Jackie Huang
Richard Purdie
Robert Yang
Alex J Lennon