mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-06-03 01:40:07 +00:00
Code Issues Projects Releases Wiki Activity
Files
yocto-4.2.4
poky/meta/recipes-multimedia
T
History
Soumya Sambu a09c4a4833 libwebp: Fix CVE-2023-4863 
Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187
allowed a remote attacker to perform an out of bounds memory write via
a crafted HTML page.

Removed CVE-2023-5129.patch as CVE-2023-5129 is duplicate of CVE-2023-4863.

CVE: CVE-2023-4863

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-4863
https://security-tracker.debian.org/tracker/CVE-2023-4863
https://bugzilla.redhat.com/show_bug.cgi?id=2238431#c12

(From OE-Core rev: e2bd9494b59b486000320c6814371f37828d4c2d)

Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2023-11-11 08:23:01 -10:00
..
alsa
alsa-utils: Replace off64_t with off_t
2022-12-22 23:05:50 +00:00
ffmpeg
ffmpeg: avoid neon on unsupported machines
2023-10-11 03:54:46 -10:00
flac
flac: update 1.4.0 -> 1.4.2
2022-11-22 12:26:46 +00:00
gstreamer
gstreamer: upgrade 1.22.5 -> 1.22.6
2023-10-13 04:31:04 -10:00
lame
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
liba52
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
libogg
libogg: upgrade 1.3.4 -> 1.3.5
2021-06-12 22:54:14 +01:00
libomxil
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
libpng
libpng: Enable NEON for aarch64 to enensure consistency with arm32.
2023-01-12 23:08:59 +00:00
libsamplerate
meta: fix version checks in all github recipes using the github-releases class
2022-09-28 08:01:10 +01:00
libsndfile
libsndfile1: upgrade 1.2.0 -> 1.2.2
2023-10-11 03:54:46 -10:00
libtheora
libtiff
tiff: fix CVE-2023-41175
2023-10-18 05:25:19 -10:00
libvorbis
mpeg2dec
meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers
2022-02-20 16:45:25 +00:00
mpg123
mpg123: upgrade 1.31.2 -> 1.31.3
2023-05-10 04:16:50 -10:00
pulseaudio
pulseaudio: add m4-native to DEPENDS
2022-07-16 07:40:33 +01:00
sbc
sbc: upgrade 1.5 -> 2.0
2022-06-22 22:40:28 +01:00
speex
speex: upgrade 1.2.0 -> 1.2.1
2022-07-01 11:31:42 +01:00
webp
libwebp: Fix CVE-2023-4863
2023-11-11 08:23:01 -10:00
x264
x264: upgrade to latest revision
2022-06-22 22:40:28 +01:00