CaROS/poky
3
1
Fork 0
mirror of https://git.yoctoproject.org/git/poky synced 2026-01-04 16:10:04 +00:00
Code Issues Packages Projects Releases Wiki Activity
mickledore
poky/meta/recipes-multimedia
History
Soumya Sambu a09c4a4833 libwebp: Fix CVE-2023-4863 
Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187
allowed a remote attacker to perform an out of bounds memory write via
a crafted HTML page.

Removed CVE-2023-5129.patch as CVE-2023-5129 is duplicate of CVE-2023-4863.

CVE: CVE-2023-4863

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-4863
https://security-tracker.debian.org/tracker/CVE-2023-4863
https://bugzilla.redhat.com/show_bug.cgi?id=2238431#c12

(From OE-Core rev: e2bd9494b59b486000320c6814371f37828d4c2d)

Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2023-11-11 08:23:01 -10:00
..
alsa alsa-utils: Replace off64_t with off_t 2022-12-22 23:05:50 +00:00
ffmpeg ffmpeg: avoid neon on unsupported machines 2023-10-11 03:54:46 -10:00
flac flac: update 1.4.0 -> 1.4.2 2022-11-22 12:26:46 +00:00
gstreamer gstreamer: upgrade 1.22.5 -> 1.22.6 2023-10-13 04:31:04 -10:00
lame meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers 2022-02-20 16:45:25 +00:00
liba52 meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers 2022-02-20 16:45:25 +00:00
libogg libogg: upgrade 1.3.4 -> 1.3.5 2021-06-12 22:54:14 +01:00
libomxil meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers 2022-02-20 16:45:25 +00:00
libpng libpng: Enable NEON for aarch64 to enensure consistency with arm32. 2023-01-12 23:08:59 +00:00
libsamplerate meta: fix version checks in all github recipes using the github-releases class 2022-09-28 08:01:10 +01:00
libsndfile libsndfile1: upgrade 1.2.0 -> 1.2.2 2023-10-11 03:54:46 -10:00
libtheora
libtiff tiff: fix CVE-2023-41175 2023-10-18 05:25:19 -10:00
libvorbis meta: fix some unresponsive homepages and bugtracker links 2020-10-30 13:22:48 +00:00
mpeg2dec meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX license identifiers 2022-02-20 16:45:25 +00:00
mpg123 mpg123: upgrade 1.31.2 -> 1.31.3 2023-05-10 04:16:50 -10:00
pulseaudio pulseaudio: add m4-native to DEPENDS 2022-07-16 07:40:33 +01:00
sbc sbc: upgrade 1.5 -> 2.0 2022-06-22 22:40:28 +01:00
speex speex: upgrade 1.2.0 -> 1.2.1 2022-07-01 11:31:42 +01:00
webp libwebp: Fix CVE-2023-4863 2023-11-11 08:23:01 -10:00
x264 x264: upgrade to latest revision 2022-06-22 22:40:28 +01:00