diff mbox series

[meta-multimedia,scarthgap,21/22] libde265: upgrade 1.0.12 -> 1.0.16

Message ID 20260409070919.3968586-21-ankur.tyagi85@gmail.com
State New
Headers show
Series [meta-oe,scarthgap,1/22] abseil-cpp: ignore CVE-2025-0838 | expand

Commit Message

Ankur Tyagi April 9, 2026, 7:09 a.m. UTC 
From: Ankur Tyagi <ankur.tyagi85@gmail.com>

Dropped patches which are part of the upstream version.

https://github.com/strukturag/libde265/releases/tag/v1.0.16
https://github.com/strukturag/libde265/releases/tag/v1.0.15
https://github.com/strukturag/libde265/releases/tag/v1.0.14
https://github.com/strukturag/libde265/releases/tag/v1.0.13

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
---
 .../libde265/libde265/CVE-2023-43887.patch    | 39 -----------------
 .../libde265/libde265/CVE-2023-47471.patch    | 42 -------------------
 ...{libde265_1.0.12.bb => libde265_1.0.16.bb} |  4 +-
 3 files changed, 1 insertion(+), 84 deletions(-)
 delete mode 100644 meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2023-43887.patch
 delete mode 100644 meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2023-47471.patch
 rename meta-multimedia/recipes-multimedia/libde265/{libde265_1.0.12.bb => libde265_1.0.16.bb} (84%)
diff mbox series

Patch

diff --git a/meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2023-43887.patch b/meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2023-43887.patch
deleted file mode 100644
index f8ab0e1e40..0000000000
--- a/meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2023-43887.patch
+++ /dev/null
@@ -1,39 +0,0 @@ 
-From e31a5389f2a4967b9ca298a3435d1af2f9a04cda Mon Sep 17 00:00:00 2001
-From: Dirk Farin <dirk.farin@gmail.com>
-Date: Fri, 1 Sep 2023 21:18:48 +0200
-Subject: [PATCH] fix #418
-
-CVE: CVE-2023-43887
-Upstream-Status: Backport [https://github.com/strukturag/libde265/commit/63b596c915977f038eafd7647d1db25488a8c133]
-(cherry picked from commit 63b596c915977f038eafd7647d1db25488a8c133)
-Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
----
- libde265/decctx.cc | 9 +++++----
- 1 file changed, 5 insertions(+), 4 deletions(-)
-
-diff --git a/libde265/decctx.cc b/libde265/decctx.cc
-index 223a6aaf..350f7e7a 100644
---- a/libde265/decctx.cc
-+++ b/libde265/decctx.cc
-@@ -582,16 +582,17 @@ de265_error decoder_context::read_pps_NAL(bitreader& reader)
-   std::shared_ptr<pic_parameter_set> new_pps = std::make_shared<pic_parameter_set>();
- 
-   bool success = new_pps->read(&reader,this);
-+  if (!success) {
-+    return DE265_WARNING_PPS_HEADER_INVALID;
-+  }
- 
-   if (param_pps_headers_fd>=0) {
-     new_pps->dump(param_pps_headers_fd);
-   }
- 
--  if (success) {
--    pps[ (int)new_pps->pic_parameter_set_id ] = new_pps;
--  }
-+  pps[ (int)new_pps->pic_parameter_set_id ] = new_pps;
- 
--  return success ? DE265_OK : DE265_WARNING_PPS_HEADER_INVALID;
-+  return DE265_OK;
- }
- 
- de265_error decoder_context::read_sei_NAL(bitreader& reader, bool suffix)
diff --git a/meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2023-47471.patch b/meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2023-47471.patch
deleted file mode 100644
index 3d66758e49..0000000000
--- a/meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2023-47471.patch
+++ /dev/null
@@ -1,42 +0,0 @@ 
-From 78bd5752157f34e822cefd8ff8959a96a26b4841 Mon Sep 17 00:00:00 2001
-From: Dirk Farin <dirk.farin@gmail.com>
-Date: Sat, 4 Nov 2023 15:20:50 +0100
-Subject: [PATCH] null-pointer check in debug output (fixes #426)
-
-CVE: CVE-2023-47471
-Upstream-Status: Backport [https://github.com/strukturag/libde265/commit/e36b4a1b0bafa53df47514c419d5be3e8916ebc7]
-(cherry picked from commit e36b4a1b0bafa53df47514c419d5be3e8916ebc7)
-Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
----
- libde265/slice.cc | 11 ++++++++++-
- 1 file changed, 10 insertions(+), 1 deletion(-)
-
-diff --git a/libde265/slice.cc b/libde265/slice.cc
-index 280b7417..435123dc 100644
---- a/libde265/slice.cc
-+++ b/libde265/slice.cc
-@@ -1277,14 +1277,23 @@ void slice_segment_header::dump_slice_segment_header(const decoder_context* ctx,
- #define LOG3(t,d1,d2,d3) log2fh(fh, t,d1,d2,d3)
- #define LOG4(t,d1,d2,d3,d4) log2fh(fh, t,d1,d2,d3,d4)
- 
-+  LOG0("----------------- SLICE -----------------\n");
-+
-   const pic_parameter_set* pps = ctx->get_pps(slice_pic_parameter_set_id);
-+  if (!pps) {
-+    LOG0("invalid PPS referenced\n");
-+    return;
-+  }
-   assert(pps->pps_read); // TODO: error handling
- 
-   const seq_parameter_set* sps = ctx->get_sps((int)pps->seq_parameter_set_id);
-+  if (!sps) {
-+    LOG0("invalid SPS referenced\n");
-+    return;
-+  }
-   assert(sps->sps_read); // TODO: error handling
- 
- 
--  LOG0("----------------- SLICE -----------------\n");
-   LOG1("first_slice_segment_in_pic_flag      : %d\n", first_slice_segment_in_pic_flag);
-   if (ctx->get_nal_unit_type() >= NAL_UNIT_BLA_W_LP &&
-       ctx->get_nal_unit_type() <= NAL_UNIT_RESERVED_IRAP_VCL23) {
diff --git a/meta-multimedia/recipes-multimedia/libde265/libde265_1.0.12.bb b/meta-multimedia/recipes-multimedia/libde265/libde265_1.0.16.bb
similarity index 84%
rename from meta-multimedia/recipes-multimedia/libde265/libde265_1.0.12.bb
rename to meta-multimedia/recipes-multimedia/libde265/libde265_1.0.16.bb
index e32a2af51c..e77d23db88 100644
--- a/meta-multimedia/recipes-multimedia/libde265/libde265_1.0.12.bb
+++ b/meta-multimedia/recipes-multimedia/libde265/libde265_1.0.16.bb
@@ -9,11 +9,9 @@  LICENSE_FLAGS = "commercial"
 LIC_FILES_CHKSUM = "file://COPYING;md5=695b556799abb2435c97a113cdca512f"
 
 SRC_URI = "git://github.com/strukturag/libde265.git;branch=master;protocol=https \
-           file://CVE-2023-43887.patch \
-           file://CVE-2023-47471.patch \
            file://CVE-2025-61147.patch \
            "
-SRCREV = "a267c84707ab264928fa9b86de2ee749c48c318c"
+SRCREV = "7ba65889d3d6d8a0d99b5360b028243ba843be3a"
 
 S = "${WORKDIR}/git"